IP Mobility Support for Virtual Private Networks

2.2. NETWORK ADDRESS TRANSLATION 9 When A does not require to communicate with B anymore, or other external hosts, after a timeout N sets A-PubAddr as free and it will be possible to associate it with new connection. By modifying addresses for incoming and outgoing packets, NAT per- mits the otherwise impossible communication between the two realms. Each translation has to be remembered in order to correctly modify all the subse- quent traffic. But leveraging on address modification is also the main NAT disadvantage, since it violates the end-to-end nature of the Internet con- nectivity. Because of this, NAT disrupts protocols requiring or enforcing end-to-end integrity of the packets, and the coexistence with such protocols is not always painless. 2.2.2 Basic functionalities There are different typologies of NAT but all the “flavors” should share the following characteristics. 1. Transparent address assignment NAT assigns addresses to internal hosts to let them communicate with the extern. It is possible either a static or a dynamic assignment. With the static the state of the NAT is a fixed “lookup table”. In the dynamic assignment the address is assigned as soon as the host requires a communication. The address is released when it is no more necessary for the communication. 2. Transparent routing through address translation Routing here refers to forwarding packets and not exchanging routing information. A NAT routes a datagram between disparate address realms, by modifying address content in the IP header to be valid in the address realm into which the datagram is routed. 3. ICMP error packet payload translation All ICMP error messages will need to be modified, when passed trough NAT. Note that the modification involves all the message as it includes many IP addresses dependent information. For a detailed list about what is modified and what is not, please refer to section 3.3 of [5]. 2.2.3 Application Level Gateway The NAT function cannot by itself support all applications; if an application uses IP addresses as a part of its protocol, NAT cannot simply be imple- mented as is. It is necessary to support NAT work with an Application Level

Tesi di Laurea

Facoltà: Ingegneria

Autore: Francesco Trotta Contatta »

Composta da 152 pagine.


