This is a horror story. Lucky for you, it comes with a happy ending.

I gave a lightning talk on CGN logging at NANOG 54 in San Diego which started with those very words. The abstract lays out the high points:

Per-connection logging is one of the major hurdles when deploying a CGN system in your network. This talk focuses on just how bad it is and on a possible solution that can drastically limit, or even eliminate, CGN logging while still providing traceability for abuse response. Chris will first present data on CGN logging and log volumes from research and lab testing conducted over the past two years at CableLabs and elsewhere. He will then explain a proposed solution: Deterministic CGN. This solution is documented in draft-donley-behave-deterministic-cgn “Deterministic Address Mapping to Reduce Logging in Carrier Grade NAT Deployments.”

Hopefully the slides help fill in the details (if not, feel free to shoot me a question, or an invite to come speak):

I also presented on CGN technology in much more breadth at the 2011 SCTE Cable-Tec Expo in Atlanta, as part of a session on IPv6 Readiness & Transition. If you were at the Expo, look for the paper (titled “The Experience Gap: Coping with the Looming IPv4 Address Shortage“) in your meeting materials!

CGN Logging: Horror Stories and Happy Endings is a post from don't panic - One Network Architect's View of Life, the Internet, and Everything.