NAT Traversal

NAT traversal is a general term for techniques that establish and maintain Internet protocol connections traversing network address translation (NAT) gateways. Network address translation breaks end-to-end connectivity. Intercepting and modifying traffic can only be performed transparently in the absence of secure encryption and authentication. NAT traversal techniques are typically required for client-to-client networking applications, especially peer-to-peer and Voice over IP (VoIP) deployments. Many techniques exist, but no single method works in every situation since NAT behavior is not standardized. Many NAT traversal techniques require assistance from a server at a publicly routable IP address. Some methods use the server only when establishing the connection, while others are based on relaying all data through it, which adds bandwidth costs and increases latency, detrimental to real-time voice and video communications.

Most NAT behavior-based techniques bypass enterprise security policies. Enterprise security experts prefer techniques that explicitly cooperate with NAT and firewalls, allowing NAT traversal while still enabling marshalling at the NAT to enforce enterprise security policies. From this point of view, the most promising IETF standards are Realm-Specific IP (RSIP) and Middlebox Communications (MIDCOM).

SOCKS, the oldest NAT traversal protocol, is still widely available. In home or small office settings, Universal Plug and Play (UPnP) is supported by most small NAT gateways. NAT-T is commonly used by IPsec virtual private network clients in order to have Encapsulating Security Payload packets traverse NAT.

Read more about NAT TraversalThe NAT Traversal Problem, NAT Traversal and IPsec, IETF References

Other articles related to "nat traversal, traversal, nat":

Internet Key - Architecture - Improvements With IKEv2
... three RFCs, more if one takes into account NAT traversal and other extensions that are in common use ... IKEv2 combines these in one RFC as well as making improvements to support for NAT traversal and firewall traversal in general ... NAT traversal The encapsulation of IKE and ESP in UDP port 4500 enables these protocols to pass through a device or firewall performing NAT ...
NAT Traversal - IETF References
... RFC 1579 - Firewall Friendly FTP RFC 2663 - IP Network Address Translator (NAT) Terminology and Considerations RFC 2709 - Security Model with Tunnel-mode IPsec for NAT Domains ...
KPhone - Application
... Own ring tones or "ring music" NAT-traversal and STUN support Supported sound systems ALSA and OSS SRTP encryption for voice Presence information Call Hold Call transfer Call forwarding ... KPhone itself supports STUN for NAT traversal ... Tools do not support symmetric signalling,so NAT-Traversal is not possible with these tools ...
TCP Hole Punching
... TCP hole punching is a commonly used NAT traversal technique, for sending 2-way messages between nodes in an Internet computer network ... The term "NAT traversal" is a general term for techniques that establish and maintain TCP/IP network and/or TCP connections traversing network-address-t ... NAT traversal techniques are typically required for client-to-client networking applications, especially peer-to-peer and Voice-over-IP (VoIP) deployments ...

Famous quotes containing the word nat:

    I have swich love-longinge,
    That lik a turtle trewe is my moorninge:
    I may nat ete namore than a maide.”
    Geoffrey Chaucer (1340?–1400)