DDR_GET_AUTH_TOKEN request failing due to too many IPs - but why "too many IPs"?

Working on an issue with a customer where some of the Avamar clients are failing backups to the integrated Avamar/DD with the symptoms that appear to relate to KB533713 (and posting this here because the KB is associated with Avamar):

Review of /usr/local/avamar/var/ddrmaintlogs/ddrmaint.log shows an error message that there appears to be a large number of IPs associated with the single token request.
Warning: Calling DDR_GET_AUTH_TOKEN returned result code:(4904) Invalid API argument. message:Maximum number of client hostnames reached. 52 > 16

What I'm trying to get my head around is WHY there are a large number of IPs associated with the single token request. I get that there's a token request for login authorization to the DD, but I don't get the "multiple IP/hostnames" part. FWIW, the clients in question are NAT'ed - I'm guessing that might have something to do with it, but I haven't been able to find any info that explains why.

The fix in the KB involves a parameter that appears to have been added in the Avamar 19.1 release - but my customer is running 18.2 right now, so it's somewhat important to be able to explain the actual problem to them relative to the possibility of them having to upgrade their Avamar version to fully address it. For now, I got those clients to back up by disabling the token authentication, but effectively I had to do that just to get 2 problem clients out of hundreds to back up - not something that goes over without additional explanation.

Anyone have additional insight to this type of issue? All comments/feedback appreciated - thanks.