Network Address Translator Traversal Research Articles

Policy-based communications for 5G mobile with customer edge switching

Besides more capacity and faster connections, 5G is expected to provide ultra-reliable services, for example, for machine-to-machine communications. In this paper, we advocate that 5G must do its best to eliminate malicious traffic as a cause of failure of legitimate services. This paper proposes that all communications in 5G should be controlled by policy. The policies facilitate cooperation of customer networks against misbehaving actors and collecting evidence of malicious activity. Dynamic policies can react to hosts that are used in attacks. We propose a system controlled by policy that overcomes the classical weaknesses in the Internet, namely source address spoofing and denial of service attacks. We propose to improve the mobile device experience by new methods of network address translator traversal suitable for battery-powered mobile devices. We believe that 5G will be the major driver for the future Internet, which is why we relate our approach to other proposals for future Internet architecture. Our approach can be deployed one network at a time as it limits the changes to edge nodes; no compulsory changes are proposed to hosts. The paper reports the experience from experimentation and evaluates scalability and security including initial results on performance. © 2015 The Authors. Security and Communication Networks published by John Wiley & Sons, Ltd.

Extended UDP Multiple Hole Punching Method to Traverse Large Scale NATs

A Network Address Translator (NAT) is a popular technological tool used in networks, especially in small-sized networks. Recently, network operators have been considering deploying Large Scale NATs (LSNs) to cope with IPv4 address pool exhaustion. This will make it necessary to deal with several problems related to LSNs, such as multiple levels of NATs (cascaded NATs) and the shortage of port numbers used by NATs. To address these issues, this paper extends the concept of UDP Multiple Hole Punching previously proposed by us. The use of our proposed method enables an accurate Port Prediction and reduces the number of open ports. The new method can determine the low TTL values for IP packets. We also discuss the application of i-Path routers, which provide status information about NATs along a network path for end hosts. The use of these routers makes it easier to perform NAT traversal.

Challenge and solutions of NAT traversal for ubiquitous and pervasive applications on the Internet

Network Address Translator (NAT) has brought up many changes and opportunities to the Internet. How do the ubiquitous and pervasive applications coexist with NAT and interoperate with each other? In this article, we discuss the essence of NAT sensitive applications as well as the challenge and response for various NAT traversal solutions. All questions pointed to redesign a new NAT framework with a major change to accommodate NAT problems all at once. We introduce a novel next generation NAT (NATng) framework, which consists of a Bi-directional NAT (BNAT) and a Domain Name System Application Level Gateway (DNS_ALG) with a Border Network Address Translator Control Protocol (BNATCP) function to control all BNATs. The above components coordinate and provide bidirectional access capability between intranet and Internet, so all private hosts can be addressed via Fully Qualified Domain Name (FQDN). Logistically, NATng extends the IPv4 address space from 2 32 to 2 48 or even more. It features high potential to solve the problems for ubiquitous and pervasive applications which may encounter IPv4 address exhaustion on the current Internet.

NAT Traversing Solutions for SIP Applications

Session Initiation Protocol (SIP) has been proposed for multimedia services and wide-area connectivity in smart home environments (SHEs). An important issue for SIP deployment in SHEs is network address translator (NAT) traversing. SIP and Real-time Transport Protocol (RTP) packets are delivered between an SHE (i.e., private IP network) and Internet (i.e., a public IP network) through an NAT function of a home gateway, and the NAT translates the IP/transport layer address and port number but leaves the application layer content unchanged. This results in inconsistency between the IP addresses/port numbers in the IP/transport layers and those in the SIP layer. To resolve this issue, we describe six solutions including static route, UPnP, STUN, ICE, ALG, and SBC. Then we compare these solutions in terms of smart home appliance (SHA) modification, scope of NATs supported, multilayer NAT traversal, ease of configuration, security issue, and time complexities.