State of Peer-to-Peer (P2P) Communication across Network Address Translators (NATs)
RFC 5128
Document | Type | RFC - Informational (March 2008; Errata) | |
---|---|---|---|
Authors | Bryan Ford , Dan Kegel , Pyda Srisuresh | ||
Last updated | 2015-10-14 | ||
Replaces | draft-srisuresh-behave-p2p-state | ||
Stream | IETF | ||
Formats | plain text html pdf htmlized bibtex | ||
Reviews | |||
Stream | WG state | WG Document | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 5128 (Informational) | |
Action Holders |
(None)
|
||
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | Magnus Westerlund | ||
Send notices to | fluffy@cisco.com |
Network Working Group P. Srisuresh Request for Comments: 5128 Kazeon Systems Category: Informational B. Ford M.I.T. D. Kegel kegel.com March 2008 State of Peer-to-Peer (P2P) Communication across Network Address Translators (NATs) Status of This Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Abstract This memo documents the various methods known to be in use by applications to establish direct communication in the presence of Network Address Translators (NATs) at the current time. Although this memo is intended to be mainly descriptive, the Security Considerations section makes some purely advisory recommendations about how to deal with security vulnerabilities the applications could inadvertently create when using the methods described. This memo covers NAT traversal approaches used by both TCP- and UDP-based applications. This memo is not an endorsement of the methods described, but merely an attempt to capture them in a document. Srisuresh, et al. Informational [Page 1] RFC 5128 State of P2P Communication across NATs March 2008 Table of Contents 1. Introduction and Scope ..........................................3 2. Terminology and Conventions Used ................................4 2.1. Endpoint ...................................................5 2.2. Endpoint Mapping ...........................................5 2.3. Endpoint-Independent Mapping ...............................5 2.4. Endpoint-Dependent Mapping .................................5 2.5. Endpoint-Independent Filtering .............................6 2.6. Endpoint-Dependent Filtering ...............................6 2.7. P2P Application ............................................7 2.8. NAT-Friendly P2P Application ...............................7 2.9. Endpoint-Independent Mapping NAT (EIM-NAT) .................7 2.10. Hairpinning ...............................................7 3. Techniques Used by P2P Applications to Traverse NATs ............7 3.1. Relaying ...................................................8 3.2. Connection Reversal ........................................9 3.3. UDP Hole Punching .........................................11 3.3.1. Peers behind Different NATs ........................12 3.3.2. Peers behind the Same NAT ..........................14 3.3.3. Peers Separated by Multiple NATs ...................16 3.4. TCP Hole Punching .........................................18 3.5. UDP Port Number Prediction ................................19 3.6. TCP Port Number Prediction ................................21 4. Recent Work on NAT Traversal ...................................22 5. Summary of Observations ........................................23 5.1. TCP/UDP Hole Punching .....................................23 5.2. NATs Employing Endpoint-Dependent Mapping .................23 5.3. Peer Discovery ............................................24 5.4. Hairpinning ...............................................24 6. Security Considerations ........................................24 6.1. Lack of Authentication Can Cause Connection Hijacking .....24 6.2. Denial-of-Service Attacks .................................25 6.3. Man-in-the-Middle Attacks .................................26 6.4. Security Impact from EIM-NAT Devices ......................26 7. Acknowledgments ................................................27 8. References .....................................................27 8.1. Normative References ......................................27 8.2. Informative References ....................................27 Srisuresh, et al. Informational [Page 2] RFC 5128 State of P2P Communication across NATs March 2008 1. Introduction and Scope The present-day Internet has seen ubiquitous deployment of Network Address Translators (NATs). There are a variety of NAT devices and a variety of network topologies utilizing NAT devices in deployments. The asymmetric addressing and connectivity regimes established by these NAT devices have created unique problems for peer-to-peer (P2P) applications and protocols, such as teleconferencing and multiplayerShow full document text