how can i do NAT tunnel UDP hole punching in java?
because of this, the A and B computer behind the different NAT can not receice the UDP packs which they send to each other.....
how can i solve this?
You need a server S with a public IP address. A and B should open a connection to S. This will open an UDP hole in the NAT. Then S can read the NAT translated address/port for A and B. Then S can send back this information to A and B who can start communicating directly on each other's open TCP port.
Related
I'm making a chat program and i have a big problem : I have to make my computer listen more IP Adresses .
I mean that my computer will have to receive TCP data addressed to different IP at the same time .
Example :
the Computer 1 send "Hello 1" to the IP 192.168.1.103 and
the Computer 2 send "Hello 2" to the IP 192.168.56.1
My Computer (with IP : 192.168.58.1) have to receive both the messages ( i think that the only way to do that is to change continuosly my computer IP from 192.168.1.103 to 192.168.56.1 and the other way around)
Yes i know , it's a little hard ...
There's a more simple way to make this ?
As #tcarvin mentioned, UDP is more advisable. You can use UDP as the initial protocol for a TCP-IP connection and then operate the rest of the chat over TCP-IP after the connection is established.
I do UDP hole punching using the following method: I have a lobby server L, and two clients A and B behind a (shared) NAT.
Now, A and B are running on the same machine. They both send a datagram to server L.
Server L tells both A and B the IP+PORT of the other.
Note that the IPs of A and B that the server sees are identical, but the ports are different, as expected.
Then A and B send a datagram to each other, using the server provided addr+port.
Yet, their datagrams to each other never arrive.
My question: does UDP hole punching work if both clients are on the same machine? What if they are just on the same LAN, behind the same NAT?
NOTE: I tried to lower the strictness of my router, but Archer C7 does not seem to have a selection for Cone/Symmetric/Asymmetric unfortunately. I did switch off Stateful Packet Inspection.
UPDATE: When I try sending punch datagrams, I do see this come by over the network device:
ICMP dest unrch (port)
UPDATE: stunclient output:
$ stunclient --mode full stunserver.stunprotocol.org
Binding test: success
Local address: 10.0.1.2:49703
Mapped address: 209.161.250.218:49703
Behavior test: success
Nat behavior: Endpoint Independent Mapping
Filtering test: success
Nat filtering: Address and Port Dependent Filtering
I find when the webrtc create socket with STUN , the port return by STUN always same as the socket port. Is it accidental or fixed?
This depends on the type of NAT you're behind, some NATs may translate the port as well.
It's called port preservation in NAT terminology. Port numbers are preserved unless there is a conflict which happens when you have more than one machine behind NAT accessing the same service.
I'm in a hurry at the moment.
My Question is, is there a way to forward UDP to TCP port?
I need this for hosting a game server for my friends, I want to
host Counter-Strike server for example, but it uses UDP (User Datagram Protocol) for server port, but NGROK only supports TCP (Transmission Control Protocl) & HTTP (HyperText Transfer Protocol).
I tried this while ago..
ngrok tcp 127.0.0.1:27015
and as usually it will start :
ngrok by #inconshreveable (Ctrl+C to quit)
Session Status online
Account Soricy Infinitive (Plan: Free)
Version 2.2.8
Region United States (us)
Web Interface http://127.0.0.1:4040
Forwarding tcp://0.tcp.ngrok.io:18833 -> 127.0.0.1:27015
Connections ttl opn rt1 rt5 p50 p90
0 0 0.00 0.00 0.00 0.00
But fails to connect to 0.tcp.ngrok.io:18833 in the game, and displays that there is no UDP configured on the server side.
Is there any way I could do this differently? UDP=>TCP?
Checkout DatagramTunnneler (on github). It is an open-source c++ program which simply listens to UDP traffic and forwards it to a TCP endpoint of your choice. On that TCP endpoint another instance of the DatagramTunneler publishes the UDP data back onto a UDP channel.
Disclaimer: I wrote that tool.
One way is to copy the "raw" udp Payload and create a new TCP packet with the raw payload. But you need to set the same data of the other layer except the udp layer. Also: You need a clean configuration of the tcp layer.
I'm tunneling all of my internet traffic through a remote computer hosting Debian using sshd. But my internet connection becomes so slow (something around 5 to 10 kbps!). Can be anything wrong with the default configuration to cause this problem?
Thanks in advance,
Tunneling TCP within another TCP stream can sometimes work -- but when things go wrong, they go wrong very quickly.
Consider what happens when the "real world" loses one of your TCP packets: after a certain amount of not getting an ACK packet back in response to new data packets, the sending side realizes a packet has gone missing and re-sends the data.
If that packet happens to be a TCP packet whose payload is another TCP packet, then you have two TCP stacks that are upset about their missing packet. The tunneled TCP layer will re-send packets and the outer TCP layer will also resend packets. This causes a giant pileup of duplicate packets that will eventually be delivered and must be dropped on the floor -- because the outer TCP reliably delivered the packet, eventually.
I believe you would be much better served by a more dedicated tunneling method such as GRE tunnels or IPSec.
Yes, tunelling traffic over tcp connection is not a good idea. See http://sites.inka.de/bigred/devel/tcp-tcp.html