We are looking for a CGNAT solution open source based.
Yep, I know that basic CGNAT can be done with iptables / nftables, or PF / IPFILTER / IPFW.
But I only know Open Source CGNAT recipes with predefined public-ports <-> private IPs mapping.
What It brings two types of issues:
A - The need to overprovision the number of private IPs (Considering Multiple BNGs behind the CGN).
B - The inability of those basic recipes to deal with incoming auxiliary connections of p2p protocols (mostly used by games).
Te market solutions that I’ve dealt with solves those issues beautifully.
a - Bulk-Port Allocation - BPA, avoid the need overprovisioning private address that is not being used, and give us an excellent rate between public IPv4 Address vs Private IP Address.
b - The support of a framework of protocols(Ex.: UPnP, PCP, EIM/EIF, NAT-PMP, etc…) ensure an acceptable quality of experience to end-users.
But, the market solution brings also some down-sides…
- The cost, evidently.
- The need for detouring the traffic that doesn’t need CGNAT(Internal CDNs, Internal Servers, etc), to stay on the license limits of those boxes, sometimes brings some issues.
So, I and some friends are(for a long time) looking for an OpenSource solution that can give us something near what the market solutions give.
Any of you guys ave some suggestions for that?
P.S.: Yes, I know that IPv6 is the only real solution for that, but until there, our customers still want to access a lot os p2p content(mostly audio in game rooms, sip calls, and things like that.)
P.S.2: Yes, I also know that 464 could be a good possibility, but is not possible in this scenario.