View Only
last person joined: 2 days ago 

Ask questions and share experiences with Juniper Connected Security. Discuss Advanced Threat Protection, SecIntel, Secure Analytics, Secure Connect, Security Director, and all things related to Juniper security technologies.
  • 1.  CGNAT sizing

    Posted 29 days ago

    Hi, I need to provide a solution for CGNAT service in a ISP network. I have to provide a method to chose the correct SRX (or a MX with the right number of MX-SPC3).
    what are the correct number to ask for? number of clients (fixed and mobile)?  number of sessions per each client? 
    do you have experiences on those numbers? how many sessions per client  do fixed and mobile clients typically have ?

    Thanks inadvance



    Massimiliano Galizia

  • 2.  RE: CGNAT sizing

    Posted 13 days ago

    It's a bit like asking "How long is a string?". I have access to some figures from various customers that are ISPs. Right now, I have one single end user with 5.1 k sessions active but the bulk of users have about 50-200 sessions. The average there is 133 sessions per source IP (which is the local IP of the end users).

    On another site I see 82 G traffic (aggregated both directions) and 3.4 M sessions, but a similar site shows 220 G traffic and 15 M sessions, so it varies a lot.

    If you want to find out your session numbers, S-Flow, JFlow or similar is one way to get a good idea. I'm pretty sure there are free analyzer tools out there where you can receive the flow data and get some numbers.