GSOC2012NetworkAddressTranslation

From Nsnam
Revision as of 01:18, 21 May 2012 by Vsindhuja (Talk | contribs) (Plan)

Jump to: navigation, search

Project Contact

  • Student: V. Sindhuja
  • Mentor: Tom Henderson
  • Abstract: Implementing a solid working NAT model for the NS3 framework taking into account the different behavior that NAT exhibits in a network equipping the node to act as a successful network edge device, also giving way for further security (firewall) implementations. This would include reusing Netfilter implementation on NS3 to facilitate NAT and then implement NAT itself. This would mimic the Linux NAT model and have added extensions.

Introduction

The main goal of this project is going to be to introduce Network Address Translation models into the NS-3 framework. While implementing NAT itself we are also going to focus on working on building the base for a larger framework that supports connection tracking and other firewall features. Most of this design would be modeled off of the Netfilter framework in Linux. The specifics of the implementation will be updated on further progress.

This project builds on the work previously done by Qasim Javed and Adrian Tam in 2009.

Overview

The work will primarily be divided in two main parts:

A.Implementing the NAT Framework in NS3 (using hooks and chaining as in Netfilter)

For the first part I am considering working off of the existing model that was proposed for performing a Netfilter and suiting it to the current ns3 version.

1.This would have 5 hooks

       o   NF_INET_PRE_ROUTING
       o   NF_INET_LOCAL_IN
       o   NF_INET_FORWARD
       o   NF_INET_LOCAL_OUT
       o   NF_INET_POST_ROUTING

2.Callback chaining

With this implementation I can set the priority for the different NAT translations that are there and check for existing connections.

3.Connection tracking

To maintain the state of the connection making the node one that is stateful.

B.Implementing the main NAT models that are key to including all types of network traffic.

Static one-to-one NAT

This NAT would be persistent for all the connections made from that host. When I port is specified then it would remain specific to that port. This translation can never get cleared out or timed out. Unless one manually removes the configuration.

Regular Dynamic NAT

This is the NAT where all the traffic is translated to one IP address and multiple ports(Port address translation).

Plan

·Week 1: (22/05-29/05) Adapt the existing Netfilter code to the current NS3

·Week 2: (30/05-06/06) Test the adaptation for the Netfilter code to current NS3

·Week 3: (07/06-14/06) Static one-to-one Design and Implementation

·Week 4: (15/06-22/06) Static one-to-one Design and Implementation

·Week 5: (23/06-30/06) Test the Static one-to-one Implementations.

·Week 6: (01/07-08/07) Dynamic Port-Translating NAT Design and Implementation

·09/07- Midterm evaluation submission

·Week 7: (10/07-17/07) Dynamic Port-Translating NAT Design and Implementation

·Week 8: (18/07-25/07) Testing the Dynamic Port-Translating NAT implementation.

·Week 9: (26/07-02/08) Test and Work on integration of the NAT Models

·Week 10: (03/08-10/08)Test and Work on integration of the NAT Models

·Aug 13 Suggested Pencils Down Date.

·11/08-19/08: Documentation and Integration of the project

·20/08 - Final Evaluation and Submission.