What Carrier‑Grade NAT Is and How Starlink Uses It
Carrier‑grade NAT (CGNAT) is a network technique where many subscribers share a smaller pool of public IPv4 addresses, with each user tracked and separated by internal private addressing and a finite table of active translation entries. Starlink’s Residential and Roam plans rely on CGNAT for IPv4, while also supporting IPv6 alongside it. According to Starlink’s own support documentation, these plans “use Carrier Grade Network Address Translation (CGNAT)” and “have a limit of 1,200 concurrent sessions,” where a session is any TCP or UDP connection. Once that limit is hit, “new sessions automatically cause the oldest sessions to be dropped,” which means ongoing traffic can suddenly die as fresh connections push older ones out of the translation table. CGNAT also places users in the 100.64.0.0/10 address space, so they never receive a unique public IPv4 address at home.
Why CGNAT Breaks Port Forwarding and Peer‑to‑Peer Tools
Traditional home broadband often gives each customer a public IPv4 address or a modem that can forward ports directly to devices on the local network. CGNAT changes that model. Because many subscribers share one public address, the provider’s gateway, not your router, holds the true internet‑facing IP. This design makes classic satellite internet port forwarding either impossible or highly restricted, because inbound traffic cannot be mapped cleanly to a single customer behind the shared address. As a result, self‑hosted game servers, remote desktop services, home lab projects, and peer‑to‑peer tools that expect direct inbound connections run into roadblocks. Even if your own router offers a port‑forwarding menu, the packets may never reach you from outside. For users who rely on direct reachability—supporting relatives, accessing security cameras, or hosting hobby servers—CGNAT reshapes what is feasible on Starlink.
The 1,200 Session Limit and Its Impact on Everyday Use
Starlink’s Starlink CGNAT limitation is not about bandwidth caps but about how many live connections your account can keep open at once. The provider states that when the 1,200‑session limit is exceeded, new sessions force older ones to be dropped silently. This matters because many modern apps open many sockets in the background: video‑conferencing platforms, VoIP, VPNs, cloud storage clients, online games, and browsers with dozens of tabs. A single application may use tens or hundreds of TCP and UDP connections. In normal households, experts expect this cap to remain unused most of the time, especially because a large share of traffic goes over IPv6 rather than IPv4. But power users—those running many smart devices, multiple streaming boxes, and always‑on services—can hit the ceiling during peak activity and experience random logouts, frozen calls, or game disconnects.
Why Gaming, VPNs, and Remote Work Feel It First
Activities that depend on steady, low‑latency links are the first to expose Starlink session limits. Online gaming, for example, often keeps several connections open to matchmaking, chat, telemetry, and game servers; if older sessions are dropped in the background, you may see sudden kicks or lag spikes. Video calls and VoIP behave similarly: each call involves ongoing UDP streams plus control connections, so they are sensitive to any translation entry being removed. VPNs add another layer, wrapping many app‑level flows inside a single encrypted tunnel, so reconnects can disrupt every open tool at once. Remote desktop and SSH sessions also suffer when CGNAT entries expire under high load. This pattern differs from many traditional ISPs that provide public IPv4 addresses and higher per‑customer state limits, but it resembles what users of mobile data and other satellite networks commonly face.
How Starlink Users Can Work Around CGNAT Limits
Starlink subscribers cannot disable CGNAT on Residential or Roam plans, but they can reduce the risk of hitting Starlink session limits. Limiting the number of always‑on cloud clients, cutting down excessive browser tabs, and turning off unused smart devices all lower simultaneous TCP and UDP sessions. When possible, using services and sites with IPv6 support can bypass CGNAT entirely for those flows, easing the load on the IPv4 translation table. For critical tasks like an important video meeting or online tournament, closing background downloads, game launchers, or streaming apps can help keep sessions available for what matters most. Users who need reliable satellite internet port forwarding or to host services for external access may need alternative connectivity, a different Starlink plan in the future, or third‑party relays such as VPN‑based remote‑access tools that are designed to work around CGNAT.
