internet gateway device (igd) philip poulidis director, home networking globespanvirata
TRANSCRIPT
Agenda
Introduction
Network Address Translation (NAT)
The Problem with NAT
The Solution
UPnP IGD Explained
Certification
Introduction Ubiquitous broadband access creates demand
for Internet connectivity among multiple PCs and devices inside the home.
As more nodes connect to the “network” they each require an IP address.
Today, IP addresses are limited so Network Address Translation (NAT) is used.
What is NAT?
Network Address Translation (NAT) is a widely used technique to allow multiple systems on a Local Area Network (LAN) to share a single, globally routable IP address.
192.168.0.2
192.168.0.2
192.168.0.4
192.168.0.4
192.168.0.3192.168.0.3External IP AddressExternal IP Addressxxx.xxx.xxx.xxxxxx.xxx.xxx.xxx
What’s Wrong with NAT? Peer-to-Peer PC Applications don’t work through a
Router with NAT! Multi-player games Real time communications (MSN Messenger) Peer-to-peer services Remote Assistance (a feature in Windows XP)
192.168.0.2
192.168.0.2
192.168.0.4
192.168.0.4
192.168.0.3192.168.0.3External IP AddressExternal IP Addressxxx.xxx.xxx.xxxxxx.xxx.xxx.xxx
The Problem
Manual configuration of the home gateway or router required by end-user.
This problem results in: Increased tech support calls to Service Providers,
CPE device vendors and gaming vendors
Frustrated end-users
Ports left open resulting in security hazard
Out With the Old…
The most common method of dealing with this problem was the programming of Application Level Gateways (ALGs) in home routers. “ALG’s are application specific translation agents
that allow an application on a host in one address realm to connect to its counterpart running on a host in different realm transparently.” (RFC2663)
This resulted in constant updates to already deployed routers in order to handle new applications.
In With the New…
The Solution: UPnP IGD
The UPnP Internet Gateway Device (IGD) is an “edge” interconnect device between a residential Local Area Network (LAN) and the Wide Area Network (WAN), providing connectivity to the Internet.
BroadbandBroadbandGateway/RouterGateway/Routerwith UPnP IGDwith UPnP IGD
UPnP IGD Defined
It provides: automatic and seamless sharing and configuration
of Internet data access among networked devices in the residential network
richer end-user experience for UPnP enabled devices
status and events on connections control of initiation and termination of connections
UPnP Internet Gateway Device (IGD) has been approved as a Standardized Device Control Protocol (DCP)
The Magic of NAT Traversal
UPnP IGD NAT Traversal is enabled by: Ability to “learn” public IP address Enumerating existing port mappings Adding and removing port mappings Assigning lease times to mappings
Key Benefits of UPnP IGD NAT Traversal No More Application Level Gateways (ALGs) Windows XP Supports UPnP NAT Traversal Today!
.NET Windows Messenger / Instant Messenger.NET Windows Messenger / Instant Messenger WinXP Remote AssistanceWinXP Remote Assistance
Direct Play 8 Supports UPnP NAT Traversal Today! UPnP Aware Internet Games Available in Stores NowUPnP Aware Internet Games Available in Stores Now
NAT Traversal ExplainedAn Application on Windows XP wants to allow external traffic from the Internet:
1. It requests the IGD to create a port mapping.
An Application on Windows XP wants to allow external traffic from the Internet:
1. It requests the IGD to create a port mapping.
2. The IGD receives a SOAP action and executes internal functions.
3. IGD configures NAT to allow external traffic on the requested port.
2. The IGD receives a SOAP action and executes internal functions.
3. IGD configures NAT to allow external traffic on the requested port.
Request Port X(Internal) & Port Y(External) for incoming data
Request Port X(Internal) & Port Y(External) for incoming data
UPnP SOAP ActionAddPortMapping(X,Y)
UPnP SOAP ActionAddPortMapping(X,Y)
Data(Y(External))Data(Y(External))
Port X(Internal) : Y(External)Port X(Internal) : Y(External)
Data(X(Internal))Data(X(Internal))
NAT Traversal Benefits For the Customer:
Networking Applications Just Work Automatic link to user friendly GUI No need to call "Support" (ISP, Application Vendor or IGD
Vendor)
For the Internet Service Provider (ISP) Ease of installation and set up process Reduced Support Calls Reduced Termination of Service
For the Software Application Vendor: No Application Specific ALGs Reduced Support Calls Reduced Software Product Returns
For the UPnP IGD Vendor: No Software Application Specific ALGs Reduced Support Calls Reduced UPnP IGD Device Returns
Certified Products
Getting CertifiedFirst, you must be a member of both the UPnP Forum and the UIC.
The 5 steps to certifying your gateway or router:
1. Obtain access to the test tool on the UIC web site in the Members Only area.
2. Run the test tool either at a third-party lab or in-house.
3. Submit the test logs, device registration form, and $2000 device registration fee to the Test Reviewer.
Once these steps have been taken, the following occurs:
4. The Test Reviewer reviews the test logs and provides feedback within 2-5 working days.
5. If the device passed the test, you are notified and receive a certificate
Using the UPnP Logo
Once you certify your device, you may use the certification mark on the certified device and associated marketing material.
Note: If the device incorporates UPnP firmware that is identical to that of a previously certified device, the device registration fee is waived.