[194333] in North American Network Operators' Group
RE: CGNAT
daemon@ATHENA.MIT.EDU (Aaron Gould)
Thu Apr  6 16:33:44 2017
X-Original-To: nanog@nanog.org
From: "Aaron Gould" <aaron1@gvtc.com>
To: "'Ahmed Munaf'" <ahmed.dalaali@hrins.net>,
 "'Nanog@Nanog'" <nanog@nanog.org>
In-Reply-To: <49162897-2AF1-4063-A381-C7A4572ABC28@hrins.net>
Date: Thu, 6 Apr 2017 15:33:41 -0500
Errors-To: nanog-bounces@nanog.org
Last year I evaluated Cisco ASR9006/VSM-500 and Juniper MX104/MS-MIC-16G in
my lab.
I went with MX104/MS-MIC-16G.  I love it.
I deployed (2) MX104's.  Each MX104 has a single MX-MIC-16G card in it.  I
integrated this CGNAT with MPLS L3VPN's for NAT Inside vrf and NAT outside
vrf.  Both MX104's learn 0/0 route for outside and send a 0/0 route for
inside to all the PE's that have DSLAMs connected to them.  So each PE with
DSL connected to it learns default route towards 2 equal cost MX104's.  I
could easily add a third MX104 to this modular architecture.
I have 7,000 DSL broadband customers behind it.  Peak time throughput is
hitting up at 4 gbps... I see a little over 100,000 service flows
(translations) at peak time
I think each MX104 MS-MIC-16G can able about ~7 million translations and
about 7 gbps of cgnat throughput... so I'm good.
I have a /25 for each MX104 outside public address pool (so /24 total for
both MX104's)... pretty sweet how I use /24 for ~7,000 customers :) 
I'll freeze this probably for DSL and not put anything else behind it.  I
want to leave well-enough alone.
If I move forward with CGNAT'ing Cable Modem (~6,000 more subsrcibers) I'll
probably roll-out (2) more MX104's with a new vrf for that...
If I move forward with CGNAT'ing FTTH (~20,000 more subsrcibers) I'll
probably roll-out (2) MX240/480/960 with MS-MPC... I feel I'd want/need
something beefier for FTTH...
- Aaron