Skip to Main content Skip to Navigation

A NAT and Firewall signaling framework for the Internet

Abstract : This thesis analyses the impact of Network Address Translators (NATs) and Firewalls on the Internet's applications and proposes a novel approach to solve NATs and Firewall issues for these applications. Several applications are disrupted by NATs and Firewalls, primarily Voice over IP (VoIP) and Video over IP which are becoming essential for today's economy and social life. Following a detailed analysis and comparison of the various potential solutions to solve the applications' issues with NATs and Firewalls, a signaling protocol solution appears to be required. A thorough analysis of the signaling protocols species indicates that a new breed of signaling protocols must be used, the "Path-Directed" signaling protocols. That signaling protocol family is characterized by its topology agnostic property, where signaling messages are send to a specific destination while network intermediaries intercept and react to the intercepted signaling messages. The concepts used in this thesis were developed in parallel with the IETF NSIS WG standardization activities were the author has co-authored the NAT and Firewall signaling protocol proposal. However the author had a global approach to solve the problem by leveraging the Internet's applications' properties to detect network failures and simplify the overall signaling protocol framework. The work goes beyond the description of a protocol framework and discusses deployment considerations as well as integration models within existing NAT and Firewall implementations such as the Open BSD PF (Packet Filter).
Document type :
Domain :
Complete list of metadatas

Cited literature [71 references]  Display  Hide  Download
Contributor : Ecole Télécom Paristech <>
Submitted on : Friday, March 24, 2006 - 8:00:00 AM
Last modification on : Friday, October 23, 2020 - 4:37:49 PM
Long-term archiving on: : Saturday, November 26, 2016 - 4:21:28 PM


  • HAL Id : pastel-00001634, version 1



Cédric Aoun. A NAT and Firewall signaling framework for the Internet. domain_other. Télécom ParisTech, 2005. English. ⟨pastel-00001634⟩



Record views


Files downloads