CGN has multiple flavors; some of them are compatible with OCAs, some are not. In general, Netflix advises not to use OCAs in a CGN context, however if this is mandatory to your organization, make sure this is mentioned in the early steps of the discussion.
Some important notes:
- RFC1918 and RFC6598 prefixes announced to OCAs are filtered and therefore cannot be used to deliver traffic to privately-addressed end users.
- OCAs cannot have their IP interface addressed with an RFC1918 or RFC6598 IP, even if this IP has a 1-to-1 NAT equivalent from the outside. OCAs must be assigned a publicly routable IPv4 address, as described in the router interface configuration section of the Network configuration article.