NAT Traveral (NAT-T) Technology
What Is NAT Traversal?
Network Address Translation (NAT) is a technology for connecting multiple devices to a single external IP address. Most ADSL modems, firewalls, and mobile operators perform network address translation. It happens in most homes, hotels, offices, and mobile data connections without users knowing of it.
NAT Traversal refers to techniques for making applications, such as voice-over-IP and multi-player games, work across devices that perform network address translation.
Help to Make Access Work though NAT & Firewall
If you have problems getting games or telephony applications working over NAT and firewall, the following links may be helpful.
Information for Developers
The following links may be useful for developers. This listing is for information only, not an endorsement or forbearance.
- NAT Punch-through for Multiplayer Games
- How to make a multiplayer game work reliably behind NAT?
- PJNATH - Open Source ICE, STUN, and TURN Library (2.5.5) - PJSIP
- Berkus: Libraries for NAT traversal and hole punching
- Happytimesoft NAT traversal library
- Happytime NAT Traversal Library
- reTurn STUN/TURN server
- Kademlia DHT with NAT Traversal
NAT Traversal Technology
Technology for NAT Traversal falls into a few categories:
- IETF Standards for UDP: STUN, TURN, ICE. These standards are exteremely widely used, including most smartphones, tablets, laptops, and games. There are also many proprietary variations of the same technology.
- Interacting with NAT device to open a port: UPnP IGDP, NAT-PMP, PCP. The problem with these approaches is that 1) they need special support from the NAT device, and 2) they do not work across multiple NATs, which is a common scenario especially with mobile hotspots.
- Forwarding gateway at the NAT device: SOCKS. These require special support from both the firewall and application and are generally only used with some enterprise firewalls.
- Application layer gateways (ALG) in firewalls.
Of these alternatives, only the IETF standardized NAT traversal solutions and their proprietary variations work with all NATs in all networks - even when multiple NATs are present and the types or features of each NAT are not known. What's more important, they work automatically, without manual configuration.
SSH's Role in the Development of NAT Traversal
SSH Communications Security was active in the development of NAT traversal technologies. The modern way of doing NAT traversal - now standardized in STUN, TURN, ICE, SIP-outbound, and many others - was invented by Tatu Ylonen and Tero Kivinen in 1997-1998 and patented by SSH.
The SSH invented NAT Traversal technology is the only known, practical way of reliably communicating across NAT, and NATs are ubiquitous on the Internet.
Today, the technology is extremely widely used in smartphones, tablets, laptops, IP telephones, smart TVs, and multi-player games.
Patents and Licensing
SSH Communications Security owns several patents on NAT Traversal. Most of the patents are valid until approximately 2020. The patents are available for licensing. SSH is actively enforcing its patents against some of the larger player in the relevant fields.