Filter CGNAT IPs from Log

jan ohms

1/30/24, 1:03 PM

I want to identify heaavy users on a web API I would like to ignore CGNAT IPs . I looked at https://www.rfc-editor.org/rfc/rfc6598 Is this mandatory or can an ISP use any given IP ?

Is there a List of IP Adresses used for CGNAT ?

thanks

2 + 0

nat

logging

web-server

isp

Score:1

Server

Ron Maupin

1/30/24, 1:31 PM

Some ISPs use addresses from the Private address ranges (10.0.0.0/8, 172,16.0.0.0/12, or more rarely 192.168.0.0/16), but IANA has set aside Shared address space (100.64.0.0.0/10) for CGN.

As a business, you will not see any CGN addresses, just like you will not see any home user Private addresses. ISPs use NAPT, just like a home user does, to hide multiple Private or Shared addresses behind public addresses that the ISPs own.

You really have no way to detect if a packet is originally sourced from a Private or Shared address because NAPT used by CGN replaces the original source address with a public address.

+ 0

Score:0

Server

ewwhite

1/30/24, 1:12 PM

The Carrier-Grade NAT (CGNAT) IP allocation is represented by the following CIDR address:

100.64.0.0/10

You can use that expression for your log filter.

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Filter CGNAT IPs from Log

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.