UDP NAT and Firewall Puncturing in the Wild
نویسندگان
چکیده
Peer-to-Peer (P2P) networks work on the presumption that all nodes in the network are connectable. However, NAT boxes and firewalls prevent connections to many nodes on the Internet. For UDP based protocols, the UDP hole-punching technique has been proposed to mitigate this problem. This paper presents a study of the efficacy of UDP hole punching on the Internet in the context of an actual P2P network. To the best of our knowledge, no previous study has provided similar measurements. Our results show that UDP hole punching is an effective method to increase the connectability of peers on the Internet: approximately 64% of all peers are behind a NAT box or firewall which should allow hole punching to work, and more than 80% of hole punching attempts between these peers succeed. Wp 1 http://www.pds.ewi.tudelft.nl/∼gertjan/ G. Halkes et al. Wp UDP NAT and Firewall Puncturing in the WildWp PDS
منابع مشابه
A New Method for Symmetric NAT Traversal in UDP and TCP
This paper proposes a new method for Network Address Translator (NAT) Traversal in UDP. Several techniques have been proposed for traversing NAT or firewall boxes in UDP. These techniques can establish UDP communication between hosts behind NATs. However, existing NAT traversal methods, including Universal Plug and Play (UPnP), Simple traversal of UDP over NATs (STUN) and Teredo, cannot travers...
متن کاملSTUN - Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs)
Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs) (STUN) is a lightweight protocol that allows applications to discover the presence and types of NATs and firewalls between them and the public Internet. It also provides the ability for applications to determine the public Internet Protocol (IP) addresses allocated to them by the NAT. STUN works with man...
متن کاملBreaking Up the Transport Logjam
Current Internet transports conflate transport semantics with endpoint addressing and flow regulation, creating roadblocks to Internet evolution that we propose to address with a new layering model. Factoring endpoint addressing (port numbers) into a separate Endpoint Layer permits incremental rollout of new or improved transports at OS or application level, enables transport-oblivious firewall...
متن کاملA Transport-Level Proxy for Secure Multimedia Streams
service, firewalls need more than static packet filtering and application-level proxies. SOCKS is an application-independent transport-level proxy that offers user-level authentication and data encryption. An extended SOCKS UDP binding model with appropriate socket calls is proposed to provide complete support for UDP-based, multimedia streaming applications. T he increasing popularity of multi...
متن کاملUsing UDP for Internet Transport Evolution
The increasing use of middleboxes (e.g., NATs, firewalls) in the Internet has made it harder and harder to deploy new transport or higher layer protocols, or even extensions to existing ones. Current work to address this Internet transport ossification has led to renewed interest in UDP as an encapsulation for making novel transport protocols deployable in the Internet. Examples include Google’...
متن کامل