internet technology
play

Internet Technology 15. VoIP, NAT Traversal, and auto configuration - PowerPoint PPT Presentation

Dec 31, 2023 •213 likes •651 views

Internet Technology 15. VoIP, NAT Traversal, and auto configuration Paul Krzyzanowski Rutgers University Spring 2016 1 Session Initiation Protocol (SIP) Dominant protocol for Voice over IP (VoIP): RFC 3261 Allows a call to be

  1. Internet Technology 15. VoIP, NAT Traversal, and auto configuration Paul Krzyzanowski Rutgers University Spring 2016 1

  2. Session Initiation Protocol (SIP) • Dominant protocol for Voice over IP (VoIP): RFC 3261 • Allows a call to be established between multiple parties – Notify a callee of a call request – Agree on media encodings – Allow a participant to end the call – Determine IP address of callee • No assumption on the callee having a fixed IP address – Add new media streams, change encoding, add/drop participants • Messages are HTTP style (line-oriented text) using UDP or TCP Caller Callee 2

  3. Proxies • SIP proxy server – Helps route requests – Forwards requests to one or more destinations and sends responses to the requester – Contacts remote registrar to look up addresses – Often run on the same server as a registrar • Usually a proxy at each SIP domain 3

  4. Registration • A user’s SIP address is an IP address & port number – In many cases, this changes over time • Registration – When a phone is switched on (or phone software is run) – A registration process takes place – Registrations expire, so re-register periodically • Location Server – Stores a mapping between the user’s address and the address of their phone • user’s address = Address of Record (AOR): sip:alice@sip.rutgers.edu • SIP Registrar: – Accepts REGISTER requests and interacts with the Location Server • SIP proxy, registrar, & location server normally run on the same system 4

  5. SIP Example proxy.rutgers.edu proxy.mit.edu Alice Bob • Alice wants to call bob@sip.mit.edu • She sends an INVITE message to her proxy server – HTTP-style – Identifies destination: Bob ( bob@sip.mit.edu ) – Specifies: • Alice’s current IP address • Media type (e.g., PCM-encoded audio via RTP) • Port on which she’d like to receive the message 5

  6. SIP Example proxy.rutgers.edu proxy.mit.edu INVITE Alice Bob • Alice’s SIP proxy server needs to look up bob@sip.mit.edu – Uses DNS to look up Bob’s SIP server ( NAPTR and/or SVR records) – Forwards the Alice’s INVITE to Bob’s SIP proxy – Tells Alice that it’s TRYING to contact the party NAPTR = Name Authority Pointer – designed to get a list of protocols and regular expression rewrite rule to create a SIP URN SVR = Service Record – designed to map service names to hostname:port 6

  7. SIP Example registrar.mit.edu proxy.rutgers.edu proxy.mit.edu Alice Bob • Routing – SIP INVITE requests are sent from proxy to proxy until it reaches one that knows the location of the callee – A Proxy may respond with a REDIRECT message 7

  8. SIP Example proxy.rutgers.edu proxy.mit.edu TRYING Alice Bob • Bob’s proxy server – Forwards the INVITE to Bob’s phone – Tells Alice’s proxy server that it’s trying to reach Bob 8

  9. SIP Example proxy.rutgers.edu proxy.mit.edu RINGING Alice Bob • Bob’s phone gets the INVITE message – Starts ringing – Sends RINGING response 9

  10. SIP Example proxy.rutgers.edu proxy.mit.edu 200 OK Alice Bob • Bob can accept or decline the call – If he accepts it, the INVITE is acknowledged with a 200 OK – INVITE feedback is propagated back to Alice 10

  11. SIP Example proxy.rutgers.edu proxy.mit.edu ACK Alice Bob media • Now Alice & Bob talk point-to-point – Alice sends an ACK to confirm setup – Both sides exchange media streams (usually RTP) 11

  12. SIP Example proxy.rutgers.edu proxy.mit.edu BYE OK Alice Bob • To disconnect, one party sends a BYE message • The other side confirms with a 200 OK • SIP is an out-of-band protocol – SIP messages are sent on different sockets than media data – All messages are acknowledged, so either TCP or UDP can be used

  13. NAT Traversal 13

  14. NAT traversal & why do we need it? • Remember NAT? – Private IP addresses – NAT gateway (usually on a gateway router) • Translates between internal addresses/ports & external ones • It’s awesome! – Cut down on lots of wasted addresses – usually, you need just one • But it breaks end-to-end connectivity! – What if you want to contact a service behind NAT? – Consider two VoIP clients that want to communicate – No foolproof solution 14

  15. NAT: This is easy from 192.168.60.153:1211 from 68.36.210.57:21199 NAT Gateway 192.168.60.153 68.36.210.57 192.168.60.155 Translation Table Inside Outside 192.168.60.153:1211 68.36.210.57:21199 15

  16. NAT: This is tricky where? NAT NAT Gateway Gateway 192.168.60.153 10.1.1.22 192.168.60.155 10.1.1.33 16

  17. NAT Traversal Techniques 17

  18. Relay all messages • Hosts A & B want to communicate • Have an Internet-accessible proxy, P • A connects to P and waits for messages on the connection • B talks to P; P relays messages to A • Most reliable but not very efficient – Extra message relaying – Additional protocols needed (e.g., B needs to state what it wants) – Proxy can become a point of congestion (network links & CPU) 18

  19. Relay all messages Relay Public IP accessible NAT NAT A B 19

  20. Connection reversal • B wants to connect to A – But A is behind a NAT • Somehow get B to send a message to A, – Ask A to open a connection to B • Two approaches – Relay the request via a server (but A must be connected to the server) – As with passive FTP Assume an existing connection exists between A & B and ask for a new one 20

  21. Connection reversal Use a server for sending only connection requests Connection server ② Connection request ③ Forwarded request Prior connection setup: ① Listen for requests NAT A B ④ Connection 21

  22. Connection reversal B wants to talk to A Existing connection between A & B (set up by B) New connection request Existing connection NAT A B 22

  23. UDP hole punching • Hosts A & B want to communicate • Have an Internet-accessible rendezvous server, S • Host A sends a message to S – That sets up a NAT translation on A’s NAT gateway – S now knows the external host & port • Host B sends a message to S – That sets up a NAT translation on B’s NAT gateway – S also knows the external host & port on B • S tells B: talk on A’s IP address & port • S tells A: talk to B’s IP address & port 23

  24. UDP hole punching Server Send a message to Send a message to establish a NAT mapping (hole) establish a NAT mapping (hole) NAT NAT A B 24

  25. UDP hole punching Server Send a message to Send a message to establish a NAT mapping (hole) establish a NAT mapping (hole) NAT NAT A B Translation Table Translation Table Inside Outside Inside Outside 192.168.60.153:1211 68.36.210.57:21199 172.20.20.15.6:8045 128.6.4.2:18731 25

  26. UDP hole punching Server Reach B at Reach A at 128.6.4.2:18731 68.36.210.57:21199 NAT NAT A B Translation Table Translation Table Inside Outside Inside Outside 192.168.60.153:1211 68.36.210.57:21199 172.20.20.15.6:8045 128.6.4.2:18731 26

  27. UDP hole punching Server Communicate directly via the holes NAT NAT A B Translation Table Translation Table Inside Outside Inside Outside 192.168.60.153:1211 68.36.210.57:21199 172.20.20.15.6:8045 128.6.4.2:18731 27

  28. TCP hole punching • Same principle (tell other host of your address:port) – BUT – Use TCP Simultaneous Open • Both hosts will try to connect to each other • Each NAT creates a translation rule • At least one of the SYN messages during connection set up will go through the NAT translation on the other side – The remote side will send a SYN-ACK – Need to re-use the same port # that the remote side knows about • Socket option to reuse an address: SO_REUSEADDR – Not guaranteed to work with all NAT systems 28

  29. NAT Traversal Protocols 30

  30. STUN • Session Traversal Utilities for NAT; RFC 5389 – Allows clients to discover whether they are in a NAT environment • Discover public IP address • Send a message to a STUN server on the Internet • STUN server returns the source IP address and port number – A client can share this external address/port • If both peers are behind NAT, they will need to find a way to share this information Hole punching 31

  31. TURN • Traversal Using Relays around NAT; RFC 5766 – Protocol that uses a relay server Relay 32

  32. TURN TURN server: Relay-based protocol • .155 connects to a TURN server • Informs the server which locations it should accept packets from • Gets an IP address & port allocated by the TURN server to use as a relay NAT NAT Gateway Gateway 192.168.60.153 10.1.1.22 192.168.60.155 10.1.1.33 TURN relay 33

  33. TURN TURN server: STUN server with relay capabilities • .33 contacts the TURN relay, which relays its external host:port to .155 NAT NAT Gateway Gateway 192.168.60.153 10.1.1.22 192.168.60.155 10.1.1.33 TURN relay 34

  34. ICE • Interactive Connectivity Establishment; RFC 5245 – Coordinates whether to use STUN or TURN – Protocol to negotiate NAT traversal • Discover presence of NAT on either side • Exchange information • Discover how to establish a connection – Choose STUN or TURN – Extension to SIP (but can be used by other protocols) 35

  35. Zero Configuration Networking 36

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Internet Science and Technology Internet Science and Technology MSc program (now) / track within

Internet Science and Technology Internet Science and Technology MSc program (now) / track within

Internet Science and Technology Internet Science and Technology MSc program (now) / track within CS (soon) about all aspects of communication networks and cyber-physical systems: from fundamental technology to application; all kinds of

800 views • 24 slides
Policy and Technology Drivers in Policy and Technology Drivers in the Internet of Things the

Policy and Technology Drivers in Policy and Technology Drivers in the Internet of Things the

Policy and Technology Drivers in Policy and Technology Drivers in the Internet of Things the Internet of Things Grald Santucci Head of Unit Networked enterprise & Radio Frequency Identification (RFID) Internet of Things 2008, Zurich

732 views • 28 slides
The History of the Internet Presented by the St. Martins Episcopal Technology Department

The History of the Internet Presented by the St. Martins Episcopal Technology Department

The History of the Internet Presented by the St. Martins Episcopal Technology Department Agenda Internet History Internet Evolution Internet Pioneers Internet Growth The Future of the Internet Conclusion

540 views • 24 slides
Internet and Web Based Technology http://144.16.192.60/~isg/IWT/ About the Course I will be

Internet and Web Based Technology http://144.16.192.60/~isg/IWT/ About the Course I will be

Internet and Web Based Technology http://144.16.192.60/~isg/IWT/ About the Course I will be covering half the course (2 hours / week) Tuesday 9:30 AM 11:25 AM Topics to be covered How Internet works, HTML, HTTP, CGI scripts,

1.74k views • 142 slides
SOCI 210: Sociological Perspectives Nov. 24 1. Science, technology, and society 2. The Internet as

SOCI 210: Sociological Perspectives Nov. 24 1. Science, technology, and society 2. The Internet as

SOCI 210: Sociological Perspectives Nov. 24 1. Science, technology, and society 2. The Internet as equalizer / The Internet as divider 3. Interaction and identity online 1 Internet as Equalizer 2 Communication technology Technologies

628 views • 17 slides
1 Internet Email Internet Commercialization SMTP is Internet Email protocol Rapid and

1 Internet Email Internet Commercialization SMTP is Internet Email protocol Rapid and

Background of Chapter Software Infrastructure of the Commercializing Internet Not finished Mostly journalistic Recounting of basic events from secondary sources Focus on interplay between technology and business models Thomas

463 views • 3 slides
Ali Kamandi Spring 2007 kamandi@sharif.edu Sharif University of Technology Internet History

Ali Kamandi Spring 2007 kamandi@sharif.edu Sharif University of Technology Internet History

Ali Kamandi Spring 2007 kamandi@sharif.edu Sharif University of Technology Internet History Internet Evolution Internet Pioneers Internet Growth Conclusion 1836 Telegraph invented by Cooke and Wheatstone Morse code to

591 views • 37 slides
THE INTERNET IS FOR EVERYONE Join us to keep the Internet open, thriving, and benefitting people

THE INTERNET IS FOR EVERYONE Join us to keep the Internet open, thriving, and benefitting people

THE INTERNET IS FOR EVERYONE Join us to keep the Internet open, thriving, and benefitting people around the globe. Conference on Global Internet Interconnection Center for Information Technology Policy Princeton University 11 March 2016

517 views • 20 slides
Will FTTH be the Principal Technology for Very High Speed Internet Access? Rich Clarke Center

Will FTTH be the Principal Technology for Very High Speed Internet Access? Rich Clarke Center

Will FTTH be the Principal Technology for Very High Speed Internet Access? Rich Clarke Center for Applied Internet Data Analysis Assistant Vice President Workshop on Internet Economics AT&T Global Public Policy UCSD, La Jolla, CA

633 views • 6 slides
Technology, Apps and Parents Potenza, 23 24.01.2016 General facts about Internet and

Technology, Apps and Parents Potenza, 23 24.01.2016 General facts about Internet and

Technology, Apps and Parents Potenza, 23 24.01.2016 General facts about Internet and technology use in Romania Internet has become a mass phenomenon in Romania, the number of users raised 5 times in the past 10 years there are

457 views • 10 slides
Modern Internet architecture, technology & philosophy Advanced Internet Services Dept. of

Modern Internet architecture, technology & philosophy Advanced Internet Services Dept. of

1 2/23/15 AIS 2015 Modern Internet architecture, technology & philosophy Advanced Internet Services Dept. of Computer Science Columbia University Henning Schulzrinne Spring 2015 02/23/2015 2/23/15 AIS 2015 NETWORK EVOLUTION &

684 views • 56 slides
Internet Security Summary ITS335: IT Security Sirindhorn International Institute of Technology

Internet Security Summary ITS335: IT Security Sirindhorn International Institute of Technology

ITS335 Internet Security Internet Security Secure Email Internet Security Summary ITS335: IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 20 December 2015 its335y15s2l10,

450 views • 25 slides
Rethinking the Internet and the telecommunications market today Why the Internet just works

Rethinking the Internet and the telecommunications market today Why the Internet just works

Rethinking the Internet and the telecommunications market today Why the Internet just works Why the Internet just works Departure from the e2e M. Handley, BT Technology journal, 2006 Network neutrality Trilogy consortium

156 views • 13 slides
Modern Internet architecture, technology & philosophy Advanced Internet Services Dept. of

Modern Internet architecture, technology & philosophy Advanced Internet Services Dept. of

1 3/2/15 AIS 2015 Modern Internet architecture, technology & philosophy Advanced Internet Services Dept. of Computer Science Columbia University Henning Schulzrinne Spring 2015 03/02/2015 2 3/2/15 AIS 2015 Objectives Why do

459 views • 41 slides
No Yes Do you use the Internet to do homework? Do you use the Internet to follow your

No Yes Do you use the Internet to do homework? Do you use the Internet to follow your

No Yes Do you use the Internet to do homework? Do you use the Internet to follow your favourite team? Do you use the internet to watch music videos? Do you use the Internet to read the news? Do you use the Internet to play games? Shared

997 views • 51 slides
Winning back technology for people Whose interest should technology serve? Principle 1

Winning back technology for people Whose interest should technology serve? Principle 1

Winning back technology for people Whose interest should technology serve? Principle 1 Principle 2 The internet is an integral part of modern The internet is a global public resource that lifea key component in education, must remain

309 views • 19 slides
An End-to-End, Large-Scale Measurement of DNS-over-Encryption: How Far Have We Come? Chaoyi Lu ,

An End-to-End, Large-Scale Measurement of DNS-over-Encryption: How Far Have We Come? Chaoyi Lu ,

An End-to-End, Large-Scale Measurement of DNS-over-Encryption: How Far Have We Come? Chaoyi Lu , Baojun Liu, Zhou Li, Shuang Hao, Haixin Duan, Mingming Zhang, Chunying Leng, Ying Liu, Zaifeng Zhang, Jianping Wu The start of Internet activities.

721 views • 37 slides
Hands on Sara Dickinson Willem Toorop Hands on Overview What is the

Hands on Sara Dickinson Willem Toorop Hands on Overview What is the

Hands on Sara Dickinson Willem Toorop Hands on Overview What is the getdns API What can the getdns library do for you Guided tour of the API Examples uses (code!) Demo of Stubby (time permitting) but

945 views • 93 slides
1 Mail access protocols DNS: Domain Name System SMTP SMTP access Domain Name System: People:

1 Mail access protocols DNS: Domain Name System SMTP SMTP access Domain Name System: People:

FTP: separate control, data connections TCP control connection FTP client contacts FTP port 21 server at port 21, specifying TCP as transport protocol TCP data connection FTP, SMTP and DNS Client obtains authorization FTP FTP port

443 views • 3 slides
Hostnames IP Addresses are great for computers CSCE 515: IP address includes information

Hostnames IP Addresses are great for computers CSCE 515: IP address includes information

Hostnames IP Addresses are great for computers CSCE 515: IP address includes information used for routing. Computer Network IP addresses are tough for humans to remember. Programming IP addresses are impossible to guess. ------

219 views • 9 slides
Unbound & FreeBSD A true love story (at the end of November 2013) 1 Presentation for

Unbound & FreeBSD A true love story (at the end of November 2013) 1 Presentation for

Unbound & FreeBSD A true love story (at the end of November 2013) 1 Presentation for EUROBSDCON 2019 Conference September 19-22, 2019 Lillehammer, Norway 2 About me: Pablo Carboni (42) , from Buenos Aires, Argentina. Worked as Unix

453 views • 31 slides
WHEN PARENTS AND CHILDREN DISAGREE: DIVING INTO DNS DELEGATION INCONSISTENCY The Domain Name

WHEN PARENTS AND CHILDREN DISAGREE: DIVING INTO DNS DELEGATION INCONSISTENCY The Domain Name

WHEN PARENTS AND CHILDREN DISAGREE: DIVING INTO DNS DELEGATION INCONSISTENCY The Domain Name System (DNS) is one of the most critical components of the Internet DNS is a distributed, hierarchical database DNS maps hosts, services and

866 views • 31 slides
Encrypted DNS Privacy? A Traffic Analysis Perspective Sandra Siby, Marc Juarez, Claudia

Encrypted DNS Privacy? A Traffic Analysis Perspective Sandra Siby, Marc Juarez, Claudia

Encrypted DNS Privacy? A Traffic Analysis Perspective Sandra Siby, Marc Juarez, Claudia Diaz, Narseo Vallina-Rodriguez, Carmela Troncoso NDSS, 25 February 2020 Encrypted DNS > Privacy? Can encrypting DNS protect users from tra ffi

533 views • 40 slides
A novel zone walking protection for secure DNS Server Arnob Paul, Md. Hasanul Islam, Md. Shohrab

A novel zone walking protection for secure DNS Server Arnob Paul, Md. Hasanul Islam, Md. Shohrab

A novel zone walking protection for secure DNS Server Arnob Paul, Md. Hasanul Islam, Md. Shohrab Hossain Bangladesh University of Engineering and Technology, Bangladesh & Husnu S. Narman, Marshall University, Huntington, WV, USA

769 views • 27 slides

More recommend