Advantages
*Maximises use of limited public IP4 address space.
*May provide additional security for customers against attacks targeting their public IP address.
Disadvantages
Critics of carrier-grade NAT argue the following aspects:
*Like any form of NAT, it breaks the end-to-end principle.[6]
*It has significant security and reliability problems, by virtue of being stateful.
*It does not solve the IPv4 address exhaustion problem when a public IP address is needed, such as in web hosting.
*It may create a performance bottleneck that limits scalability.
*Carrier-grade NAT usually prevents the ISP customers from using port forwarding, because the network address translation (NAT) is usually implemented by mapping ports of the NAT devices in the network to other ports in the external interface. This is done so the router will be able to map the responses to the correct device; in carrier-grade NAT networks, even though the router at the consumer end might be configured for port forwarding, the "master router" of the ISP, which runs the CGN, will block this port forwarding because the actual port would not be the port configured by the consumer.[7] In order to overcome the former disadvantage, the Port Control Protocol (PCP) has been standardized in the RFC 6887.
*In cases of banning traffic based on IP addresses, a system might block the traffic of a spamming user by banning the user's IP address. If that user happens to be behind carrier-grade NAT, other users sharing the same public address with the spammer will be inadvertently blocked.[7] This can create problems for forum and wiki administrators attempting to address disruptive actions of a single malicious user sharing an IP address with legitimate users.
Källa:
https://en.wikipedia.org/wiki/Carrier-grade_NAT
