Why CGN?

Many of our customers ask us what makes Carrier Grade NAT (CGN) necessary and what the differences are with Carrier Grade NAT vs. traditional port overloading / masquerade NAT that is available in most network routers. The below bullets outline the differences and elaborate as to why CGN can be beneficial to service providers.

CGN provides a 256:1 private IP to public IP cost savings ratio backed by reliable port allocation ranges that allow for  ease of planning and scaling when compared to traditional PAT or masquerade NAT.

This helps reduce impact from applications that are sensitive to NAT type such as real-time voice, video, and gaming.

Your public IP reputation can be protected by leveraging CGN DDoS protection mechanisms which prevent impactful events like botnet attacks. Traditional PAT / masquerade NAT does not employ any type of DDoS or per-user limitations which leave your public IPs, and all private IP CGN users behind it, exposed.

Some NAT implemented at the router levels do not handle local connectivity very well. When a user needs to communicate to another user behind the same NAT router, this is called traffic "hairpinning". CGN solutions are built to specifically support hairpinning scenarios to ensure uninterrupted P2P connectivity.

Moving the NAT functionality off of your access routers and to dedicated CGN appliances allow for offloading the NAT functionality and frees up resources on your access routers which can be used for other mission-critical network functions.

CGN deployments provide the most transparent experience to a user while behind NAT. This pairs perfectly with a dual-stack IPv6 deployment which we always recommend service providers implement on their network.

We recommend using deterministic NAT when deploying CGN. This allows for easy user identification based on public IP and port number without the need for complex logging mechanisms.

1-866-535-0358 | support@archous.tech | support.archous.tech

The ArchCGN Solution

We take a fully managed approach to CGN for our customers. There are two deployment models; one is a cloud hosted solution ("CGN to Lease") where customer traffic is sent to the cloud and then NATed as a service and the other is an on-premise solution ("CGN to Own") where the customer provides hardware that Archous Networks deploys our ArchCGN software to. In either deployment model,  Archous Networks configures, manages, monitors and provides full end to end support of the CGN solution for the customer. We even offer configuration guides as well as consulting options to ensure a seamless integration in to the customer's network. Both deployment models provide endpoint independent filtering/NAT, hairpin support, deterministic NAT, and DDoS protection.

Bulk discounts and customized quotes are available so please feel free to reach out for pricing.

ArchCGN - CGN to Own - one-time fee per IP*

* Please see https://www.archous.tech/portfolio for a more extensive portfolio of services offered