Transcript NATs and UDP

NATs and UDP
Victor Norman
CS322
Spring 2014
NAPT
• Suppose we have a router doing NAT: half is
the “public side”, IP address 77.78.79.80;
other half is the “private side”, 192.168.0.1.
• Host 192.168.0.111 sends packet to cnn.com
@ 157.166.226.25, port 80.
– Host chooses source port 30000.
• NAPT makes entry in its table when first
packet is sent.
Why need to use port?
Q: Why do you need to use the port in the
algorithm? What if you used something beside
UDP/TCP behind a NAPT?
A: The port is used in a NAPT to disambiguate
when multiple machines behind the NAPT send
to the same machine outside the NAT.
If you use another protocol you might not be
able to use the NAT, or you might have to
program the NAT to handle it.
NAT Translation Table Timeout?
Q: Do the translation table entries on a NAT time
out like the entries on a learning switch?
A: Yes, I think they must have to be timed out.
Most common address block
Q: According to Comer, the most common
address block used is the 10.0.0.0/8 block. Is this
because it allows for the most hosts on a site?
A: I don’t know that that is true, and I don’t
know why it is true if it is true…
# of port numbers
Q: NAPT uses a set of cycling port numbers.
What is the size of that set and would it be
possible to overrun the set?
A: The port numbers in UDP and TCP are 16 bits,
so 65536 possibilities.
Servers behind a NAT
Q: How does the NAT allow multiple machines
to run servers visible to the outside?
A: Twice NAT explains how this can be done (but
I don’t know if anyone does that). In general, I
think that servers are just run on public IP
addresses.
Sub-NAT?
Q: Can you subNAT, that is a NAT inside a
NAT?Would each embedded NAT have to use an
equivalent or smaller mask than the main NAT,
so, ultimately, using the most general NAT,
10.0.0.0/8 allows for the most diversity in the
NAT?
A: The masks don’t come into play in this… but I
think you could sub-NAT.
NAT solves address depletion?
Q: If we (being everyone in the known universe)
used NATs, do we really need IPv6?
A: We probably would still run out of IP
addresses and thus need to go to IPv6.
Calvin using a NAT?
Q: With Calvin’s network size, would it be
possible to move away from the class B network
and use a NAT instead (or reducing to a /24
network and using several NATs)?
A: I don’t know… Let’s think about this…
UDP Checksum and NAT
Q: Does a NAT have to recompute the UDP
checksum?
A: Yes! Because it changes the IP source address
and because it changes the UDP source port.
UDP Functionality?
Q: UDP does not seem to provide any
functionality! It is just best-effort, like IP. Why
have it at all?
A: It provides really one thing: a way to
demultiplex layer 5 protocols, via the port
numbers.
UDP as endpoint
Q: Does a UDP port mostly serve as an endpoint
for sending and receiving messages, rather than
creating direct lines of communication as TCP
does?
A: Yes. When you open a UDP socket and get a
message, you get the source address/port as
well as the data, because the message could
have come from anywhere.
UDP Pseudo-header
Q: Comer mentions that UDP header does not
provide a checksum, so UDP extends the checksum
to include the IP datagram? How does this work,
and how does this help to reduce errors in IP?
A: In your code when you compute the checksum,
you first add in the fields from the IP header that
you need. Not hard to implement.
Does it really help reduce errors? Theoretically yes.
Practically? I doubt it.
Pseudo-header: where?
Q: Regarding UDP, is the pseudo header only
appended to the UDP message on the receiving
end?
A: No. The pseudo-header is built on the
sending side in order to compute the checksum.
It is also built on the receiving side, for the same
reason. Note: the pseudo-header is NOT
transmitted.
Layer violation?
Q: Does the use of a pseudo-header mean that
UDP does not support layer 3 protocols other
than IP? What about IPv6? The pseudo-header
seems like a bad idea to me because it destroys
the separation of concerns between layers. Do
the benefits outweigh these problems?
A: Amen! And bless you for this observation. I
think it is a bad idea. You have to assume
*something* from your lower layers…
Message ordering…
Q: How do applications that use UDP keep track
of message order?
A: They put a message # in each packet, usually.
UDP packet fragmentation
Q: In Chapter 25, the author mentions that in using the
UDP protocol programmers must be sure to keep the
message sizes small or risk loss of efficiency due to
fragmentation. In practice, do UDP packets typically
remain small enough to avoid fragmentation, or is there
some amount of these messages that just plain have to
be bigger than that?
A: A typical MTU is 1500 bytes, so most messages can be
contained in that. NFS is over UDP (and TCP) but can
contain long filenames. If they don’t fit in the MTU, they
don’t fit, and the packet gets fragmented.
TCP vs. UDP ports
Q: Are all layer 4 port number protocols the same?
(TCP vs UDP, etc.)
A: TCP ports are totally different from UDP ports.
They are both 16 bits, but a UDP port could be used
for XYZ protocol and the same TCP port could be for
a totally different protocol.
NOTE: an application can send a broadcast UDP
message – to any machine on the network listening
on a certain UDP port. Cannot do this in TCP.