GIST NAT traversal and Legacy NAT traversal for GIST AND

Slides:



Advertisements
Similar presentations
NSIS Operation Over IP Tunnels draft-ietf-nsis-tunnel-04.txt Charles Shen, Henning Schulzrinne, Sung-Hyuck Lee, Jong Ho Bang IETF#71 – Philadelphia, USA.
Advertisements

20.1 Chapter 20 Network Layer: Internet Protocol Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Chapter 22 IPv6 (Based on material from Markus Hidell, KTH)
1 Internet Protocol Version 6 (IPv6) What the caterpillar calls the end of the world, nature calls a butterfly. - Anonymous.
STUN Date: Speaker: Hui-Hsiung Chung 1.
NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT
1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.
1 © NOKIA NSIS MIPv6 FW/ November 8 th 2004 Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-01 S. Thiruvengadam.
Telematics group University of Göttingen, Germany Overhead and Performance Study of the General Internet Signaling Transport (GIST) Protocol Xiaoming.
1 Internet Networking Spring 2004 Tutorial 13 LSNAT - Load Sharing NAT (RFC 2391)
Next Step In Signaling (NSIS) and Internet Routing Dynamics Charles Shen and Henning Columbia University in the City of New York Internet.
1 IETF 64th meeting, Vancouver, Canada Design Options of NSIS Diagnostics NSLP Xiaoming Fu Ingo Juchem Christian Dickmann Hannes Tschofenig.
NSIS Transport Layer draft-ietf-nsis-ntlp-00.txt Slides:
CSCI 4550/8556 Computer Networks Comer, Chapter 21: IP Encapsulation, Fragmentation, and Reassembly.
July 2008IETF 72 - NSIS1 Permission-Based Sending (PBS) NSLP: Network Traffic Authorization draft-hong-nsis-pbs-nslp-01 Se Gi Hong & Henning Schulzrinne.
COS 420 Day 20. Agenda Group Project Discussion Protocol Definition Due April 12 Paperwork Due April 29 Assignment 3 Due Assignment 4 is posted Last Assignment.
NSIS based NetServ Signalling Protocol Design and Implementation Roberto Francescangeli Visiting PhD student.
1 Spring Semester 2007, Dept. of Computer Science, Technion Internet Networking recitation #12 LSNAT - Load Sharing NAT (RFC 2391)
NSIS Flow ID and packet classification issues Hong Cheng, Qijie Huang, Takako Sanda, Toyoki Ue IETF#63 August, 2005.
IP/ICMP Translation Algorithm (IIT) Xing Li, Congxiao Bao, Fred Baker
Host Identity Protocol
1Group 07 IPv6 2 1.ET/06/ ET/06/ ET/06/ EE/06/ EE/06/ EE/06/6473 Group 07 IPv6.
Mobile IP Traversal Of NAT Devices By, Vivek Nemarugommula.
Objectives: Chapter 5: Network/Internet Layer  How Networks are connected Network/Internet Layer Routed Protocols Routing Protocols Autonomous Systems.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 15 Network Layer Protocols: ARP, IPv4, ICMPv4, IPv6, and ICMPv6.
0 NAT/Firewall NSLP IETF 61th November 2004 draft-ietf-nsis-nslp-natfw-04.txt Martin Stiemerling, Hannes Tschofenig, Cedric Aoun.
Telematics group University of Göttingen, Germany Overhead and Performance Study of the General Internet Signaling Transport (GIST) Protocol Xiaoming.
The Inter-network is a big network of networks.. The five-layer networking model for the internet.
IPSec IPSec provides the capability to secure communications across a LAN, across private and public wide area networks (WANs) and across the Internet.
GIMPS * – The NSIS Transport Layer draft-ietf-nsis-ntlp-05.txt Slides: Robert Hancock, Henning.
0 NAT/Firewall NSLP Activities IETF 60th - August 2nd 2004 Cedric Aoun, Martin Stiemerling, Hannes Tschofenig.
TURN -01 Changes and Issues Rohan Mahy BEHAVE at IETF66 - Montreal.
Draft-gu-ppsp-peer-protocol-02 Presenter : Gu Yingjie IETF-81, Quebec, July, 2011.
NAT traversal for GIST in 300 seconds A. Pashalidis; H. Tschofenig.
NSIS Transport Layer draft-ietf-nsis-ntlp-01.txt Slides:
Problems in using HIP for P2PSIP Philip Matthews Avaya
Network Address Translation Current problems with IP addresses:  Address depletion  Scaling in routing Solutions:  IPv6  CIDR  NAT.
Security, NATs and Firewalls Ingate Systems. Basics of SIP Security.
Chapter 13 The Internet.
Chapter 20 Network Layer: Internet Protocol
Multi-hop PANA IETF Currently: –“For simplicity, it is assumed that the PAA is attached to the same link as the device (i.e., no intermediary IP.
Packet Format Issues #227: Need Shim Header to indicate Crypto Property of packet Do we need to add pre-amble header to indicate if data is encrypted or.
Implications of Trust Relationships for NSIS Signaling (draft-tschofenig-nsis-casp-midcom.txt) Authors: Hannes Tschofenig Henning Schulzrinne.
Chapter 27 IPv6 Protocol.
TURN Jonathan Rosenberg Cisco Systems. Changes since last version Moved to behave terminology Many things moved into STUN –Basic request/response formation.
SDP Simple Capability Negotiation (SDP Simcap) draft-andreasen-mmusic-sdp-simcap-reqts-00.txt draft-andreasen-mmusic-sdp-simcap-01.txt 50th IETF - March.
1 Addressing, Internetworking. 2 Collection of Subnetworks The Internet is an interconnected collection of many networks.
NATFW NSLP Status draft-ietf-nsis-nslp-natfw-12.txt M. Stiemerling, H. Tschofenig, C. Aoun, and E. Davies NSIS Working Group,
1 3gpp_trans/ / IPv6 Transition Solutions for 3GPP Networks draft-wiljakka-3gpp-ipv6-transition-00.txt Juha Wiljakka,
21-07-xxxx IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: Network based Distributed Mobility Approach Date Submitted: July,
0 NAT/Firewall NSLP IETF 63th – August 2005 draft-ietf-nsis-nslp-natfw-07.txt Martin Stiemerling, Hannes Tschofenig, Cedric Aoun.
IPSec – IP Security Protocol By Archis Raje. What is IPSec IP Security – set of extensions developed by IETF to provide privacy and authentication to.
Partly-Decoupled Signalling in NSIS draft-hancock-nsis-pds-problem-03.txt Robert Hancock, Cornelia Kappler, Juergen Quittek, Martin Stiemerling IETF#65.
NSIS NAT/Firewall Signaling NSIS Interim Meeting Romsey/UK, June 2004 Martin Stiemerling, Hannes Tschofenig, Cedric Aoun.
Lecture 13 IP V4 & IP V6. Figure Protocols at network layer.
H.323 NAT Traversal Problem particular to H.323(RAS->Q.931->H.245):  RAS from private network to public network can pass NAT  Q931 、 H.245 adopts the.
1 NSIS: A New Extensible IP Signaling Protocol Suite Myungchul Kim Tel:
Preferred Alternatives for Tunnelling HIP (PATH)
Internet Protocol Version 6 Specifications
A quick intro to networking
IETF#67 – 5-10 November 2006 FECFRAME requirements (draft-ietf-fecframe-req-01) Mark Watson.
Preferred Alternatives for Tunnelling HIP (PATH)
Topic #1 & #5 “All that has to do with header formats”
Transport Protocols Relates to Lab 5. An overview of the transport protocols of the TCP/IP protocol suite. Also, a short discussion of UDP.
NSIS Operation Over IP Tunnels draft-shen-nsis-tunnel-01.txt
An Update on Multihoming in IPv6 Report on IETF Activity
IEEE MEDIA INDEPENDENT HANDOVER
NSIS Operation Over IP Tunnels draft-ietf-nsis-tunnel-04.txt
M. Boucadair, J. Touch, P. Levis and R. Penno
IEEE MEDIA INDEPENDENT HANDOVER
Presentation transcript:

GIST NAT traversal and Legacy NAT traversal for GIST AND A. Pashalidis; H. Tschofenig

{Andreas.Pashalidis, NAT Traversal Previous document split in two. GIST NAT Traversal — NAT is GIST-aware Legacy NAT traversal for GIST. — NAT does not know anything about NSIS — Online, but not submitted to IETF yet Reason for splitting: material in one document does not affect material in the other.

{Andreas.Pashalidis, GIST NAT Traversal Document (still) covers two approaches: “transparent” and “non-transparent”. Both approaches are compatible with GIST main spec. However, only non-transparent approach makes use of GIST “NAT Traversal” object.

{Andreas.Pashalidis, Transparent Approach NAT GIST peer 1 GIST peer 2 1. GIST QUERY 2. TRANSLATE FLOW ID (MRI) according to NAT binding; put NAT IP address in NLI.IA field 3. GIST QUERY (translated) 4. GIST RESPONSE (sent to NLI.IA) 5. TRANSLATE MRI and NLI.IA back to original values 6. GIST RESPONSE (translated) NAT translates IP header, transport layer header, and GIST header of signalling traffic (D-mode and C-mode) in a manner consistent with the data flow NAT binding. NAT does not install a separate “NAT binding” for signalling traffic (translation above suffices) Approach hides internal addresses from public Internet. Approach does not work if IPsec/TLS is used!

{Andreas.Pashalidis, Non-transparent Approach NAT GIST peer 1 GIST peer 2 1. GIST QUERY 2. Add NAT Traversal Object 3. GIST QUERY (with NTO) 4. GIST RESPONSE (with NTO) 5. Remove NTO 6. GIST RESPONSE (without NTO) Message 3 contains translated and original MRI, thus peer 2 can map subsequent signalling messages (with untranslated MRI) to data flow. NAT installs “NAT binding” for signalling traffic after RESPONSE is received. NAT does not modify any GIST messages, except QUERY, RESPONSE. Internal addresses exposed on public Internet.

{Andreas.Pashalidis, Legacy NAT Traversal for GIST Extension to GIST For now, no changes in message formats required. — Just new behaviour at GIST nodes.

{Andreas.Pashalidis, Legacy NAT traversal: NI-side NAT GIST peer 1 GIST peer 2 1. GIST QUERY 2. GIST QUERY 3. GIST RESPONSE 4. GIST RESPONSE Peer 2 detects the NAT and proposes a UDP tunnel Peer 1 detects the NAT and sets up the UDP tunnel Both data traffic and signalling traffic is sent over the tunnel. NAT detected! UDP TUNNEL Do the NAT work… data sig

{Andreas.Pashalidis, Legacy NAT traversal: NR-side Work in progress…

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.