Tulemüüride taga paiknevate nutitelefonide adresseerimine

Abstract

Nutitelefonid on tänapäeval kogumas järjest enam populaarsust, kuna nende tehniliste parameetrite arengu tõttu on nad hakanud asendama süle- ja lauaarvuteid.

Traditsioonilised nutitelefonide rakendused enamasti ainult tarbivad internetis leiduvat informatsiooni. Kuna aga tarkade seadmete arvutusvõimsus on juba võrreldav kodukasutaja sülearvutitega, saab neid kasutada ka hoopis serveritena. See loob omakorda aga eeltingimused uut tüüpi rakenduste arenguks.

Paraku on tõsine probleem nii nutitelefonide kui ka teiste seadmete adresseerimisega üle interneti, mis asuvad tavalistes kohtvõrkudes nagu näiteks kodudes. Antud probleem on enamasti tingitud tõsiasjast, et kõikide võrgus leiduvate seadmete identifitseerimiseks ei jätku unikaalseid aadresse. Seetõttu on kasutusele võetud võrguaadresside tõlkimine (network address translation), mis aga omakorda raskendab suvaliste seadmete adresseerimist.

Antud töös on välja pakutud üks võimalikest lahendustest, kuidas luua ühendus nutitelefonidega, mis asuvad võrguaadresse tõlkivate ruuterite taga. Selleks on kasutatud nutitelefonidele teatiste saatmise võimalust ning manuaalselt internetiprotokolli (IP) pakettide koostamist, et tekitada ajutised tunnelid ruuterites.

Tarkvara, mis selle töö raames kirjutati, testiti olukorras, kus mõnda teenust pakkuv nutitelefon oli võrguaadresse tõlkiva ruuteri taga. Ühenduse loomine oli edukas, kuid antud lahendus nõuab mõningate eeltingumuste täitmist. Näiteks peab nutitelefonis olema võimalik jooksutada koodi administraatori õigustes, ruuterid peavad võrguaadresside tõlkimisel kasutama kasvavaid pordinumbreid ning võrk ei tohi olla liialt koormatud.

Kuna valminud lahendus on alles esmane prototüüp, saab seda tulevikus edasi arendada, et see oleks kasutatav ka reaalsetes rakendustes. Töös on välja toodud soovitused lisada ruuterite ja tulemüüride omaduste avastamise funktsionaalsus ning muude tunnelite tekitamise meetodeid, mis töötaksid ka teistsuguste omadustega võrkude ja seadmete korral.

In recent years, smartphones have become considerably popular. They are inseparable companions for their owners while offering both entertainment and assistance in daily routines.

Such popularity has different reasons - with the development of technologies like touchscreens and microprocessors, smartphones are becoming more and more powerful in terms of computational power. This sets preconditions for the development of rather sophisticated software as well. Today it is already possible to play 3D games or record high-definition videos with mobiles. Moreover, smartphones and tablets are replacing laptops and desktops since they offer almost the same functionality and user experience while fitting into pockets and weighing only couple of hundred grams.

Most of the applications currently available for smartphones usually consume different kind of resources from the Internet, thus acting as clients. But given the fact that handheld devices have already roughly the same computational power as low-end laptops and netbooks, it is possible to offer services from the smartphones as well which could lead to new types of mobile applications and use cases.

Unfortunately, it is not trivial to access smartphones or any other host from the Internet due to widespread usage of some networking processes, for example, network address translation (NAT). To overcome such difficulties problems, an application suite is proposed in this thesis, which helps smartphones to become accessible service provides not only within local network but also across the Internet by mitigating some common addressing problems.

Proposed solution was implemented and tested in scenarios where the smartphone whose services were accessed, was located behind a router which performed network address translation. Even though the connection establishment was successful, some limitations were identified, which included executing code with root privileges in the smartphone, incremental NAT mapping by the routers and relatively idle local network of both connecting peers.

As the current implementation is only an initial prototype, it is not yet mature enough to be used in real applications. Nonetheless, given solution could be improved in different ways, e.g. adding more NAT hole punching techniques which have different prerequisites making it more stable in other network environments. Also the functionality to discover the network and NAT properties could be added.