[Cryptography] peering through NAT

Peter Gutmann pgut001 at cs.auckland.ac.nz
Fri May 10 01:48:47 EDT 2019

Patrick Chkoreff <pc at fexl.com> writes:

>I've often wondered about that.  A few years ago a networking expert showed
>me a technique where the client program running on your own computer sends
>OUT a packet which lingers on the outside of your network interface, awaiting
>a response.  A remote server can reply to it, and your client program sees
>the response.

That's one of many hole punching techniques, typically used by P2P software.
UPnP isn't used nearly as much as people seem to think, principally because
it's either not present in the first place or disabled by default, while hole
punching works in all cases except symmetric NAT, in which case you need an
external rendezvous servver (actually even then you can sometimes hole punch
it if the NAT uses predictable port allocation techniques).


More information about the cryptography mailing list