IGD protocol
The Internet Gateway Device (IGD) - Port Control Protocol (PCP) is a standardized device control protocol that is supported by some NAT routers . It is a common practice to automatically configure port forwarding , but it has not yet been recognized as a standard by the Internet Engineering Task Force (IETF).
application
Applications that use peer-to-peer networks, multiplayer games and remote maintenance programs, for example remote desktop , or media sharing over a local network , require a method to communicate via home or business gateways . Without the IGD protocol, the gateway device has to be configured manually to allow the traffic of an application to be passed through from the Internet , which is very error-prone and time-consuming. With Universal Plug and Play (UPnP) a solution was developed especially for NAT , which today can be made available under many operating systems.
IGD can make the following tasks easier for the user:
- Determination of the public (external) IP address
- Assignment of a new public IP address
- List of available port forwarding
- Adding and removing port forwarding
- Assign expiry times for forwardings
The host can use SSDP to search for devices available in the network, which can then be controlled using a network protocol such as SOAP . A search query is sent via HTTP and port 1900 to the multicast address 239.255.255.250:
M-SEARCH * HTTP/1.1 Host:239.255.255.250:1900 ST:urn:schemas-upnp-org:device:InternetGatewayDevice:1 Man:"ssdp:discover" MX:3
Security risks
With the help of script languages on a website , however, new risks and dangers can be brought about by the IGD protocol, if the change of the configuration on the gateway device has been allowed beforehand. This would make it possible to bring a computer or an entire network under the control of external users, which is often done with criminal intent. Many DSL routers , such as the Fritz! Boxes widespread in Germany , support this procedure, but changes to the configuration usually have to be approved separately by the user via the web interface , provided that access to the device has been previously secured with a password .
See also
Web links
- RFC 6970 - Universal Plug and Play (UPnP) Internet Gateway Device - Port Control Protocol Interworking Function (IGD-PCP IWF)
- M. Boucadair, F. Dupont, R. Penno, D. Wing: Universal Plug and Play (UPnP) Internet Gateway Device (IGD) -Port Control Protocol (PCP) Interworking Function. IETF, September 24, 2012 .
- Internet Gateway Device (IGD) V 1.0. (JavaScript) (No longer available online.) UPnP Forum, November 12, 2001 Formerly in the original (English). ( Page no longer available , search in web archives )
- Internet Gateway Device (IGD) V 2.0. (JavaScript) (No longer available online.) UPnP Forum, December 9, 2010 Formerly in the original (English). ( Page no longer available , search in web archives )
- UPnP Forum Internet Gateway Device presentation. (ppt; 455 kB) (No longer available online.) UPnP forum formerly in the original (English). ( Page no longer available , search in web archives )
- Description of the UPnP features in Windows XP (Universal Plug & Play). Microsoft, December 1, 2007.
Individual evidence
- ↑ RFC 6887 - Port Control Protocol (PCP). In: Internet Engineering Task Force (ed.): Request for Comments . (English, April 2013) “ The Port Control Protocol allows an IPv6 or IPv4 host to control how incoming IPv6 or IPv4 packets are translated and forwarded by a Network Address Translator (NAT) or simple firewall, and also allows a host to optimize its outgoing NAT keepalive messages. ”
- ↑ Reiko Kaps: Network Magic. heise online, January 30, 2009, accessed June 11, 2013 .
- ^ Daniel Bachfeld: Unintentional remote configuration for home routers. heise online, January 15, 2008, accessed on July 21, 2012 .