1 / 17

ECE 526 – Network Processing Systems Design

ECE 526 – Network Processing Systems Design. Network Address Translator. Overview. What is Network Address Translation (NAT) Conceptually Implementation Complexity and simplifying assumptions TCP/UDP packet processing ARP packet processing NAT table creation and management

maxine-dyer
Download Presentation

ECE 526 – Network Processing Systems Design

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ECE 526 – Network Processing Systems Design Network Address Translator

  2. Overview • What is Network Address Translation (NAT) • Conceptually Implementation • Complexity and simplifying assumptions • TCP/UDP packet processing • ARP packet processing • NAT table creation and management • Head lookup and field changes • IXP Implementation • Software components and structure • NAT microblock implementation • Header caching, alignment ECE 526

  3. What is NAT? • System allowing multiple computers share single global IP address • Changing packet header: address, port number, IDs and etc • Located between a set of computers at a site and rest of the Internet ECE 526

  4. NAT Example • ISP Router • Local Area Network: • 10.0.0.0/8: net 10 prefix • Nonroutable • each computer has unique IP address • NAT • Global IP 192.168.0.2 • Local IP: 10.0.0.1 • Router for Local Area Network ECE 526

  5. How does NAT Work • Rewrite packet header as packet pass through • Questions • 1. Which fields should be changed • 2. Are these change independent of packet types, packet flow direction • 3. How should they be changed • 4. What is the complexity ECE 526

  6. Packet Type • TCP/UDP • IP address: global unique identify of IP network, looked by router • Source and destination • Port number: application dependent • Source • Destination • ARP (address resolution protocol) • IP address • MAC address • Any other fields? ECE 526

  7. Packet Flow Direction • Outgoing: to the internet • SIP, DIP • Sport, Dport • IP Proto filed • Incoming: from internet • Is same as outgoing? ECE 526

  8. Packet Field Change Cross NAT ECE 526

  9. NAT Table Example • *.2 and *.3 access web server at 128.10.2.1 • *.4 ping 192.5.3.1 ECE 526

  10. NAT Table Lookup • Incoming and outgoing different • Two independent hash tables used ECE 526

  11. NAT Table Implementation • Packet direction: f_nat or r_nat • Extract fields, computer hash value and bucket value ECE 526

  12. NAT Complexity • Fragmentation causes header of encapsulated protocol are only present in first fragment • E.g., no port number available for later fragments • IP datagram with options • Memory requirement for NAT table ECE 526

  13. NAT Table Management • Creation • Automatically • Add one entry when it is first packet for new flow • Table entry lifetime • Based on packet header • E.g., Fin or reset for TCP • Aging • Counter down timer • Reset to maximum value once used • Decrease one every cycle • Table entry update • Least recent used • Priority heuristic • TCP > UDP > ARP >others ECE 526

  14. NAT IXP Implementation ECE 526

  15. NAT Overall Structure • What are implementation ideas to improve throughput? ECE 526

  16. NAT Microblock Organization ECE 526

  17. Reminder • Example System on IXP2400 II: chapter 25 • Example of other commercial NPs: chapter 15 ECE 526

More Related