Overview¶
Fast Path CG-NAT provides a CG-NAT in the fast path.
The key advantages of Fast Path CG-NAT are:
High Transparency: Fast Path CG-NAT implements multiple advanced features like Endpoint-Independent Mapping, Endpoint-Independent Filtering, address pooling and port parity preservation. These features provide better experience to ‘nated’ users and allow scaling.
Fairness and Resource Sharing: Fast Path CG-NAT provides options to limit the number of connections per user. This ensures that resources are equitably shared between the different users.
Optimized Logging system: CG-NAT can generate large amounts of logging data. Fast Path CG-NAT implements a feature called port block allocation to limit the number of log entries by grouping per port range.
Support for Application Level Gateway: some protocols (e.g. FTP) requires a deep inspection
Connection tracking is directly done in the fast path without any interaction with the Linux kernel, to offer the best possible performance.
Features¶
NAT44, NAT64
ALGs: FTP, TFTP, RTSP, PPTP, SIP, H323, DNS over UDP
Manage pool of public IP addresses and range of ports
Dynamically updating/resizing of IP pool without affecting traffic
Round-robin allocation for NAT pools
IP address pooling paired
Port assignment: random or parity
Endpoint-Independent Mapping
Endpoint-Independent Filtering
Hairpinning
Port Block Allocation (PBA)
Deterministic CGNAT
Per user/per CPE session limiter
Advanced logging features meeting government requirements
VRF support