Sunday, February 25, 2018
Text Size



nabto_logo-GIF                                                          videoplayicon200pix1pixramme-GIF


The power of two

 VOIP - Identifies and creates connections between two internet locations


  • Well known and implemented
  • Easy GUI creation
  • Very high user knowledge base

Nabto = "VOIP + HTTP(S)"




3 parts in system:

  • Browser Plug-in
  • Base station
  • Nabto Proxy
  • 1.DNS address of the device points to base station
  • 2.Awareness signal from proxy to base station
  • 3.Base station mediation
  • Web browser defaults to HTTP –which points to Base station.
  • Base station examines if plug-in is installed
  • User is guided through install process or redirected to nabto://



  • Binds a local UDP socket and examines its public internet IP and Port

UDP holepunching


  • FW2Transmit this information via the base station to/from both peers

UDP holepunching


  • Let both peers send packets to the other peer public IP and Port



UDP holepunching


  • Now the firewalls are open for inbound traffic from the remote peer
  • Reliable connections can be established on top of UDP



Other methods

  • UPNP
    - Ask NAT to create a port forwarding to device
  • TCP relay
    - Relay TCP connections via central server
    - (Shared connection is better than no connection)



Light weight version



  • Low footprint on Proxy (1kb and up)
  • Low CPU resource on Base station
  • Direct connection to Proxy
  • Central "layout" decision
  • XML-SOAP possible interface for M2M



No internet – no problem




HTML Device Driver

  • Graphical content = gif, jpg, png, tiff etc.
  • HTML templates
    - TPT or XLST
  • Mapping : Request URL -> Binary format
  • Mapping : Response -> template parameters\



Example : getTemperature




Light weight version







  • HTML rendering is moved from low resource device to high resource PC
  • Graphical content is not served from low resource device
  • Web server overhead is removed. Only low footprint UDP stack is necessary

Localization –same firmware


OEM's –in same firmware


Simple Logging, SMS and email


Caching possibility


Connection types

  • Nabto simple
    –Direct HTTP proxy connection
  • Nabto port forward/tunneling
    –Direct port forwarded connection between the client and device
  • Nabto VPN
    –Direct full VPN to device

Maximal Security

  • X509 certificate authentication
    –Both server and client challenge/response
  • Blowfish encryption
  • No trespassing
    –Firewall is first "punched" when both sides are authenticated
  • Direct connections
    –Nabto is not in the loop, no eavesdropping and maximal network performance

Mega scalability

  • The system is designed for maximal scalability
  • Direct data-connections =>
    –No central "network performance" issues
  • Use of DNS as base station locator =>
    –No central point of failure
    –Simple redundancy facilitation

Other uses

  • VPN-as-a-service
    –Create VPN connections via base station
  • Application-VPN
    –Create tunnels from every where to:
  • Databases
  • ERP systems
  • CRM systems

Ultimate Solutions, Inc.
10 Clever Drive
Tewksbury, MA 01876 USA
Phone: 978.455.3383
Fax: 978.926.3091
Quick Link to Support & Resources:


Twitter Button  

Latest News

Abatron adds support for AppliedMicro's X-Gene™ processor
More Info

USI acquires Zylin ZY1000 product line
Click Here

Available NOW for an introductory price!
Embedded Linux BSP Program from bootbits
Click Here...

Ask about new Boundary Scan capabilities with the ZY1000!
Click for more info