STUN Date: 2011-05-25 Speaker: Hui-Hsiung Chung 1.

Slides:

Advertisements

Similar presentations

SIP, Firewalls and NATs Oh My!. SIP Summit SIP, Firewalls and NATs, Oh My! Getting SIP Through Firewalls Firewalls Typically.

Advertisements

1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.

CST Computer Networks NAT CST 415 4/10/2017 CST Computer Networks.

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-

Tom Behrens Adam Muniz. Overview What is VoIP SIP Sessions H.323 Examples Problems.

CS 4700 / CS 5700 Network Fundamentals Lecture 15: NAT (You Better Forward Those Ports) Revised 3/9/2013.

1 Topic 2 – Lesson 4 Packet Filtering Part I. 2 Basic Questions What is packet filtering? What is packet filtering? What elements are inside an IP header?

P2P and NAT How to traverse NAT Davide Carboni ©

Network Address Translation (NAT) Prof. Sasu Tarkoma.

NAT/Firewall Traversal April NAT revisited – “port-translating NAT”

1 © 2004 Cisco Systems, Inc. All rights reserved. Making NATs work for Online Gaming and VoIP Dr. Cullen Jennings

SIP Traversal over NAT Problems and Solutions Mr. Ting-Yun Chi May 2,2006 (Taiwan,NICI IPv6 R&D Division)

Copyright 2005 – 2009 © by Elliot Eichen. All rights reserved. NAT (NAPT/PAT), STUN, and ICE `Structure of ice II, viewed along the hexagonal c-axis. Hydrogen.

1 NAT Traversal for VoIP Ai-Chun Pang Graduate Institute of Networking and Multimedia Dept. of Comp. Sci. and Info. Engr. National Taiwan University.

Network Address Translation (NAT) Adj. Prof. Sasu Tarkoma.

NAT1 Network Address Translation Dr. Danny Tsang Department of Electronic & Computer Engineering Hong Kong University of Science and Technology.

January 23-26, 2007 Ft. Lauderdale, Florida An introduction to SIP Simon Millard Professional Services Manager Aculab.

NAT Network Address Translation Presented by Snoopers Eduardo Segura Shenal Shroff Shinichi Nishiyama Suyou He Thu Nguyen.

1 © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential Session Number Presentation_ID STUN, TURN and ICE Cary Fitzgerald.

STUN Tutorial Jonathan Rosenberg Chief Technology Officer.

H. 323 and firewalls: Problem Statement and Solution Framework Author: Melinda Shore, Nokia Presenter: Shannon McCracken.

NAT (Network Address Translator) Atif Karamat In the name of God the most merciful and the most compassionate.

What we will cover… Home Networking: Network Address Translation (NAT) Mobile Routing.

1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.

SIP, NAT, Firewall SIP NAT Firewall How to Traversal NAT/Firewall for SIP.

Section 461.  ARP  Ghostbusters  Grew up in Lexington, KY  Enjoy stargazing, cycling, and mushroom hunting  Met Mario once (long time ago)

RTP Relay Support in Intelligent Gateway Author: Pieere Pi

Network Layer4-1 NAT: Network Address Translation local network (e.g., home network) /24 rest of.

SOCKS Group: Challenger Member: Lichun Zhan. Agenda Introduction SOCKS v4 SOCKS v5 Summary Conclusion References Questions.

NAT Traversal Speaker: Chin-Chang Chang Date:

1 Integrating 3G and WLAN Services in NTP SIP-based VoIP Platform Dr. Quincy Wu National Telecommunications Program Office

1 NAT Network Address Translation Motivation for NAT To solve the insufficient problem of IP addresses IPv6 –All software and hardware need to be updated.

Chapter 13 – Network Security

STUN - Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs) speaker ： Wenping Zhang date ：

Network Layer4-1 Chapter 4: Network Layer r 4. 1 Introduction r 4.2 Virtual circuit and datagram networks r 4.3 What’s inside a router r 4.4 IP: Internet.

Private Network Interconnection Chapter 20. Introduction Privacy in an internet is a major concern –Contents of datagrams that travel across the Internet.

1 NAT & RTP Proxy Date: 2009/7/2 Speaker: Ni-Ya Li Advisor: Quincy Wu.

Private Network Addresses IP addresses in a private network can be assigned arbitrarily. – Not registered and not guaranteed to be globally unique Generally,

1 Firewalls Types of Firewalls Inspection Methods  Static Packet Inspection  Stateful Packet Inspection  NAT  Application Firewalls Firewall Architecture.

Simon Millard Professional Services Manager Aculab – booth 402 The State of SIP.

Security, NATs and Firewalls Ingate Systems. Basics of SIP Security.

IPV6 TERM PROJECT - CONTIKI Speaker: Hui-Hsiung Chung 1.

Network Address Translation External/ Internal/. OVERLOADING In Overloading, each computer on the private network is translated to the same IP address;

Presented by Rebecca Meinhold But How Does the Internet Work?

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 11: Network Address Translation for IPv4 Routing And Switching.

Making SIP NAT Friendly Jonathan Rosenberg dynamicsoft.

Interactive Connectivity Establishment : ICE

VersionIHLTotal Length FlagsIdentificationFragment Offset Time To Live Destination Address OptionsPadding Protocol = 6 Type of Service IP Header TCP Destination.

Routing. Classless Inter-Domain Routing Classful addressing scheme wasteful – IP address space exhaustion – A class B net allocated enough for 65K hosts.

jitsi. org advanced real-time communication.

Process-to-Process Delivery:

Network Address Translation Sandip Chakraborty. NAT PRIVATE NETWORK PUBLIC NETWORK IP: Port: 8123 IP: Port: 9678 IP:

HIP-Based NAT Traversal in P2P-Environments

CS 3700 Networks and Distributed Systems

NAT (Network Address Translation)

Gijeong Kim ,Junho Kim ,Sungwon Lee Kyunghee University

NAT : Network Address Translation

Chapter 11 User Datagram Protocol

Network Address Translation (NAT)

改良UDP洞穿技術設計物聯網通訊：以遠端門鈴監控系統為例 Improving UDP Hole Punching Technique For IoT Communications: A Remote Door-bell Monitoring System 報告時間28~32分佳楊凱勝指導教授：柯開維.

Network Address Translation (NAT)

NET323 D: Network Protocols

CS 3700 Networks and Distributed Systems

NET323 D: Network Protocols

NAT Traversal for VoIP Dr. Quincy Wu National Chi Nan University

CS4470 Computer Networking Protocols

Chapter 11: Network Address Translation for IPv4

Request for Comments(RFC) 3489

Network Address Translation (NAT)

DHCP: Dynamic Host Configuration Protocol

Presentation transcript:

STUN Date: Speaker: Hui-Hsiung Chung 1

OUTLINE Introduction NAT VoIP and NAT Demo Reference 2

INTRODUCTION STUN Simple Traversal of UDP through Network Address Translators(RFC 3489) Session Traversal Utilities for NAT(RFC 5389) UDP only A mechanism for a User Agent(UA) behind NAT(s) to get its mapped(IP, Port) on Internet Check whether UA is behind NAT(s) or not UA gets the mapped(IP, Port) from STUN Server UA Replaces the IP and Port of SIP Header 3

NAT 4 IP addr: IP addr: IP addr: IP addr: IP addr: Internet

NAT TYPES Full Cone Only IP address translation. Any external host can send a packet to the internal host. Restricted Cone An external host can send a packet to the internal host only if the internal host had previously sent a packet to the external host. 5

NAT TYPES CONT. Port Restricted Cone A Port Restricted Cone NAT is like a Restricted Cone NAT, but the restriction includes port numbers. Symmetric Each request from the same internal IP address and port to a specific destination IP address and port is mapped to a unique external source IP address and port. 6

FULL CONE 7 Mapping Table :21  (for A) :21  12345(for B) Client IP Address: Port:21 NAT Host A IP Address: Port:10110 Host B IP Address: Port:20220 IP Add: Port:12345

RESTRICTED CONE 8 Mapping Table :21  (for A) Client IP Address: Port:21 NAT Host A IP Address: Port:10110 Port:10111 Host B IP Address: Port:20220 IP Add: Port:12345

PORT RESTRICTED CONE 9 Mapping Table :21  (for A:10110) :21  12345(for A:10111) Client IP Address: Port:21 NAT Host A IP Address: Port:10110 Port:10111 IP Add: Port:12345

SYMMETRIC 10 Mapping Table :21  1357 (for A:10110) :21  2468 (for B:20220) Client IP Address: Port:21 NAT Host A IP Address: Port:10110 Host B IP Address: Port:20220 IP Add: Port:2468 IP Add: Port:1357

FLOWCHART OF CHECKING NAT TYPES 11 Source from wiki

OUTPUT OF STUN CLIENT "Open" means Open Internet "Independent Mapping, Independent Filter" means Full Cone NAT "Independent Mapping, Address Dependent Filter" means Restricted Cone NAT "Independent Mapping, Port Dependent Filter" means Port Restricted Cone NAT "Dependent Mapping" means Symmetric NAT 12

VOIP AND NAT NAT convert IP addresses in IP layer Problem 1: SIP, is a application layer protocol but contain IP address/port information in messages, which is not translated by NAT. Problem 2: Private client must send a outgoing packet first (to create a mapping on NAT) to receive incoming packet. 13

SOLUTION WITH STUN 14 SIP UA with STUN Supports IP addr: Port:3468 Binding request from :63999 STUN Server Binding reply to SIP UA. Tell him his public Address is :63999 NAT IP addr:

SOLUTION WITH STUN CONT. 15 SIP UA with STUN Supports IP addr: Port:3468 Register from :63541 SIP Server IP addr: Port:5060 Sending 200 OK to :63541 NAT IP addr:

SIP UA WITHOUT STUN SUPPORTS 16

SIP UA WITH STUN SUPPORTS 17

DEMO Experimental environment STUN Server: FreeBSD 8.2 STUN Client: Windows 7 18

REFERENCE RFC 3489, IETF, Mar RFC 5389, IETF, Oct Wiki STUN “ VoIP pass through NAT ” Yao-Nan Lien STUN Client and Server library Free STUN Servers 19