• The Journal of Engineering Research
• /
• v.5 no.1
• /
• pp.45-55
• /
• 2004

NAT (Network Address Translation) is an IP address modification protocol that translates private IP address into authentic Internet address. The main features of NAT are to improve network security and to save IP address. Generally speaking, in order to perform its functionality, NAT uses the address information in the packet header. Certain application protocols, however, use the information in the packet data as well as the information in the packet header to perform end-to-end communication. Therefore, to support these types of application protocols, NAT should be able to perform appropriate translation of protocol information in the packet data. In this thesis, we design and implement a method which translates virtual IP information in the packet date into real IP information by using port proxy server.

• Journal of KIISE:Information Networking
• /
• v.30 no.5
• /
• pp.604-613
• /
• 2003

Network Address Translation-Protocol Translation(NAT-PT) is an IPv4/IPv6 translation mechanism, as defined in RFC2766, allowing IPv6-only devices to communicate with IPv4-only devices and vice versa. But NAT-PT has the restriction that applies to IPv4 NAT where NAT-PT does not provide end-to-end security, which is a major goal of IPSec. Therefore it cannot support security services such as confidentiality, authentication, and integrity. In this paper, we propose secure NAT-PT(SNAT-PT) and the corresponding secure host architecture to support IPSec security service. And also tunneling scheme using dummy IP header is presented to show the valid operation of end-to-end IPSec protocol on the proposed architectures.

• Journal of the Korea Computer Industry Society
• /
• v.5 no.1
• /
• pp.39-48
• /
• 2004

An IP address shortage problem is happening with a rapid propagation of the Internet and demands about a new IP address. Address translation technology as NAT is becoming use widely in order to solve these problems. NAT is an very useful If address translation technique that allows two connected networks to use different and incompatible IP address schemes. Rut it is difficult to use NAT particularly for applications that embeded IP addresses in data payloads or encrypted IP packet to guarantee End-to-End Security such as IPSec. In addition to rewiting the source/destination IP address in the packet, NAT must modify IP checksum every time, which could lead to considerablely performance decrease of the overall system in the process of address translation. RSIP is an alternative to solve these disadvantages and address shortage problems of NAT. Both NAT and RSIP divide networks into inside and outside addressing realms. NAT translates addresses between internal network and external network, but RSIP uses a borrowed external address for outside communications. RSIP server assigns a routable, public address to an RSIP client temporaily to communicate with public network outside the private network. In this paper, I will analyze NAT and RSIP gateway system, and then I will propose the Linux-based RSIP gateway for more efficient IP Address Translation in Intranet environments based on RSIP standard of IETF.

• Proceedings of the Korean Information Science Society Conference
• /
• 1999.10c
• /
• pp.463-465
• /
• 1999

인터넷으로 연결된 모든 장치는 각 나라마다 정해진 권위기관으로부터 고유한 IP 주소를 할당 받게 되는데, 현재 Internet Network Center(Inter NIC)라는 조직에서 이를 전체적으로 관장하고 있다. 최근 인터넷 사용이 급속히 확산되면서 인터넷을 이용하는 모든 장치에 고유 IP 주소를 할당하게 될 경우 고유 주소 체계의 사용 가능한 IP 주소 고갈이라는 문제에 직면하게 되었다. 그러나 이러한 문제는 내부 근거리 통신망(LAN)과 인터넷 상에 IP 주소를 변환시켜 주는 역할을 하는 네트워크 주소 변환(NAT: Network Address Translation) 기능을 이용하여 보완할 수 있다. 본 연구에서는 사설망 사용자의 인터넷 접속을 제공하는 것으로 기존 라우터에 NAT 기능을 적용하여 라우터가 보유한 공인 주소를 각 사용자가 공유하여 인터넷 접속을 제공하는 것으로 기존 라우터에 NAT 기능을 적용하여 라우터가 보유한 공인 주소를 각 사용자가 공유하여 인터넷 접속을 시도하는 것으로 사설망의 IP주소를 공인된 인터넷 주소로 변환시켜 외부로 전송하므로써 가능하다. 또한, 주소 변환 과정으로 사설망에서 사용하는 IP주소가 NAT 기능으로 IP주소가 변경되어 외부 침입자가 사설망의 존재를 알 수 없어 침입을 막는 간접적인 방화벽 기능도 수행한다.

• The KIPS Transactions:PartC
• /
• v.11C no.5
• /
• pp.683-688
• /
• 2004

NAT is a very useful IP address translation technique that allows two connected networks using different and incompatible IP address schemes. But it is impractical to use NAT for an application which uses the encrypted IP packet, embedding IP addresses inside of data payloads, to guarantee End-to-End Security such as IPSec. In addition to rewriting the source/destination IP addresses in the packet, NAT must modify IP checksum every time, which could lead to considerable performance decrease of the overall system in the process of the address translation. RSIP is an alternative to solve these disadvantages of NAT and the address shortage problems. Both NAT and RSIP divide networks into inside and outside addressing realms. NAT translates addresses between internal network and external network, but RSIP uses a borrowed external address for outside communications. RSIP server assigns a routable public address to a RSIP client temporarily to communicate with public net-work outside of the private network. In this paper, RSIP gateway for intranet environment is designed and its performance is evaluated. From the results of performance evaluation, we knew that RSIP is operated less sensitive to the data traffic. Also, the experiment shows that RSIP performs better than NAT when the transmission data grows larger.

• Journal of the Korean Geophysical Society
• /
• v.4 no.4
• /
• pp.239-249
• /
• 2001

NAT (Network Address Translation) is an IP address modification protocol that translates private IP addresses into authentic Internet addresses. The main features of NAT are to improve network security and to save IP addresses. Generally speaking, in order to perform its functionality. NAT uses the address informaiton in the packet header. Certain application protocols, however, use the information in the packet data as well as the imformation in the packet header to perform end-to-end communication. Therefor, to support these types of application protocols, NAT should be able to perform appropriate translation of protocol information in the packet data. In this thesis, we design and implement a method which translates virtual IP information in the packet data into real IP information by using port proxy server.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.41 no.10
• /
• pp.1290-1300
• /
• 2016

Recently, various middle box services have been developed and applied to provide network functions to end nodes of the network. Especially, network virtualization is increasingly proceeding by applying the virtualization technologies of cloud computing field to network field, and network platforms for various flexible services are being developed to connect among the virtual network devices. Carrier-grade Network Address Translation (CGNAT) is also one of these flexible network services. This paper designs and implements the DPDK-based CGNAT framework that provides flexibility and maximizes address translation throughput. Our framework achieves 15.5 times higher throughput than the address translation service by Linux kernel.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.14 no.4
• /
• pp.1935-1941
• /
• 2013

We can use NAT(Network Address Translation) technology to solve the lack of IP address. The problem of NAT traversal is happened when the filtering characteristics of NAT remove the packet that has no binding in the address translation table of NAT. There were many kinds of way to solve these problems by using additional device. Lately, network market is changed into integrating wired and wireless network by the IMS(IP Multimedia Subsystem). The IMS integrates to control network of wired and wireless network, has emerged to control convergence network effectively. Lately, the additional devices like IBCF(Interconnection Border Control Function) and IBGF(Interconnection Border Gateway Function) are used to solve the NAT traversal problem in the IMS. In this paper, we propose the solution of NAT traversal using P-CSCF without any additional equipment in the IMS.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.5 no.6
• /
• pp.526-532
• /
• 2004

The insufficiency on IP address cause to develope a new internet protocol, IPv6 that the length of address field is expanded. But there are actually many problems on applying and operating this standard for internet. Though NAT(Network Address Translation) is instead of it, NAT has the characteristics that is not allowed to access from outside. This is a big merit in security but a week point because the access from outside should be allowed when a small organization operate web sever or mail server. Therefore, this paper proposes the expanded NAT which can solve such problems as modifying the table of NAT. Furthermore, the function of existing VPN(Virtual Private Network) will be acceptable partly through such a method that provide the linkage among VPNs.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.10 no.10
• /
• pp.1131-1138
• /
• 2015

As the size of the internet market grows rapidly, the number of IPv4 addresses available is being exhausted, while transition to IPv6 is being delayed. As the best alternative solution, Network Address Translation(NAT) scheme is being used. It connects the public internet network with the private internet network in order to reduce the waste of IPv4 addresses space. The purpose of this paper is to study the effective example of network based on common virtual network using Packet Tracer with topology designed rather than usual theoretical approach in Dynamic NAT and PAT, which allows more efficient use of address space.