[Cryptography] peering through NAT
Patrick Chkoreff
pc at fexl.com
Thu May 9 16:01:51 EDT 2019
jamesd at echeque.com wrote on 5/9/19 7:45 AM:
> NAT makes it hard to contact a computer behind nat, but Bitcoin core has
> no problems with most nats, even when behind multiple levels of nats.
>
> It does something to tell the nat to direct incoming messages on port
> 8333 to it, without the end user usually needing to manually set up port
> forwarding.
>
> What is the protocol to tell a nat to forward incoming messages?
I've often wondered about that. A few years ago a networking expert
showed me a technique where the client program running on your own
computer sends OUT a packet which lingers on the outside of your network
interface, awaiting a response. A remote server can reply to it, and
your client program sees the response. It's kind of a dummy packet too,
with no actual content. At that point I suppose your client program
sees the remote IP and can initiate a direct connection to it.
With this technique, your grandpa doesn't have to configure iptables.
I don't know the specifics, and it has been a while since I looked at it.
>
> What happens if there are two machines both running bitcoin core behind
> the nat?
-- Patrick
More information about the cryptography
mailing list