[Cryptography] peering through NAT
Christian Huitema
huitema at huitema.net
Fri May 10 01:00:00 EDT 2019
On 5/9/2019 1:01 PM, Patrick Chkoreff wrote:
> I've often wondered about that. A few years ago a networking expert
> showed me a technique where the client program running on your own
> computer sends OUT a packet which lingers on the outside of your network
> interface, awaiting a response. A remote server can reply to it, and
> your client program sees the response. It's kind of a dummy packet too,
> with no actual content. At that point I suppose your client program
> sees the remote IP and can initiate a direct connection to it
NAT traversal has been with us since quite a while. Two variants: the
UPNP/IGP or PMP kind, in which a devices inside the network talks to the
local router and opens a port; and the "implicit" one, pioneered for
video games by Dan Kegel at Activision. The technique was standardized
by the IETF in STUN (RFC 5389, 2003). The basic idea is to reverse
engineer how the NAT works with the help of a server behind the NAT, and
"punch a hole". These techniques are widely used by video games, voice
and video over IP, and other P2P systems.
-- Christian Huitema
More information about the cryptography
mailing list