BIG-IP Carrier-Grade Network Address Translation (CGNAT)

Ease IPv4 to IPv6 migration with a secure IP address strategy as part of a suite of consolidated functions.

Read the data sheet

Improve Network Scalability with BIG-IP CGNAT

Seamlessly manage IPv4 address depletion and IPv6 migration

Service providers need to manage IPv4 devices while transitioning to newer IPv6 devices and applications. Because IPv6 devices and content are not backwards compatible with IPv4, IPv6 migration strategies need to support the coexistence of both. BIG-IP CGNAT provides carrier-grade scalability with a high number of IP address translations, fast NAT translation setup rates and high-speed logging.

  • Conserve Publicly Routable IPv4 Address Space - NAPT and PBA let service providers exponentially scale available source addresses, up to a 35-to-1 return on a large-scale NAT (LSN) pool resource.
  • NAT for IPv4 and IPv6 Connectivity - A wide range of functionality includes NAT 44, NAT 64, Deterministic NAT, 464XLAT and DNS 64.
  • Carrier-Grade Performance - BIG-IP CGNAT handles close to 1.5 billion concurrent sessions and more than 1 Tbps of throughput, along with high-performance high-speed logging (HSL).
seamlessly-manage
big-ip-cgnat-as-part-of-a-security-policy

BIG-IP CGNAT as part of a security policy

BIG-IP CGNAT can be combined with BIG-IP Advanced Firewall Manager (AFM) to provide a comprehensive security platform. A consolidated approach results in simpler management and operation, reduced operational costs, and more opportunities to monetize functions and services.

  • High Performance Firewall - Combined with BIG-IP AFM, BIG-IP CGNAT provides the benefits of a high-performance firewall. These include a subscriber aware network firewall with integrated ACLs, IPS, and DDoS protections.
  • Subscriber Awareness - Subscriber awareness enables log enrichment with subscriber ID for CGNAT NAPT and PBA logs, subscriber discovery, and dynamic policy provisioning.

Consolidated N6 / S/Gi LAN solution

BIG-IP CGNAT can form part of a consolidated S/Gi-LAN or N6 LAN in 5G networks with DNS, edge firewall, DDoS, video traffic management, and more. A consolidated approach results in simpler management and operation, reduced operational costs, and more opportunities to monetize functions and services.

  • Reduced CapEx and OpEx Costs - Up to 60% TCO savings through reduced VMs and single-hop design.
  • Simplified Architecture - Easier to deploy, manage maintain and scale.
  • Increased Services Velocity - Easier to add and roll out new services.
big-ip-cgnat-consolidated

Product Overview

diagram-sp-big-ip-cgna

Scale and secure your network with carrier-grade NAT performance

BIG-IP CGNAT has proven to be an indispensable tool for supporting transitions to IPv6 and continues to prove its worth in today’s network by helping to scale and secure networks. For service providers that want to optimize their network scalability for IPv6, IoT and 5G, BIG-IP CGNAT provides a seamless and secure IP address strategy as part of a suite of consolidated network functions.

Software

Deployed as a VNF (F5 BIG-IP Virtual Edition), or as part of the NFV Gi-LAN, Gi Firewall, or CGNAT pre-packaged solution. BIG-IP Virtual Edition can also be augmented with an Intel SmartNIC to boost performance and reduce CPU usage.

See software options ›

Public cloud

Enable IPv4/IPv6 address management capabilities in a public cloud environment for flexible business operation. Also available as a CNF.

See cloud options ›

Hardware

F5 BIG-IP CGNAT can be deployed on the scalable, bladed VELOS or VIPRION platforms, as well as iSeries and rSeries appliances.

See hardware options ›

Core Capabilities

When performing CGNAT, there are two primary functions that require significant compute power: executing the actual translation from one IP address to another and logging that translation—as often required by regional authorities.

Wide-ranging NAT functionality
Manage IPv4 address exhaustion with NAT44, NAT64/DNS64, PBA, and more.
Reclaim publicly routable IPv4 address space
NAPT and PBA let service providers exponentially scale available source addresses.
Performance at scale
Handles close to 1.5 billion concurrent sessions and more than 1 Tbps of throughput.
Subscriber-aware high speed, scalable logging
Support the generation of millions of logging records to comply with regional authorities’ requests.
Software with hardware acceleration
Offloading to an Intel SmartNIC, can improve throughput by 30%.

Resources

Featured

circuit-board

Deploy BIG-IP CGNAT for IPv4/IPv6 Translation

Ease IPv4 to IPv6 migration with a secure IP address strategy as part of a suite of consolidated functions.

Read the solution overview

Solution areas

S/Gi-LAN and N6 Consolidation for Virtualized Networks ›

Service Provider Security Solutions ›

Protect Your Network Against Incoming Threats with BIG-IP AFM ›

SmartNIC offload for BIG-IP VE: Boost CGNAT Performance and Lower TCO ›

Next Steps

Contact us
Contact us
Find out how F5 products and solutions can enable you to achieve your goals.
Contact F5
Deliver and Secure Every App
F5 application delivery and security solutions are built to ensure that every app and API deployed anywhere is fast, available, and secure. Learn how we can partner to deliver exceptional experiences every time.
Connect With Us