How big is your ip pool for CGNAT? On Wed, Apr 29, 2020 at 10:17 AM Robert Blayzor <rblayzor.b...@inoc.net> wrote:
> On 4/28/20 11:01 PM, Brandon Martin wrote: > > Depending on how many IPs you need to reclaim and what your target > > IP:subscriber ratio is, you may be able to eliminate the need for a lot > > of logging by assigning a range of TCP/UDP ports to a single inside IP > > so that the TCP/UDP port number implies a specific subscriber. > > > > You can't get rid of all the state tracking without also having the CPE > > know which ports to use (in which case you might as well use LW4o6 or > > MAP), but at least you can get it down to where you really only need to > > log (or block and dole out public IPs as needed) port-less protocols. > > > I'm wondering if there are any real world examples of this, namely in > the realm of subscriber to IP and range of ports required, etc. ie: Is > is a range of 1000 ports enough for one residential subscriber? How > about SMB where no global IP is required. > > One would think a 1000 ports would be enough, but if you have a dozen > devices at home all browsing and doing various things, and with IOT, > etc, maybe not? > > > -- > inoc.net!rblayzor > XMPP: rblayzor.AT.inoc.net > PGP: https://pgp.inoc.net/rblayzor/ > -- Sent from Gmail Mobile