Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 STUN Changes draft-ietf-behave-rfc3489bis-03 Jonathan Rosenberg Dan Wing Cisco Systems.

Published byElaine Randall Modified over 8 years ago

Similar presentations

Presentation on theme: "1 STUN Changes draft-ietf-behave-rfc3489bis-03 Jonathan Rosenberg Dan Wing Cisco Systems."— Presentation transcript:

1 1 STUN Changes draft-ietf-behave-rfc3489bis-03 Jonathan Rosenberg Dan Wing Cisco Systems

2 2 Changes since -02 Magic-Cookie –Determines RFC3489 or RFC3489bis Whether to use XOR or old mapped address –Stolen from transaction ID Branch cookie style from SIP Puts differentiation high up in the message Created ‘usages’ and defined 4 –Binding Discovery (“classic” RFC3489) –Connectivity Check (ICE) –NAT Keepalives (sip- outbound) –Short-Term Password (“classic” RFC3489) Removed attributes to determine NAT type

3 3 Changes since -02 Clarified 0b00 begins each STUN packet Support for IPv6 Removed text recommending listening for late-arriving STUN responses for 10 seconds –Was an attempt to detect STUN attacks

4 4 Changes since -02 Moved from TURN to STUN –Magic-Cookie originated in TURN, but found additional value when used in STUN –STUN Indications –Authentication framework Digest –Attributes ALTERNATE-SERVER REALM NONCE

5 5 Changes since -02 Added BINDING-LIFETIME attribute –Placeholder for configuring stun keepalives easily

6 6 Open Issue #1: Fate of type- determination attributes NAT type attributes: –RESPONSE-ADDRESS –CHANGED-ADDRESS –CHANGE-REQUEST –SOURCE-ADDRESS –REFLECTED-FROM What should we do with them? –Leave them in RFC3489bis –Back-reference to RFC3489 –Proposal: Create separate ‘diagnostic’ I-D

7 7 Open Issue #2: TLS Not fully spec’d out on how to determine whether to send or receive TLS Issue raised on list – should we use NAPTR? –This was done in SIP because we needed to have priority across disparate protocols –Not the case here – client knows exactly which it needs (TCP/UDP/TLS) –Need to factor in usages – may want different ports for them Proposal – just SRV –_usage._transport.domain –Stun = binding discovery usage –Backwards compatible and folds naturally into ports per usage

8 8 Need Help On … Failover behavior –Usage-specific (NAT keepalive behavior is different from connectivity check)

Download ppt "1 STUN Changes draft-ietf-behave-rfc3489bis-03 Jonathan Rosenberg Dan Wing Cisco Systems."

Similar presentations

Message Sessions Draft-campbell-simple-im-sessions-01 Ben Campbell

Message Sessions Draft-campbell-simple-im-sessions-01 Ben Campbell
STUN Open Issues Jonathan Rosenberg dynamicsoft. Changes since -00 Answered UNSAF considerations –Still awaiting response from Leslie on whether they.

STUN Open Issues Jonathan Rosenberg dynamicsoft. Changes since -00 Answered UNSAF considerations –Still awaiting response from Leslie on whether they.
Open Issues in bis 12/6/2001 5:28 PM Jonathan Rosenberg dynamicsoft.

Open Issues in bis 12/6/2001 5:28 PM Jonathan Rosenberg dynamicsoft.
Advanced Flooding Attack on a SIP Server Xianglin Deng, Canterbury University Malcolm Shore, Canterbury University & Telecom NZ.

Advanced Flooding Attack on a SIP Server Xianglin Deng, Canterbury University Malcolm Shore, Canterbury University & Telecom NZ.
RFC 3489bis Jonathan Rosenberg Cisco Systems. Technical Changes Needed Allow STUN over TCP –Driver: draft-ietf-sip-outbound Allow response to omit CHANGED-

RFC 3489bis Jonathan Rosenberg Cisco Systems. Technical Changes Needed Allow STUN over TCP –Driver: draft-ietf-sip-outbound Allow response to omit CHANGED-
By Ram Gopal, Alex Audu, Chaoping Wu, Hormuzd Khosravi Forwarding and Control Element Protocol (FACT)

By Ram Gopal, Alex Audu, Chaoping Wu, Hormuzd Khosravi Forwarding and Control Element Protocol (FACT)
1 Controlling NAT Bindings using STUN draft-wing-behave-nat-control-stun-usage-00 Dan Wing Jonathan Rosenberg.

1 Controlling NAT Bindings using STUN draft-wing-behave-nat-control-stun-usage-00 Dan Wing Jonathan Rosenberg.
Network Address Translation (NAT) 12.10.2009 Prof. Sasu Tarkoma.

Network Address Translation (NAT) Prof. Sasu Tarkoma.
ICE Jonathan Rosenberg Cisco Systems. Changes Removed abstract protocol concept Relaxed requirements for ICE on servers and gateways – no address gathering.

ICE Jonathan Rosenberg Cisco Systems. Changes Removed abstract protocol concept Relaxed requirements for ICE on servers and gateways – no address gathering.
NAT/Firewall Traversal April 2009. NAT revisited – “port-translating NAT”

NAT/Firewall Traversal April NAT revisited – “port-translating NAT”
Address Settlement by Peer to Peer (ASP) Jonathan Rosenberg Cullen Jennings Eric Rescorla.

Address Settlement by Peer to Peer (ASP) Jonathan Rosenberg Cullen Jennings Eric Rescorla.
1 © 2004 Cisco Systems, Inc. All rights reserved. Making NATs work for Online Gaming and VoIP Dr. Cullen Jennings

1 © 2004 Cisco Systems, Inc. All rights reserved. Making NATs work for Online Gaming and VoIP Dr. Cullen Jennings
STUN Date: 2011-05-25 Speaker: Hui-Hsiung Chung 1.

STUN Date: Speaker: Hui-Hsiung Chung 1.
1 NAT Traversal for VoIP Ai-Chun Pang Graduate Institute of Networking and Multimedia Dept. of Comp. Sci. and Info. Engr. National Taiwan University.

1 NAT Traversal for VoIP Ai-Chun Pang Graduate Institute of Networking and Multimedia Dept. of Comp. Sci. and Info. Engr. National Taiwan University.
1 © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential Session Number Presentation_ID STUN, TURN and ICE Cary Fitzgerald.

1 © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential Session Number Presentation_ID STUN, TURN and ICE Cary Fitzgerald.
STUN Tutorial Jonathan Rosenberg Chief Technology Officer.

STUN Tutorial Jonathan Rosenberg Chief Technology Officer.
STUN bis draft-ietf-behave-rfc3489bis Jonathan Rosenberg Cisco Systems.

STUN bis draft-ietf-behave-rfc3489bis Jonathan Rosenberg Cisco Systems.
ICE Jonathan Rosenberg dynamicsoft. Issue 1: Port Restricted Flow This case does not work well with ICE right now Race condition –Works if message 13.

ICE Jonathan Rosenberg dynamicsoft. Issue 1: Port Restricted Flow This case does not work well with ICE right now Race condition –Works if message 13.
RTSP NAT Traversal Update Magnus Westlund (Ericsson) Thomas Zeng (PVNS, an Alcatel company) IETF-60 MMUSIC WG draft-ietf-mmusic-rtsp-nat-03.txt.

RTSP NAT Traversal Update Magnus Westlund (Ericsson) Thomas Zeng (PVNS, an Alcatel company) IETF-60 MMUSIC WG draft-ietf-mmusic-rtsp-nat-03.txt.
SIP, NAT, Firewall SIP NAT Firewall How to Traversal NAT/Firewall for SIP.

SIP, NAT, Firewall SIP NAT Firewall How to Traversal NAT/Firewall for SIP.

Similar presentations

Ads by Google