TetherNet – automatic Internet subnet relocation and rental

TetherNet: The Anti-NAT solution to Internet-challenged environments

TetherNet is a system for dynamically relocating Internet subnets. This system can securely relocate portions of a network to a location remote from the original network via an automation process for configuration and management, using a graphical interface and multipoint control channel to manage overlay deployment at the IP layer. An anchor site can provide a delegated IP address block and reverse DNS as a rented service, and with this technology, a remote site can use those IP addresses with the same privileges.


  • Provides true Internet service – globally routable IP addresses, with forward and reverse DNS – supporting services on well-known ports.
  • Works behind NATs – provides Internet service for any IP-based protocol, even those defeated by NATs, including experimental protocols.
  • Works behind varying dynamic IPs – enables stable connectivity even where DHCP leases are short and rotated, without timeout delays or protocol failures.
  • Provides IPsec-encrypted IPv4, multicast IPv4, IPv6, and multicast IPv6 – all behind NATs or conventional IPv4.
  • Works for any IP client: Unix, Windows, Mac, PDAs, embedded systems, etc., with plug & go and no additional support needed.


  • Enable use of any IP client (PC, PDA, etc.) and protocol.
  • Provide true Internet connectivity at conferences, exhibitions, and demos at a customer site, remote office, residence or hotel.
  • Support experiments and testbeds.
  • Provide stable and secure true Internet VPN without specific client support.
  • Reuse office Internet address space – enables reuse of even small blocks.
  • Community service: rent small blocks “at cost” to researchers, students.

Turnkey Systems:

  • Simple web user interface for setup and management
  • Setup WAN info (DHCP/static, DNS)
  • Setup LAN
  • Select rental site and parameters
  • Connect
  • Box management (time, logging, monitor)

Related Work

J. Touch. Those Pesky NATs. IEEE Internet Computing, July/August 2002, pp. 96.


Following the steps below relays a leased TetherNet subnet with the default configuration. For non-standard configurations, detailed instructions and troubleshooting information, please refer to the full TetherNet documentation.

    1. Make sure TetherNet box is powered down.
    2. Plug upstream network cable (to provider at remote location) into WAN port.
    3. Configure client machine to use DHCP, then connect it to LAN port via crossover cable, Ethernet switch/hub, or Wireless 802.11b NIC (only if wireless is enabled on the TetherNet box).
    4. Connect power cable to TetherNet box.
    5. Wait until Status LED starts blinking, then open a browser to access Any page or http://router.local.lan/ from client machine.
    6. If location uses DHCP, go to step 7 below, otherwise:
      1. Click WAN Setup button.
      2. Change connection type to Static IP Address.
      3. Enter IP address, network mask, default route, and DNS servers.
      4. Click Configure WAN Port button and answer Yes to reboot.
      5. Go back to Step 5 above.
    7. Click Lease TetherNet button.
    8. Pick Rental Site and desired Subnet Size.
    9. Click Start TetherNet Service


Joe Touch – PI

Lars Eggert, Yu-Shun Wang – students


May 2006

Embedded release for Soekris 4801 (a 486-based system for use with Tethernet), includes FreeBSD, the X-Bone web server, the X-Bone GUI, an LDAP server, and a DNS server.

Jan. 2004

Version 2.0

New Features

  • Auto-scan bi-directional handshake to find available ports through firewall
  • Automatic renew subnet lease:
    • saved state (rental parameters)
    • survive DHCP renumbering on the WAN port uplink
    • auto-retry upon connection disruption
    • auto-lease upon reboot
  • Automatic web redirect to Tethernet rental page
  • Supports MAC address cloning
  • Defaults to non-NAT mode prior to rental
  • More intuitive on-box LED blinking pattern

Sep. 2002

Version 1.0

Main Features

  • Web-based GUI
  • Auto Configuration
    • Random or user-configurable port selection
    • DHCP Server with configurable dynamic address range
    • DNS cache
    • Routing
    • Automatically cleanup leases after connection timeout
  • Subnet Features
    • IPv4 and IPv6
    • IPv4 and IPv6 multicast
    • Fair bandwidth allocation for active addresses
  • Security
    • Secure (TCP/SSL) configuration exchange
    • Hardware-accelerated ecrypted tunnels with AES, DES, 3DES, etc.
    • Password protection for designated blocks
  • Box Features
    • Supports NAT mode prior to rental
    • Supports WiFi 802.11b with optional WEP
    • Extensive monitoring status accessible through GUI