 | ||||||||||||||||||
 | ||||||||||||||||||
|
|
||||
NatNix creates a network where every computer gets a unique hostname and a routable virtual IP address. NatNix establishes direct, secure, reliable IP connections through firewalls and between organizations without changing any network infrastructure.
NatNix uses every trick in the book to establish a direct, reliable connection between peers, even if both are behind several layers of firewalls and routers.
- Direct connection via local IP
- STUN-like NAT traversal
- Relaying through dynamic pool of addressable servers
- Relaying through central server
- Masquerading as DNS traffic
- Masquerading as HTTP traffic
NatNix automatically reconfigures and reconnects if a peer's connection changes for any reason, including new IP address, new connection to different network, and hibernate/resume events.
Every packet is securely encrypted point-to-point with 256-bit AES keys negotiated by 2048 bit RSA public keys.
Every computer is available on the network, but you control who can access yours. NatNix requires password exchange to connect to most applications. Passwords can be waived for some applications which are already secure.
NatNix fixes protocols like H.323 and SIP which try to detect routable IP addresses, and usually fail behind NAT routers. NatNix detects SIP and H.323 protocol streams and fixes them to use virtual IP addresses which are then routed to NatNix hosts.
NatNix uses a central server to track each host's network connection, and to negotiate direct connections between hosts. The server's workload is very light, like a DNS server. Organizations can set up their own servers if they wish. Any NatNix can connect to any other (as long as they know the password), even when they belong to different organizations.
NatNix gives every computer a globally unique hostname that can be netered into any network application and will resolve to a virtual IP address. Hostnames are globally unique across all NatNix servers.
NatNix can check for and install upgrades automatically or when manually approved by the end user.
You only have to choose a unique hostname and password to accept connections. Unlike other VPNs, there are no IP address ranges to set up, no DHCP configuration, etc.
NatNix hosts can be deployed on any network and still be connected, without having to reconfigure their remote network. This makes NatNix ideal for hosts that move across different network access points, or for devices that are deployed in foreign networks.
The NatNix networking core is written in compact, portable C code compiled to a 1.5Mb binary. The network core is written to run as a daemon with a local network protocol for user interface and configuration agents. The network core and control panel user interface share a common code base for Windows and Linux, and can easily be ported to other embedded architectures.