• Proceedings of the Korea Information Processing Society Conference
• /
• 2000.10b
• /
• pp.1185-1188
• /
• 2000

NAT로 운영되는 private network에서 IP 전화 시스템을 지원하기 위해서는 caller 단말, gatekeeper 서버, callee 단말간에 교환되는 H.225.0 메시지와 H.245 메시지의 NAT 주소 변환이 동적인 방법으로 투명하게 이루어져야한다. 이를 위하여 본 논문에서는 NAT 가 탑재된 라우터와 gatekeeper 서버를 연동하는 구조를 제안한다. 제안한 방식은 gatekeeper 와 NAT 라우터 사이에 주소 변환을 위한 정보교환용의 channel 을 여는 단계, gatekeeper 가 외부 단말로 향하는 H.225.0, H245 메시지를 받았을 때 NAT 라우터에게 private 주소 정보를 알려주는 단계, NAT 라우터가 gatekeeper로부터 private 주소정보를 받았을 때 public 주소 정보를 할당하여 gatekeeper에게 알려주는 단계, gatekeeper가 할당받은 public 주소 정보를 반영하여 외부 단말로 향하는 H.225.0, H.245 메시지를 재생성하는 단계 마지막으로 호가 종료될 때 gatekeeper 가 NAT 라우터로부터 할당받은 NAT 자원을 반환하는 단계로 구성된다. 이러한 연동 구조를 사용함으로써 NAT 환경에서 H.323 개체들간의 signalling 메시지와 음성 데이터의 송수신을 보장할 수 있다.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.4
• /
• pp.1935-1941
• /
• 2013

We can use NAT(Network Address Translation) technology to solve the lack of IP address. The problem of NAT traversal is happened when the filtering characteristics of NAT remove the packet that has no binding in the address translation table of NAT. There were many kinds of way to solve these problems by using additional device. Lately, network market is changed into integrating wired and wireless network by the IMS(IP Multimedia Subsystem). The IMS integrates to control network of wired and wireless network, has emerged to control convergence network effectively. Lately, the additional devices like IBCF(Interconnection Border Control Function) and IBGF(Interconnection Border Gateway Function) are used to solve the NAT traversal problem in the IMS. In this paper, we propose the solution of NAT traversal using P-CSCF without any additional equipment in the IMS.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.10 no.10
• /
• pp.1131-1138
• /
• 2015

As the size of the internet market grows rapidly, the number of IPv4 addresses available is being exhausted, while transition to IPv6 is being delayed. As the best alternative solution, Network Address Translation(NAT) scheme is being used. It connects the public internet network with the private internet network in order to reduce the waste of IPv4 addresses space. The purpose of this paper is to study the effective example of network based on common virtual network using Packet Tracer with topology designed rather than usual theoretical approach in Dynamic NAT and PAT, which allows more efficient use of address space.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.5 no.6
• /
• pp.526-532
• /
• 2004

The insufficiency on IP address cause to develope a new internet protocol, IPv6 that the length of address field is expanded. But there are actually many problems on applying and operating this standard for internet. Though NAT(Network Address Translation) is instead of it, NAT has the characteristics that is not allowed to access from outside. This is a big merit in security but a week point because the access from outside should be allowed when a small organization operate web sever or mail server. Therefore, this paper proposes the expanded NAT which can solve such problems as modifying the table of NAT. Furthermore, the function of existing VPN(Virtual Private Network) will be acceptable partly through such a method that provide the linkage among VPNs.

• Journal of KIISE:Information Networking
• /
• v.35 no.5
• /
• pp.367-373
• /
• 2008

Recently, the NAT middlebox widely deployed in the home network environment prohibits DM operations from reaching user devices behind NAT. In this article, we focus on NAT issues to manage home network devices. Particularly, we discuss standardization efforts, and present our proposal to deploy DM services for VoIP and IPTV devices under NAT. By slightly changing behaviors of Simple Network Management Protocol (SNMP) Manager and Agent, and defining additional Management Objects (MOs) to gather NAT binding information, we could solve the NAT traversal problem under symmetric NAT. Moreover, we propose an enhanced method to search the UDP hole binding time of the NAT box. We applied our method to randomly selected 22 VoIP devices out of 194 NATed hosts in the real broadband network and have achieved 99% of the success ratio for exchanging SNMP request messages and 26% of enhancement for searching the UDP hole binding time.

• The Journal of Engineering Research
• /
• v.5 no.1
• /
• pp.45-55
• /
• 2004

NAT (Network Address Translation) is an IP address modification protocol that translates private IP address into authentic Internet address. The main features of NAT are to improve network security and to save IP address. Generally speaking, in order to perform its functionality, NAT uses the address information in the packet header. Certain application protocols, however, use the information in the packet data as well as the information in the packet header to perform end-to-end communication. Therefore, to support these types of application protocols, NAT should be able to perform appropriate translation of protocol information in the packet data. In this thesis, we design and implement a method which translates virtual IP information in the packet date into real IP information by using port proxy server.

• The KIPS Transactions:PartC
• /
• v.10C no.5
• /
• pp.549-556
• /
• 2003

In this paper, we describe security policy protocol to provide end-to-end IPSec security service that considers characteristics of NAT-PT. NAT-PT is describing IP address translation and protocol translation for communication on heterogeneous IP network by one of the technology that is proposed by IETF to provide communication between IPv4 and IPv6 network in transitional step to evolve by IPv6 network to IPv4 network. But NAT-PT has the limitation on security one of the essential requirement of Internet. Therefore, we propose the extended security protocol that offers a security policy negotiation that should be achieved for the first time to provide end-to-end IPSec security service that considers NAT-PT in this paper.

• Journal of KIISE:Information Networking
• /
• v.30 no.5
• /
• pp.604-613
• /
• 2003

Network Address Translation-Protocol Translation(NAT-PT) is an IPv4/IPv6 translation mechanism, as defined in RFC2766, allowing IPv6-only devices to communicate with IPv4-only devices and vice versa. But NAT-PT has the restriction that applies to IPv4 NAT where NAT-PT does not provide end-to-end security, which is a major goal of IPSec. Therefore it cannot support security services such as confidentiality, authentication, and integrity. In this paper, we propose secure NAT-PT(SNAT-PT) and the corresponding secure host architecture to support IPSec security service. And also tunneling scheme using dummy IP header is presented to show the valid operation of end-to-end IPSec protocol on the proposed architectures.

• The KIPS Transactions:PartC
• /
• v.11C no.5
• /
• pp.683-688
• /
• 2004

NAT is a very useful IP address translation technique that allows two connected networks using different and incompatible IP address schemes. But it is impractical to use NAT for an application which uses the encrypted IP packet, embedding IP addresses inside of data payloads, to guarantee End-to-End Security such as IPSec. In addition to rewriting the source/destination IP addresses in the packet, NAT must modify IP checksum every time, which could lead to considerable performance decrease of the overall system in the process of the address translation. RSIP is an alternative to solve these disadvantages of NAT and the address shortage problems. Both NAT and RSIP divide networks into inside and outside addressing realms. NAT translates addresses between internal network and external network, but RSIP uses a borrowed external address for outside communications. RSIP server assigns a routable public address to a RSIP client temporarily to communicate with public net-work outside of the private network. In this paper, RSIP gateway for intranet environment is designed and its performance is evaluated. From the results of performance evaluation, we knew that RSIP is operated less sensitive to the data traffic. Also, the experiment shows that RSIP performs better than NAT when the transmission data grows larger.

• Proceedings of the IEEK Conference
• /
• summer
• /
• pp.269-273
• /
• 2004

This paper presents a comparative performance analysis of a network accelerator model based on M/M/l queuing system. It assumes the Poisson distribution as its input traffic load. The decoding delay is employed as a performance analysis measure. Simulation results based on the proposed model show only $15\%$ differences with respect to actual measurements on field traffic for BCM5820 accelerator device. The performance analysis model provides with reasonable hardware structure of network servers, and can be used to span design spaces statistically.