VersionIHLTotal Length FlagsIdentificationFragment Offset Time To Live Destination Address...
10
Version IHL Total Length Flags Identification Fragment Offset Time To Live Destination Address Options Padding Protocol = 6 Type of Service IP Header TCP Destination Port Source Port Sequence Number Acknowledgment Number Data offset F I N S Y N U R G A C K P S H R S T Window Urgent Pointer Padding TCP Options TCP Data Source Address Header Checksum Checksum
-
Upload
earl-harper -
Category
Documents
-
view
215 -
download
2
description
Host A Host B Site NAT Public Internet Private Address Realm Source: /2000 Dest: /80 Source: Dest: /2000 Source: /3000 Dest: /80 Source: /80 Dest: /3000 NAT Binding / / 3000
Transcript of VersionIHLTotal Length FlagsIdentificationFragment Offset Time To Live Destination Address...
Version IHL Total Length
FlagsIdentification Fragment Offset
Time To Live
Destination Address
Options Padding
Protocol = 6
Type of Service
IP H
eade
rTC
P
Destination PortSource Port
Sequence Number
Acknowledgment NumberDataoffset
FINSYN
URGACK
PSHRST
Window
Urgent PointerPaddingTCP Options
TCP Data
Source Address
Header Checksum
Checksum
10.0.0.1
Public Internet
192.9.200.1
Private Address Realm
Source: 10.0.0.1Dest: 192.9.200.1
Source: 192.9.200.1Dest: 10.0.0.1
Host AHost B
10.0.0.1192.9.200.1
Host AHost B
Site NAT
Public InternetPrivate Address Realm
Source: 10.0.0.1/2000Dest: 192.9.200.1/80
Source: 192.9.200.1Dest: 10.0.0.1/2000
Source: 139.130.1.1/3000Dest: 192.9.200.1/80
Source: 192.9.200.1/80Dest: 139.130.1.1/3000
NAT Binding
10.0.0.1 / 2000 139.130.1.1 / 3000
Host A
Host B
Site NAT
Host C
Port 90
Port 91
Port 90
Port 91
Port 2001
NAT Binding NAT Filter
Local Addr / Port External Addr / Port -- External Access Mask
A / 2001 Z / 3001 -- B / 90
Initial PacketSource: A / 2001Dest: B / 90
Source: Z / 3001Dest: B / 90
Host A
Host B
Site NAT
Host C
Port 90
Port 91
Port 90
Port 91
Port 2001
NAT Binding NAT Filter
Local Addr / Port External Addr / Port -- External Access Mask
A / 2001 Z / 3001 -- * / *
Initial PacketSource: A / 2001Dest: B / 90
Source: Z / 3001Dest: B / 90
Host A
Host B
Site NAT
Host C
Port 90
Port 91
Port 90
Port 91
Port 2001
NAT Binding NAT Filter
Local Addr / Port External Addr / Port -- External Access Mask
A / 2001 Z / 3001 -- B / *
Initial PacketSource: A / 2001
Dest: B / 90
Source: Z / 3001Dest: B / 90
Host A
Host B
Site NAT
Host C
Port 90
Port 91
Port 90
Port 91
Port 2001
NAT Binding NAT Filter
Local Addr / Port External Addr / Port -- External Access Mask
A / 2001 Z / 3001 -- * / 90
Initial PacketSource: A / 2001Dest: B / 90
Source: Z / 3001Dest: B / 90
STUN Request To alternate
Addr and Port
Response?Same IPAddr and
Port?
Same IPAddr and
Port?
STUN RequestChange Response:
Addr and Port
STUN Request
STUN RequestChange Response:Port
UDP Blocked
N Y
Response?
UDP FirewallOpen Internet
STUN RequestChange Response:
Addr and Port
Response?
Full Cone NAT
Response?
Symmetric NAT
Restricted NATPort Restricted NAT
N
N
N
N
N
Y
Y
Y
Y
Y
Host A
Site NAT
Host D
NAT Binding NAT Filter
Local Addr / Port External Addr / Port -- External Access Mask
A / 2001 Z / 3001 -- * / 2001 D / 2002 Y / 3002 -- * / 2002
Port 2001
Port 2002
Source: D / 2002Dest: Z / 3001
Source: Y / 3002Dest: Z / 3001
Source: Y / 3002Dest: A / 2001
Port y1
Host X
Host Y1
Site NAT
Host Y2
Port x
NAT Binding NAT Filter
Local Addr / Port External Addr / Port -- External Access Mask
X / x X1 / x1 -- ? / ?
Source: X / xDest: Y1 / y1
Source: X1 / x1Dest: Y1 / y1
Port y2Source: Y2 / y2Dest: X / x
Source: Y2/ y2Dest: X1 / x1
Use Address andPort X1 / x1
