Routing
Routing

CGNAT support MX10003

3 weeks ago

Hi Everyone,

I've been reviwing some of the threads related to CGNAT support for the MX platform and I was wondering if anyone has implemented CGNAT on the MX10003 platform. So far, things that I have read are related to the MX480/MX960 platform which include the MultiService cards.  Currently don't see an MS card available for the MX10003 which has me wondering if this is supported.

 

We are considering deploying a pair of MX10003 at the edge and I was considering consolidating our exisiting CGNAT appliance into the MX10003 if this can be accomplished. Current the appliance we are using is doing NAT44,NAT64,DNS64. Total number of users is roughly the equivalent of a /19 with about 2.5Gbps of traffic associated to CGNAT. From a future growth, I can see maybe adding another /21 of customers addresses to this.

 

Thanks for taking the time to provide some input.

 

--Dominique

 

3 REPLIES 3
Routing
Solution
Accepted by topic author ddemore
3 weeks ago

Re: CGNAT support MX10003

3 weeks ago

Hi ddemore,

 

I checked the datasheet for MX10003, there is no mention of CGNAT capability.

Also, you got it right. There is nothing like MS-MIC/MS-MPC cards yet for this platform. Definitely, this is not yet supported.

 

https://www.juniper.net/assets/us/en/local/pdf/datasheets/1000619-en.pdf

 

Get in touch with your Juniper accounts team to get to know more about Professional Services offered.

They can help you design,test & build whole/part of the network per your requirements.

 

Do hit kudos if this helped, mark "accept as a solution" so other enthusiasts are directed to this post without them having to repost!! :-)

 

-Nex

Routing

Re: CGNAT support MX10003

3 weeks ago

As previously stated the MX10003 cannot do CGNAT - only inline 1-1 static NAT.

 

With that amount of CGNAT traffic, the pricing of an integrated CGNAT solution based on MX480/960 with MS-MPCs does not make sense compared to eg. a cluster of SRX4100 or SRX4200 firewalls doing CGNAT.

 

An MS-MPC is more than twice the list price of a SRX4100 gateway capable of doing 20G of IMIX traffic and hold 5 million concurrent sessions - and you can later via a license upgrade your SRX4100 to SRX4200 if needed providing roughly twice the throughput and scale without new hardware.

 

...and you can of course still stick with your current CGNAT solution :-)

 

I hope you can use this input for your evaluation.


--
Best regards,

Jonas Hauge Jensen
Systems Engineer, SEC DATACOM A/S (Denmark)
Routing

Re: CGNAT support MX10003

3 weeks ago

Thanks for the reply's and clarification.  I'll review a bit more to see which route we would like to take. The feedback is appreciated.

 

Thanks.

 

--Dominique