A Technique for Counting NATted Hosts
There have been many attempts to measure how many hosts are on the Internet. Many of those end-points, however, are NAT boxes (Network Address Translators), and actually represent several different computers. We describe a technique for detecting NATs and counting the number of active hosts behind them. The technique is based on the observation that on many operating systems, the IP header's ID field is a simple counter. By suitable processing of trace data, packets emanating from individual machines can be isolated, and the number of machines determined. Our implementation, tested on aggregated local trace data, demonstrates the feasibility (and limitations) of the scheme.
- fnat.pdf application/pdf 641 KB Download File
Also Published In
More About This Work
- Academic Units
- Computer Science
- Published Here
- June 29, 2010
Proceedings of the Second Internet Measurement Workshop: IMW 2002: Marseille, France, November 6-8, 2002 (New York: ACM Press, 2002), pp. 267-272.