NAT traversal problem - PowerPoint PPT Presentation

About This Presentation

Title:

NAT traversal problem

Description:

NAT traversal problem client want to connect to server with address 10.0.0.1 server address 10.0.0.1 local to LAN (client can t use it as destination addr) – PowerPoint PPT presentation

Number of Views:83

Avg rating:3.0/5.0

Slides: 37

Provided by: JimKurose76

Learn more at: http://www.cs.ucf.edu

Category:

more less

Transcript and Presenter's Notes

Title: NAT traversal problem

1
NAT traversal problem

client want to connect to server with address
10.0.0.1
server address 10.0.0.1 local to LAN (client
cant use it as destination addr)
only one externally visible NATted address
138.76.29.7
solution 1 statically configure NAT to forward
incoming connection requests at given port to
server
e.g., (123.76.29.7, port 2500) always forwarded
to 10.0.0.1 port 25000

10.0.0.1
Client
?
10.0.0.4
138.76.29.7
NAT router
2
NAT traversal problem

solution 2 Universal Plug and Play (UPnP)
Internet Gateway Device (IGD) Protocol. Allows
NATted host to
learn public IP address (138.76.29.7)
Drill a hole in NAT
Add a port mappings on NAT
Require both host and NAT to be UPnP compatible
automate static NAT port map configuration

10.0.0.1
IGD
10.0.0.4
138.76.29.7
NAT router
3
NAT traversal problem

solution 3 relaying (used in Skype)
NATed server establishes connection to relay
External client connects to relay
relay bridges packets between to connections

2. connection to relay initiated by client
1. connection to relay initiated by NATted host
10.0.0.1
3. relaying established
Client
138.76.29.7
NAT router
4
IP Fragmentation and Reassembly

Example
4000 byte datagram
MTU 1500 bytes

1480 bytes in data field
offset 1480/8
5
DHCP Dynamic Host Configuration Protocol

Goal allow host to dynamically obtain its IP
address from network server when it joins network
Can renew its lease on address in use
Allows reuse of addresses (only hold address
while connected an on
Support for mobile users who want to join network
(more shortly)
DHCP overview
host broadcasts DHCP discover msg
DHCP server responds with DHCP offer msg
host requests IP address DHCP request msg
DHCP server sends address DHCP ack msg

6
DHCP client-server scenario
223.1.2.1
DHCP

223.1.1.1
server

223.1.1.2
223.1.2.9
223.1.1.4
223.1.2.2
arriving DHCP client needs address in
this network
223.1.1.3
223.1.3.27

223.1.3.2
223.1.3.1

7
DHCP client-server scenario
arriving client
DHCP server 223.1.2.5
DHCP offer
src 223.1.2.5, 67 dest 255.255.255.255,
68 yiaddrr 223.1.2.4 transaction ID
654 Lifetime 3600 secs
DHCP request
src 0.0.0.0, 68 dest 255.255.255.255,
67 yiaddrr 223.1.2.4 transaction ID
655 Lifetime 3600 secs
time
DHCP ACK
src 223.1.2.5, 67 dest 255.255.255.255,
68 yiaddrr 223.1.2.4 transaction ID
655 Lifetime 3600 secs
8
Chapter 4 Network Layer

4. 1 Introduction
4.2 Virtual circuit and datagram networks
4.3 Whats inside a router
4.4 IP Internet Protocol
Datagram format
IPv4 addressing
ICMP
IPv6

4.5 Routing algorithms
Link state
Distance Vector
Hierarchical routing
4.6 Routing in the Internet
RIP
OSPF
BGP
4.7 Broadcast and multicast routing

9
ICMP Internet Control Message Protocol

used by hosts routers to communicate
network-level information
error reporting unreachable host, network, port,
protocol
echo request/reply (used by ping)
network-layer above IP
ICMP msgs carried in IP datagrams
Not built on TCP!
ICMP message type, code plus first 8 bytes of IP
datagram causing error

Type Code description 0 0 echo
reply (ping) 3 0 dest. network
unreachable 3 1 dest host
unreachable 3 2 dest protocol
unreachable 3 3 dest port
unreachable 3 6 dest network
unknown 3 7 dest host unknown 4
0 source quench (congestion
control - not used) 8 0
echo request (ping) 9 0 route
advertisement 10 0 router
discovery 11 0 TTL expired 12 0
bad IP header
10
Traceroute and ICMP

Source sends series of UDP segments to dest
First has TTL 1
Second has TTL2, etc.
Unlikely port number
When nth datagram arrives to nth router
Router discards datagram
And sends to source an ICMP message (type 11,
code 0)
Message includes name of router IP address

When ICMP message arrives, source calculates RTT
Traceroute does this 3 times
Stopping criterion
UDP segment eventually arrives at destination
host
Destination returns ICMP host unreachable
packet (type 3, code 3)
When source gets this ICMP, stops.

Ethereal example
11
Chapter 4 Network Layer

4. 1 Introduction
4.2 Virtual circuit and datagram networks
4.3 Whats inside a router
4.4 IP Internet Protocol
Datagram format
IPv4 addressing
ICMP
IPv6

4.5 Routing algorithms
Link state
Distance Vector
Hierarchical routing
4.6 Routing in the Internet
RIP
OSPF
BGP
4.7 Broadcast and multicast routing

12
IPv6

Initial motivation 32-bit address space soon to
be completely allocated.
Additional motivation
header format helps speed processing/forwarding
header changes to facilitate QoS
Checksum removed entirely to reduce processing
time at each hop
IPv6 datagram format
fixed-length 40 byte header
no fragmentation allowed
Very slow take off
IPv4 still has space (CIDR, DHCP, NAT)
Too trouble to upgrade

13
IPv6 Header (Cont)
Priority identify priority among datagrams in
flow Flow Label identify datagrams in same
flow. (concept offlow
not well defined). Next header identify upper
layer protocol for data
14
Transition From IPv4 To IPv6

Not all routers can be upgraded simultaneous
no flag days
How will the network operate with mixed IPv4 and
IPv6 routers?
Tunneling IPv6 carried as payload in IPv4
datagram among IPv4 routers

15
Tunneling
16
Tunneling
tunnel
Logical view
IPv6
IPv6
IPv6
IPv6
Physical view
IPv6
IPv6
IPv6
IPv6
IPv4
IPv4
A-to-B IPv6
E-to-F IPv6
B-to-C IPv6 inside IPv4
B-to-C IPv6 inside IPv4
17
Chapter 4 Network Layer

4. 1 Introduction
4.2 Virtual circuit and datagram networks
4.3 Whats inside a router
4.4 IP Internet Protocol
Datagram format
IPv4 addressing
ICMP
IPv6

4.5 Routing algorithms
Link state
Distance Vector
Hierarchical routing
4.6 Routing in the Internet
RIP
OSPF
BGP
4.7 Broadcast and multicast routing

18
Routing Algorithm classification

Global or decentralized information?
Global
all routers have complete topology, link cost
info
link state algorithms
Decentralized
router knows physically-connected neighbors, link
costs to neighbors
iterative process of computation, exchange of
info with neighbors
distance vector algorithms

Static or dynamic?
Static
routes change slowly over time
Dynamic
routes change more quickly
periodic update
in response to link cost changes

19
Chapter 4 Network Layer

4. 1 Introduction
4.2 Virtual circuit and datagram networks
4.3 Whats inside a router
4.4 IP Internet Protocol
Datagram format
IPv4 addressing
ICMP
IPv6

4.5 Routing algorithms
Link state
Distance Vector
Hierarchical routing
4.6 Routing in the Internet
RIP
OSPF
BGP
4.7 Broadcast and multicast routing

20
A Link-State Routing Algorithm

Idea
at each iteration increase spanning tree by the
node that has least cost path to the source

Dijkstras algorithm
net topology, link costs known to all nodes
accomplished via link state broadcast
all nodes have same info
computes least cost paths from one node
(source) to all other nodes
gives routing table for that node
iterative after k iterations, know least cost
path to k destinations

5
3
5
2
2
1
3
1
2
1
21
A Link-State Routing Algorithm

Notation
c(i,j) link cost from node i to j. cost infinite
if not direct neighbors
D(v) current value of cost of path from source
to dest. V
p(v) predecessor node along path from source to
v, that is next v
N set of nodes already in spanning tree (least
cost path known)

Examples
c(B,C) 3
D(E) 2
p(B) A
N A, B, D, E

5
3
5
2
2
1
3
1
2
1
22
Dijsktras Algorithm
1 Initialization 2 N A 3 for all
nodes v 4 if v adjacent to A 5 then
D(v) c(A,v) 6 else D(v) infinity 7
8 Loop 9 find w not in N such that D(w)
is a minimum 10 add w to N 11 update D(v)
for all v adjacent to w and not in N 12
D(v) min( D(v), D(w) c(w,v) ) 13 / new
cost to v is either old cost to v or known 14
shortest path cost to w plus cost from w to v
/ 15 until all nodes in N
23
Dijkstras algorithm example
D(B),p(B)
D(D),p(D)
Step 0 1 2 3 4 5
D(C),p(C)
D(E),p(E)
N
D(F),p(F)
5
3
5
2
2
1
3
1
2
1
24
Spanning tree gives routing table
D(B),p(B)
D(D),p(D)
Step
D(C),p(C)
D(E),p(E)
N
D(F),p(F)
Result from Dijkstras algorithm
B,2 D,3 D,1 D,2 D,4
B C D E F
Outgoing link to use, cost
Routing table
5
3
5
2
2
1
3
1
2
1
destination
25
Dijkstras algorithm discussion

Oscillations are possible
dynamic link cost
e.g., link cost amount of carried traffic by
link
c(i,j) ! c(j,i)
Example

1
1e
2e
0
0
2e
2e
0
0
0
1e
1
0
0
1
1e
e
0
0
0
1
e
1e
0
1
1
e
recompute
recompute routing
recompute
initially
26
Chapter 4 Network Layer

4. 1 Introduction
4.2 Virtual circuit and datagram networks
4.3 Whats inside a router
4.4 IP Internet Protocol
Datagram format
IPv4 addressing
ICMP
IPv6

4.5 Routing algorithms
Link state
Distance Vector
Hierarchical routing
4.6 Routing in the Internet
RIP
OSPF
BGP
4.7 Broadcast and multicast routing

27
Distance Vector Algorithm (1)

Bellman-Ford Equation (dynamic programming)
Define
dx(y) cost of least-cost path from x to y
Then
dx(y) minv c(x,v) dv(y)
where min is taken over all neighbors of x

28
Bellman-Ford example
Clearly, dv(z) 5, dx(z) 3, dw(z) 3
B-F equation says
du(z) min c(u,v) dv(z),
c(u,x) dx(z), c(u,w)
dw(z) min 2 5,
1 3, 5 3 4
Node that achieves minimum is next hop in
shortest path ? forwarding table
29
Distance Vector Algorithm (3)

Dx(y) estimate of least cost from x to y
Distance vector Dx Dx(y) y ? N
Node x knows cost to each neighbor v c(x,v)
Node x maintains Dx Dx(y) y ? N
Node x also maintains its neighbors distance
vectors
For each neighbor v, x maintains Dv Dv(y) y
? N

30
Distance vector algorithm (4)

Basic idea
Each node periodically sends its own distance
vector estimate to neighbors
When a node x receives new DV estimate from
neighbor, it updates its own DV using B-F
equation

Dx(y) ? minvc(x,v) Dv(y) for each node y ?
N

Under minor, natural conditions, the estimate
Dx(y) converge the actual least cost dx(y)

31
Distance Vector Algorithm (5)

Iterative, asynchronous each local iteration
caused by
local link cost change
DV update message from neighbor
Distributed
each node notifies neighbors only when its DV
changes
neighbors then notify their neighbors if necessary

Each node
32
Dx(z) minc(x,y) Dy(z), c(x,z)
Dz(z) min21 , 70 3
Dx(y) minc(x,y) Dy(y), c(x,z) Dz(y)
min20 , 71 2
node x table
cost to
x y z
x
0
3
2
y
from
2 0 1
z
7 1 0
node y table
cost to
x y z
x
8
8
8 2 0 1
y
from
z
8
8
8
node z table
cost to
x y z
x
8 8 8
y
from
8
8
8
z
7
1
0
time
33
Dx(z) minc(x,y) Dy(z), c(x,z)
Dz(z) min21 , 70 3
Dx(y) minc(x,y) Dy(y), c(x,z) Dz(y)
min20 , 71 2
node x table
cost to
cost to
x y z
x y z
x
0 2 3
x
0 2 3
y
from
2 0 1
y
from
2 0 1
z
7 1 0
z
3 1 0
node y table
cost to
cost to
cost to
x y z
x y z
x y z
x
8
8
x
0 2 7
x
0 2 3
8 2 0 1
y
y
from
y
2 0 1
from
from
2 0 1
z
z
8
8
8
z
7 1 0
3 1 0
node z table
cost to
cost to
cost to
x y z
x y z
x y z
x
0 2 3
x
0 2 7
x
8 8 8
y
y
2 0 1
from
from
y
2 0 1
from
8
8
8
z
z
z
3 1 0
3 1 0
7
1
0
time
34
Distance Vector link cost changes

Link cost changes
node detects local link cost change
updates routing info, recalculates distance
vector
if DV changes, notify neighbors

At time t0, y detects the link-cost change,
updates its DV, and informs its neighbors.
good news travels fast
At time t1, z receives the update from y and
updates its table. It computes a new least cost
to x and sends its neighbors its DV.
At time t2, y receives zs update and updates its
distance table. ys least costs do not change
and hence y does not send any message to z.
35
Distance Vector link cost changes