Presentation is loading. Please wait.

Presentation is loading. Please wait.

STUN Date: 2011-05-25 Speaker: Hui-Hsiung Chung 1.

Published bySadie Haslem Modified over 9 years ago

Similar presentations

Presentation on theme: "STUN Date: 2011-05-25 Speaker: Hui-Hsiung Chung 1."— Presentation transcript:

1 STUN Date: 2011-05-25 Speaker: Hui-Hsiung Chung 1

2 OUTLINE Introduction NAT VoIP and NAT Demo Reference 2

3 INTRODUCTION STUN Simple Traversal of UDP through Network Address Translators(RFC 3489) Session Traversal Utilities for NAT(RFC 5389) UDP only A mechanism for a User Agent(UA) behind NAT(s) to get its mapped(IP, Port) on Internet Check whether UA is behind NAT(s) or not UA gets the mapped(IP, Port) from STUN Server UA Replaces the IP and Port of SIP Header 3

4 NAT 4 IP addr:10.21.10.2 IP addr:10.21.10.3 IP addr:10.21.10.4 IP addr:10.21.10.5 IP addr:163.22.18.21 Internet

5 NAT TYPES Full Cone Only IP address translation. Any external host can send a packet to the internal host. Restricted Cone An external host can send a packet to the internal host only if the internal host had previously sent a packet to the external host. 5

6 NAT TYPES CONT. Port Restricted Cone A Port Restricted Cone NAT is like a Restricted Cone NAT, but the restriction includes port numbers. Symmetric Each request from the same internal IP address and port to a specific destination IP address and port is mapped to a unique external source IP address and port. 6

7 FULL CONE 7 Mapping Table 10.21.0.10:21  12345 (for A) 10.21.0.10:21  12345(for B) Client IP Address: 10.21.0.10 Port:21 NAT Host A IP Address: 202.169.175.27 Port:10110 Host B IP Address: 173.227.66.250 Port:20220 IP Add:163.22.18.21 Port:12345

8 RESTRICTED CONE 8 Mapping Table 10.21.0.10:21  12345 (for A) Client IP Address: 10.21.0.10 Port:21 NAT Host A IP Address: 202.169.175.27 Port:10110 Port:10111 Host B IP Address: 173.227.66.250 Port:20220 IP Add:163.22.18.21 Port:12345

9 PORT RESTRICTED CONE 9 Mapping Table 10.21.0.10:21  12345 (for A:10110) 10.21.0.10:21  12345(for A:10111) Client IP Address: 10.21.0.10 Port:21 NAT Host A IP Address: 202.169.175.27 Port:10110 Port:10111 IP Add:163.22.18.21 Port:12345

10 SYMMETRIC 10 Mapping Table 10.21.0.10:21  1357 (for A:10110) 10.21.0.10:21  2468 (for B:20220) Client IP Address: 10.21.0.10 Port:21 NAT Host A IP Address: 202.169.175.27 Port:10110 Host B IP Address: 173.227.66.250 Port:20220 IP Add:163.22.18.21 Port:2468 IP Add:163.22.18.21 Port:1357

11 FLOWCHART OF CHECKING NAT TYPES 11 Source from wiki

12 OUTPUT OF STUN CLIENT "Open" means Open Internet "Independent Mapping, Independent Filter" means Full Cone NAT "Independent Mapping, Address Dependent Filter" means Restricted Cone NAT "Independent Mapping, Port Dependent Filter" means Port Restricted Cone NAT "Dependent Mapping" means Symmetric NAT 12

13 VOIP AND NAT NAT convert IP addresses in IP layer Problem 1: SIP, is a application layer protocol but contain IP address/port information in messages, which is not translated by NAT. Problem 2: Private client must send a outgoing packet first (to create a mapping on NAT) to receive incoming packet. 13

14 SOLUTION WITH STUN 14 SIP UA with STUN Supports IP addr:192.168.0.152 Port:3468 Binding request from 10.21.11.44:63999 STUN Server Binding reply to SIP UA. Tell him his public Address is 10.21.11.44:63999 NAT IP addr:10.21.11.44

15 SOLUTION WITH STUN CONT. 15 SIP UA with STUN Supports IP addr:192.168.0.152 Port:3468 Register from 10.21.11.44:63541 SIP Server IP addr:163.22.21.167 Port:5060 Sending 200 OK to 10.21.11.44:63541 NAT IP addr:10.21.11.44

16 SIP UA WITHOUT STUN SUPPORTS 16

17 SIP UA WITH STUN SUPPORTS 17

18 DEMO Experimental environment STUN Server: FreeBSD 8.2 STUN Client: Windows 7 18

19 REFERENCE RFC 3489, IETF, Mar. 2003 RFC 5389, IETF, Oct. 2008 Wiki STUN “ VoIP pass through NAT ” Yao-Nan Lien STUN Client and Server library Free STUN Servers 19

Download ppt "STUN Date: 2011-05-25 Speaker: Hui-Hsiung Chung 1."

Similar presentations

SIP, Firewalls and NATs Oh My!. www.dynamicsoft.com SIP Summit 2001 5.01.01 SIP, Firewalls and NATs, Oh My! Getting SIP Through Firewalls Firewalls Typically.

SIP, Firewalls and NATs Oh My!. SIP Summit SIP, Firewalls and NATs, Oh My! Getting SIP Through Firewalls Firewalls Typically.
1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.

1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.
CST 415 - Computer Networks NAT CST 415 4/10/2017 CST 415 - Computer Networks.

CST Computer Networks NAT CST 415 4/10/2017 CST Computer Networks.
CPSC 441 - Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-
Tom Behrens Adam Muniz. Overview What is VoIP SIP Sessions H.323 Examples Problems.

Tom Behrens Adam Muniz. Overview What is VoIP SIP Sessions H.323 Examples Problems.
CS 4700 / CS 5700 Network Fundamentals Lecture 15: NAT (You Better Forward Those Ports) Revised 3/9/2013.

CS 4700 / CS 5700 Network Fundamentals Lecture 15: NAT (You Better Forward Those Ports) Revised 3/9/2013.
1 Topic 2 – Lesson 4 Packet Filtering Part I. 2 Basic Questions What is packet filtering? What is packet filtering? What elements are inside an IP header?

1 Topic 2 – Lesson 4 Packet Filtering Part I. 2 Basic Questions What is packet filtering? What is packet filtering? What elements are inside an IP header?
P2P and NAT How to traverse NAT Davide Carboni © 2005-2006.

P2P and NAT How to traverse NAT Davide Carboni ©
Network Address Translation (NAT) 12.10.2009 Prof. Sasu Tarkoma.

Network Address Translation (NAT) Prof. Sasu Tarkoma.
NAT/Firewall Traversal April 2009. NAT revisited – “port-translating NAT”

NAT/Firewall Traversal April NAT revisited – “port-translating NAT”
1 © 2004 Cisco Systems, Inc. All rights reserved. Making NATs work for Online Gaming and VoIP Dr. Cullen Jennings

1 © 2004 Cisco Systems, Inc. All rights reserved. Making NATs work for Online Gaming and VoIP Dr. Cullen Jennings
SIP Traversal over NAT Problems and Solutions Mr. Ting-Yun Chi May 2,2006 (Taiwan,NICI IPv6 R&D Division)

SIP Traversal over NAT Problems and Solutions Mr. Ting-Yun Chi May 2,2006 (Taiwan,NICI IPv6 R&D Division)
Copyright 2005 – 2009 © by Elliot Eichen. All rights reserved. NAT (NAPT/PAT), STUN, and ICE `Structure of ice II, viewed along the hexagonal c-axis. Hydrogen.

Copyright 2005 – 2009 © by Elliot Eichen. All rights reserved. NAT (NAPT/PAT), STUN, and ICE `Structure of ice II, viewed along the hexagonal c-axis. Hydrogen.
1 NAT Traversal for VoIP Ai-Chun Pang Graduate Institute of Networking and Multimedia Dept. of Comp. Sci. and Info. Engr. National Taiwan University.

1 NAT Traversal for VoIP Ai-Chun Pang Graduate Institute of Networking and Multimedia Dept. of Comp. Sci. and Info. Engr. National Taiwan University.
Network Address Translation (NAT) 8.10.2007 Adj. Prof. Sasu Tarkoma.

Network Address Translation (NAT) Adj. Prof. Sasu Tarkoma.
NAT1 Network Address Translation Dr. Danny Tsang Department of Electronic & Computer Engineering Hong Kong University of Science and Technology.

NAT1 Network Address Translation Dr. Danny Tsang Department of Electronic & Computer Engineering Hong Kong University of Science and Technology.
January 23-26, 2007 Ft. Lauderdale, Florida An introduction to SIP Simon Millard Professional Services Manager Aculab.

January 23-26, 2007 Ft. Lauderdale, Florida An introduction to SIP Simon Millard Professional Services Manager Aculab.
NAT Network Address Translation Presented by Snoopers Eduardo Segura Shenal Shroff Shinichi Nishiyama Suyou He Thu Nguyen.

NAT Network Address Translation Presented by Snoopers Eduardo Segura Shenal Shroff Shinichi Nishiyama Suyou He Thu Nguyen.
1 © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential Session Number Presentation_ID STUN, TURN and ICE Cary Fitzgerald.

1 © 2005 Cisco Systems, Inc. All rights reserved. Cisco Confidential Session Number Presentation_ID STUN, TURN and ICE Cary Fitzgerald.
STUN Tutorial Jonathan Rosenberg Chief Technology Officer.

STUN Tutorial Jonathan Rosenberg Chief Technology Officer.

Similar presentations

Ads by Google