Presentation is loading. Please wait.

Presentation is loading. Please wait.

GIST NAT traversal and Legacy NAT traversal for GIST AND

Published byBlanche Parsons Modified over 8 years ago

Similar presentations

Presentation on theme: "GIST NAT traversal and Legacy NAT traversal for GIST AND"— Presentation transcript:

1 GIST NAT traversal and Legacy NAT traversal for GIST http://www.ietf.org/internet-drafts/draft-pashalidis-nsis-gimps-nattraversal-03.txt AND http://www.ietf.org/internet-drafts/draft-pashalidis-nsis-legacy-nattraversal-03.txt A. Pashalidis; H. Tschofenig

2 {Andreas.Pashalidis, Hannes.Tschofenig} @siemens.com NAT Traversal Previous document split in two. GIST NAT Traversal — NAT is GIST-aware Legacy NAT traversal for GIST. — NAT does not know anything about NSIS — Online, but not submitted to IETF yet Reason for splitting: material in one document does not affect material in the other.

3 {Andreas.Pashalidis, Hannes.Tschofenig} @siemens.com GIST NAT Traversal Document (still) covers two approaches: “transparent” and “non-transparent”. Both approaches are compatible with GIST main spec. However, only non-transparent approach makes use of GIST “NAT Traversal” object.

4 {Andreas.Pashalidis, Hannes.Tschofenig} @siemens.com Transparent Approach NAT GIST peer 1 GIST peer 2 1. GIST QUERY 2. TRANSLATE FLOW ID (MRI) according to NAT binding; put NAT IP address in NLI.IA field 3. GIST QUERY (translated) 4. GIST RESPONSE (sent to NLI.IA) 5. TRANSLATE MRI and NLI.IA back to original values 6. GIST RESPONSE (translated) NAT translates IP header, transport layer header, and GIST header of signalling traffic (D-mode and C-mode) in a manner consistent with the data flow NAT binding. NAT does not install a separate “NAT binding” for signalling traffic (translation above suffices) Approach hides internal addresses from public Internet. Approach does not work if IPsec/TLS is used!

5 {Andreas.Pashalidis, Hannes.Tschofenig} @siemens.com Non-transparent Approach NAT GIST peer 1 GIST peer 2 1. GIST QUERY 2. Add NAT Traversal Object 3. GIST QUERY (with NTO) 4. GIST RESPONSE (with NTO) 5. Remove NTO 6. GIST RESPONSE (without NTO) Message 3 contains translated and original MRI, thus peer 2 can map subsequent signalling messages (with untranslated MRI) to data flow. NAT installs “NAT binding” for signalling traffic after RESPONSE is received. NAT does not modify any GIST messages, except QUERY, RESPONSE. Internal addresses exposed on public Internet.

6 {Andreas.Pashalidis, Hannes.Tschofenig} @siemens.com Legacy NAT Traversal for GIST Extension to GIST For now, no changes in message formats required. — Just new behaviour at GIST nodes.

7 {Andreas.Pashalidis, Hannes.Tschofenig} @siemens.com Legacy NAT traversal: NI-side NAT GIST peer 1 GIST peer 2 1. GIST QUERY 2. GIST QUERY 3. GIST RESPONSE 4. GIST RESPONSE Peer 2 detects the NAT and proposes a UDP tunnel Peer 1 detects the NAT and sets up the UDP tunnel Both data traffic and signalling traffic is sent over the tunnel. NAT detected! UDP TUNNEL Do the NAT work… data sig

8 {Andreas.Pashalidis, Hannes.Tschofenig} @siemens.com Legacy NAT traversal: NR-side Work in progress…

Download ppt "GIST NAT traversal and Legacy NAT traversal for GIST AND"

Similar presentations

NSIS Operation Over IP Tunnels draft-ietf-nsis-tunnel-04.txt Charles Shen, Henning Schulzrinne, Sung-Hyuck Lee, Jong Ho Bang IETF#71 – Philadelphia, USA.

NSIS Operation Over IP Tunnels draft-ietf-nsis-tunnel-04.txt Charles Shen, Henning Schulzrinne, Sung-Hyuck Lee, Jong Ho Bang IETF#71 – Philadelphia, USA.
20.1 Chapter 20 Network Layer: Internet Protocol Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

20.1 Chapter 20 Network Layer: Internet Protocol Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Chapter 22 IPv6 (Based on material from Markus Hidell, KTH)

Chapter 22 IPv6 (Based on material from Markus Hidell, KTH)
1 Internet Protocol Version 6 (IPv6) What the caterpillar calls the end of the world, nature calls a butterfly. - Anonymous.

1 Internet Protocol Version 6 (IPv6) What the caterpillar calls the end of the world, nature calls a butterfly. - Anonymous.
STUN Date: 2011-05-25 Speaker: Hui-Hsiung Chung 1.

STUN Date: Speaker: Hui-Hsiung Chung 1.
NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT 09.11.2005.

NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT
1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.

1 Network Architecture and Design Advanced Issues in Internet Protocol (IP) IPv4 Network Address Translation (NAT) IPV6 IP Security (IPsec) Mobile IP IP.
1 © NOKIA NSIS MIPv6 FW/ November 8 th 2004 Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-01 S. Thiruvengadam.

1 © NOKIA NSIS MIPv6 FW/ November 8 th 2004 Mobile IPv6 - NSIS Interaction for Firewall traversal draft-thiruvengadam-nsis-mip6-fw-01 S. Thiruvengadam.
Telematics group University of Göttingen, Germany Overhead and Performance Study of the General Internet Signaling Transport (GIST) Protocol Xiaoming.

Telematics group University of Göttingen, Germany Overhead and Performance Study of the General Internet Signaling Transport (GIST) Protocol Xiaoming.
1 Internet Networking Spring 2004 Tutorial 13 LSNAT - Load Sharing NAT (RFC 2391)

1 Internet Networking Spring 2004 Tutorial 13 LSNAT - Load Sharing NAT (RFC 2391)
Next Step In Signaling (NSIS) and Internet Routing Dynamics Charles Shen and Henning Columbia University in the City of New York Internet.

Next Step In Signaling (NSIS) and Internet Routing Dynamics Charles Shen and Henning Columbia University in the City of New York Internet.
1 IETF 64th meeting, Vancouver, Canada Design Options of NSIS Diagnostics NSLP Xiaoming Fu Ingo Juchem Christian Dickmann Hannes Tschofenig.

1 IETF 64th meeting, Vancouver, Canada Design Options of NSIS Diagnostics NSLP Xiaoming Fu Ingo Juchem Christian Dickmann Hannes Tschofenig.
NSIS Transport Layer draft-ietf-nsis-ntlp-00.txt Slides:

NSIS Transport Layer draft-ietf-nsis-ntlp-00.txt Slides:
CSCI 4550/8556 Computer Networks Comer, Chapter 21: IP Encapsulation, Fragmentation, and Reassembly.

CSCI 4550/8556 Computer Networks Comer, Chapter 21: IP Encapsulation, Fragmentation, and Reassembly.
July 2008IETF 72 - NSIS1 Permission-Based Sending (PBS) NSLP: Network Traffic Authorization draft-hong-nsis-pbs-nslp-01 Se Gi Hong & Henning Schulzrinne.

July 2008IETF 72 - NSIS1 Permission-Based Sending (PBS) NSLP: Network Traffic Authorization draft-hong-nsis-pbs-nslp-01 Se Gi Hong & Henning Schulzrinne.
COS 420 Day 20. Agenda Group Project Discussion Protocol Definition Due April 12 Paperwork Due April 29 Assignment 3 Due Assignment 4 is posted Last Assignment.

COS 420 Day 20. Agenda Group Project Discussion Protocol Definition Due April 12 Paperwork Due April 29 Assignment 3 Due Assignment 4 is posted Last Assignment.
NSIS based NetServ Signalling Protocol Design and Implementation Roberto Francescangeli Visiting PhD student.

NSIS based NetServ Signalling Protocol Design and Implementation Roberto Francescangeli Visiting PhD student.
1 Spring Semester 2007, Dept. of Computer Science, Technion Internet Networking recitation #12 LSNAT - Load Sharing NAT (RFC 2391)

1 Spring Semester 2007, Dept. of Computer Science, Technion Internet Networking recitation #12 LSNAT - Load Sharing NAT (RFC 2391)
NSIS Flow ID and packet classification issues Hong Cheng, Qijie Huang, Takako Sanda, Toyoki Ue IETF#63 August, 2005.

NSIS Flow ID and packet classification issues Hong Cheng, Qijie Huang, Takako Sanda, Toyoki Ue IETF#63 August, 2005.
IP/ICMP Translation Algorithm (IIT) Xing Li, Congxiao Bao, Fred Baker 2008-11-17.

IP/ICMP Translation Algorithm (IIT) Xing Li, Congxiao Bao, Fred Baker

Similar presentations

Ads by Google