1 / 7

Native NAT Traversal Mode for the Host Identity Protocol

Native NAT Traversal Mode for the Host Identity Protocol. draft-keranen-hip-native-nat-traversal-00 Ari Keränen March 25th, 2010 HIP WG, 77th IETF, Anaheim, CA. Background. RFC 5770: NAT traversal based on ICE, STUN & TURN (draf-ietf-hip-nat-traversal)

agustinah
Download Presentation

Native NAT Traversal Mode for the Host Identity Protocol

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Native NAT Traversal Mode for the Host Identity Protocol draft-keranen-hip-native-nat-traversal-00 Ari Keränen March 25th, 2010 HIP WG, 77th IETF, Anaheim, CA

  2. Background • RFC 5770: NAT traversal based on ICE, STUN & TURN (draf-ietf-hip-nat-traversal) • UDP encapsulation of HIP signaling and data (ESP) packets • HIP relay server for signaling traffic and TURN server for data relaying • STUN messages for ICE connectivity checks • Idea: re-use STUN/TURN infrastructure • Using TURN requires implementing STUN; not much effort to implement ICE too

  3. ICE STUN Mode (RFC 5770) HIP relay server HIP relay server 3. BeX (HIP) 1. (HIP) TURN server TURN server 1. (HIP) 2. (TURN) 2. (TURN) I R 4. ICE checks (STUN)

  4. Why New NAT Traversal Mode? • ICE implementation overhead • More messages (different format) • More state machines • More chances for bugs • Increased binary size • Widespread TURN infra yet to be seen • Architectural beauty

  5. Native NAT Traversal Mode • Re-uses most of the RFC 5770 • HIP relay server for HIP signaling • NAT traversal mode negotiation • UDP encapsulation • ICE methodology and algorithms • HIP messages instead of STUN • ESP relay instead of TURN for HIP data • Also TURN can be used for relaying

  6. Native NAT Traversal Mode HIP relay server HIP relay server 3. BeX (HIP) 1. (HIP) HIP datarelay HIP datarelay 1. (HIP) 2. (HIP) 2. (HIP) I R 4. ICE checks (HIP)

  7. Way Forward • Data relaying needs some more work • Changing password authentication to certificate based authentication • Should the WG work on this? • Perhaps the mode for standards track HIP?

More Related