Internet DRAFT - draft-li-behave-nat444-test
draft-li-behave-nat444-test
Network Working Group Z. Li
Internet-Draft H. Guo
Intended status: Standards Track C. Liu
Expires: January 17, 2013 China Telecom
W. Liu
Z. Zhang
Huawei Technologies
July 16, 2012
Experience from NAT44 Translation Testing
draft-li-behave-nat444-test-01
Abstract
This document describes the testing result of CGN device in Wuxi
Branch of China Telecom, by providing an overview of support
situation of CGN for getting applications through NAT. The CGN
device is from Huawei and the test environment is a real network in
Wuxi China.
Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in .
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 17, 2013.
Copyright Notice
Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved.
Li, et al. Expires January 17, 2013 [Page 1]
�
Internet-Draft NAT44-test July 2012
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. Testbed Overview . . . . . . . . . . . . . . . . . . . . . . . 4
3.1. A general topology for NAT444 testing . . . . . . . . . . 5
3.2. Testbed Description . . . . . . . . . . . . . . . . . . . 7
4. Applications Testing Overview . . . . . . . . . . . . . . . . 8
4.1. Instant message applications . . . . . . . . . . . . . . . 8
4.1.1. Microsoft Messenger . . . . . . . . . . . . . . . . . 8
4.1.2. skype . . . . . . . . . . . . . . . . . . . . . . . . 8
4.1.3. Other IM . . . . . . . . . . . . . . . . . . . . . . . 9
4.2. Web browsing . . . . . . . . . . . . . . . . . . . . . . . 9
4.2.1. www.google.com . . . . . . . . . . . . . . . . . . . . 9
4.2.2. Other web browsings . . . . . . . . . . . . . . . . . 10
4.3. Online gaming . . . . . . . . . . . . . . . . . . . . . . 10
4.3.1. QQ online gaming . . . . . . . . . . . . . . . . . . . 10
4.3.2. Other online gaming . . . . . . . . . . . . . . . . . 11
4.4. Downloading . . . . . . . . . . . . . . . . . . . . . . . 11
4.4.1. HTTP downloading . . . . . . . . . . . . . . . . . . . 11
4.4.2. FTP downloading . . . . . . . . . . . . . . . . . . . 12
4.4.3. Bittorrent/eMule downloading . . . . . . . . . . . . . 13
4.4.4. Xunlei downloading . . . . . . . . . . . . . . . . . . 14
4.5. Internet Video/music . . . . . . . . . . . . . . . . . . . 15
4.5.1. PPStream . . . . . . . . . . . . . . . . . . . . . . . 15
4.5.2. Other Internet Video/music . . . . . . . . . . . . . . 16
4.6. Email . . . . . . . . . . . . . . . . . . . . . . . . . . 16
4.6.1. Outlook/Outlook express . . . . . . . . . . . . . . . 16
4.6.2. Other Email softwares . . . . . . . . . . . . . . . . 17
4.7. Other applications . . . . . . . . . . . . . . . . . . . . 17
4.7.1. Telnet . . . . . . . . . . . . . . . . . . . . . . . . 17
4.7.2. SSH . . . . . . . . . . . . . . . . . . . . . . . . . 18
4.7.3. Traceroute . . . . . . . . . . . . . . . . . . . . . . 19
4.7.4. Remote desktop . . . . . . . . . . . . . . . . . . . . 20
4.8. VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
4.8.1. iAccess . . . . . . . . . . . . . . . . . . . . . . . 21
4.9. Shopping online . . . . . . . . . . . . . . . . . . . . . 22
Li, et al. Expires January 17, 2013 [Page 2]
�
Internet-Draft NAT44-test July 2012
4.9.1. Taobao . . . . . . . . . . . . . . . . . . . . . . . . 22
4.10. Bank . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
4.10.1. China Merchants Bank . . . . . . . . . . . . . . . . . 23
4.11. Negotiable securities . . . . . . . . . . . . . . . . . . 24
4.11.1. United securities . . . . . . . . . . . . . . . . . . 24
4.12. Map . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
4.12.1. google map . . . . . . . . . . . . . . . . . . . . . . 25
5. Applications Testing with same public IP address . . . . . . . 26
5.1. Instant message applications . . . . . . . . . . . . . . . 26
5.1.1. Microsoft Messenger . . . . . . . . . . . . . . . . . 26
5.2. Online gaming . . . . . . . . . . . . . . . . . . . . . . 27
5.2.1. QQ online gaming . . . . . . . . . . . . . . . . . . . 27
5.3. Internet Video/music . . . . . . . . . . . . . . . . . . . 28
5.3.1. Youku . . . . . . . . . . . . . . . . . . . . . . . . 28
5.4. Shopping online . . . . . . . . . . . . . . . . . . . . . 29
5.4.1. Taobao . . . . . . . . . . . . . . . . . . . . . . . . 29
5.5. Bank . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
5.5.1. Industrial and Commercial Bank of China . . . . . . . 30
6. Effect analysis . . . . . . . . . . . . . . . . . . . . . . . 31
6.1. User experience . . . . . . . . . . . . . . . . . . . . . 31
6.2. Testing summary . . . . . . . . . . . . . . . . . . . . . 31
7. Security Considerations . . . . . . . . . . . . . . . . . . . 32
8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 32
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 32
10. Informative References . . . . . . . . . . . . . . . . . . . . 32
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 32
Li, et al. Expires January 17, 2013 [Page 3]
�
Internet-Draft NAT44-test July 2012
1. Introduction
This testing is based on specification of IP device from China
Telecom. The main purpose is to know the states that CGN supports
the applications translating the NAT device. The testing is done on
a real network of China Telecom Wuxi branch where the CGN is a
centralized device for NAT translation.
Base on testing result we know which applications could adapt to the
NAT device and the time delay after translation, whether there is
echo for video and audio services.
The CGN devices include BRAS, SR, CR which can support NAT444 by
adding a CGN board or connecting a CGN device. The access devices
include LSW, DSLAM, OLT, MxU. CPE devices can be HGW, ONT which
support router/bridge model. Other devices such as Network
management servers, log servers, AAA servers, user action analysis
server, FTP/HTTP server are also included in the system.
2. Terminology
This document makes use of the following terms:
NAT: Network Address Translation
CGN : Carrier Grade NAT
BRAS: Broadband Remote Access Server
SR: Service Router
CR: Core Router
LSW: LAN Switching
DSLAM: Digital Subscriber Line Access Multiplexer
OLT: Optical Line Terminal
CPE: Customer premises equipment
HGW: Home Gateway
ONT: Optical Network Terminal
FTP: File Transfer Protocol
HTTP: Hypertext Transfer Protocol
ALG: Application Layer Gateway
PCP: Port Control Protocol
VPN: Virtual Private Network
SSH: Secure Shell
3. Testbed Overview
Li, et al. Expires January 17, 2013 [Page 4]
�
Internet-Draft NAT44-test July 2012
3.1. A general topology for NAT444 testing
------
/// \\\
+-------+ Internet |
| | /-/ |
| CR |/----/ \\\ ///
| - ------
+-------+
// \\
/ \
| |
| |
| |
| |
| |
\ /
\\ //
+----------+
| |
|ME60(CGN) |
| |
+-/----+---+
// |
// |
// |
+--/-+ ++---+
|CPE1| |CPE2|
| | | |
+-X--+ +-+--+
/ \ |
/ \ |
/ \ |
/ \ |
+/---+ +--\-+ +-+--+
| PC1| | PC2| | PC3|
+----+ +----+ +----+
Figure 1: Distributed CGN topology for NAT444 testing
In figure 1 CPE1 and CPE2 have NAT function, and NE60 is a BRAS
device with a embedded CGN . There are two scenarioes in figure 1.
Scenario 1: Communication between PC1 and PC2; Scenario 2:
Communication between PC2 and PC3 .
Li, et al. Expires January 17, 2013 [Page 5]
�
Internet-Draft NAT44-test July 2012
------
/// \\\
+-------+ Internet |
| | /-/ |
|CR(CGN)|/----/ \\\ ///
| - ------
+-------+
// \\
/ \
| |
| |
| |
| |
| |
\ /
\\ //
+----------+
| |
| ME60 |
| |
+-+-------++
| |
| |
| |
+---++ +-+--+
|CPE2| |CPE3|
| | | |
+-+--+ +-+--+
| |
| |
| |
| |
+-+--+ +-+--+
| PC3| | PC4|
+----+ +----+
Figure 2:Centralized CGN topology for NAT444 testing
In figure 2 CPE2 and CPE3 have NAT function, and NE60 is a BRAS
device without embedded CGN . There is an embedded CGN in CR device.
This is scenario 3: Communication between PC3 and PC4.
Li, et al. Expires January 17, 2013 [Page 6]
�
Internet-Draft NAT44-test July 2012
------
/// \\\
+-------+ Internet |
| | /-/ |
| CR |/----/ \\\ ///
| - ------
+-------+
// \\
/ \
| |
| |
| |
| |
| |
\ /
\\ //
+----------+
| |
| ME60(CGN)|
| |
+-+-------++
| |
| |
| |
+---++ +-+--+
|CPE3| |CPE4|
| | | |
+-+--+ +-+--+
| |
| |
| |
| |
+-+--+ +-+--+
| PC4| | PC5|
+----+ +----+
Figure 3:Public user and private user interworking
In figure 3 CPE3 has NAT function and accesses a private IP address
from NE60; CPE4 has NAT function and accesses a public IPv4 address
by PPP from NE60. NE60 is a BRAS device with a embedded CGN. This
is scenario 4: Communication between PC4 and PC5.
3.2. Testbed Description
During the testing ALG function can be closed and open. So we tested
based on: Activation ALG and three-tuple(Index NAT entries by source
IP, source port, protocol) ; Deactivation ALG and tree-tuple;
Li, et al. Expires January 17, 2013 [Page 7]
�
Internet-Draft NAT44-test July 2012
Activation single ALG and three-tuple; Activation ALG and Five-
tuple(Index NAT entries by source IP, source port, protocol, destined
IP, destined port) ; Deactivation ALG and five-tuple;
4. Applications Testing Overview
This section describes testing result for all kinds applications.
4.1. Instant message applications
4.1.1. Microsoft Messenger
+--------------+----------------------------------------------------+
|Test Item |IM |
+--------------+----------------------------------------------------+
|Sub-Item |Microsoft Messenger |
+--------------+----------------------------------------------------+
|Test |Check whether Microsoft Messenger can work under NAT|
|Objective |44.Voice, Video, Webcam,File transfer are tested |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3,4 |
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Install MSN in PC |
| |3.Check whether MSN user can register |
| |4.Check whether users can communicate normally |
| |5.Test Activation/Deactivation/Single ALG+tree-tuple|
+--------------+----------------------------------------------------+
|Expected |MSN user can register |
|Result |Two user can communicate with MSN |
| |Under four scenarios two user can communicate |
+--------------+----------------------------------------------------+
|Actual Result |Passed |
+--------------+----------------------------------------------------+
|Remarks |Independent ALG |
+--------------+----------------------------------------------------+
4.1.2. skype
Li, et al. Expires January 17, 2013 [Page 8]
�
Internet-Draft NAT44-test July 2012
+--------------+----------------------------------------------------+
|Test Item |IM |
+--------------+----------------------------------------------------+
|Sub-Item |Skype |
+--------------+----------------------------------------------------+
|Test |Check whether skype can used under NA44. |
|Objective |Voice, Video, Webcam, File transfer are tested |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3,4 |
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Install skype in PC |
| |3.Check whether skype user can register |
| |4.Check whether users can communicate normally |
| |5.Test Activation/Deactivation/Single ALG+tree-tuple|
+--------------+----------------------------------------------------+
|Expected |Skype user can register |
|Result |Two user can communicate with skype |
| |Under four scenarios two user can communicate |
+--------------+----------------------------------------------------+
|Actual Result |Passed |
+--------------+----------------------------------------------------+
|Remarks |Independent ALG |
+--------------+----------------------------------------------------+
4.1.3. Other IM
We tested other IM application in the same way and got the same
result as MSN. Other IM application include Feixin, QQ, Miliao,
aliwangwang, and they are all popular IM applications in china.
4.2. Web browsing
4.2.1. www.google.com
Li, et al. Expires January 17, 2013 [Page 9]
�
Internet-Draft NAT44-test July 2012
+--------------+----------------------------------------------------+
|Test Item |Web browsing |
+--------------+----------------------------------------------------+
|Sub-Item |www.google.com |
+--------------+----------------------------------------------------+
|Test |Check whether we can access www.google.com when |
|Objective |there is NAT in the network. |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3,4 PCs can access web browsing |
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Open browsing and access www.google.com in PC |
| |3.Check whether PC can access the Web normally. |
| |4.Test Activation/Deactivation/Single ALG+tree-tuple|
| | |
+--------------+----------------------------------------------------+
|Expected |PC can access the web. |
|Result | |
| | |
+--------------+----------------------------------------------------+
|Actual Result |Passed |
+--------------+----------------------------------------------------+
|Remarks |Independent ALG |
+--------------+----------------------------------------------------+
4.2.2. Other web browsings
We tested other web browsings in the same way and got the same result
as google web. Other web browsings include www.baidu.com,
www.yahoo.com, www.sohu.com, www.renren.com, www.sina.com,
www.tianya.cn, www.qq.com, www.163.com, www.ifeng.com,
www.chinanews.com, and they are all popular web sites in china. We
also access web by HTTPS,we access
https://chatmodels.dmm.co.jp/login/top and it runs smoothly.
4.3. Online gaming
4.3.1. QQ online gaming
Li, et al. Expires January 17, 2013 [Page 10]
�
Internet-Draft NAT44-test July 2012
+--------------+----------------------------------------------------+
|Test Item |Online gaming |
+--------------+----------------- ----------------------------------+
|Sub-Item |QQ Online gaming |
+--------------+----------------------------------------------------+
|Test |Check whether PC can register QQ online gaming room.|
|Objective | |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3,4 PCs can access online gaming room.|
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Install QQ online gaming client on PC |
| |3.Check whether PC can entry game room and play. |
| |4.Test Activation/Deactivation/Single ALG+tree-tuple|
| | |
+--------------+----------------------------------------------------+
|Expected |QQ game user can entry game room and play. |
|Result | |
| | |
+--------------+----------------------------------------------------+
|Actual Result |Passed |
+--------------+----------------------------------------------------+
|Remarks |Independent ALG |
+--------------+----------------------------------------------------+
4.3.2. Other online gaming
We tested other online gamings in the same way and got the same
result as QQ online gaming. Other online gamings include World of
Warcraft , QQ farm, ourgame, Kaixin network, and they are all popular
online game in china.
4.4. Downloading
4.4.1. HTTP downloading
Li, et al. Expires January 17, 2013 [Page 11]
�
Internet-Draft NAT44-test July 2012
+--------------+----------------------------------------------------+
|Test Item |Downloading |
+--------------+----------------- ----------------------------------+
|Sub-Item |HTTP downloading |
+--------------+----------------------------------------------------+
|Test |Check whether PC can download by HTTP with NAT444 on|
|Objective |the networks. |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3,4 PCs can download by HTTP. |
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Open any software or MP3 file download page. |
| |3.Check whether PC can download the by HTTP. |
| |4.Test Activation/Deactivation/Single ALG+tree-tuple|
| | |
+--------------+----------------------------------------------------+
|Expected |User can download files by HTTP. |
|Result | |
| | |
+--------------+----------------------------------------------------+
|Actual Result |Passed |
+--------------+----------------------------------------------------+
|Remarks |Independent ALG |
+--------------+----------------------------------------------------+
4.4.2. FTP downloading
Li, et al. Expires January 17, 2013 [Page 12]
�
Internet-Draft NAT44-test July 2012
+--------------+----------------------------------------------------+
|Test Item |Downloading |
+--------------+----------------- ----------------------------------+
|Sub-Item |FTP downloading |
+--------------+----------------------------------------------------+
|Test |Check whether PC can download by FTP with NAT444 on|
|Objective |the networks. |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3,4 PCs can download by FTP. |
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Input a FTP address:FTP://debian.bjlx.org.cn. |
| |3.Check whether PC can connect to FTP server and |
| |download by FTP. |
| |4.Test Activation/Deactivation/Single ALG+tree-tuple|
+--------------+----------------------------------------------------+
|Expected |User can download files by FTP. |
|Result | |
| | |
+--------------+----------------------------------------------------+
|Actual Result |Passed but dependent ALG |
+--------------+----------------------------------------------------+
|Remarks |Not testing when FTP server is in private network |
+--------------+----------------------------------------------------+
4.4.3. Bittorrent/eMule downloading
Li, et al. Expires January 17, 2013 [Page 13]
�
Internet-Draft NAT44-test July 2012
+--------------+----------------------------------------------------+
|Test Item |Downloading |
+--------------+----------------- ----------------------------------+
|Sub-Item |Bittorrrent/eMule |
+--------------+----------------------------------------------------+
|Test |Check whether PC can download by Bittorrent/eMule |
|Objective | |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3,4 PCs can download by Bittorrent |
| |/eMule |
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Install Bittorrent or eMule client on PC. |
| |3.Check whether PC can download by Bittorrent/eMule.|
| |4.Test Activation/Deactivation/Single ALG+tree-tuple|
| | |
+--------------+----------------------------------------------------+
|Expected |User can download files by Bittorrent. |
|Result |User can download files by eMule. |
| | |
+--------------+----------------------------------------------------+
|Actual Result |Passed and Independent ALG |
+--------------+----------------------------------------------------+
|Remarks |No testing When Bittorrent server in private network|
| |No testing When eMule server in private network. |
| |CGN not support PCP |
+--------------+----------------------------------------------------+
Remark: PCP([draft-ietf-pcp-base-26]) is not actived in CGN. When
eMule/Bittorrent server is behind in CGN, we didn't test.
+--+
4.4.4. Xunlei downloading
Li, et al. Expires January 17, 2013 [Page 14]
�
Internet-Draft NAT44-test July 2012
+--------------+----------------------------------------------------+
|Test Item |Downloading |
+--------------+----------------- ----------------------------------+
|Sub-Item |Xunlei downloading |
+--------------+----------------------------------------------------+
|Test |Check whether PC can download by Xunlei when it is |
|Objective |in a private network. |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3,4 PCs can download by Xunlei. |
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Install Xunlei client on PC. |
| |3.Open a file in Xunlei and check whether PC can |
| |download by Xunlei. |
| |4.Test Activation/Deactivation/Single ALG+tree-tuple|
+--------------+----------------------------------------------------+
|Expected |User can download files by Xunlei. |
|Result | |
| | |
+--------------+----------------------------------------------------+
|Actual Result |Passed and Independent ALG |
+--------------+----------------------------------------------------+
|Remarks | |
+--------------+----------------------------------------------------+
4.5. Internet Video/music
4.5.1. PPStream
Li, et al. Expires January 17, 2013 [Page 15]
�
Internet-Draft NAT44-test July 2012
+--------------+----------------------------------------------------+
|Test Item |Internet Video/music |
+--------------+----------------- ----------------------------------+
|Sub-Item |PPStream |
+--------------+----------------------------------------------------+
|Test |Check whether PC with PPStream client can play video|
|Objective |/music programme. |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3,4 PCs can play video/music programme|
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Install PPStream client on PC. |
| |3.Check whether PC can play programmes on PPStream. |
| |4.Test Activation/Deactivation/Single ALG+tree-tuple|
| | |
+--------------+----------------------------------------------------+
|Expected |User can see the film or listen to music with |
|Result |PPStream client. |
| | |
+--------------+----------------------------------------------------+
|Actual Result |Passed |
+--------------+----------------------------------------------------+
|Remarks |Independent ALG |
+--------------+----------------------------------------------------+
4.5.2. Other Internet Video/music
We tested other Internet Video/music software in the same way and got
the same result as PPStream. Other Internet Video/music software
include PPlive, Youku, Qiyi, Xunleikankan, Tudou, Baidu video, Sohu
video, 163 video, and they are all popular video/music used in china.
Youtube can't be accessed by Chinese user and do not pass the test.
4.6. Email
4.6.1. Outlook/Outlook express
Li, et al. Expires January 17, 2013 [Page 16]
�
Internet-Draft NAT44-test July 2012
+--------------+----------------------------------------------------+
|Test Item |Email |
+--------------+----------------- ----------------------------------+
|Sub-Item |Outlook/Outlook express |
+--------------+----------------------------------------------------+
|Test |Check whether PC with Outlook/Outlook express can |
|Objective |receive and send mail from mail server. |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3,4 PCs can receive/send mail. |
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Set Outlook/Outlook express on PC. |
| |3.Check whether PC can use Outlook/Outlook express. |
| |4.Test Activation/Deactivation/Single ALG+tree-tuple|
| | |
+--------------+----------------------------------------------------+
|Expected |User can see the film or listen to music with |
|Result |PPStream client. |
| | |
+--------------+----------------------------------------------------+
|Actual Result |Passed |
+--------------+----------------------------------------------------+
|Remarks |Independent ALG |
+--------------+----------------------------------------------------+
4.6.2. Other Email softwares
We tested other Email software in the same way and got the same
result as Outlook/Outlook express. Other Email softwares include QQ
mail, 163 mail, sina mail, and they are all popular mail used in
china.
4.7. Other applications
4.7.1. Telnet
Li, et al. Expires January 17, 2013 [Page 17]
�
Internet-Draft NAT44-test July 2012
+--------------+----------------------------------------------------+
|Test Item |Telnet |
+--------------+----------------- ----------------------------------+
|Sub-Item |Telnet |
+--------------+----------------------------------------------------+
|Test |Check whether PC can telnet a device within NAT |
|Objective |environment. |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3,4 PCs can Telnet. |
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Configure the Telnet on a PC. |
| |3.Check whether PC can build telnet. |
| |4.Test Activation/Deactivation/Single ALG+tree-tuple|
| | |
+--------------+----------------------------------------------------+
|Expected |User can build the telnet connection. |
|Result |
| | |
+--------------+----------------------------------------------------+
|Actual Result |Passed |
+--------------+----------------------------------------------------+
|Remarks |Independent ALG |
+--------------+----------------------------------------------------+
4.7.2. SSH
Li, et al. Expires January 17, 2013 [Page 18]
�
Internet-Draft NAT44-test July 2012
+--------------+----------------------------------------------------+
|Test Item |SSH |
+--------------+----------------- ----------------------------------+
|Sub-Item |SSH |
+--------------+----------------------------------------------------+
|Test |Check whether PC can build SSH connection within |
|Objective |NAT environment. |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3,4 PCs can Build SSH connection. |
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Configure the SHH on a router in network |
| |3.Check whether PC can build SSH connection |
| |4.Test Activation/Deactivation/Single ALG+tree-tuple|
| | |
+--------------+----------------------------------------------------+
|Expected |User can build the SHH connection. |
|Result |
| | |
+--------------+----------------------------------------------------+
|Actual Result |Passed |
+--------------+----------------------------------------------------+
|Remarks |Independent ALG |
+--------------+----------------------------------------------------+
4.7.3. Traceroute
Li, et al. Expires January 17, 2013 [Page 19]
�
Internet-Draft NAT44-test July 2012
+--------------+----------------------------------------------------+
|Test Item |Traceroute |
+--------------+----------------- ----------------------------------+
|Sub-Item |Traceroute (using ICMP) |
+--------------+----------------------------------------------------+
|Test |Check whether two PCs behind NAT can traceroute. |
|Objective |NAT environment. |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3,4 . |
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Traceroute from a PC to another PC. |
| |3.Check whether two PC can traceroute. |
| |4.Test Activation/Deactivation/Single ALG+tree-tuple|
| | |
+--------------+----------------------------------------------------+
|Expected |Two users can traceroute. |
|Result |
| | |
+--------------+----------------------------------------------------+
|Actual Result |Passed |
+--------------+----------------------------------------------------+
|Remarks |Independent ALG |
+--------------+----------------------------------------------------+
4.7.4. Remote desktop
Li, et al. Expires January 17, 2013 [Page 20]
�
Internet-Draft NAT44-test July 2012
+--------------+----------------------------------------------------+
|Test Item |Remote desktop |
+--------------+----------------- ----------------------------------+
|Sub-Item |Remote desktop |
+--------------+----------------------------------------------------+
|Test |Check whether a PC behind NAT can remote desktop |
|Objective |to another PC behind NAT or to a public PC. |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3,4 . |
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Remote desktop from a PC to another PC. |
| |3.Check whether two PC can remotedesktop successfully
| |4.Test Activation/Deactivation/Single ALG+tree-tuple|
| | |
+--------------+----------------------------------------------------+
|Expected |User behind CGN can remote desktop to another CGN |
|Result |user or a public IP user. |
| | |
+--------------+----------------------------------------------------+
|Actual Result |Passed |
+--------------+----------------------------------------------------+
|Remarks |Independent ALG |
+--------------+----------------------------------------------------+
4.8. VPN
4.8.1. iAccess
Li, et al. Expires January 17, 2013 [Page 21]
�
Internet-Draft NAT44-test July 2012
+--------------+----------------------------------------------------+
|Test Item |VPN |
+--------------+----------------- ----------------------------------+
|Sub-Item |iAccess |
+--------------+----------------------------------------------------+
|Test |Check whether a PC behind NAT can remote desktop |
|Objective |to another PC behind NAT or to a public PC. |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3,4 . |
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Get a iAccess user and password from company. |
| |3.Check whether public PC can access the company. |
| |4.Test Activation/Deactivation/Single ALG+tree-tuple|
| | |
+--------------+----------------------------------------------------+
|Expected |User can access company resource from public network|
|Result |by iAccess user and password. |
| | |
+--------------+----------------------------------------------------+
|Actual Result |Passed |
+--------------+----------------------------------------------------+
|Remarks |Independent ALG; not test PPTP,L2TP |
+--------------+----------------------------------------------------+
4.9. Shopping online
4.9.1. Taobao
Li, et al. Expires January 17, 2013 [Page 22]
�
Internet-Draft NAT44-test July 2012
+--------------+----------------------------------------------------+
|Test Item |Shopping online |
+--------------+----------------- ----------------------------------+
|Sub-Item |Taobao |
+--------------+----------------------------------------------------+
|Test |Check whether user can shop by Taobao within NAT |
|Objective |environment. |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3,4 PC can access Taobao. . |
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Open browsing and input Taobao address. |
| |3.Check whether user can access Taobao web site. |
| |4.Test Activation/Deactivation/Single ALG+tree-tuple|
| | |
+--------------+----------------------------------------------------+
|Expected |User can shop in Taobao and do all kind of operation|
|Result |in web site. |
| | |
+--------------+----------------------------------------------------+
|Actual Result |Passed |
+--------------+----------------------------------------------------+
|Remarks |Independent ALG |
+--------------+----------------------------------------------------+
4.10. Bank
4.10.1. China Merchants Bank
Li, et al. Expires January 17, 2013 [Page 23]
�
Internet-Draft NAT44-test July 2012
+--------------+----------------------------------------------------+
|Test Item |Bank |
+--------------+----------------------------------------------------+
|Sub-Item |China Merchants Bank |
+--------------+----------------------------------------------------+
|Test |Check whether user can use online bank web within |
|Objective |NAT environment. |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3,4 PC can access online bank. . |
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Open browsing and input China Merchants Bank Addr |
| |3.Check whether user can use online bank. |
| |4.Test Activation/Deactivation/Single ALG+tree-tuple|
| | |
+--------------+----------------------------------------------------+
|Expected |User can use online bank on web site. |
|Result | |
| | |
+--------------+----------------------------------------------------+
|Actual Result |Passed |
+--------------+----------------------------------------------------+
|Remarks |Independent ALG |
+--------------+----------------------------------------------------+
4.11. Negotiable securities
4.11.1. United securities
Li, et al. Expires January 17, 2013 [Page 24]
�
Internet-Draft NAT44-test July 2012
+--------------+----------------------------------------------------+
|Test Item |Negotiable securities |
+--------------+----------------------------------------------------+
|Sub-Item |United securities |
+--------------+----------------------------------------------------+
|Test |Check whether user can entry securities exchange |
|Objective |centre and trade. |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3,4 PC can access securities web. |
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Install United securities client. |
| |3.Check whether user can entry the securities |
| |exchange centre and trade |
| |4.Test Activation/Deactivation/Single ALG+tree-tuple|
+--------------+----------------------------------------------------+
|Expected |User can entry securities exchange centre and trade.|
|Result | |
| | |
+--------------+----------------------------------------------------+
|Actual Result |Passed |
+--------------+----------------------------------------------------+
|Remarks |Independent ALG |
+--------------+----------------------------------------------------+
4.12. Map
4.12.1. google map
Li, et al. Expires January 17, 2013 [Page 25]
�
Internet-Draft NAT44-test July 2012
+--------------+----------------------------------------------------+
|Test Item |MAP |
+--------------+----------------------------------------------------+
|Sub-Item |Google map |
+--------------+----------------------------------------------------+
|Test |Check whether user can use google map for search |
|Objective |Within the NAT environment. |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3,4 PC can use google map. |
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Open google map. |
| |3.Check whether user can goole map for search. |
| |Check the session entries on CGN. |
| |4.Test Activation/Deactivation/Single ALG+tree-tuple|
+--------------+----------------------------------------------------+
|Expected |User can use google map for search. |
|Result | |
| | |
+--------------+----------------------------------------------------+
|Actual Result |Passed |
+--------------+----------------------------------------------------+
|Remarks |Independent ALG |
+--------------+----------------------------------------------------+
We tested Baidu map in the same way and got the same result .
5. Applications Testing with same public IP address
This section describes testing result when different CPEs use same
public IP address. The purpose of testing is make sure the
application can also be used when different users use same external
public IP address.
This section include three scenarios. Scenario 1: in figure 1 PC1
and PC2 use same external public IP address; Scenario 2: in figure1
PC2 and PC3 use same external public IP address; Scenario 3: in
figure 3 PC4 are CGN user and PC5 are public user;
5.1. Instant message applications
5.1.1. Microsoft Messenger
Li, et al. Expires January 17, 2013 [Page 26]
�
Internet-Draft NAT44-test July 2012
+--------------+----------------------------------------------------+
|Test Item |IM |
+--------------+----------------------------------------------------+
|Sub-Item |Microsoft Messenger |
+--------------+----------------------------------------------------+
|Test |Check when ALG active or deactive whether MSN has |
|Objective |same communication flow in three scenarios. |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3 |
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Install MSN in PC |
| |3.Check whether MSN user can register |
| |4.Active ALG and see the communication flow by |
| |grasping packets in three scenarios. |
+--------------+----------------------------------------------------+
|Expected |MSN user can communicate in three scenarios. |
|Result | |
| | |
+--------------+----------------------------------------------------+
|Actual Result |Passed |
+--------------+----------------------------------------------------+
|Remarks | |
+--------------+----------------------------------------------------+
5.2. Online gaming
5.2.1. QQ online gaming
Li, et al. Expires January 17, 2013 [Page 27]
�
Internet-Draft NAT44-test July 2012
+--------------+----------------------------------------------------+
|Test Item |Online gaming |
+--------------+----------------- ----------------------------------+
|Sub-Item |QQ Online gaming |
+--------------+----------------------------------------------------+
|Test |Check whether QQ online game has the same flow when |
|Objective |ALG active or deactive. |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3 |
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Install QQ online gaming client on PC |
| |3.Check whether PC can entry game room and play. |
| |4.Grasp packets when ALG active or deactive. |
| | |
+--------------+----------------------------------------------------+
|Expected |QQ game user can entry game room and play. |
|Result | |
| | |
+--------------+----------------------------------------------------+
|Actual Result |Failed |
+--------------+----------------------------------------------------+
|Remarks |same public IP user can't entry the same game room. |
+--------------+----------------------------------------------------+
5.3. Internet Video/music
5.3.1. Youku
Li, et al. Expires January 17, 2013 [Page 28]
�
Internet-Draft NAT44-test July 2012
+--------------+----------------------------------------------------+
|Test Item |Internet Video/music |
+--------------+----------------- ----------------------------------+
|Sub-Item |Youku |
+--------------+----------------------------------------------------+
|Test |Check whether Youku has the same flow when ALG |
|Objective |active or deactive. |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3 |
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Go to Youku web site and view video. |
| |3.Grasp packets when ALG active or deactive and |
| |analyse the flow. |
| | |
+--------------+----------------------------------------------------+
|Expected |User can see the film or listen to music in Youku |
|Result |web site. |
| | |
+--------------+----------------------------------------------------+
|Actual Result |Passed |
+--------------+----------------------------------------------------+
|Remarks | |
+--------------+----------------------------------------------------+
5.4. Shopping online
5.4.1. Taobao
Li, et al. Expires January 17, 2013 [Page 29]
�
Internet-Draft NAT44-test July 2012
+--------------+----------------------------------------------------+
|Test Item |Shopping online |
+--------------+----------------- ----------------------------------+
|Sub-Item |Taobao |
+--------------+----------------------------------------------------+
|Test |Check whether Taobao user has the same flow when NAT|
|Objective |actives or deactives. |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3 |
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Open browsing and input Taobao address. |
| |3.Check whether user can shop on Taobao web site. |
| |4.Grasp packets when ALG actives or deactives to see|
| |whether the flow are same or not. |
+--------------+----------------------------------------------------+
|Expected |User can shop in Taobao. |
|Result | |
| | |
+--------------+----------------------------------------------------+
|Actual Result |Passed |
+--------------+----------------------------------------------------+
|Remarks | |
+--------------+----------------------------------------------------+
5.5. Bank
5.5.1. Industrial and Commercial Bank of China
Li, et al. Expires January 17, 2013 [Page 30]
�
Internet-Draft NAT44-test July 2012
+--------------+----------------------------------------------------+
|Test Item |Bank |
+--------------+----------------------------------------------------+
|Sub-Item |Industrial and Commercial Bank of China(ICBC) |
+--------------+----------------------------------------------------+
|Test |Check when user can use online ICBC bank web the |
|Objective |service flow is same when activing/deactiving ALG. |
+--------------+----------------------------------------------------+
|Test Scenario |Scenario:1, 2,3 |
+--------------+----------------------------------------------------+
|Test |1.Configure user IP pool in BRAS. Configure NAT444 |
|Procedure |and IPv4 public pool in CGN. |
| |2.Open browsing and input ICBC Bank address. |
| |3.Check whether user can use online bank to transfer|
| |4.Grasp the packets to analyse the flow when ALG |
| |actives or deactives. |
+--------------+----------------------------------------------------+
|Expected |User can use online bank on web site. |
|Result | |
| | |
+--------------+----------------------------------------------------+
|Actual Result |Passed |
+--------------+----------------------------------------------------+
|Remarks | |
+--------------+----------------------------------------------------+
6. Effect analysis
6.1. User experience
User experience can't be quantified and we get the result only by
subjective experience. Time delay, echo, fluency in video and audio
are almost same as without NAT444 on network. Communications between
CGN users and CGN user with public user are always normal. As a
result, NAT444 has no affection on the users' experience in the tests
we have run.
6.2. Testing summary
In all the applications aforementioned only FTP depends on ALG. We
only test two levels NAT.
QQ online gaming does not permit two users use the same external
public IP address in the same game room. When two users use the same
Li, et al. Expires January 17, 2013 [Page 31]
�
Internet-Draft NAT44-test July 2012
external public IP address, QQ online gaming considers they come from
the same subscriber. If they are in the same game room, they are
regarded as cribbers.
We only tested a bank account to use online bank since we only have
one account.
We didn't test when eMule, Bittorrent work as internal server. This
needs support of PCP.
When there is two levels NAT, users can't set internal server, such
as FTP server, in home network.
Communication between CGN user and public IP user belonging to the
same CGN is not processed by service board.
7. Security Considerations
8. Acknowledgments
9. IANA Considerations
10. Informative References
[draft-ietf-pcp-base-26]
IETF, "Port Control Protocol (PCP)", June 2012,
<http://tools.ietf.org/html/draft-ietf-pcp-base-26>.
Authors' Addresses
Zhongchao Li
China Telecom
Nanjing,
P.R. China
Email: 15301588336@189.cn
Li, et al. Expires January 17, 2013 [Page 32]
�
Internet-Draft NAT44-test July 2012
Hongwei Guo
China Telecom
Nanjing,
P.R. China
Email: 15306188213@189.cn
Chunlin Liu
China Telecom
Nanjing,
P.R. China
Email: liuchunlin@jsptpd.com
Will Liu
Huawei Technologies
Bantian, Longgang DIST
Shenzhen 518129
P.R. China
Phone: +86 755 28972315
Email: liushucheng@huawei.com
Zhongjian Zhang
Huawei Technologies
Bantian, Longgang DIST
Shenzhen,
P.R. China
Email: zhangzhongjian@huawei.com
Li, et al. Expires January 17, 2013 [Page 33]
�
