ECE 526 Network Processing Systems Design Network Address
- Slides: 17
ECE 526 – Network Processing Systems Design Network Address Translator
Overview • What is Network Address Translation (NAT) • Conceptually Implementation ─ ─ ─ Complexity and simplifying assumptions TCP/UDP packet processing ARP packet processing NAT table creation and management Head lookup and field changes • IXP Implementation ─ Software components and structure ─ NAT microblock implementation ─ Header caching, alignment Ning Weng ECE 526 2
What is NAT? • System allowing multiple computers share single global IP address • Changing packet header: address, port number, IDs and etc • Located between a set of computers at a site and rest of the Internet Ning Weng ECE 526 3
NAT Example • ISP Router • Local Area Network: ─ 10. 0/8: net 10 prefix ─ Nonroutable ─ each computer has unique IP address • NAT ─ Global IP 192. 168. 0. 2 ─ Local IP: 10. 0. 0. 1 ─ Router for Local Area Network Ning Weng ECE 526 4
How does NAT Work • Rewrite packet header as packet pass through • Questions ─ 1. Which fields should be changed ─ 2. Are these change independent of packet types, packet flow direction ─ 3. How should they be changed ─ 4. What is the complexity Ning Weng ECE 526 5
Packet Type • TCP/UDP ─ IP address: global unique identify of IP network, looked by router • Source and destination ─ Port number: application dependent • Source • Destination • ARP (address resolution protocol) ─ IP address ─ MAC address • Any other fields? Ning Weng ECE 526 6
Packet Flow Direction • Outgoing: to the internet ─ SIP, DIP ─ Sport, Dport ─ IP Proto filed • Incoming: from internet ─ Is same as outgoing? Ning Weng ECE 526 7
Packet Field Change Cross NAT Ning Weng ECE 526 8
NAT Table Example • *. 2 and *. 3 access web server at 128. 10. 2. 1 • *. 4 ping 192. 5. 3. 1 Ning Weng ECE 526 9
NAT Table Lookup • Incoming and outgoing different • Two independent hash tables used Ning Weng ECE 526 10
NAT Table Implementation • Packet direction: f_nat or r_nat • Extract fields, computer hash value and bucket value Ning Weng ECE 526 11
NAT Complexity • Fragmentation causes header of encapsulated protocol are only present in first fragment ─ E. g. , no port number available for later fragments • IP datagram with options • Memory requirement for NAT table Ning Weng ECE 526 12
NAT Table Management • Creation ─ Automatically ─ Add one entry when it is first packet for new flow • Table entry lifetime ─ Based on packet header • E. g. , Fin or reset for TCP ─ Aging • Counter down timer – Reset to maximum value once used – Decrease one every cycle • Table entry update ─ Least recent used ─ Priority heuristic • TCP > UDP > ARP >others Ning Weng ECE 526 13
NAT IXP Implementation Ning Weng ECE 526 14
NAT Overall Structure • What are implementation ideas to improve throughput? Ning Weng ECE 526 15
NAT Microblock Organization Ning Weng ECE 526 16
Reminder • Example System on IXP 2400 II: chapter 25 • Example of other commercial NPs: chapter 15 Ning Weng ECE 526 17
Ece 526
Ece 526
Network systems design using network processors
Byzantine empire 526 ce
Silicone logo
Byzantine empire 526 ce
What is the value of the underlined digit 526
Então meu deus
Cs 526
Physical address vs logical address
Top-down vs bottom-up processing
Bottom up processing vs top down processing
Bottom-up processing example
Neighborhood processing
Example of secondary processing
Point processing operations in image processing
Histogram processing in digital image processing
Parallel processing vs concurrent processing
