NAT/CGNAT IP address/users ratios

• Previous message (by thread): NAT/CGNAT IP address/users ratios
• Next message (by thread): Buying IPs with poor reputation
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I currently have about ~2750 public IP's (11 /24's) for ~53,000 broadband
customers.  (ftth, cable modem and dsl)

 

I cap them at 3,000 ports using PBA, port block allocation.. Blocks of 100
at a time, and 30 blocks per subscriber.  (100*30=3000)

 

I usually see, when a private internal IP is using up the full 3,000 ports,
when we look closer at the sessions, they usually look suspect, as if the
end host is infected or has malware causing lots of connections

 

I run all this though, (6) MX960's with (1) MS-MPC-128G in each chassis, and
(2) MX104's with (1) MS-MIC-16G per 104.  The utilization as far as I've
seen, regarding memory and load on the service modules seems fine at the
levels we are at.

 

Hope that helps.

 

-Aaron

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20210518/06643609/attachment.html>

• Previous message (by thread): NAT/CGNAT IP address/users ratios
• Next message (by thread): Buying IPs with poor reputation
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]