peer to peer networks
play

Peer-to-Peer Networks 16 Hole Punching Christian Schindelhauer - PowerPoint PPT Presentation

Apr 05, 2024 •342 likes •725 views

Peer-to-Peer Networks 16 Hole Punching Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg Peer-to-Peer Networks NAT, PAT & Firewalls 2 Network Address Translation Problem - too few

  1. Peer-to-Peer Networks 16 Hole Punching Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg

  2. Peer-to-Peer Networks NAT, PAT & Firewalls 2

  3. Network Address Translation § Problem - too few (e.g. one) IP addresses for too many hosts in a local network - hide hosts IP addresses from the outer world § Basic NAT (Static NAT) - replace internal IP by an external IP § Hiding NAT - = PAT (Port Address Translation) - = NAPT (Network Address Port Translation) - Socket pair (IP address and port number) are transformed - to a single outside IP address § Hosts in local network cannot be addressed from outside 3

  4. DHCP Dynamic Host Configuration Protocol DHCP (Dynamic Host Configuration Protocol) § - manual binding of MAC address • e.g. for servers - automatic mapping • fixed, yet not pre-configured - dynamic mapping • addresses may be reused § Integration of new hosts without configuration - hosts fetches IP address from DHCP server - sever assigns address dynamically - when the hosts leaves the network the IP address may be reused by other hosts - for dynamic mapping addresses must be refreshed - if a hosts tries to reuse an outdated address the DHCP server denies this request - problem: stealing of IP addresses § P2P - DHCP is good for anonymity • if the DHCP is safe - DHCP is bad for contacting peers in local networks 4

  5. Firewalls Types of Firewalls Methods § § - Host Firewall - Packet Filter • blocks ports and IP addresses - Network Firewall - Content Filter § Network Firewall • filters spam mails, viruses, - differentiates between ActiveX, JavaScript from html • external net pages - Internet, hostile - Proxy • internal net • transparent (accessible and visible) hots - LAN, trustworthy • demilitarized zone • channels the communication and attacks to secured hosts - servers reachable from the external net - Stateful Inspection § Host Firewall • observation of the state of a connection - e.g. personal firewall § Firewalls can prevent Peer to - controls the complete data traffic Peer connections of a host - on purpose or as a side effect - protection against attacks from outside and inside (trojans) - are treated here like NAT 5

  6. Types of Firewalls & NATs (RFC 3489) § Open Internet § Symmetric NAT - addresses fully available - Each internal request is mapped to a new port § Firewall that blocks UDP - Only a contacted host can send a - no UDP traffic at all message inside - hopeless, maybe TCP works? • on the very same external port Symmetric UDP Firewall § arriving on the internal port Restricted cone NAT § - allows UDP out - Internal address are statically mapped - responses have to come back to the to external addresses source of the request - All such UDP packets of one internal - like a symmetric NAT, but no translation port use this external port § Full-cone NAT - All external hosts can use this port to - if an internal address is mapped to an sent a packet to this host if they have external address all packets will be sent received a packet recently from the through this address same internal port (to any external port) - External hosts can send packets to the § Port restricted cone NAT external address which are delivered to - All UDP packets from one internal the local address address use the same external port - External hosts must use this port to sent a packet to this host if they have received a packet recently from the same internal port to the same external port 6

  7. Combination of NATs Peer-to-Peer Communication Accross Network Address Translators Bryan Ford, Pyda Srisuresh, Dan Kegel 7

  8. Overcoming NAT by Relaying § Relaying - use a open (non- NATed) server to relay all UDP or TCP connections - first both partners connect to the server - then, the server relays all messages Peer-to-Peer Communication Accross Network Address Translators Bryan Ford, Pyda Srisuresh, Dan Kegel 8

  9. Connection Reversal § If only one peer is behind NAT - then the peer behind NAT always starts connection § Use a server to announce a request for connection reversal - periodic check for connection requests is necessary Peer-to-Peer Communication Accross Network Address Translators Bryan Ford, Pyda Srisuresh, Dan Kegel 9

  10. Peer-to-Peer Networks UDP Hole Punching 10

  11. UDP Hole Punching § Dan Kegel (1999), NAT and Peer-to-Peer Networking, Technical Report Caltech § A does not know B‘s address § Algorithm - A contacts rendezvous server S and tells his local IP address - S replies to A with a message containing • B‘s public and private socket pairs - A sends UDP packets to both of this addresses • and stays at the address which works 11

  12. UDP Hole Punching § Peers Behind a Common NAT - Rendezvous server is used to tell the local IP addresses - Test with local IP address establish the connections in the local net Peer-to-Peer Communication Accross Network Address Translators Bryan Ford, Pyda Srisuresh, Dan Kegel 12

  13. UDP Hole Punching § Peers Behind a Common NAT - Rendezvous server is used to tell the local IP addresses - Test with local IP address establish the connections in the local net Peer-to-Peer Communication Accross Network Address Translators Bryan Ford, Pyda Srisuresh, Dan Kegel 13

  14. UDP Hole Punching § Peers Behind a Common NAT - Rendezvous server is used to tell the local IP addresses - Test with local IP address establish the connections in the local net Peer-to-Peer Communication Accross Network Address Translators Bryan Ford, Pyda Srisuresh, Dan Kegel 14

  15. UDP Hole Punching § Peers Behind Different NATs - Rendezvous server is used to tell the NAT IP addresses - Test with NAT IP address establishes the connections - Peers reuse the port from the Rendezvous server Peer-to-Peer Communication Accross Network Address Translators Bryan Ford, Pyda Srisuresh, Dan Kegel 15

  16. UDP Hole Punching § Peers Behind Different NATs - Rendezvous server is used to tell the NAT IP addresses - Test with NAT IP address establishes the connections - Peers reuse the port from the Rendezvous server Peer-to-Peer Communication Accross Network Address Translators Bryan Ford, Pyda Srisuresh, Dan Kegel 16

  17. UDP Hole Punching § Peers Behind Different NATs - Rendezvous server is used to tell the NAT IP addresses - Test with NAT IP address establishes the connections - Peers reuse the port from the Rendezvous server Peer-to-Peer Communication Accross Network Address Translators Bryan Ford, Pyda Srisuresh, Dan Kegel 17

  18. Simple traversal of UDP over NATs (STUN) § RFC 3489, J. Rosenberg, C. Huitema, R. Mahy, STUN - Simple Traversal of User Datagram Protocol Through Network Address Translators (NATs), 2003 § Client-Server Protocol - Uses open client to categorize the NAT router § UDP connection can be established with open client - Tells both clients the external ports and one partner establishes the connection § Works for Full Cone, Restricted Cone and Port Restricted Cone - Both clients behind NAT router can initialize the connection - The Rendezvous server has to transmit the external addresses § Does not work for Symmetric NATs 18

  19. STUN § Client communicates to at least two open STUN server NAT types from: http://en.wikipedia.org/wiki/STUN 19

  20. Peer-to-Peer Networks TCP Hole Punching 20

  21. TCP versus UDP Hole Punching Category UDP TCP Connection? no yes no Symmetry yes client uses „connect“, server uses „accept“ or „listen“ yes Acknowledgm no must have the correct sequence ents numbers 21

  22. P2P-NAT Peer-to-Peer Communication Accross Network Address Translators Bryan Ford, Pyda Srisuresh, Dan Kegel Prerequisite § - change kernel to allow to listen and connect TCP connections at the same time - use a Rendezvous Server S - Client A and client B have TCP sessions with s § P2P-NAT - Client A asks S about B‘s addresses - Server S tells client A and client B the public and private addresses (IP- address and port number) of A and B - From the same local TCP ports used to register with S • A and B synchronously make outgoing connection attempts to the others‘ public and private endpoints - A and B • wait for outgoing attempts to succeed • wait for incoming connections to appear • if one outgoing connection attempt fails („connection reset“, „host unreachable“) then the host retries after a short delay - Use the first established connection - When a TCP connection is made the hosts authenticate themselves 22

  23. P2P-NAT § Peer-to-Peer Communication Accross Network Address Translators § Bryan Ford, Pyda Srisuresh, Dan Kegel 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Peer-to-Peer Networks 09 Random Graphs for Peer-to-Peer-Networks Christian Ortolf Technical

Peer-to-Peer Networks 09 Random Graphs for Peer-to-Peer-Networks Christian Ortolf Technical

Peer-to-Peer Networks 09 Random Graphs for Peer-to-Peer-Networks Christian Ortolf Technical Faculty Computer-Networks and Telematics University of Freiburg Peer-to-Peer Networking Facts Hostile environment - Legal situation - Egoistic

882 views • 57 slides
Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg Free-Net Ian Clarke, Oskar Sandberg, Brandon Wiley, Theodore Hong, 2000 Goal - peer-to-peer network -

746 views • 36 slides
THE POLITICS OF BLOCKCHAIN From Primus Inter Pares to Peer-to-Peer HOW BLOCKCHAIN WORKS In

THE POLITICS OF BLOCKCHAIN From Primus Inter Pares to Peer-to-Peer HOW BLOCKCHAIN WORKS In

THE POLITICS OF BLOCKCHAIN From Primus Inter Pares to Peer-to-Peer HOW BLOCKCHAIN WORKS In peer-to-peer networks, all the operations Peer-to-peer networks Proof-of-work equally rely on each node in the system. Digital signature Registry

328 views • 18 slides
Peer-to-Peer Networks 14 Game Theory Christian Schindelhauer Technical Faculty

Peer-to-Peer Networks 14 Game Theory Christian Schindelhauer Technical Faculty

Peer-to-Peer Networks 14 Game Theory Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg Literature Feldman, Chuang Overcoming Free-Riding Behavior in Peer-to-Peer Systems, 2005

449 views • 24 slides
Peer-to-Peer Networks 11 Game Theory Christian Ortolf Technical Faculty Computer-Networks and

Peer-to-Peer Networks 11 Game Theory Christian Ortolf Technical Faculty Computer-Networks and

Peer-to-Peer Networks 11 Game Theory Christian Ortolf Technical Faculty Computer-Networks and Telematics University of Freiburg Literature Feldman, Chuang Overcoming Free -Riding Behavior in Peer-to- Peer Systems, 2005 Feldman,

687 views • 25 slides
Peer-to-Peer Networks 11 Past Christian Ortolf Technical Faculty Computer-Networks and

Peer-to-Peer Networks 11 Past Christian Ortolf Technical Faculty Computer-Networks and

Peer-to-Peer Networks 11 Past Christian Ortolf Technical Faculty Computer-Networks and Telematics University of Freiburg PAST PAST: A large-scale, persistent peer-to-peer storage utility - by Peter Druschel (Rice University, Houston

372 views • 26 slides
Decentralized Trust Management for Decentralized Trust Management for Ad-Hoc Peer-to-Peer

Decentralized Trust Management for Decentralized Trust Management for Ad-Hoc Peer-to-Peer

Decentralized Trust Management for Decentralized Trust Management for Ad-Hoc Peer-to-Peer Networks Ad-Hoc Peer-to-Peer Networks Thomas Repantis Vana Kalogeraki Department of Computer Science & Engineering University of California,

1.41k views • 29 slides
Peer-to-Peer Networks 15 Self-Organization Christian Schindelhauer Technical Faculty

Peer-to-Peer Networks 15 Self-Organization Christian Schindelhauer Technical Faculty

Peer-to-Peer Networks 15 Self-Organization Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg Topology-Management T-Man: Fast Gossip-based Construction of Large-Scale Overlay Topologies Mark

345 views • 15 slides
Peer-to-Peer Networks 16 P2P in the Wild Christian Schindelhauer Technical Faculty

Peer-to-Peer Networks 16 P2P in the Wild Christian Schindelhauer Technical Faculty

Peer-to-Peer Networks 16 P2P in the Wild Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg Real-World P2P Applications in 2016 File sharing & transmission Bittorrent, eMule,

559 views • 13 slides
Peer-to-Peer Networks 16 P2P in the Wild Christian Ortolf Technical Faculty Computer-Networks

Peer-to-Peer Networks 16 P2P in the Wild Christian Ortolf Technical Faculty Computer-Networks

Peer-to-Peer Networks 16 P2P in the Wild Christian Ortolf Technical Faculty Computer-Networks and Telematics University of Freiburg Real-World P2P Applications in 2016 File sharing & transmission Bittorrent, eMule, FastTrack,

604 views • 10 slides
Peer-to-Peer Networks The Internet 6th Week Albert-Ludwigs-Universitt Freiburg Department of

Peer-to-Peer Networks The Internet 6th Week Albert-Ludwigs-Universitt Freiburg Department of

Peer-to-Peer Networks The Internet 6th Week Albert-Ludwigs-Universitt Freiburg Department of Computer Science Computer Networks and Telematics Christian Schindelhauer Summer 2008 Montag, 9. Juni 2008 1 Peer-to-Peer Networks Internet 2

625 views • 23 slides
Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 14 Security Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg Cuckoo Hashing for Security Awerbuch, Scheideler, Towards Scalable and Robust Overlay Networks Problem: -

329 views • 19 slides
Comparing Hybrid Peer-to-Peer Hybrid peer-to-peer systems Systems Beverly Yang and Hector

Comparing Hybrid Peer-to-Peer Hybrid peer-to-peer systems Systems Beverly Yang and Hector

Comparing Hybrid Peer-to-Peer Hybrid peer-to-peer systems Systems Beverly Yang and Hector Garcia-Molina Pure peer-to-peer systems are hard to scale Gnutella Look at hybrids between p2p and server-client Presented by Marco Barreno Servers

282 views • 6 slides
Using Peer-to-peer networks for mission critical data communication Group #7 Satish Kotti

Using Peer-to-peer networks for mission critical data communication Group #7 Satish Kotti

Using Peer-to-peer networks for mission critical data communication Group #7 Satish Kotti Siddhant Sonkar Venkatesh SGS Introduction Peer-to-peer based approach for data transmission in mission critical systems like disaster response

409 views • 18 slides
Peer-to-Peer Networks 06 Tapestry Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 06 Tapestry Christian Schindelhauer Technical Faculty Computer-Networks

Peer-to-Peer Networks 06 Tapestry Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg Tapestry Objects and Peers are identified by - Objekt-IDs (Globally Unique Identifiers GUIDs) and -

297 views • 19 slides
Peer-to-Peer Networks 10 Fast Download Christian Schindelhauer Technical Faculty

Peer-to-Peer Networks 10 Fast Download Christian Schindelhauer Technical Faculty

Peer-to-Peer Networks 10 Fast Download Christian Schindelhauer Technical Faculty Computer-Networks and Telematics University of Freiburg IP Multicast Motivation - Transmission of a data stream to many receivers Unicast - For each

389 views • 24 slides
Information Session Preparing for Developer Job Interviews (sure, also at Google) Miguel A.

Information Session Preparing for Developer Job Interviews (sure, also at Google) Miguel A.

Information Session Preparing for Developer Job Interviews (sure, also at Google) Miguel A. Mosteiro SEIDENBERG Google Interview Talk SCHOOL OF CSIS 1 3/27/2017 The World of Computing Some Years Ago You know Don, Woz! In The Real

299 views • 10 slides
COVID-19 Future Planning for the Homelessness Response System: Lessons Learned from Birmingham,

COVID-19 Future Planning for the Homelessness Response System: Lessons Learned from Birmingham,

COVID-19 Future Planning for the Homelessness Response System: Lessons Learned from Birmingham, Detroit, and New Orleans July 27, 2020 2:00pm-3:30pm ET Webinar Format 90 minute webinar (includes Q&A) Use the question and answer

585 views • 40 slides
On finite 5-primary groups G with disconnected Gruenberg Kegel graph and restrictions on 1 (

On finite 5-primary groups G with disconnected Gruenberg Kegel graph and restrictions on 1 (

On finite 5-primary groups G with disconnected Gruenberg Kegel graph and restrictions on 1 ( G ) Valeriya Kolpakova N.N. Krasovskii Institute of Mathematics and Mechanics UB RAS Yekaterinburg 2015 . Valeriya Kolpakova N.N. Krasovskii

477 views • 10 slides
Lev Kazarin Yaroslavl P.Demidov State University, Sovetskaya str. 14 150000 Yaroslavl, Russia

Lev Kazarin Yaroslavl P.Demidov State University, Sovetskaya str. 14 150000 Yaroslavl, Russia

Group factorizations, graphs and related topics Lev Kazarin Yaroslavl P.Demidov State University, Sovetskaya str. 14 150000 Yaroslavl, Russia e-mail: kazarin@uniyar.ac.ru 1 Factorizations of groups By famous Burnside's p -Lemma, a group G

575 views • 31 slides
Sub-barrier resonance fission and its effects on fission fragment properties exemplified on 238

Sub-barrier resonance fission and its effects on fission fragment properties exemplified on 238

Sub-barrier resonance fission and its effects on fission fragment properties exemplified on 238 U(n,f) and 234 U(n,f) Anabella Tudora University of Bucharest, Faculty of Physics F.-J.Hambsch, S.Oberstedt EC-JRC-IRMM, Geel, Belgium WONDER-2012,

650 views • 34 slides
Chronopixel CMOS Sensor Development for the ILC Jim Brau , Nikolai Sinev, David Strom University

Chronopixel CMOS Sensor Development for the ILC Jim Brau , Nikolai Sinev, David Strom University

Chronopixel CMOS Sensor Development for the ILC Jim Brau , Nikolai Sinev, David Strom University of Oregon, Eugene, Oregon Oliver Baker, Charles Baltay, Christian Weber Yale University, New Haven, Connecticut EE work has been contracted to

240 views • 20 slides
Torsion Units in Integral Group Rings Andreas B achle Vrije Universiteit Brussel

Torsion Units in Integral Group Rings Andreas B achle Vrije Universiteit Brussel

Torsion Units in Integral Group Rings Andreas B achle Vrije Universiteit Brussel Computational Methods for Representations and Group Rings University of Stuttgart, February 18 and 19, 2016 Notations G finite group Notations G finite

1.07k views • 67 slides
Structural criteria in factorised groups via conjugacy class sizes V ctor Manuel

Structural criteria in factorised groups via conjugacy class sizes V ctor Manuel

Structural criteria in factorised groups via conjugacy class sizes V ctor Manuel Ortiz-Sotomayor Universitat Polit` ecnica de Val` encia, Spain G ROUPS S T A NDREWS 2017 Birmingham, August 2017 Joint work with: Mar a Jos e

770 views • 50 slides

More recommend