in the TCP/IP suite. Currently there are two version of IP: IPv4 and IPv6. IPv4 is the historical and currently dominant protocol of the Internet. IPv6 is the most recent version of IP. It has been designed to solve the exhaustion of IP addresses available caused by rapid growth of devices connected to the Internet in the past 20 years.
the ARPANET in 1983. The Advanced Research Projects Agency Network (ARPANET) was an early packet switching network and the first network to implement the protocol suite TCP/IP. ARPANET was initially funded by the Advanced Research Projects Agency (ARPA) of the United States Department of Defense.
IPv4 does not guarantee delivery and not assure proper sequencing or avoidance of duplicate delivery. These aspects are addressed by the upper transport layer, thanks to protocols such as the TCP. IPv4 uses 32-bit addresses which limits the address space to 2^32 (~ 4B) addresses. ~18 million addresses are reserved for private networks.
communications, in contrast with IP that only provides host-to-host communications. These protocols include a multiplexing feature, using “ports” to enable multiple applications on a single host to be connected on the same network simultaneously. Ports are similar to names on postal address in the real world. They help to distinguish between different recipients on the same location.
protocol of the Transmission layer. TCP provides reliable, ordered, and error-checked delivery of a stream of bytes between applications running on hosts communicating by an IP network. TCP is the foundation of well-known application protocols like HTTP, FTP and SSH. TCP is a connection-oriented communication protocol: the communication always starts with an handshaking to establish a session between the two peers.
Responder receives the SYN. Responder sends a SYNchronize+ACKnowledgement to Initiator. Initiator receives the SYN+ACK. Initiator sends the ACKnowledge. Responder receives the ACK. TCP socket connection is ESTABLISHED.
the TCP where reduced latency is more important than reliability (video streaming, etc.). UDP uses a simple connectionless transmission model, it has no handshaking dialogues, and there is no guarantee of delivery, ordering, or duplicate protection.
to every host (or device) that wants to connect to the Internet. IPv4 address exhaustion is the reduction of the pool of unallocated IPv4 addresses. IPv4 address accelerated depletion is mainly due to the rapid growth of devices connected to the Internet started in the 80’s. In response to this scalability problem, several technologies have been proposed: NAT (Network Address Translation), CIDR, IPv6.
IP addresses and IP routing. CIDR is a network addressing architecture used as alternative to the classful network architecture to help slow the rapid exhaustion of IPv4 addresses. CIDR architecture architecture optimizes the address blocks allocations. In practice, with classful network all the sites that needed larger address blocks than a Class C network provided, they received a Class B block, which was in most cases much larger than what required, wasting a lot of IP addresses.
a slash ('/') character, and a decimal number. They facilitates routing by grouping IP addresses that share an initial sequence of bits in their binary representation. An IP address is part of a CIDR block, if the initial n bits of the address and the CIDR prefix are the same.
communicate with public networks because private addresses only have meaning to devices within the private network itself as there are hundreds of thousand of private networks that use the same address space. To make the communication possible, IP packets with private addresses require Network Address Translation (NAT) at the routing gateway.
allows for the efficient use of available public IP addresses, as many such private addresses may be mapped to the one public address. NAPT is many to one mapping.
as a single device with a single IP address. It has an interface for connecting to the public network (Internet), and one that serves as a Internet Gateway in the private network.
mapping private and public address realms based on a conceptual communication session. A NAT-enabled router implement a NAT translation table hiding the details private network to the outside world. NAT translation table
two peers (or endpoints). P2P communications rely to the principle of end-to-end connectivity. This type of communications are the foundation in applications such as P2P file sharing and Voice over IP (VoIP).
of end- to-end connectivity originally envisioned in the design of the Internet: hosts behind two different private networks cannot directly communicate via the public Internet, but NAT Traversal techniques such as UPnP Internet Gateway Device Protocol (IGDP), NAT Port Mapping Protocol (NAT-PMP) and NAT Hole Punching are required.
is a set of networking protocols that permits networked devices to seamlessly discover each other's presence on the network and establish functional network services for data sharing. Internet Gateway Device Protocol (IGD Protocol) is a protocol for mapping specific ports in NAT setups generally supported by NAT-enabled routers. It is implemented through UPnP, and is a solution for NAT Traversal.
supported), NAT-enabled routers allow any local UPnP client to perform a variety of actions, including retrieving the external IP address of the router, and add or remove port mapping rules to the NAT translate table. By adding a port mapping, a UPnP client behind the Internet Gateway Device can enable traversal of the IGD from an external address to an internal address.
computer networking for establishing a direct connection between two peers in which one or both are behind NAT-enabled routers. UDP and TCP Hole Punching respectively use UDP and TCP Protocols. In this presentation we focus on UDP Hole Punching: it is easier to implement compared to TCP Hole Punching and, and it is also widely supported by the Nat-enabled routers commercialized today.
IP address and port to the same public external IP and port regardless of the destination address and port. However, an external host (with address X) can only send a packet to an internal host through this mapped address and port previously sent a packet to the IP address X.
but it only accepting packets from an external host with address X and port P if the internal host has previously sent a packet to the IP address X on port P.
address and port as well as destination IP address and port. Therefore Symmetric NAT creates a different address mapping on the same internal address and port for each destination IP address and port.
external host would result in a new IP address and port binding by Symmetric NAT. Thus an external host can only send a UDP packet back to the internal host through the mapped IP address and port that was created from a previously transmission from the internal host to the external host. UDP Hole Punching isn’t possible if both peers are behind Symmetric NATs.
Traversal Technique used to establish direct P2P communications between hosts without compromising the security of the private network. It consists of two-phases. In the first phase, each peer behind a NAT discovers the presence and types of NATs and firewalls between them and the Internet. In the second phase, the public address and the NAT type obtained in the first phase are used to predict the address and port number for a subsequent session between the peers.
communication between two peers (A and B) behind NAT using UDP Hole Punching can be resumed in 4 steps: 1. each peer creates a UDP session with a common randezvous server (S) which records the private and public IP address and port of the peer 2. A asks S for help establishing a UDP session with B 3. S replies to A with the public and private address of B. At the same time, S uses its UDP session with B to forward to B the connection request containing A’s public and private addresses and ports. At this step, each peer knows the addresses of the other. 4. When a peer (A or B) receives the public and private addresses of the other, it starts sending UDP packets to both these of these addresses and becomes connected to whichever address that responds to it first.
forwards IP packets between computer networks. Routers perform the traffic directing functions on the Internet. An IP packet is typically forwarded from one router to another router through the networks that constitute the internetwork until it reaches its destination node.
routing protocols, such as OSPF, IS-IS. Interior gateway protocols type 2: distance-vector routing protocols, such as Routing Information Protocol, RIPv2, IGRP. Exterior gateway protocols are routing protocols used on the Internet for exchanging routing information between Autonomous Systems, such as Border Gateway Protocol (BGP), Path Vector Routing Protocol.
jacopodaeli
dayjournal
sansantech
chibiegg
koki_nishihara
poteboy
kwappa
kaz29
yasumuusan
ohbarye
tomorrowkey
dahatake
rainerhahnekamp
michaelherold
addyosmani
speakerdeck
wjessup
jeffersonlam
danielanewman
tmm1
gr2m
destraynor
quramy
schacon
bkeepers
![Questions? @JacopoDaeli [email protected]](https://files.speakerdeck.com/presentations/8c7266a3758841828f2adf9045abe4d1/slide_39.jpg){kind=link}
