 |
|
|
|
以作者查詢圖書館館藏 、以作者查詢臺灣博碩士 、以作者查詢全國書目 、勘誤回報 、線上人數:7 、訪客IP:18.227.190.93
姓名 蔡勝全(Sheng-Quan Tsai) 查詢紙本館藏 畢業系所 通訊工程學系 論文名稱 隨機指定埠號對稱式網址轉換器穿透之研究
(A Study of P2P Traversal through Symmetric NAT with Random Port Assignment)相關論文 檔案 [Endnote RIS 格式]
[相關文章]
[文章引用]
[完整記錄]
[館藏目錄]
[檢視]
- 本電子論文使用權限為同意立即開放。
- 已達開放權限電子全文僅授權使用者為學術研究之目的,進行個人非營利性質之檢索、閱讀、列印。
- 請遵守中華民國著作權法之相關規定,切勿任意重製、散佈、改作、轉貼、播送,以免觸法。
摘要(中) 隨著網際網路的日益普及,網路的相關技術也越來越日新月異。又因為使用網路的使用者數量日漸增加,IPv4網址數量不敷使用,在IPv6普及使用之前,使用少數網址即可讓多數使用者可以正常連線上網的網址轉換器(NAT)便成為一項必要的網路設備;也因為網址轉換器使得外部使用者無法真正得知網址轉換器內確切使用者的情形,使得網址轉換器也兼具了防火牆的網路安全功能。
但不幸的是,因為網址轉換器的發展初期並未有一定的標準及規格,使得網址轉換器的製造商各說各話,製造了各種不同類型的機器。使得使用網址轉換器造成很多網路應用程式的不便。例如:端點對端點的網路應用,像是語音網路電話及網路連線遊戲。因此在需要兼具網路安全性及網路通透性的情形下,要達到直接點對點連線的穿透網址轉換器的技術也變得相當重要。
目前來說,研究網址轉換器的穿透研究都著重在最一般的網址轉換器類型,也就是所謂的錐形的網址轉換器(cone type NAT)。以STUN及TURN為主要的穿透技術基礎,但STUN技術對於對稱式網址轉換器並無法穿透,而TURN則是會對中間轉送的伺服器造成很高的負擔。在錐型的網址轉換器及對稱式網址轉換器的穿透研究裡,目前只能穿透錐型及其中一種對稱式依序增加對外埠號的網址轉換器,以事先預測出下一個使用的埠號來做穿透;而對於亂數選定對外埠號的網址轉換器則還是只能用中繼轉送伺服器來解決。
本篇論文提出一個基於前人研究中,可以穿透一般的錐形網址轉換器及依序增加埠號的對稱式網址轉換器的最佳解法,再加上本文所提出的方法去針對對外埠號亂數選定的對稱式網址轉換器作直接的點對點穿透,進而達到穿透所有市面上所有類型的網址轉換器的目標。使網路應用程式可以使用本方法達到原本應該有的端點到端點的原則(End-to-end principle),使網路達到可靠的特性並兼顧到原本網址轉換器的網路安全跟成本方面的優點。
本論文使用C語言撰寫程式碼,再配合Linux作業系統環境及數家廠牌型號的網址轉換器來做測試。研究結果發現本方法的確是可以穿透各種網址轉換器,尤其是目前都無解的對外埠號亂數選定的網址轉換器。相信日後再將本文提出的解法結合其他網路應用程式,可以使網路更通透便利及網路安全。摘要(英) As the Internet has been pervasively used these days, the relative technology has also been developed day by day. For the number of users who use the Internet increasing gradually, the number of IPv4 becomes too few to use. So far the Network Address Translator (NAT) which makes many users use Internet with fewer or one static public IP address becomes necessary network equipment until IPv6 becomes universal. The NAT makes external users unable to know the real situation of its internal users, it therefore functions like firewall.
Unfortunately, there was no standard or specification when making NAT in early times. Therefore, manufactures made many types of NAT in their own way and it obstructed many Internet applications such as peer-to-peer Internet applications. Hence it is important to achieve the goal of NAT traversal with point to point connection directly under the condition of both security and network permeability.
The present studies of NAT traversal are focused on the commonest cone type of NAT type which has the biggest market share. There are two basic techniques of NAT traversal which are STUN (Simple Traversal of UDP through NAT) and TURN (Traversal Using Relay NAT). STUN cannot traversal symmetric NAT and TURN would cause high loading on relay server. Except for cone type NAT has been solved, symmetric NAT which assigned outgoing port number increase by sequence has been traversal successfully by predicting next possible outgoing port number. It still exists one type of symmetric NAT which assign outgoing port randomly has not been traversal directly except for using relay server. This paper is intended traversal the symmetric NAT with random port assignment directly.
This research will indicate a reasonable and flexible solution which can establish direct connection between each type of NAT, especially symmetric NATs with random port assignment. The proposed method of this paper will achieve a reliable network. It takes into account the characteristics of the NATs which are the Internet security and cost advantages.
In this research, the test environment includes Linux Fedora 8, C program and various brands of NATs. As the result, the proposed method can traverse all types of NATs, though symmetric NAT with random port assignment which has not obtained any of it. Plus, it will efficiently facilitate Internet fluency and safety of Internet with integration of other Internet applications.關鍵字(中) ★ 穿透
★ 隨機埠號
★ 網址轉換器關鍵字(英) ★ random port
★ traversal
★ NAT論文目次 摘 要 ................................................................................................................................... ii
Abstract ................................................................................................................................... iv
誌 謝 .................................................................................................................................. vi
目 錄 ................................................................................................................................. vii
圖 目 錄 .................................................................................................................................. ix
表 目 錄 .................................................................................................................................. xi
1. Introduction .......................................................................................................................... 1
1-1 Background ..................................................................................................................... 1
1-2 Problem Description ........................................................................................................ 2
1-3 Proposed Method ............................................................................................................ 3
1-4 Thesis Organization ......................................................................................................... 4
2.Review .................................................................................................................................... 5
2-1 Basic functions of the NATs ............................................................................................ 5
2-2 Types of NAT .................................................................................................................. 6
2-3 Present techniques of NAT traversal ............................................................................. 11
2-3-1 Static Mapping (Manual Configuration) .................................................................. 11
2-3-2 STUN ....................................................................................................................... 12
2-3-3 TURN ....................................................................................................................... 14
2-3-4 UDP Hole Punching ................................................................................................. 15
2-3-5 ALG ......................................................................................................................... 17
2-3-6 ICE and Other Similar Methods .............................................................................. 18
2-3-7 Tunneling, VPN ....................................................................................................... 19
2-3-8 MIDCOM ................................................................................................................. 20
2-3-9 UPnP ........................................................................................................................ 21
2-3-10 NATBLASTER ...................................................................................................... 22
2-3-11 P2PNAT ................................................................................................................. 24
2-3-12 UDP Multi Hole Punching ..................................................................................... 25
2-3-13 PS-STUN ............................................................................................................... 28
2-3-14 STUNT ................................................................................................................... 28
2-4 Comparison with Present Methods ............................................................................... 33
3.Proposed Technique ............................................................................................................. 36
3-1 The Existing Problems .................................................................................................. 36
3-2 Experiment Architecture ............................................................................................... 38
3-3 Proposed process ........................................................................................................... 38
3-4 Environment .................................................................................................................. 43
3-5 Flow Chart ..................................................................................................................... 47
4.Experimental Demonstration ............................................................................................. 49
4-1 Testing Results .............................................................................................................. 49
4-2 Further Investigation ..................................................................................................... 53
5.Conclusion ............................................................................................................................ 55
6.References ............................................................................................................................. 56參考文獻 [1]
Saikat Guha, Yutaka Takeda, and Paul Francis. NUTSS: A SIP-based Approach to UDP and TCP Network Connectivity. In SIGCOMM 2004 Workshops, August 2004.
[2]
Saikat Guha and Paul Francis. Characterization and Measurement of TCP Traversal through NATs and Firewalls. In Proceedings of the 2005 Internet Measurement Conference(New Orleans, LA, Oct. 2005)
[3]
Bryan Ford, Pyda Srisuresh, and Dan Kegel. Peer-to-Peer Communication Across Network Address Translators. In Proceedings of the 2005 USENIX Annual Technical Conference(Anaheim, CA, Apr. 2005)
[4]
Rosenberg, J., Weinberger, J., Huitema, C., Mahy, R. RFC 3489:STUN—Simple Traversal of UDP Through NATs, Mar. 2003
[5]
Dan Kegel. NAT and peer-to-peer networking, July 1999. http://www.alumni.caltech.edu/˜dank/peer-nat.html.
[6]
Newrong Inc. NAT traversal SDK.
http://www.newrong.com/en/product/index.html
[7]
Andrew Biggadike, Daniel Ferullo, Geoffrey Wilson, and Adrian Perrig. NATBLASTER: Establishing TCP connections between hosts behind NATs. In ACM SIGCOMM Asia Workshop, Beijing, China, April 2005
[8]
J. Roseenberg, R. Mahy and C. Huitema, Traversal Using Relay NAT (TURN), draft-rosenberg-MIDCOM-turn-08, September 2005
[9]
Yuan Wei, Symmetric NAT に対するUDP Multi Hole Punching の技法A New Method for Symmetric NAT Traversal with UDP Multi Hole Punching. 2006
[10]
J. Rosenberg. Interactive connectivity establishment (ICE), October 2003. Internet-Draft (Work in Progress).
[11]
Yong Wang, Zhao Lu, Junzhong Gu, Research on Symmetric NAT Traversal in P2P applications, ICCGI’ 2006
[12]
SoftEther. http://www.softether.com/jp/
[13]
Behavior Engineering for Hindrance Avoidance (BEHAVE) http://www.ietf.org/html.charters/behave-charter.html
[14]
Jeffrey L. Eppinger. TCP Connections for P2P Apps: A Software Approach to Solving NAT Problem. Technical Report CMU-ISRI-05-104, Carnegie Mellon University, January 2005.
[15]
Salman A. Baset and Henning G. Schulzrinne. An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol. In Proceedings of the INFOCOM ’06 (Barcelona, Spain, Apr. 2006)
[16]
Newport Networks Ltd., NAT Traversal for Multimedia over IP, 2006
http://www.newport-networks.com/cust-docs/33-NAT-Traversal.pdf
[17]
POSTEL, J. RFC 761: DoD standard Transmission Control Protocol, Jan. 1980.
[18]
UPnP forum.
http://www.upnp.org/ http://www.upnp.org/standardizeddcps/igd.asp
[19]
Bryan Ford, Pyda Srisuresh, and Dan Kegel. Peer-to-Peer Communication across middleboxes. Internet Draft, April 2004.
[20]
:K. Egevang, Cray Communications, P. Francis. RFC 1631The IP Network Address Translator (NAT), May 1994.
[21]
S. Baset and H. Schulzrinne. An analysis of the Skype Peer-to-Peer Internet Telephony Protocol. Technical Report CUCS-039-04, Computer Science Department, Columbia
University, New York, NY, Sep 2004.
Official Website of Skype. http://www.skype.com/intl/en/welcomeback/指導教授 許獻聰(Shiann-Tsong Sheu) 審核日期 2008-7-22 推文 plurk
funp
live
udn
HD
myshare
netvibes
friend
youpush
delicious
baidu
網路書籤 Google bookmarks
del.icio.us
hemidemi
facebook
twitter
google
reddit