Solwise SAR715PVW ADSL Ethernet Router User’s GuideChapter
10
. About Universal Plug’n Play and the SAR715PVW Router
153
10.2 THE INTERNET GATEWAY DEVICE
10.2.1 The IGD concept
UPnP can be used to distribute all kinds of services over a network.
The UPnP Forum, the standardization body for UPnP, as such has
defined working committees (WC) who each concentrate on a
certain type of devices and services: Home Automation and
Security, Audio/Video, Imaging and Print, Camera, … One working
committee, the Internet Gateway WC, is of special interest, having
defined the Internet Gateway Device (IGD) standard.
The term Internet Gateway covers DSL modems, POTS modems,
cable modems and Ethernet routers. As the name states it is the
(UPnP) device in the home providing access to the Internet. UPnP
control points throughout the house will take advantage of the IGD
services to transparently make and drop connections to the Internet.
10.2.2 Network Address Translation (NAT)
One of the problems of the Internet today is the shortage of IP
addresses. When the Internet Protocol (IP) was conceived in the
early 70s, every computer was given an IP address to be able to
identify it when sending IP traffic. However, over the years the
number of IP hosts has grown tremendously and the address space
is almost completely used. A new version of IP (IPv6) will solve this
problem, but the transfer to IPv6 of each of the billions of computers
on the Internet will not happen overnight.
To mitigate the problem in the mean time, the idea of NAT was
introduced. NAT
1
stands for Network Address Translation and is a
mechanism that will multiplex a multitude of (private) IP addresses
onto a single (public) IP address. Since the private IP addresses are
confined to specific, private realms, they can be reused in each of
these private realms; only the public IP addresses need to be
unique in the public domain. As such, a number of private IP hosts
can share a single public IP address on the Internet.
NAT is not a simple thing to do though, as each IP packet needs to
be translated: the private IP address/port in the IP header is
replaced with the public IP address/port (in upstream direction and
vice versa in downstream direction).
This would not be a major problem if it weren’t for the fact that some
applications additionally (need to) embed information about the IP
address/port in the payload of the IP packet. Now this is a problem
since the NAT engine (in the IGD) has no way of knowing where
exactly in the IP payload this IP address/port is mentioned. To solve
this issue, ALG’s (Application Level Gateways) have to be written
which will scan the IP packets’ payloads for the IP address/port and
replace it. Such an ALG program has to be written for each
application that embeds IP address/port information in its payload.
Often this means that the application is released to the public for
quite a while already, before NAT routers start supporting them
through an appropriate ALG.
A second issue is that the NAT engine cannot find out where to
forward inbound packets to if these packets are unsolicited. For
example if a web server were to be on the private realm, incoming