Opened 7 years ago

Closed 16 months ago

#7228 closed enhancement (wontfix)

Detect if the client is behind NAT

Reported by: hellais Owned by: hellais
Priority: Low Milestone:
Component: Archived/Ooni Version:
Severity: Normal Keywords: oonib, wishlist, archived-closed-2018-07-04
Cc: vecna@… Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


In #6074 we thought that it would be nice to be able to detect if the client running an OONI-probe test is behind NAT.

Doing some very summary research a possible approach is detailed in RFC3947 ( section 3.2.
The idea is that the client and server send the packets they send and receive. If there is a mismatch between these then somewhere along the path either the DST/SRC ip:port pair has changed and then NAT is present.

This should be implemented in both the OONI client and the OONI backend.

A technique that does not require having a backend would be ideal.

Phrack #63 contains a technique for detecting NAT based on TCP timestamp fingerprints:

A tool that probably is not that relevant is masquet It detects devices that may be natted on the local network based on the TTLs of packets and port numbers.

Child Tickets

Attachments (1)

isBenhindNat.patch (942 bytes) - added by reezer 5 years ago.
function to check ip addresses against rfc1918

Download all attachments as: .zip

Change History (9)

comment:1 Changed 7 years ago by ioerror

The easy way is to see if we have an RFC1918 address. If we do, we can be pretty sure that we're behind a NAT.

The more involved way is to actually emulate all of the Netalyzer tests.

As a first iteration, I propose we just look to see if we have an interface bound to an RFC1918 address or if our gateway is an RFC1918 address.

As a second iteration, I propose we tcptraceroute with a three hop ttl to see if we see any RFC1918 addresses.

As a third iteration, I propose Netalyzer tests that talk to a third server. This iteration should be broken down into a series of tests that we implement incrementally.

comment:2 Changed 7 years ago by hellais

Keywords: SponsorH201210 added

comment:3 Changed 7 years ago by hellais

Keywords: SponsorH201212 added; SponsorH201210 removed

comment:6 Changed 6 years ago by hellais

Keywords: wishlist added; SponsorH201212 removed

Changed 5 years ago by reezer

Attachment: isBenhindNat.patch added

function to check ip addresses against rfc1918

comment:7 Changed 23 months ago by teor

Severity: Normal

Set all open tickets without a severity to "Normal"

comment:8 Changed 16 months ago by teor

Keywords: archived-closed-2018-07-04 added
Resolution: wontfix
Status: newclosed

Close all tickets in archived components

Note: See TracTickets for help on using tickets.