A large number of overlay multicast protocols have been developed, almost all of which assume universal connectivity between end hosts. However, in reality, this assumption is not valid with widespread use of Network Address Translators (NAT) and firewalls. The impact of NAT and firewall connectivity restrictions on overlay multicast, especially in the application-endpoint setting, has not been seriously considered. In this paper, we argue that it is critical to consider connectivity restrictions because NAT and firewall hosts make up a large fraction of the endpoints, affecting proper functionality as well as performance of overlay multicast protocols. We present several design enhancements that explicitly consider connectivity restrictions in overlay multicast and evaluate the design space and tradeoffs based on real Internet broadcasts and Internet testbed experiments. Categories and Subject Descriptors C.2.4 [Computer-Communication Networks]: Distributed Systems General Terms D...