SlideShare a Scribd company logo

NAT Traversal

Download as PPT, PDF
Davide Carboni
Davide Carboni

Overview of NAT traversal tecniques

Technology
1 of 49
P2P and NAT How to traverse NAT Davide Carboni © 2005-2006
License Attribution-ShareAlike 2.5 You are free: to copy, distribute, display, and perform the work to make derivative works to make commercial use of the work Under the following conditions: Attribution . You must give the original author credit. Share Alike . If you alter, transform, or build upon this work, you may distribute the resulting work only under a licence identical to this one. For any reuse or distribution, you must make clear to others the licence terms of this work. Any of these conditions can be waived if you get permission from the copyright holder. Your fair use and other rights are in no way affected by the above. This is a human-readable summary of the Legal Code (the full licence ) . Disclaimer
The problem ,[object Object],[object Object],[object Object]
Firewall ,[object Object],[object Object],Rules
Firewall Rules router (Global IP addresses)
NAT ,[object Object]
Why NAT is so popular ,[object Object],[object Object],[object Object]
Simple NAT NAT (Private IP addresses) (Public IP addresses) Main Internet (Public IP addresses)
Multiple NAT ISP NAT (Private IP addresses) (Public IP addresses) Main Internet ISP network Home NAT Home network 10.0.0.12 192.168.2.12 192.168.2.99 156.148.70.32
NAT Mappings (192.168.2.2) (1.1.1.4) (1.1.1.5) 192.168.2.2:4445 <-> 1.1.1.5:10100 S=192.168.2.2:4445 D=1.1.1.4:7777 datagram S=1.1.1.5:10100 D=1.1.1.4:7777 datagram A
Traversing a NAT that does not collaborate
Relaying NAT Main Internet Local network NAT Local network 10.0.0.12 192.168.2.99 Relay S host A host B 1 2
Connection reversal NAT Main Internet Local network 1.1.1.4 192.168.2.99 rendezvous S host A host B 1 2 3
TURN protocol ,[object Object],[object Object],[object Object]
Role in TURN ,[object Object],[object Object],[object Object]
NAT policies ,[object Object],[object Object],[object Object],[object Object]
UDP Hole Punching ,[object Object],[object Object]
Full cone Host A Host C Full cone Host B (192.168.2.2) (1.1.1.4) (192.168.2.1) (1.1.1.5) (1.1.1.6) Packet(S=192.168.2.2:4445, D=1.1.1.5:7777) Packet(S=1.1.1.4:10100, D=1.1.1.5:7777) Packet(S=1.1.1.5:4321, D=1.1.1.4:10100) Packet(S=1.1.1.5:4321, D=192.168.2.2:4445) Packet(S=1.1.1.6:1234, D=1.1.1.4:10100) Packet(S=1.1.1.6:1234, D=192.168.2.2:4445)
Full cone mapping and policy ,[object Object],[object Object],[object Object],[object Object]
Holes in Full Cone NAT rendezvous host A host B 1 2 3 4 5
Restricted cone Host A Host C Restricted cone Host B (192.168.2.2) (1.1.1.4) (192.168.2.1) (1.1.1.5) (1.1.1.6) Packet(S=192.168.2.2:4445, D=1.1.1.5:7777) Packet(S=1.1.1.4:10100, D=1.1.1.5:7777) Packet(S=1.1.1.5:4321, D=1.1.1.4:10100) Packet(S=1.1.1.5:4321, D=192.168.2.2:4445) Packet(S=1.1.1.6:1234, D=1.1.1.4:10100) X Packet(S=192.168.2.2:4445, D=1.1.1.6:7777) Packet(S=1.1.1.4:10100, D=1.1.1.6:7777) Packet(S=1.1.1.6:4321, D=1.1.1.4:10100) Packet(S=1.1.1.6:4321, D=192.168.2.2:4445)
Restricted cone mapping and policy ,[object Object],[object Object],[object Object],[object Object],[object Object]
Holes in Restricted Cone NAT rendezvous host A host B 1 2 3 5 4 6
Port restricted cone Host A Host C Port - restr cone Host B (192.168.2.2) (1.1.1.4) (192.168.2.1) (1.1.1.5) (1.1.1.6) Packet(S=192.168.2.2:4445, D=1.1.1.5:7777) Packet(S=1.1.1.4:10100, D=1.1.1.5:7777) Packet(S=1.1.1.5:4321, D=1.1.1.4:10100) Packet(S=1.1.1.5:7777, D=192.168.2.2:4445) X Packet(S=1.1.1.5:7777, D=1.1.1.4:10100)
Port restricted cone mapping and policy ,[object Object],[object Object],[object Object],[object Object],[object Object]
Holes in Port restricted Cone NAT rendezvous host A host B 1 2 3 5 4 6
Symmetric NAT Host A Host C symmetric Host B (192.168.2.2) (1.1.1.4) (192.168.2.1) (1.1.1.5) (1.1.1.6) Packet(S=192.168.2.2:4445, D=1.1.1.5:7777) Packet(S=1.1.1.4:10100, D=1.1.1.5:7777) Packet(S=1.1.1.5:7777, D=192.168.2.2:4445) Packet(S=1.1.1.5:7777, D=1.1.1.4:10100) Packet(S=192.168.2.2:4445, D=1.1.1.6:7777) Packet(S=1.1.1.4:10179, D=1.1.1.6:7777) Packet(S=1.1.1.6:7777, D=192.168.2.2:4445) Packet(S=1.1.1.6:7777, D=1.1.1.4:10179) Packet(S=1.1.1.6:7777, D=1.1.1.4:10100) X
Symmetric mapping and policy ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Holes in Symmetric
STUN protocol ,[object Object],[object Object]
STUN protocol ,[object Object]
TCP Hole Punching ,[object Object],[object Object]
TCP Hole punching ,[object Object],[object Object]
TCP Hole punching NAT Main Internet Local network NAT Local network 10.0.0.12 192.168.2.99 rendezvous S host A host B 1.1.1.4 1.1.1.5 1.1.1.6
TCP Hole punching NAT Main Internet Local network NAT Local network rendezvous S host A host B 1.1.1.4:1234 1.1.1.5:4444 1.1.1.6
STUNT ,[object Object],[object Object],[object Object]
Traversing a NAT that collaborates
Socks ,[object Object],[object Object],[object Object],[object Object]
SOCKS CONNECT NAT Socks proxy host A server S 1. CONNECT 2. connect()
SOCKS BIND NAT Socks proxy host A listening on 4445 server S 1. BIND (localport=4445, S) 3. connect(33102) 2. Ok. Port=33102
SOCKS and Java ,[object Object],[object Object],[object Object],[object Object],[object Object]
SOCKS4 and SOCKS5 ,[object Object],[object Object],[object Object]
UPnP NAT Traversal ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
UPnP API provided by COM ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
UPnP Port Forward
Issues with UPnP ,[object Object],[object Object],[object Object]
References ,[object Object],[object Object],[object Object],[object Object]
References (2) ,[object Object],[object Object],[object Object],[object Object]
License Attribution-ShareAlike 2.5 You are free: to copy, distribute, display, and perform the work to make derivative works to make commercial use of the work Under the following conditions: Attribution . You must give the original author credit. Share Alike . If you alter, transform, or build upon this work, you may distribute the resulting work only under a licence identical to this one. For any reuse or distribution, you must make clear to others the licence terms of this work. Any of these conditions can be waived if you get permission from the copyright holder. Your fair use and other rights are in no way affected by the above. This is a human-readable summary of the Legal Code (the full licence ) . Disclaimer

Recommended

ICE basic
ICE basicICE basic
ICE basicVu Nguyen
 
From NAT to NAT Traversal
From NAT to NAT TraversalFrom NAT to NAT Traversal
From NAT to NAT TraversalLi-Wei Yao
 
BGP Flowspec (RFC5575) Case study and Discussion
BGP Flowspec (RFC5575) Case study and DiscussionBGP Flowspec (RFC5575) Case study and Discussion
BGP Flowspec (RFC5575) Case study and DiscussionAPNIC
 
Cisco router command configuration overview
Cisco router command configuration overviewCisco router command configuration overview
Cisco router command configuration overview3Anetwork com
 
Basic command to configure mikrotik
Basic command to configure mikrotikBasic command to configure mikrotik
Basic command to configure mikrotikTola LENG
 
Scaleway Approach to VXLAN EVPN Fabric
Scaleway Approach to VXLAN EVPN FabricScaleway Approach to VXLAN EVPN Fabric
Scaleway Approach to VXLAN EVPN FabricScaleway
 
Network Address Translation (NAT)
Network Address Translation (NAT)Network Address Translation (NAT)
Network Address Translation (NAT)Joud Khattab
 
DDoS Mitigation using BGP Flowspec
DDoS Mitigation using BGP Flowspec DDoS Mitigation using BGP Flowspec
DDoS Mitigation using BGP Flowspec APNIC
 

Recommended

ICE basic
ICE basicICE basic
ICE basicVu Nguyen
 
From NAT to NAT Traversal
From NAT to NAT TraversalFrom NAT to NAT Traversal
From NAT to NAT TraversalLi-Wei Yao
 
BGP Flowspec (RFC5575) Case study and Discussion
BGP Flowspec (RFC5575) Case study and DiscussionBGP Flowspec (RFC5575) Case study and Discussion
BGP Flowspec (RFC5575) Case study and DiscussionAPNIC
 
Cisco router command configuration overview
Cisco router command configuration overviewCisco router command configuration overview
Cisco router command configuration overview3Anetwork com
 
Basic command to configure mikrotik
Basic command to configure mikrotikBasic command to configure mikrotik
Basic command to configure mikrotikTola LENG
 
Scaleway Approach to VXLAN EVPN Fabric
Scaleway Approach to VXLAN EVPN FabricScaleway Approach to VXLAN EVPN Fabric
Scaleway Approach to VXLAN EVPN FabricScaleway
 
Network Address Translation (NAT)
Network Address Translation (NAT)Network Address Translation (NAT)
Network Address Translation (NAT)Joud Khattab
 
DDoS Mitigation using BGP Flowspec
DDoS Mitigation using BGP Flowspec DDoS Mitigation using BGP Flowspec
DDoS Mitigation using BGP Flowspec APNIC
 
Mikro tik advanced training
Mikro tik advanced trainingMikro tik advanced training
Mikro tik advanced trainingJignesh H. Bhalsod
 
Segment Routing: A Tutorial
Segment Routing: A TutorialSegment Routing: A Tutorial
Segment Routing: A TutorialAPNIC
 
Ccna rse dynamic routing
Ccna rse dynamic routingCcna rse dynamic routing
Ccna rse dynamic routingnewbie2019
 
NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)Netwax Lab
 
Huawei switch configuration commands
Huawei switch configuration commandsHuawei switch configuration commands
Huawei switch configuration commandsHuanetwork
 
Cisco vs. huawei CLI Commands
Cisco vs. huawei CLI CommandsCisco vs. huawei CLI Commands
Cisco vs. huawei CLI CommandsBootcamp SCL
 
Vxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 finalVxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 finalKwonSun Bae
 
Fools your enemy with MikroTik
Fools your enemy with MikroTikFools your enemy with MikroTik
Fools your enemy with MikroTikDidiet Kusumadihardja
 
OSPF Fundamental
OSPF FundamentalOSPF Fundamental
OSPF FundamentalReza Farahani
 
MikroTik Security
MikroTik SecurityMikroTik Security
MikroTik SecurityRofiq Fauzi
 
BGP on mikrotik
BGP on mikrotikBGP on mikrotik
BGP on mikrotikAchmad Mardiansyah
 
Migrating from OSPF to IS-IS by Philip Smith
Migrating from OSPF to IS-IS by Philip SmithMigrating from OSPF to IS-IS by Philip Smith
Migrating from OSPF to IS-IS by Philip SmithMyNOG
 
MikroTik Multicast Routing [www.imxpert.co]
MikroTik Multicast Routing [www.imxpert.co]MikroTik Multicast Routing [www.imxpert.co]
MikroTik Multicast Routing [www.imxpert.co]Faisal Reza
 
MPLS VPN
MPLS VPNMPLS VPN
MPLS VPNWilfried Tiani
 
Ccna rse chp7 Access Control List (ACL)
Ccna rse chp7 Access Control List (ACL)Ccna rse chp7 Access Control List (ACL)
Ccna rse chp7 Access Control List (ACL)newbie2019
 
Mikrotik basic configuration
Mikrotik basic configurationMikrotik basic configuration
Mikrotik basic configurationTola LENG
 
CCNA 1 Routing and Switching v5.0 Chapter 4
CCNA 1 Routing and Switching v5.0 Chapter 4CCNA 1 Routing and Switching v5.0 Chapter 4
CCNA 1 Routing and Switching v5.0 Chapter 4Nil Menon
 
NAT in ASA Firewall
NAT in ASA Firewall NAT in ASA Firewall
NAT in ASA Firewall NetProtocol Xpert
 
CCNA 2 Routing and Switching v5.0 Chapter 6
CCNA 2 Routing and Switching v5.0 Chapter 6CCNA 2 Routing and Switching v5.0 Chapter 6
CCNA 2 Routing and Switching v5.0 Chapter 6Nil Menon
 
MPLS Deployment Chapter 2 - Services
MPLS Deployment Chapter 2 - ServicesMPLS Deployment Chapter 2 - Services
MPLS Deployment Chapter 2 - ServicesEricsson
 
Nat traversal in WebRTC context
Nat traversal in WebRTC contextNat traversal in WebRTC context
Nat traversal in WebRTC contextAudioCodes
 
Tech Talks @NSU: Архитектура Skype
Tech Talks @NSU: Архитектура SkypeTech Talks @NSU: Архитектура Skype
Tech Talks @NSU: Архитектура SkypeTech Talks @NSU
 

More Related Content

What's hot

Segment Routing: A Tutorial
Segment Routing: A TutorialSegment Routing: A Tutorial
Segment Routing: A TutorialAPNIC
 
Ccna rse dynamic routing
Ccna rse dynamic routingCcna rse dynamic routing
Ccna rse dynamic routingnewbie2019
 
NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)Netwax Lab
 
Huawei switch configuration commands
Huawei switch configuration commandsHuawei switch configuration commands
Huawei switch configuration commandsHuanetwork
 
Cisco vs. huawei CLI Commands
Cisco vs. huawei CLI CommandsCisco vs. huawei CLI Commands
Cisco vs. huawei CLI CommandsBootcamp SCL
 
Vxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 finalVxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 finalKwonSun Bae
 
MikroTik Security
MikroTik SecurityMikroTik Security
MikroTik SecurityRofiq Fauzi
 
Migrating from OSPF to IS-IS by Philip Smith
Migrating from OSPF to IS-IS by Philip SmithMigrating from OSPF to IS-IS by Philip Smith
Migrating from OSPF to IS-IS by Philip SmithMyNOG
 
MikroTik Multicast Routing [www.imxpert.co]
MikroTik Multicast Routing [www.imxpert.co]MikroTik Multicast Routing [www.imxpert.co]
MikroTik Multicast Routing [www.imxpert.co]Faisal Reza
 
Ccna rse chp7 Access Control List (ACL)
Ccna rse chp7 Access Control List (ACL)Ccna rse chp7 Access Control List (ACL)
Ccna rse chp7 Access Control List (ACL)newbie2019
 
Mikrotik basic configuration
Mikrotik basic configurationMikrotik basic configuration
Mikrotik basic configurationTola LENG
 
CCNA 1 Routing and Switching v5.0 Chapter 4
CCNA 1 Routing and Switching v5.0 Chapter 4CCNA 1 Routing and Switching v5.0 Chapter 4
CCNA 1 Routing and Switching v5.0 Chapter 4Nil Menon
 
CCNA 2 Routing and Switching v5.0 Chapter 6
CCNA 2 Routing and Switching v5.0 Chapter 6CCNA 2 Routing and Switching v5.0 Chapter 6
CCNA 2 Routing and Switching v5.0 Chapter 6Nil Menon
 
MPLS Deployment Chapter 2 - Services
MPLS Deployment Chapter 2 - ServicesMPLS Deployment Chapter 2 - Services
MPLS Deployment Chapter 2 - ServicesEricsson
 

What's hot (20)

Mikro tik advanced training
Mikro tik advanced trainingMikro tik advanced training
Mikro tik advanced training
 
Segment Routing: A Tutorial
Segment Routing: A TutorialSegment Routing: A Tutorial
Segment Routing: A Tutorial
 
Ccna rse dynamic routing
Ccna rse dynamic routingCcna rse dynamic routing
Ccna rse dynamic routing
 
NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)
 
Huawei switch configuration commands
Huawei switch configuration commandsHuawei switch configuration commands
Huawei switch configuration commands
 
Cisco vs. huawei CLI Commands
Cisco vs. huawei CLI CommandsCisco vs. huawei CLI Commands
Cisco vs. huawei CLI Commands
 
Vxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 finalVxlan deep dive session rev0.5 final
Vxlan deep dive session rev0.5 final
 
Fools your enemy with MikroTik
Fools your enemy with MikroTikFools your enemy with MikroTik
Fools your enemy with MikroTik
 
OSPF Fundamental
OSPF FundamentalOSPF Fundamental
OSPF Fundamental
 
MikroTik Security
MikroTik SecurityMikroTik Security
MikroTik Security
 
BGP on mikrotik
BGP on mikrotikBGP on mikrotik
BGP on mikrotik
 
Migrating from OSPF to IS-IS by Philip Smith
Migrating from OSPF to IS-IS by Philip SmithMigrating from OSPF to IS-IS by Philip Smith
Migrating from OSPF to IS-IS by Philip Smith
 
MikroTik Multicast Routing [www.imxpert.co]
MikroTik Multicast Routing [www.imxpert.co]MikroTik Multicast Routing [www.imxpert.co]
MikroTik Multicast Routing [www.imxpert.co]
 
MPLS VPN
MPLS VPNMPLS VPN
MPLS VPN
 
Ccna rse chp7 Access Control List (ACL)
Ccna rse chp7 Access Control List (ACL)Ccna rse chp7 Access Control List (ACL)
Ccna rse chp7 Access Control List (ACL)
 
Mikrotik basic configuration
Mikrotik basic configurationMikrotik basic configuration
Mikrotik basic configuration
 
CCNA 1 Routing and Switching v5.0 Chapter 4
CCNA 1 Routing and Switching v5.0 Chapter 4CCNA 1 Routing and Switching v5.0 Chapter 4
CCNA 1 Routing and Switching v5.0 Chapter 4
 
NAT in ASA Firewall
NAT in ASA Firewall NAT in ASA Firewall
NAT in ASA Firewall
 
CCNA 2 Routing and Switching v5.0 Chapter 6
CCNA 2 Routing and Switching v5.0 Chapter 6CCNA 2 Routing and Switching v5.0 Chapter 6
CCNA 2 Routing and Switching v5.0 Chapter 6
 
MPLS Deployment Chapter 2 - Services
MPLS Deployment Chapter 2 - ServicesMPLS Deployment Chapter 2 - Services
MPLS Deployment Chapter 2 - Services
 

Viewers also liked

Nat traversal in WebRTC context
Nat traversal in WebRTC contextNat traversal in WebRTC context
Nat traversal in WebRTC contextAudioCodes
 
Tech Talks @NSU: Архитектура Skype
Tech Talks @NSU: Архитектура SkypeTech Talks @NSU: Архитектура Skype
Tech Talks @NSU: Архитектура SkypeTech Talks @NSU
 
P2P Multiplayer Gaming
P2P Multiplayer GamingP2P Multiplayer Gaming
P2P Multiplayer GamingJohn Wilker
 
Sinnreich Henry Johnston Alan Pt 3
Sinnreich Henry Johnston Alan Pt 3Sinnreich Henry Johnston Alan Pt 3
Sinnreich Henry Johnston Alan Pt 3Carl Ford
 
WebRTCの技術解説 第二版 公開版 完全版
WebRTCの技術解説 第二版 公開版 完全版WebRTCの技術解説 第二版 公開版 完全版
WebRTCの技術解説 第二版 公開版 完全版Contest Ntt-west
 
Big Ip Global Traffic Manager Ds
Big Ip Global Traffic Manager DsBig Ip Global Traffic Manager Ds
Big Ip Global Traffic Manager DsSteven_Jackson
 
Web rtc, Media stream, Peer connection, Setting up STUN and TURN on Linux and...
Web rtc, Media stream, Peer connection, Setting up STUN and TURN on Linux and...Web rtc, Media stream, Peer connection, Setting up STUN and TURN on Linux and...
Web rtc, Media stream, Peer connection, Setting up STUN and TURN on Linux and...Amitesh Madhur
 
Pengertian Firewall, NAT, dan Proxy Server
Pengertian Firewall, NAT, dan Proxy ServerPengertian Firewall, NAT, dan Proxy Server
Pengertian Firewall, NAT, dan Proxy Serverfajaarfds
 
F5 BIG-IP Web-based Customer Training
F5 BIG-IP Web-based Customer TrainingF5 BIG-IP Web-based Customer Training
F5 BIG-IP Web-based Customer TrainingF5 Networks
 
F5 - BigIP ASM introduction
F5 - BigIP ASM introductionF5 - BigIP ASM introduction
F5 - BigIP ASM introductionJimmy Saigon
 
All 50 Ways to Use BIG-IP
All 50 Ways to Use BIG-IP All 50 Ways to Use BIG-IP
All 50 Ways to Use BIG-IP F5 Networks
 

Viewers also liked (20)

Nat traversal in WebRTC context
Nat traversal in WebRTC contextNat traversal in WebRTC context
Nat traversal in WebRTC context
 
Tech Talks @NSU: Архитектура Skype
Tech Talks @NSU: Архитектура SkypeTech Talks @NSU: Архитектура Skype
Tech Talks @NSU: Архитектура Skype
 
P2P Multiplayer Gaming
P2P Multiplayer GamingP2P Multiplayer Gaming
P2P Multiplayer Gaming
 
p2p通信之nat
p2p通信之natp2p通信之nat
p2p通信之nat
 
BACIK CISCO SKILLS
BACIK CISCO SKILLSBACIK CISCO SKILLS
BACIK CISCO SKILLS
 
Sinnreich Henry Johnston Alan Pt 3
Sinnreich Henry Johnston Alan Pt 3Sinnreich Henry Johnston Alan Pt 3
Sinnreich Henry Johnston Alan Pt 3
 
WebRTCの技術解説 第二版 公開版 完全版
WebRTCの技術解説 第二版 公開版 完全版WebRTCの技術解説 第二版 公開版 完全版
WebRTCの技術解説 第二版 公開版 完全版
 
Big Ip Global Traffic Manager Ds
Big Ip Global Traffic Manager DsBig Ip Global Traffic Manager Ds
Big Ip Global Traffic Manager Ds
 
Nat
NatNat
Nat
 
Firewall y nat
Firewall y natFirewall y nat
Firewall y nat
 
Firewall basics
Firewall basicsFirewall basics
Firewall basics
 
Web rtc, Media stream, Peer connection, Setting up STUN and TURN on Linux and...
Web rtc, Media stream, Peer connection, Setting up STUN and TURN on Linux and...Web rtc, Media stream, Peer connection, Setting up STUN and TURN on Linux and...
Web rtc, Media stream, Peer connection, Setting up STUN and TURN on Linux and...
 
Firewall
FirewallFirewall
Firewall
 
Pengertian Firewall, NAT, dan Proxy Server
Pengertian Firewall, NAT, dan Proxy ServerPengertian Firewall, NAT, dan Proxy Server
Pengertian Firewall, NAT, dan Proxy Server
 
F5 BIG-IP Web-based Customer Training
F5 BIG-IP Web-based Customer TrainingF5 BIG-IP Web-based Customer Training
F5 BIG-IP Web-based Customer Training
 
Configuration F5 BIG IP ASM v12
Configuration F5 BIG IP ASM v12Configuration F5 BIG IP ASM v12
Configuration F5 BIG IP ASM v12
 
Nat pat
Nat patNat pat
Nat pat
 
P2p Peer To Peer Introduction
P2p Peer To Peer IntroductionP2p Peer To Peer Introduction
P2p Peer To Peer Introduction
 
F5 - BigIP ASM introduction
F5 - BigIP ASM introductionF5 - BigIP ASM introduction
F5 - BigIP ASM introduction
 
All 50 Ways to Use BIG-IP
All 50 Ways to Use BIG-IP All 50 Ways to Use BIG-IP
All 50 Ways to Use BIG-IP
 

Similar to NAT Traversal

NZNOG 2020 - The Trouble With NAT
NZNOG 2020 - The Trouble With NATNZNOG 2020 - The Trouble With NAT
NZNOG 2020 - The Trouble With NATMark Smith
 
Short Introduction to IPv6
Short Introduction to IPv6Short Introduction to IPv6
Short Introduction to IPv6Martin Schütte
 
Fb i pv6-sparchimanv1.0
Fb i pv6-sparchimanv1.0Fb i pv6-sparchimanv1.0
Fb i pv6-sparchimanv1.0Fred Bovy
 
AusNOG 2016 - The Trouble with NAT
AusNOG 2016 - The Trouble with NATAusNOG 2016 - The Trouble with NAT
AusNOG 2016 - The Trouble with NATMark Smith
 
Lab 9 instructions
Lab 9 instructionsLab 9 instructions
Lab 9 instructionstrayyoo
 
h323oversmallpipesfirewalls.ppt
h323oversmallpipesfirewalls.ppth323oversmallpipesfirewalls.ppt
h323oversmallpipesfirewalls.pptVideoguy
 
Practical webRTC - from API to Solution - webRTC Summit 2014 @ NYC
Practical webRTC - from API to Solution - webRTC Summit 2014 @ NYCPractical webRTC - from API to Solution - webRTC Summit 2014 @ NYC
Practical webRTC - from API to Solution - webRTC Summit 2014 @ NYCAlexandre Gouaillard
 
NAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewallNAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewallCassiano Campes
 
Lync 2010 deep dive edge
Lync 2010 deep dive edgeLync 2010 deep dive edge
Lync 2010 deep dive edgeHarold Wong
 
TakeDownCon Rocket City: Bending and Twisting Networks by Paul Coggin
TakeDownCon Rocket City: Bending and Twisting Networks by Paul CogginTakeDownCon Rocket City: Bending and Twisting Networks by Paul Coggin
TakeDownCon Rocket City: Bending and Twisting Networks by Paul CogginEC-Council
 
Getting started with IPv6
Getting started with IPv6Getting started with IPv6
Getting started with IPv6Private
 
SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...
SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...
SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...Louis Göhl
 
Support for Network-based User Mobility with LISP
Support for Network-based User Mobility with LISPSupport for Network-based User Mobility with LISP
Support for Network-based User Mobility with LISPAndrea Galvani
 
IPv6 Security - Myths and Reality
IPv6 Security - Myths and RealityIPv6 Security - Myths and Reality
IPv6 Security - Myths and RealitySwiss IPv6 Council
 

Similar to NAT Traversal (20)

Network Sockets
Network SocketsNetwork Sockets
Network Sockets
 
Sockets
Sockets Sockets
Sockets
 
NZNOG 2020 - The Trouble With NAT
NZNOG 2020 - The Trouble With NATNZNOG 2020 - The Trouble With NAT
NZNOG 2020 - The Trouble With NAT
 
06 tk 1073 network layer
06 tk 1073 network layer06 tk 1073 network layer
06 tk 1073 network layer
 
Short Introduction to IPv6
Short Introduction to IPv6Short Introduction to IPv6
Short Introduction to IPv6
 
TCP/IP Basics
TCP/IP BasicsTCP/IP Basics
TCP/IP Basics
 
Fb i pv6-sparchimanv1.0
Fb i pv6-sparchimanv1.0Fb i pv6-sparchimanv1.0
Fb i pv6-sparchimanv1.0
 
AusNOG 2016 - The Trouble with NAT
AusNOG 2016 - The Trouble with NATAusNOG 2016 - The Trouble with NAT
AusNOG 2016 - The Trouble with NAT
 
Lab 9 instructions
Lab 9 instructionsLab 9 instructions
Lab 9 instructions
 
h323oversmallpipesfirewalls.ppt
h323oversmallpipesfirewalls.ppth323oversmallpipesfirewalls.ppt
h323oversmallpipesfirewalls.ppt
 
Practical webRTC - from API to Solution - webRTC Summit 2014 @ NYC
Practical webRTC - from API to Solution - webRTC Summit 2014 @ NYCPractical webRTC - from API to Solution - webRTC Summit 2014 @ NYC
Practical webRTC - from API to Solution - webRTC Summit 2014 @ NYC
 
NAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewallNAT and firewall presentation - how setup a nice firewall
NAT and firewall presentation - how setup a nice firewall
 
NAT_Final
NAT_FinalNAT_Final
NAT_Final
 
Lync 2010 deep dive edge
Lync 2010 deep dive edgeLync 2010 deep dive edge
Lync 2010 deep dive edge
 
TakeDownCon Rocket City: Bending and Twisting Networks by Paul Coggin
TakeDownCon Rocket City: Bending and Twisting Networks by Paul CogginTakeDownCon Rocket City: Bending and Twisting Networks by Paul Coggin
TakeDownCon Rocket City: Bending and Twisting Networks by Paul Coggin
 
Getting started with IPv6
Getting started with IPv6Getting started with IPv6
Getting started with IPv6
 
Nat 03
Nat 03Nat 03
Nat 03
 
SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...
SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...
SVR401: DirectAccess Technical Drilldown, Part 1 of 2: IPv6 and transition te...
 
Support for Network-based User Mobility with LISP
Support for Network-based User Mobility with LISPSupport for Network-based User Mobility with LISP
Support for Network-based User Mobility with LISP
 
IPv6 Security - Myths and Reality
IPv6 Security - Myths and RealityIPv6 Security - Myths and Reality
IPv6 Security - Myths and Reality
 

More from Davide Carboni

PPT-CyberJourney-June-2023-Carboni.pptx
PPT-CyberJourney-June-2023-Carboni.pptxPPT-CyberJourney-June-2023-Carboni.pptx
PPT-CyberJourney-June-2023-Carboni.pptxDavide Carboni
 
From Smart Contracts to NFT
From Smart Contracts to NFT From Smart Contracts to NFT
From Smart Contracts to NFTDavide Carboni
 
Blockchain School 2019 - Security of Smart Contracts.pdf
Blockchain School 2019 - Security of Smart Contracts.pdfBlockchain School 2019 - Security of Smart Contracts.pdf
Blockchain School 2019 - Security of Smart Contracts.pdfDavide Carboni
 
The Bitcoin blockchain (en)
The Bitcoin blockchain (en)The Bitcoin blockchain (en)
The Bitcoin blockchain (en)Davide Carboni
 
Internet-of-things, sicurezza, privacy, trust
Internet-of-things, sicurezza, privacy, trustInternet-of-things, sicurezza, privacy, trust
Internet-of-things, sicurezza, privacy, trustDavide Carboni
 
Blockchain - crittomonete, Bitcoin e altre applicazioni
Blockchain - crittomonete, Bitcoin e altre applicazioniBlockchain - crittomonete, Bitcoin e altre applicazioni
Blockchain - crittomonete, Bitcoin e altre applicazioniDavide Carboni
 
Internet of Things al Festivalscienza 2010
Internet of Things al Festivalscienza 2010Internet of Things al Festivalscienza 2010
Internet of Things al Festivalscienza 2010Davide Carboni
 
Pysense: wireless sensor computing in Python?
Pysense: wireless sensor computing in Python?Pysense: wireless sensor computing in Python?
Pysense: wireless sensor computing in Python?Davide Carboni
 
Introduzione ai Design Patterns nella Programmazione a Oggetti
Introduzione ai Design Patterns nella Programmazione a OggettiIntroduzione ai Design Patterns nella Programmazione a Oggetti
Introduzione ai Design Patterns nella Programmazione a OggettiDavide Carboni
 
The world is the computer and the programmer is you
The world is the computer and the programmer is youThe world is the computer and the programmer is you
The world is the computer and the programmer is youDavide Carboni
 
Browsing Large Collections of Geo-Tagged Pictures
Browsing Large Collections of Geo-Tagged PicturesBrowsing Large Collections of Geo-Tagged Pictures
Browsing Large Collections of Geo-Tagged PicturesDavide Carboni
 
Programmazione concorrente in Java (vecchio modello)
Programmazione concorrente in Java (vecchio modello)Programmazione concorrente in Java (vecchio modello)
Programmazione concorrente in Java (vecchio modello)Davide Carboni
 
Kickoff del Progetto Cluster Mashup e Geoweb
Kickoff del Progetto Cluster Mashup e GeowebKickoff del Progetto Cluster Mashup e Geoweb
Kickoff del Progetto Cluster Mashup e GeowebDavide Carboni
 
Open al bivio fra software e webware (al javaday 2006)
Open al bivio fra software e webware (al javaday 2006)Open al bivio fra software e webware (al javaday 2006)
Open al bivio fra software e webware (al javaday 2006)Davide Carboni
 
Web 2.0, mashup e GeoWeb
Web 2.0, mashup e GeoWebWeb 2.0, mashup e GeoWeb
Web 2.0, mashup e GeoWebDavide Carboni
 

More from Davide Carboni (20)

PPT-CyberJourney-June-2023-Carboni.pptx
PPT-CyberJourney-June-2023-Carboni.pptxPPT-CyberJourney-June-2023-Carboni.pptx
PPT-CyberJourney-June-2023-Carboni.pptx
 
From Smart Contracts to NFT
From Smart Contracts to NFT From Smart Contracts to NFT
From Smart Contracts to NFT
 
Blockchain School 2019 - Security of Smart Contracts.pdf
Blockchain School 2019 - Security of Smart Contracts.pdfBlockchain School 2019 - Security of Smart Contracts.pdf
Blockchain School 2019 - Security of Smart Contracts.pdf
 
The Bitcoin blockchain (en)
The Bitcoin blockchain (en)The Bitcoin blockchain (en)
The Bitcoin blockchain (en)
 
Internet-of-things, sicurezza, privacy, trust
Internet-of-things, sicurezza, privacy, trustInternet-of-things, sicurezza, privacy, trust
Internet-of-things, sicurezza, privacy, trust
 
Blockchain - crittomonete, Bitcoin e altre applicazioni
Blockchain - crittomonete, Bitcoin e altre applicazioniBlockchain - crittomonete, Bitcoin e altre applicazioni
Blockchain - crittomonete, Bitcoin e altre applicazioni
 
08 mapreduce
08 mapreduce08 mapreduce
08 mapreduce
 
04 bloom
04 bloom04 bloom
04 bloom
 
2 phase-commit
2 phase-commit 2 phase-commit
2 phase-commit
 
Internet of Things al Festivalscienza 2010
Internet of Things al Festivalscienza 2010Internet of Things al Festivalscienza 2010
Internet of Things al Festivalscienza 2010
 
Pysense: wireless sensor computing in Python?
Pysense: wireless sensor computing in Python?Pysense: wireless sensor computing in Python?
Pysense: wireless sensor computing in Python?
 
Introduzione ai Design Patterns nella Programmazione a Oggetti
Introduzione ai Design Patterns nella Programmazione a OggettiIntroduzione ai Design Patterns nella Programmazione a Oggetti
Introduzione ai Design Patterns nella Programmazione a Oggetti
 
The world is the computer and the programmer is you
The world is the computer and the programmer is youThe world is the computer and the programmer is you
The world is the computer and the programmer is you
 
Browsing Large Collections of Geo-Tagged Pictures
Browsing Large Collections of Geo-Tagged PicturesBrowsing Large Collections of Geo-Tagged Pictures
Browsing Large Collections of Geo-Tagged Pictures
 
Programmazione concorrente in Java (vecchio modello)
Programmazione concorrente in Java (vecchio modello)Programmazione concorrente in Java (vecchio modello)
Programmazione concorrente in Java (vecchio modello)
 
Introduction P2p
Introduction P2pIntroduction P2p
Introduction P2p
 
Spoleto07
Spoleto07Spoleto07
Spoleto07
 
Kickoff del Progetto Cluster Mashup e Geoweb
Kickoff del Progetto Cluster Mashup e GeowebKickoff del Progetto Cluster Mashup e Geoweb
Kickoff del Progetto Cluster Mashup e Geoweb
 
Open al bivio fra software e webware (al javaday 2006)
Open al bivio fra software e webware (al javaday 2006)Open al bivio fra software e webware (al javaday 2006)
Open al bivio fra software e webware (al javaday 2006)
 
Web 2.0, mashup e GeoWeb
Web 2.0, mashup e GeoWebWeb 2.0, mashup e GeoWeb
Web 2.0, mashup e GeoWeb
 

Recently uploaded

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 

Recently uploaded (20)

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

NAT Traversal

  • 1. P2P and NAT How to traverse NAT Davide Carboni © 2005-2006
  • 2. License Attribution-ShareAlike 2.5 You are free: to copy, distribute, display, and perform the work to make derivative works to make commercial use of the work Under the following conditions: Attribution . You must give the original author credit. Share Alike . If you alter, transform, or build upon this work, you may distribute the resulting work only under a licence identical to this one. For any reuse or distribution, you must make clear to others the licence terms of this work. Any of these conditions can be waived if you get permission from the copyright holder. Your fair use and other rights are in no way affected by the above. This is a human-readable summary of the Legal Code (the full licence ) . Disclaimer
  • 3.
  • 4.
  • 5. Firewall Rules router (Global IP addresses)
  • 6.
  • 7.
  • 8. Simple NAT NAT (Private IP addresses) (Public IP addresses) Main Internet (Public IP addresses)
  • 9. Multiple NAT ISP NAT (Private IP addresses) (Public IP addresses) Main Internet ISP network Home NAT Home network 10.0.0.12 192.168.2.12 192.168.2.99 156.148.70.32
  • 10. NAT Mappings (192.168.2.2) (1.1.1.4) (1.1.1.5) 192.168.2.2:4445 <-> 1.1.1.5:10100 S=192.168.2.2:4445 D=1.1.1.4:7777 datagram S=1.1.1.5:10100 D=1.1.1.4:7777 datagram A
  • 11. Traversing a NAT that does not collaborate
  • 12. Relaying NAT Main Internet Local network NAT Local network 10.0.0.12 192.168.2.99 Relay S host A host B 1 2
  • 13. Connection reversal NAT Main Internet Local network 1.1.1.4 192.168.2.99 rendezvous S host A host B 1 2 3
  • 14.
  • 15.
  • 16.
  • 17.
  • 18. Full cone Host A Host C Full cone Host B (192.168.2.2) (1.1.1.4) (192.168.2.1) (1.1.1.5) (1.1.1.6) Packet(S=192.168.2.2:4445, D=1.1.1.5:7777) Packet(S=1.1.1.4:10100, D=1.1.1.5:7777) Packet(S=1.1.1.5:4321, D=1.1.1.4:10100) Packet(S=1.1.1.5:4321, D=192.168.2.2:4445) Packet(S=1.1.1.6:1234, D=1.1.1.4:10100) Packet(S=1.1.1.6:1234, D=192.168.2.2:4445)
  • 19.
  • 20. Holes in Full Cone NAT rendezvous host A host B 1 2 3 4 5
  • 21. Restricted cone Host A Host C Restricted cone Host B (192.168.2.2) (1.1.1.4) (192.168.2.1) (1.1.1.5) (1.1.1.6) Packet(S=192.168.2.2:4445, D=1.1.1.5:7777) Packet(S=1.1.1.4:10100, D=1.1.1.5:7777) Packet(S=1.1.1.5:4321, D=1.1.1.4:10100) Packet(S=1.1.1.5:4321, D=192.168.2.2:4445) Packet(S=1.1.1.6:1234, D=1.1.1.4:10100) X Packet(S=192.168.2.2:4445, D=1.1.1.6:7777) Packet(S=1.1.1.4:10100, D=1.1.1.6:7777) Packet(S=1.1.1.6:4321, D=1.1.1.4:10100) Packet(S=1.1.1.6:4321, D=192.168.2.2:4445)
  • 22.
  • 23. Holes in Restricted Cone NAT rendezvous host A host B 1 2 3 5 4 6
  • 24. Port restricted cone Host A Host C Port - restr cone Host B (192.168.2.2) (1.1.1.4) (192.168.2.1) (1.1.1.5) (1.1.1.6) Packet(S=192.168.2.2:4445, D=1.1.1.5:7777) Packet(S=1.1.1.4:10100, D=1.1.1.5:7777) Packet(S=1.1.1.5:4321, D=1.1.1.4:10100) Packet(S=1.1.1.5:7777, D=192.168.2.2:4445) X Packet(S=1.1.1.5:7777, D=1.1.1.4:10100)
  • 25.
  • 26. Holes in Port restricted Cone NAT rendezvous host A host B 1 2 3 5 4 6
  • 27. Symmetric NAT Host A Host C symmetric Host B (192.168.2.2) (1.1.1.4) (192.168.2.1) (1.1.1.5) (1.1.1.6) Packet(S=192.168.2.2:4445, D=1.1.1.5:7777) Packet(S=1.1.1.4:10100, D=1.1.1.5:7777) Packet(S=1.1.1.5:7777, D=192.168.2.2:4445) Packet(S=1.1.1.5:7777, D=1.1.1.4:10100) Packet(S=192.168.2.2:4445, D=1.1.1.6:7777) Packet(S=1.1.1.4:10179, D=1.1.1.6:7777) Packet(S=1.1.1.6:7777, D=192.168.2.2:4445) Packet(S=1.1.1.6:7777, D=1.1.1.4:10179) Packet(S=1.1.1.6:7777, D=1.1.1.4:10100) X
  • 28.
  • 30.
  • 31.
  • 32.
  • 33.
  • 34. TCP Hole punching NAT Main Internet Local network NAT Local network 10.0.0.12 192.168.2.99 rendezvous S host A host B 1.1.1.4 1.1.1.5 1.1.1.6
  • 35. TCP Hole punching NAT Main Internet Local network NAT Local network rendezvous S host A host B 1.1.1.4:1234 1.1.1.5:4444 1.1.1.6
  • 36.
  • 37. Traversing a NAT that collaborates
  • 38.
  • 39. SOCKS CONNECT NAT Socks proxy host A server S 1. CONNECT 2. connect()
  • 40. SOCKS BIND NAT Socks proxy host A listening on 4445 server S 1. BIND (localport=4445, S) 3. connect(33102) 2. Ok. Port=33102
  • 41.
  • 42.
  • 43.
  • 44.
  • 46.
  • 47.
  • 48.
  • 49. License Attribution-ShareAlike 2.5 You are free: to copy, distribute, display, and perform the work to make derivative works to make commercial use of the work Under the following conditions: Attribution . You must give the original author credit. Share Alike . If you alter, transform, or build upon this work, you may distribute the resulting work only under a licence identical to this one. For any reuse or distribution, you must make clear to others the licence terms of this work. Any of these conditions can be waived if you get permission from the copyright holder. Your fair use and other rights are in no way affected by the above. This is a human-readable summary of the Legal Code (the full licence ) . Disclaimer