Actually, unfortunately, RouterOS just support Deterministic/Predefined/Fixed CGNAT.
The two methods to deploy it are with source port or Netmap.
Both works well, primarily considering Cost X Benefit relation.
But even inside of pre-Defined Method, there is resource that I think is possible, but I don't know how to do it.
I'm talking about the reuse of source ports to different destinations in CGNAT.
The whole idea of Fixed-NAT is to assign a range of SOURCE ports of a Public to and specific Internal IP address.
On the current methods of CGNAT in Router-OS (at least those I know), every new connection uses a different src-port, regardless of destination.
Example:
Internal IP :SrcPort|Dst IP |DstPort|Public IP :SrcPort
100.64.10.10:51123 |S.R.V.A:443 |45.45.45.1:1025
100.64.10.10:44885 |S.R.V.A:443 |45.45.45.1:1026
100.64.10.10:38759 |S.R.V.B:443 |45.45.45.1:1027
100.64.10.10:28695 |S.R.V.C:443 |45.45.45.1:1028
But, considering that the stateful connection table take in count Source and Destination, is possible to define that to different destination IP Address the Public Source port to be used being the same.
Internal IP :SrcPort|Dst IP |DstPort|Public IP :SrcPort
100.64.10.10:51123 |S.R.V.A:443 |45.45.45.1:1025
100.64.10.10:44885 |S.R.V.A:443 |45.45.45.1:1026
100.64.10.10:38759 |S.R.V.B:443 |45.45.45.1:1025
100.64.10.10:28695 |S.R.V.C:443 |45.45.45.1:1025
EDIT:
100.64.10.10 -> IPv4 Wan of Customer CPE
S.R.V.A -> Server A accessed by Customer (this one has 2 simultaneous connections from same Customer)
S.R.V.B -> Server B accessed by Customer
S.R.V.C -> Server C accessed by Customer
45.45.45.1 -> One IPv4 of the Public IP Pool used to CGNAT the internal 100.64/10 users.
1024-2047 -> Port Range of 45.45.45.1 pre-allocated to Internal IP Address 100.64.10.10
Other vendors call it "Sticky NAT".
It allows a lot better use of Public IP.
The question is:
-> How to say RouterOS to do that?
"Hey Mr. RouterOS, if the Source IP is {ThatOne}, use this {port-range} of {PublicIP}...
BUUUUUUT, if the destination IP is different than the already active connections, try to use the already used source ports."