implementation and evaluation of a nat gateway for the
play

Implementation and Evaluation of a NAT-Gateway for the General - PowerPoint PPT Presentation

Oct 09, 2023 •186 likes •345 views

Implementation and Evaluation of a NAT-Gateway for the General Internet Signaling Transport Protocol Roland Bless and Martin Rhricht Institute of Telematics, Department of Computer Science KIT University of the State of Baden-Wuerttemberg

  1. Implementation and Evaluation of a NAT-Gateway for the General Internet Signaling Transport Protocol Roland Bless and Martin Röhricht Institute of Telematics, Department of Computer Science KIT – University of the State of Baden-Wuerttemberg and www.kit.edu National Research Center of the Helmholtz Association

  2. Motivation Signaling protocols useful set of tools Dynamically install, maintain, and manipulate state in network nodes Create messaging associations between signaling peers Network Address Translation (NAT) gateways Mitigate potential shortage of IPv4 addresses Translate IP address and UDP/TCP port information Signaling messages carry IP address information in their payload NAT gateway must be GIST-aware Rewrite addressing information in signaling message’s payload � Create an application level gateway for the General Internet Signaling Transport (GIST) protocol 1 03.09.2010 Implementation and Evaluation of a NAT-Gateway for the General Internet Institute of Telematics, Department of Comp. Science Signaling Transport Protocol

  3. Next Steps in Signaling Framework IP-based signaling framework Signaling Signaling NSIS Signaling Signaling Signaling Application 1 Application 2 Application 1 Application 2 Two-layered approach Layer (QoS) (NAT/FW) (QoS) (NAT/FW) (NSLP) General Internet Signaling General Internet General Internet Transport Protocol (GIST) Signaling Transport Signaling Transport Routing and transport of NSIS TLS Transport signaling messages Layer UDP TCP SCTP UDP TCP SCTP (NTLP) Message Routing Information (MRI) IPsec Network Layer Information (NLI) IPv4/IPv6 IPv4/IPv6 Messaging Associations 3-way handshake (Q UERY , Querying Responding R ESPONSE , C ONFIRM ) plus D ATA Node Node Supports delayed-state installation Q UERY Installation of routing state at Responding R ESPONSE Node delayed until final C ONFIRM arrives C ONFIRM D ATA 2 03.09.2010 Implementation and Evaluation of a NAT-Gateway for the General Internet Institute of Telematics, Department of Comp. Science Signaling Transport Protocol

  4. Signaling Message’s Address Translation Transparent translation Translate GIST header fields as is done with Layer 3 and 4 � Not applicable if cryptographic protection is used Non-transparent translation Use special NAT Traversal Object (NTO) Must be included by NAT gateway into initial Q UERY message Echoed back by Responding Node 0 8 16 24 31 MRI Length Type Count NAT Count Reserved Original Message Routing Information List of translated objects Length of opaque information Information replaced by NAT #1 … … Length of opaque information Information replaced by NAT #N 3 03.09.2010 Implementation and Evaluation of a NAT-Gateway for the General Internet Institute of Telematics, Department of Comp. Science Signaling Transport Protocol

  5. GIST handshake with GIST-aware NAT-gateway GIST-aware Querying Responding NAT gateway Node Node IP 1 : 10.1.2.2 IP: 10.1.2.1 IP: 10.2.3.3 IP 2 : 10.2.3.2 Src IP: 10.1.2.1 Src IP: 10.2.3.2 Q UERY Q UERY MRI (QN) NTO NLI (QN) MRI (QN) State installation MRI (NAT) MRI, NLI, IP, and MRI (QN) NLI (NAT) UDP headers are translated Src IP: 10.2.3.3 Only IP and R ESPONSE UDP headers NTO are translated MRI (QN) MRI (QN) Src IP: 10.1.2.2 NLI (RN) R ESPONSE NTO MRI (QN) MRI (QN) Only IP and NLI (RN) UDP headers are translated Src IP: 10.1.2.1 C ONFIRM Src IP: 10.2.3.2 MRI (QN) C ONFIRM NLI (QN) MRI (QN) NLI (QN) 4 03.09.2010 Implementation and Evaluation of a NAT-Gateway for the General Internet Institute of Telematics, Department of Comp. Science Signaling Transport Protocol

  6. Implementation Kernel part NSIS-ka Application Level Gateway Intercept and filter GIST packets User space Use Linux netfilter framework Kernel space libipq/netlink Communication to user-space via Netfilter Linux netlink messaging system nf_conntrack_gist.ko User-space part NIC Performs remaining packet translations Translate IP and UDP header Translate address information in MRI and NLI Insert NAT Traversal Object Serialize GIST PDU, re-calculate IP and UDP checksums Based on existing NSIS-ka implementation (http://nsis-ka.org) Not entire NSIS-ka suite (~40,692 lines of code) required Kernel module – 420 lines of C code GIST-aware NAT gateway – 680 lines of C++ code 5 03.09.2010 Implementation and Evaluation of a NAT-Gateway for the General Internet Institute of Telematics, Department of Comp. Science Signaling Transport Protocol

  7. Evaluation Evaluation in a real testbed environment Four standard PCs (Pentium IV 2.8 GHz, 4 GB RAM, Gbit Ethernet) Ubuntu 10.04 with Linux kernel 2.6.32 10.1.2.1 10.1.2.2 10.2.3.2 10.2.3.3 10.3.4.3 10.3.4.4 QN eth1 RN eth1 eth2 eth1 eth1 eth2 GIST-aware GIST-aware Querying Responding NAT-Gateway NAT-Gateway Node Node Latency intentionally kept small (~0.165 ms) Processing time of different GIST PDUs on first GIST-aware NAT gateway Processing time for complete GIST handshake and one subsequently sent D ATA message 6 03.09.2010 Implementation and Evaluation of a NAT-Gateway for the General Internet Institute of Telematics, Department of Comp. Science Signaling Transport Protocol

  8. Evaluation – Processing time for initial Q UERY message Processing time for initial Q UERY messages NAT traversal objects are included 7 03.09.2010 Implementation and Evaluation of a NAT-Gateway for the General Internet Institute of Telematics, Department of Comp. Science Signaling Transport Protocol

  9. Evaluation – Processing Time of different GIST PDUs Measured on first GIST- aware NAT gateway Over TCP Over UDP 8 03.09.2010 Implementation and Evaluation of a NAT-Gateway for the General Internet Institute of Telematics, Department of Comp. Science Signaling Transport Protocol

  10. Evaluation – Complete GIST handshake Complete GIST handshake with one subsequently sent DATA message Measured on Querying Node using TCP Measured on Querying Node using UDP 9 03.09.2010 Implementation and Evaluation of a NAT-Gateway for the General Internet Institute of Telematics, Department of Comp. Science Signaling Transport Protocol

  11. Conclusion Design of a NAT application level gateway for the General Internet Signaling Transport protocol Implementation of a NAT Traversal Object as being specified Works as expected Use GIST Responder Cookie for delayed-state installation � Allows NSIS signaling messages to safely traverse such NAT gateways Evaluations show Slight overhead for initial GIST Q UERY messages Almost no overhead for subsequent GIST messages Only small impact on duration of complete GIST handshake Delayed-state installation with no notable performance overhead 10 03.09.2010 Implementation and Evaluation of a NAT-Gateway for the General Internet Institute of Telematics, Department of Comp. Science Signaling Transport Protocol

  12. Thank you for your attention Questions? 11 03.09.2010 Implementation and Evaluation of a NAT-Gateway for the General Internet Institute of Telematics, Department of Comp. Science Signaling Transport Protocol

  13. Querying Responding Router Alert Option Node Node Message Routing Information GIST Session ID Network Layer Information Q UERY Query Cookie (over UDP) [Q-Node Stack Proposal, Q-Node Stack Configuration Data] [NSLP Payload] Message Routing Information Session ID GIST Network Layer Information Query Cookie R ESPONSE [ Responder Cookie ] (over UDP) [R-Node Stack Proposal, R-Node Stack Configuration Data] [NSLP Payload] TCP SYN TCP SYN/ACK TCP ACK Message Routing Information Session ID GIST Network Layer Information C ONFIRM Query Cookie [ Responder Cookie ] (over TCP) [R-Node Stack Proposal] [NSLP Payload] 12 03.09.2010 Implementation and Evaluation of a NAT-Gateway for the General Internet Institute of Telematics, Department of Comp. Science Signaling Transport Protocol

  14. Evaluation Results – Different PDUs Processing time of different GIST PDUs on the first GIST-aware NAT gateway Processing time on the first GIST-aware NAT gateway Avg [ms] Median [ms] StdDev [ms] UDP Query (with NTO) 2.153 2.161 0.152 TCP Response (with NTO) 0.012 0.011 0.004 UDP Response (with NTO) 0.026 0.026 0.002 TCP Confirm 0.010 0.009 0.003 UDP Confirm 0.013 0.012 0.002 TCP Data 0.009 0.009 0.001 UDP Data 0.008 0.007 0.001 13 03.09.2010 Implementation and Evaluation of a NAT-Gateway for the General Internet Institute of Telematics, Department of Comp. Science Signaling Transport Protocol

  15. Evaluation Results – Complete handshakes Complete GIST handshake with one subsequently sent D ATA message GIST handshake duration using TCP Avg [ms] Median [ms] StdDev [ms] Using NATs, with DSI 6.843 6.820 0.178 Using NATs, without DSI 6.659 6.630 0.182 No NATs, with DSI 1.816 1.746 0.210 No NATs, without DSI 1.797 1.732 0.176 GIST handshake duration using UDP Avg [ms] Median [ms] StdDev [ms] Using NATs, with DSI 5.737 5.722 0.127 Using NATs, without DSI 5.744 5.720 0.154 No NATs, with DSI 1.432 1.413 0.124 No NATs, without DSI 1.449 1.407 0.136 14 03.09.2010 Implementation and Evaluation of a NAT-Gateway for the General Internet Institute of Telematics, Department of Comp. Science Signaling Transport Protocol

Recommend

Evaluation of environmental requirements implementation in Lithuania Basis of the Evaluation In

Evaluation of environmental requirements implementation in Lithuania Basis of the Evaluation In

Presentation for the Conference SEA implementation and Practise: Making an Impact? Theme SEA and EU Cohesion Policy: Coming together ar still far apart? Evaluation of environmental requirements implementation in Lithuania Basis of the

481 views • 16 slides
Gateway A SHORT INTRODUCTION A brief overview on the Dog gateway, starting from the design

Gateway A SHORT INTRODUCTION A brief overview on the Dog gateway, starting from the design

T he Dog Gateway A SHORT INTRODUCTION A brief overview on the Dog gateway, starting from the design principles and going deep into the gateway architecture and modules, with some application sample http://dog-gateway.github.io/ WIRELESS

576 views • 30 slides
June 28, 2018 Components of the Evaluation Assess both the implementation of interventions at

June 28, 2018 Components of the Evaluation Assess both the implementation of interventions at

NYU School of Medicine EVALUATION OF THE NEW YORK STATE HEALTHY NEIGHBORHOOD FUND INITIATIVE Beth Weitzman, PhD Paul Tainsh, AM, MPA NYU Evaluation Team June 28, 2018 Components of the Evaluation Assess both the implementation of

513 views • 20 slides
The Southern Gateway The Southern Gateway Metropolitan Memphis A vital gateway for moving

The Southern Gateway The Southern Gateway Metropolitan Memphis A vital gateway for moving

The Southern Gateway The Southern Gateway Metropolitan Memphis A vital gateway for moving people and freight Home to critical transportation infrastructure Railroads, Airport, Inland Port, Interstates Four Mississippi River Bridge

405 views • 19 slides
API Gateway API Gateway Gateway ESB At present tooling for API

API Gateway API Gateway Gateway ESB At present tooling for API

API Gateway API Gateway Gateway ESB At present tooling for API gateways is achingly immature and so while defining applications with API gateways is possible its most definitely not for the

416 views • 22 slides
User Interface Evaluation Empirical evaluation Heuristic evaluation 1 CS 349 - UI evaluation

User Interface Evaluation Empirical evaluation Heuristic evaluation 1 CS 349 - UI evaluation

User Interface Evaluation Empirical evaluation Heuristic evaluation 1 CS 349 - UI evaluation When does UI evaluation happen? Design Testing and Implementation Development evaluation Testing 2 CS 349 - UI evaluation Types of tests

820 views • 20 slides
R T L INVESTING IN THE GATEWAY TO THE CONSUMER I N D E X WHY RTL INDEX? GATEWAY TO THE

R T L INVESTING IN THE GATEWAY TO THE CONSUMER I N D E X WHY RTL INDEX? GATEWAY TO THE

R T L INVESTING IN THE GATEWAY TO THE CONSUMER I N D E X WHY RTL INDEX? GATEWAY TO THE CONSUMER The storefront is the gateway to the consumer with commercial real estate serving as an ideal medium for connecting with established shoppers and

447 views • 18 slides
SoK: P a Platform for Evaluation, Implementation, and Generation of S-boxes

SoK: P a Platform for Evaluation, Implementation, and Generation of S-boxes

SoK: P a Platform for Evaluation, Implementation, and Generation of S-boxes Zhenzhen Bao Jian Guo San Ling Yu Sasaki FSE 2019 March 27, 2019 @ Paris, France 1/67 Outline Introduction On Security On Implementation

1.13k views • 67 slides
Campus Gateway Project Spring 2017 Planning Studio May 10th, 2017 Identified Potential Gateway

Campus Gateway Project Spring 2017 Planning Studio May 10th, 2017 Identified Potential Gateway

Campus Gateway Project Spring 2017 Planning Studio May 10th, 2017 Identified Potential Gateway Sites Impact Threshold Likelihood of remaining a gateway VCU Campus IDENTITY Gateway Project Implement gateway elements that expand the

725 views • 44 slides
CARER GATEWAY PRESENTATION 2020 carergateway.gov.au Carer Gateway is the national service

CARER GATEWAY PRESENTATION 2020 carergateway.gov.au Carer Gateway is the national service

CARER GATEWAY PRESENTATION 2020 carergateway.gov.au Carer Gateway is the national service Carers, funded by the Australian Government. It includes: Carer A website with information and advice Phone or online services Gateway

488 views • 14 slides
The Residential Gateway Agenda What is a Residential gateway (RG)? Phased deployment of

The Residential Gateway Agenda What is a Residential gateway (RG)? Phased deployment of

The Residential Gateway Agenda What is a Residential gateway (RG)? Phased deployment of RGs Types of RGs and their evolution Middleware Summary Home Networking - Four Aspects Distribution of information (audio, video, data)

549 views • 52 slides
Qualitative Evaluation of the VHA Telegenomics Clinic Implementation Process VA Boston Center

Qualitative Evaluation of the VHA Telegenomics Clinic Implementation Process VA Boston Center

Qualitative Evaluation of the VHA Telegenomics Clinic Implementation Process VA Boston Center for Healthcare Organization & Implementation Research (CHOIR) Barbara Lerner, PhD, MS (PI) Nathalie McIntosh, PhD Mark Meterko, PhD

498 views • 26 slides
for STB and Home Gateway How could STB and Home Gateway manufacturers add value to their products

for STB and Home Gateway How could STB and Home Gateway manufacturers add value to their products

Media Network Solutions for STB and Home Gateway How could STB and Home Gateway manufacturers add value to their products and services? Companies aspire to provide services that meet their client`s needs. They try to offer a smart solution to

331 views • 17 slides
JOINT DEVELOPMENT AND IMPLEMENTATION ADVISORY WORKGROUP SUMMARY FINDINGS - EVALUATION MARCH 3,

JOINT DEVELOPMENT AND IMPLEMENTATION ADVISORY WORKGROUP SUMMARY FINDINGS - EVALUATION MARCH 3,

JOINT DEVELOPMENT AND IMPLEMENTATION ADVISORY WORKGROUP SUMMARY FINDINGS - EVALUATION MARCH 3, 2017 BACKGROUND/CONTEXT An evaluation survey was sent out to all members of the JDI Advisory Workgroup to: Evaluate the implementation of the

211 views • 17 slides
Optimal Gateway Selection in Multi-domain Wireless Networks: A Potential Game Perspective Yang

Optimal Gateway Selection in Multi-domain Wireless Networks: A Potential Game Perspective Yang

1. Motivation 2. Gateway Selection Game 3. Equilibrium Selection Learning 4. Evaluation 5. Conclusions Optimal Gateway Selection in Multi-domain Wireless Networks: A Potential Game Perspective Yang Song, Starsky H.Y. Wong, and Kang-Won Lee

901 views • 51 slides
TTN IN PRACTICE TTN: APP AND GATEWAY TTN: GATEWAY TTN: GATEWAY TTN: GATEWAY SINGLE CHANNEL

TTN IN PRACTICE TTN: APP AND GATEWAY TTN: GATEWAY TTN: GATEWAY TTN: GATEWAY SINGLE CHANNEL

TTN IN PRACTICE TTN: APP AND GATEWAY TTN: GATEWAY TTN: GATEWAY TTN: GATEWAY SINGLE CHANNEL GATEWAY 70 euro RPi+board No enclosure Single Channel 8 CHANNELS GTW 500-1500 euro Enclosure 8 Channels 8 CHANNELS GTW 200-300 euro No

572 views • 38 slides
Being Visible on ICN Gateway 4 February 2020 Agenda Today 1. Learn about ICN Gateway the

Being Visible on ICN Gateway 4 February 2020 Agenda Today 1. Learn about ICN Gateway the

Being Visible on ICN Gateway 4 February 2020 Agenda Today 1. Learn about ICN Gateway the portal for Inland Rail expressions of interest (EOI) and a wide range of other project opportunities in NSW 2. Understand the EOI process and how to

461 views • 28 slides
Evaluation of Zero Suicide Implementation in Community Mental Health Agencies Tom Delaney, PhD

Evaluation of Zero Suicide Implementation in Community Mental Health Agencies Tom Delaney, PhD

Evaluation of Zero Suicide Implementation in Community Mental Health Agencies Tom Delaney, PhD June 5, 2017 Learning Objectives Following this presentation, attendees will be able to: Describe the evaluation of the Zero Suicide approach

406 views • 22 slides
ARCTIC GATEWAY GROUP Overview April 8, 2019 1 Natural Resources Corridor: Arctic Gateway The

ARCTIC GATEWAY GROUP Overview April 8, 2019 1 Natural Resources Corridor: Arctic Gateway The

ARCTIC GATEWAY GROUP Overview April 8, 2019 1 Natural Resources Corridor: Arctic Gateway The Arctic Gateway Group is owned by: First Nations and Bayline Communities Fairfax Financial AGT Foods Building a Natural Resources Gateway

532 views • 28 slides
Evaluation of the Implementation of an Abstract Interpretation Algorithm using Tabled CLP n

Evaluation of the Implementation of an Abstract Interpretation Algorithm using Tabled CLP n

ICLP19 Las Cruces, September 22, 2019 Evaluation of the Implementation of an Abstract Interpretation Algorithm using Tabled CLP n Arias 1 , 2 Manuel Carro 1 , 2 Joaqu 1 IMDEA Software Institute, 2 Universidad Polit ecnica de Madrid

468 views • 42 slides
Invitation to Onboard Parents Gateway Mr Leslie Tan HOD ICT What is Parents Gateway? A digital

Invitation to Onboard Parents Gateway Mr Leslie Tan HOD ICT What is Parents Gateway? A digital

Invitation to Onboard Parents Gateway Mr Leslie Tan HOD ICT What is Parents Gateway? A digital platform (by MOE and GovTech) to bring greater convenience to parents to perform simple administrative functions and receive relevant information

538 views • 18 slides
Design, Implementation, and Evaluation of Secure Cyber-Physical and Wireless Systems Daniele

Design, Implementation, and Evaluation of Secure Cyber-Physical and Wireless Systems Daniele

PhD Thesis Defense 2019 @ SUTD Design, Implementation, and Evaluation of Secure Cyber-Physical and Wireless Systems Daniele Antonioli Singapore University of Technology and Design (SUTD) Daniele Antonioli Design, Implementation, and Evaluation

1.12k views • 77 slides
Media Gateway Control and the Softswitch Architecture Chapter 6 Introduction Voice over IP

Media Gateway Control and the Softswitch Architecture Chapter 6 Introduction Voice over IP

Media Gateway Control and the Softswitch Architecture Chapter 6 Introduction Voice over IP Lower cost of network implementation Integration of voice and data applications New service features Reduced bandwidth Replacing

664 views • 55 slides
Partial Evaluation Based CPS Transformation: An Implementation Case Study Rajesh Jayaprakash

Partial Evaluation Based CPS Transformation: An Implementation Case Study Rajesh Jayaprakash

Partial Evaluation Based CPS Transformation: An Implementation Case Study Rajesh Jayaprakash Tata Consultancy Services Chennai, India Overview Preliminaries Partial evaluation CPS Optimization of Nave CPS Transformation

509 views • 39 slides

More recommend