Scribd Logo
Importer

Bienvenue sur Scribd !

  • Nat Traversal

    Transféré par

    lamkakaka
    201 vues14 pages
    NAT (network address translation) is the process of modifying network address information in datagram packet header. NAT Traversal using STUN is a protocol used by end hosts to determine whether it is behind firewall / NAT boxes, and to identify the type of it.

    Description originale:

    Titre original

    Nat Traversal

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Formats disponibles

    PPT, PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    NAT (network address translation) is the process of modifying network address information in datagram packet header. NAT Traversal using STUN is a protocol used by end hosts to determine whether it is behind firewall / NAT boxes, and to identify the type of it.

    Droits d'auteur :

    Attribution Non-Commercial (BY-NC)
    Téléchargez comme PPT, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    201 vues14 pages

    Nat Traversal

    Transféré par

    lamkakaka
    NAT (network address translation) is the process of modifying network address information in datagram packet header. NAT Traversal using STUN is a protocol used by end hosts to determine whether it is behind firewall / NAT boxes, and to identify the type of it.

    Droits d'auteur :

    Attribution Non-Commercial (BY-NC)
    Téléchargez comme PPT, PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 14

    IEG3090 - Tutorial 10

    NAT Traversal
    Fong Chi Hang, Bosco
    Overview
    • Types of NATs & Firewalls
    • STUN
    • NAT Traversal using STUN
    Network Address Translation (NAT)
    • The process of modifying network address
    information in datagram packet header
    • Remapping a given address space into another
    Full cone NAT discovery
    Restricted cone NAT discovery
    Port-restricted cone NAT discovery
    Symmetric NAT discovery
    Firewalls
    Stun client Stun server
    Firewall
    request

    response
    Node with Application at
    private address X address Y port P

    Some firewall may block all UDP


    Some firewall may allow UDP response if sent from Y/P where an
    earlier UDP request was sent to (“symmetric firewall”)
    STUN (Simple Traversal of UDP
    datagram protocol through NATs)
    • A protocol used by end hosts to determine
    whether it is behind firewall/NAT boxes, and to
    identify the type of it
    • Communicate with a public STUN server
    • Key point  alternating the response IP address
    and port number
    STUN Request and Response
    The STUN response from the server may include:
     MAPPED-ADDRESS - contains the IP address and port of client.
     CHANGED-ADDRESS - contains the alternate IP address and
    port of the server.
     SOURCE-ADDRESS - contains the IP address and port of
    server.

    The STUN request can contain a flag to request


    the STUN server to use alternative address and
    port to send STUN response
     CHANGE-REQUEST - contains flags for the alternate IP address
    and port of server.
    Flow chart for NAT discovering process
    NAT Traversal using NAT
    • Alice (with private address) wants to call Bob
    • Bob is also behind NAT box (with private address)
    • Alice talks to public (STUN) server, so server knows Alice’s external
    address/port
    • Bob also talks to public server, so server knows about Bob too
    • Public server tells Alice about Bob, and Bob about Alice
    • Bob sends packet to Alice (creating a “hole” in his NAT)

    1 server
    2
    3 4

    Alice Bob
    NAT Traversal using NAT
    • Now when Alice sends a packet back to Bob, Bob’s NAT does not
    filter it, assuming it is return packet from earlier request
    • Alice’s NAT also allows Bob’s future packets to return
    • This assumes Alice’s NAT will use the same external address/port
    (for server) to talk to Bob.
    • This does not work if NATs are Symmetric NATs

    1 server
    2
    3 4

    Alice Bob
    Thank you very much !

    Vous aimerez peut-être aussi