A New Method for Symmetric NAT Traversal in UDP and TCP
需积分: 19 175 浏览量
2012-03-18
10:20:07
上传
评论
收藏 769KB PDF 举报
A New Method for Symmetric NAT Traversal
in UDP and TCP
Yuan Wei
Waseda University
3-4-1 Okubo, Shinjuku-ku,
Tokyo, JAPAN
Daisuke Yamada
Waseda University
3-4-1 Okubo, Shinjuku-ku,
Tokyo, JAPAN
Suguru Yoshida
Waseda University
3-4-1 Okubo, Shinjuku-ku,
Tokyo, JAPAN
{wei,daiski,yoshida,goto}@goto.info.waseda.ac.jp
Shigeki Goto
Waseda University
3-4-1 Okubo, Shinjuku-ku,
Tokyo, JAPAN
ABSTRACT
This paper proposes a new metho d for Network Address
Translator (NAT) Traversal in UDP. Several techniques have
been proposed for traversing NAT or firewall boxes in UDP.
These techniques can establish UDP communication between
hosts behind NATs. However, existing NAT traversal meth-
ods, including Universal Plug and Play (UPnP), Simple traver-
sal of UDP over NATs (STUN) and Teredo, cannot traverse
symmetric NAT boxes. Our method uses a new port predic-
tion method. It controls ports to traverse symmetric NAT
boxes as well as other kinds of NATs. In addition, our new
method can be extended for simple NAT traversal in TCP.
The method is based on a new UDP hole punching tech-
nique.
We have tested nine working NAT products in our labora-
tory. The results show that our method can be practically
implemented for successful NAT traversal for real use.
Keywords
NAT traversal, Symmetric NAT, UDP, P2P, Stateful Packet
Inspection, TCP
1. INTRODUCTION
A network address translator (NAT) is a well-known, ver-
satile tool that enables the reuse of IP addresses in the In-
ternet. Using a NAT, we can convert private IP addresses
to global IP addresses. However, a fatal problem can occur
if an applications protocol includes an IP address as part of
the payload of IP packets. This is because NAT translates
IP addresses in the header properly, it cannot convert IP ad-
dresses in the payload. Examples of applications that suffer
from this problem include Voice Over IP and Multimedia
Over IP applications such as SIP [1] and H.323 [2] as well
as online games.
Copyright is held by the author/owner(s).
Asia Pacific Advanced Network 2008,
4-8 August 2008, New Zealand.
Network Research Workshop 2008,
4 August 2008, New Zealand.
There have been many proposals to solve this problem. Sev-
eral real-time multimedia applications, online games, and
other applications that work properly across NATs have
been developed using standard techniques such as Universal
Plug and Play (UPnP) which has been adopted by many
vendors [3]. Another example of a commonly used protocol
is Simple Traversal of UDP (STUN) [4], which is an imple-
mentation of the UNilateral Self-Address Fixing (UNSAF)
protocol [5]. Teredo realizes an UNSAF mechanism by tun-
neling IPv6 over UDP/IPv4 [6]. However, these proposals
do not solve the problem completely because none of them
can work successfully with all types of NATs.
This paper proposes a new method for NAT traversal, which
is applicable to symmetric NATs as well as other types of
NATs. Symmetric NATs are used when high security com-
munication is required. For example, the most expensive
router sold by a Japanese manufacturer, who sells nine types
of routers in the market, is the one equipped with symmet-
ric NAT functionality. Symmetric NATs are installed as
routers in business enterprises and also as high-end routers
for home use. Our new method is based on port prediction.
It manipulates port numbers in order to traverse symmetric
NATs successfully. We have conducted several experiments
to evaluate the performance of our new method. The re-
sults show that our method can be practically implemented
for successful NAT traversal. In addition, the new method
can be also extended to develop a new method for NAT
traversal in TCP.
Section 2 describes the various types of NATs. Section 3
surveys the existing methods of NAT traversal. Our new
method is proposed in Section 4. Section 5 shows the results
of our experiments and Section 6 concludes this paper.
2. TAXONOMY OF NATS
The study on the STUN proto col [4], use terms such as Full
Cone, Restricted Cone, Port Restricted Cone and Symmet-
ric to describe the different types of NATs. These NATs
are discussed with reference to UDP only. We will mention
TCP NATs briefly in Section 4.4.
2.1 Full Cone NAT
A full cone NAT is also known as a one-to-one NAT. Once an
internal IP address and port are mapped to some external
资源评论
