Ended up with the following for DSL customers using DS-Lite:


block size 512

max blocks per user 16

block timeout 120

address-sharing-ratio 8:1


avg usage is 34 ports per block and 1,3 blocks per address, but the top 1% are at least x10.


Some years ago we had started with more relaxed numbers (to be on the safe side), but last year we squeezed them a little. No complaints until now.


Mon Feb 29 14:25:16.812 CST

Building configuration…

!! IOS XR Configuration 5.3.1

service cgn cgn1

service-location preferred-active 0/3/CPU0  service-type nat44 nat1

portlimit 5000

alg ActiveFTP

inside-vrf six






RP/0/RSP0/CPU0:eng-lab-9k-1(config-cgn-invrf)#bulk-port-alloc ?

size  Bulk size for allocation.

Should be greater or equal to one fourth of the port limit

and less than twice the port limit.

For optimum results, should be close to half the port limit RP/0/RSP0/CPU0:eng-lab-9k-1(config-cgn-invrf)#bulk-port-alloc size ?

none  No bulk allocation

8     Allocate 8 ports in bulk

16    Allocate 16 ports in bulk

32    Allocate 32 ports in bulk

64    Allocate 64 ports in bulk

128   Allocate 128 ports in bulk

256   Allocate 256 ports in bulk

512   Allocate 512 ports in bulk

1024  Allocate 1024 ports in bulk

2048  Allocate 2048 ports in bulk

4096  Allocate 4096 ports in bulk