Network address translators: effects on security protocols and applications in the TCP/IP stack

Author

Shieh, Shiuh-Pyng ; Ho, Fu-Shen ; Huang, Yu-Lun ; Luo, Jia-Ning

Author_Institution

Nat. Chiao Tung Univ., Hsinchu, Taiwan

Volume

4

Issue

6

fYear

2000

Firstpage

42

Lastpage

49

Abstract

One proposed method for mitigating the address shortage problem in IPv4 is to use network address translators (NATs) to allow address reuse. The basic idea is to transparently map a wide set of private network addresses and corresponding TCP/UDP ports to a small set of globally unique public network addresses and ports. NAT devices provide a way to handle IP address depletion incrementally, without changing hosts and routers, until more long-term approaches like IPv6 can be implemented. Existing Internet security protocols must be re-examined, however, to see how they function within this new network environment. We begin with a description of the four NAT environments and a discussion of their limitations. We then examine the relationships between NAT devices and popular Internet security protocols and applications at each layer of the TCP/IP stack to see if they can survive with NAT devices

Keywords

Internet; electronic commerce; remote procedure calls; security of data; storage allocation; transport protocols; IP address depletion; IPv4; Internet security protocols; NAT devices; NAT environments; TCP/IP stack; TCP/UDP ports; address reuse; address shortage problem; globally unique public network addresses; long-term approaches; network address translators; network environment; private network addresses; security protocols; Information security; Intelligent networks; Internet; National security; Network address translation; Network servers; Payloads; Protocols; TCPIP; Web server;

fLanguage

English

Journal_Title

Internet Computing, IEEE

Publisher

ieee

ISSN

1089-7801

Type

jour

DOI

10.1109/4236.895015

Filename

895015