Smart Tunnel Union for NAT Traversal

Network address translator (NAT) is the well-known, transitional method to mitigate the problem of IPv4 address depletion in today's Internet. However, the assignment, translation, and export of address/port in a NAT at run time affect application functions. Accordingly, application servers behind the NAT cannot accept requests directly from public networks. Sensitive applications cannot hold their end-to-end security mechanisms. Applications lose connections after the NAT reboots or changes the binding address/port. However, current proposals for NAT traversal hardly solve the problems. Against the problems, we propose Smart Tunnel Union for NAT Traversal (STUNT) in the paper. STUNT permits applications behind the NAT to be actively contacted by Internet clients, keeps end-to-end security mechanisms, and avoids the risk of exporting binding information of the NAT to connection endpoints. Meanwhile, it permits applications to traverse the NAT and keeps the NAT intact

[1]  Tony Hain,et al.  Architectural Implications of NAT , 2000, RFC.

[2]  Ce-Kuen Shieh,et al.  Java Application's Packet Eavesdropper for content delivery network , 2005, 19th International Conference on Advanced Information Networking and Applications (AINA'05) Volume 1 (AINA papers).

[3]  Daniel Senie,et al.  Network Address Translator (NAT)-Friendly Application Design Guidelines , 2002, RFC.

[4]  Stephen T. Kent,et al.  Security Architecture for the Internet Protocol , 1998, RFC.

[5]  Yutaka Takeda,et al.  Symmetric NAT Traversal using STUN , 2003 .

[6]  Paul Vixie,et al.  A DNS RR for specifying the location of services (DNS SRV) , 1996, RFC.

[7]  Jonathan Rosenberg Traversal Using Relay NAT (TURN) , 2005 .

[8]  Christian Huitema,et al.  STUN - Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs) , 2003, RFC.

[9]  Weidong Jin,et al.  Multi-agent system for multimedia communications traversing NAT/firewall in next generation networks , 2004, Proceedings. Second Annual Conference on Communication Networks and Services Research, 2004..

[10]  Pyda Srisuresh,et al.  Traditional IP Network Address Translator (Traditional NAT) , 2001, RFC.

[11]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[12]  Mark Handley,et al.  SIP: Session Initiation Protocol , 1999, RFC.

[13]  Matt Holdrege,et al.  IP Network Address Translator (NAT) Terminology and Considerations , 1999, RFC.

[14]  Michael S. Borella,et al.  Realm Specific IP: Framework , 2001, RFC.

[15]  Jonathan D. Rosenberg,et al.  Middlebox communication architecture and framework , 2002, RFC.

[16]  Saikat Guha,et al.  NUTSS: a SIP-based approach to UDP and TCP network connectivity , 2004, FDNA '04.