Crowbar: a protocol for opening holes in firewalls:
The growing shortage of IP address is forcing ever more people to
connect to the Internet via routers performing Network Address
Translation (NAT). NAT works by multiplexing many private IP
addresses onto a single publicly visible address, distinguishing
between them by using port numbers. A temporary association between
public port and the corresponding private address is established by
the NAT router when it first forwards a packet from a private address
to the outside. This association allows the NAT router to forward
replies back to initiator.
However, there is no way a private machine can act as a server,
listening for packets from hosts it does not yet know about. This
project would define and implement a new protocol to allow a host to
request that a NAT router forward incoming packets destined for a
listening port back to the host. The solution should be general
enough to be used by hosts to requests holes in firewalls, since this
is a very similar problem.
|