NAT and NAT Traversal SEng 490 Directed Study

  • Slides: 24
Download presentation
NAT and NAT Traversal SEng 490 Directed Study Haoran Song Supervised by Dr. Jianping

NAT and NAT Traversal SEng 490 Directed Study Haoran Song Supervised by Dr. Jianping Pan

Outline • Problems of NAT in the real world • NAT Traversal in our

Outline • Problems of NAT in the real world • NAT Traversal in our research • Conclusion

Firewalls and NAT

Firewalls and NAT

Four Types of NAT Full Cone NAT 2. IP Restricted NAT 3. Port Restricted

Four Types of NAT Full Cone NAT 2. IP Restricted NAT 3. Port Restricted NAT 4. Symmetric NAT Then let us see how these four NATs work? 1.

Full Cone: not very restricted B

Full Cone: not very restricted B

IP Restricted NAT n Has restrictions on incoming IP

IP Restricted NAT n Has restrictions on incoming IP

Port Restricted NAT n Not only has restrictions on IP, but also on Port

Port Restricted NAT n Not only has restrictions on IP, but also on Port

Symmetric NAT n Very restricted. New mapping for each different connection.

Symmetric NAT n Very restricted. New mapping for each different connection.

Problems caused by NAT n n So, When we do communication with NAT, outside

Problems caused by NAT n n So, When we do communication with NAT, outside packets can not come in until inside packets go out first. We need to find a way to overcome this problem and this technique is called NAT Traversal.

NAT Traversal n 1. 2. n 1. 2. Our plan We need to know

NAT Traversal n 1. 2. n 1. 2. Our plan We need to know what NAT we are behind Do NAT traversal according to the identified NAT Therefore, two main parts in our research NAT Detection NAT Traversal

NAT Detection We get the Poly. NAT from Dr. Hoffman. It can emulates four

NAT Detection We get the Poly. NAT from Dr. Hoffman. It can emulates four different NATs. Thanks to Dr. Hoffman and his students.

NAT Detection Flow

NAT Detection Flow

Example: Full Cone Detection

Example: Full Cone Detection

NAT Traversal n A NAT Traversal B cone IP restricted port restricted symmetric ?

NAT Traversal n A NAT Traversal B cone IP restricted port restricted symmetric ? ?

Full Cone-Full Cone

Full Cone-Full Cone

Full Cone-Full Cone: Scenario

Full Cone-Full Cone: Scenario

Full cone/restricted-restricted

Full cone/restricted-restricted

Full cone/restricted-restricted Scenario

Full cone/restricted-restricted Scenario

Full cone/IP restricted-symmetric

Full cone/IP restricted-symmetric

Full cone/IP restricted-symmetric Scenario

Full cone/IP restricted-symmetric Scenario

How does clients describe who they are n n n We build our own

How does clients describe who they are n n n We build our own traversal commands We use XML to describe necessary information and embed these descriptions in our traversal commands. So, other clients get specified information about their peers by learning these XML contents.

An example of a traversal command

An example of a traversal command

Conclusion n We have implemented 3. Full Cone – Full Cone Full/Restricted Cone –

Conclusion n We have implemented 3. Full Cone – Full Cone Full/Restricted Cone – Restricted Cone Full/IP Restricted Cone – Symmetric n The things we will do in the future 1. 2. Port Restricted Cone – Symmetric

NAT and NAT Traversal n Questions?

NAT and NAT Traversal n Questions?

NAT AND FIREWALL TRAVERSAL NAT NETWORK ADDRESS TRANSLATIONNAT AND FIREWALL TRAVERSAL NAT NETWORK ADDRESS TRANSLATION
NATFirewall Traversal April 2009 NAT revisited porttranslating NATNATFirewall Traversal April 2009 NAT revisited porttranslating NAT
NAT e Firewall traversal NAT Network Address TranslationNAT e Firewall traversal NAT Network Address Translation
SENG 403 Winter 2012 Unit Testing SENG 403SENG 403 Winter 2012 Unit Testing SENG 403
SENG 403 System sequence diagram SSD SENG 403SENG 403 System sequence diagram SSD SENG 403
Directed Path Directed Path Agenda Directed Path AboutDirected Path Directed Path Agenda Directed Path About
Network Address Translation NAT 1 NAT NAT deviceNetwork Address Translation NAT 1 NAT NAT device
NAT Network Address Translation NAT 64 NAT 6NAT Network Address Translation NAT 64 NAT 6
Nat Turner 1831 Nat Turner Why was NatNat Turner 1831 Nat Turner Why was Nat
Nat Int Nat Int nat 2 int ZeroNat Int Nat Int nat 2 int Zero
Nat Int Nat Int nat 2 int ZeroNat Int Nat Int nat 2 int Zero
Nat Int Nat Int nat 2 int ZeroNat Int Nat Int nat 2 int Zero
UCM Path Traversal UCM Scenarios and Path TraversalUCM Path Traversal UCM Scenarios and Path Traversal
StructureShy Programming Ahmed Traversal StructureShy Programming Traversal StrategyStructureShy Programming Ahmed Traversal StructureShy Programming Traversal Strategy
Tree Traversal Pre Order Tree Traversal 1 VisitTree Traversal Pre Order Tree Traversal 1 Visit
Binary Tree Traversal Methods In a traversal ofBinary Tree Traversal Methods In a traversal of
Tree Traversal Techniques Heaps Tree Traversal Concept TreeTree Traversal Techniques Heaps Tree Traversal Concept Tree
Algoritma Traversal di dalam Graf Traversal di dalamAlgoritma Traversal di dalam Graf Traversal di dalam
Inorder Traversal Inorder traversal Visit the left subtreeInorder Traversal Inorder traversal Visit the left subtree
Binary Tree Traversal Methods In a traversal ofBinary Tree Traversal Methods In a traversal of
Binary Tree Traversal Methods In a traversal ofBinary Tree Traversal Methods In a traversal of
In Order Traversal Algorithm In Order traversal algorithmIn Order Traversal Algorithm In Order traversal algorithm
Algoritma Traversal Graph Graph Traversal Algorithms In generalAlgoritma Traversal Graph Graph Traversal Algorithms In general