How Does AVES Work?

In the following, we explain at a high level how AVES provides connectivity from regular Internet hosts to hosts behind NAT gateways. For simplicity, many important details are omitted here, for full details, please refer to our technical documents.

The most important thing to note in the following example is that, a regular IP host is completely unaware of the AVES transactions, therefore absolutely no change is required on an IP host for it to reach any AVES host behind NAT. No other known solution has this crucial property.

1. Hosts behind NAT gateways do not have globally unique IP addresses, they only have so-called reusable-IP (aka private-IP) addresses, which are not globally unique. Thus, the first function of AVES is to provide host names (e.g. to hosts behind NAT so that they can be uniquely identified. When a NAT user signs up for the AVES service, he simply chooses the names for his hosts and informs the AVES service provider of these choices.

2. A NAT gateway's functionality needs to be extended to handle the AVES protocols. This can be achieve by running an additional software program called the AVES NAT Daemon on the NAT gateway device. The AVES NAT Daemon does not alter the pre-existing functionality of the NAT gateway.

The above steps are all that is needed for a NAT user to take advantage of AVES. The rest of the complexity is completely handled by the AVES service provider. The figure above depicts a NAT user, John, who has signed up for the AVES service. He has one computer behind NAT, it has the host name

3. The AVES service provider deploys a domain name server for the AVES domain names (e.g. * In addition, a number of special devices called AVES Waypoints are also deployed in the Internet. AVES Waypoints are network agents that relay data packets between end hosts. These additions are depicted in the figure above. Note that AVES Waypoints are shared agents, therefore an unlimited number of AVES hosts can simultaneously be reachable.

4. Consider the figure above. When any Internet host A wishes to communicate with an AVES host, e.g., A simply performs a host name lookup (arrow (1)). When the AVES domain name server receives this lookup request, it contacts one of the AVES Waypoints, in this case W1 (arrow (2)), to set it up. A confirmation is then received from W1 (arrow (3)). Finally, the AVES domain name server returns the IP address of W1 to A (arrow (4)).

5. Consider the figure above. Now, A is about to start communication with the AVES host A sends a packet to W1 (arrow (5)). This packet is processed by W1 and relayed to the NAT gateway (arrow (6)). The AVES NAT Daemon processes this packet and sends it onto (arrow (7)). Finally, replies to A (arrow (8)), the AVES NAT Daemon processes this packet, and sends the packet to A (arrow (9)). A connection from a regular Internet host to a host behind NAT is now established.

Back to AVES Home