Programming Forums - View Single Post - ok I need some experianced directions (virtual lans)

Dameon · Dec 29th, 2007, 6:00 PM

There are several methods.

UPnP is supported and enabled by default on many home routers these days. Applications can automatically request port forwards. I've seen this used by Xbox Live and various bittorrent clients among other things. It's a solution that may "just work" -- it certainly doesn't hurt to try -- but you'd want to include an option to disable it so that your users can forward ports manually.

I can't remember if Hamachi attempts to use UPnP. I do know that it's strongest point is in its udp hole punching algorithm. It works very reliably in my experience, even behind corporate firewalls and the like. But it's certainly not the first or only program to function in this way.

NAT is an ugly but necessary hack. Typically (but not always) one is multiplexing a single public address for use by many private ones. This is done by rewriting packet headers on the fly. Doing so requires maintaining a certain amount of state. Client A sends a packet from port 4567 (random available port chosen by OS) to google.com on port 80. The router creates a mapping. The packet is rewriten such that the source is the public address on port 1234. When the response comes back from google on port 1234, the router knows to change the destination to client A on port 4567. 'Port forwarding' is just setting up a static mapping, so that external hosts can initiate communication.

UDP hole punching is a hack of a hack. Various routers differ on how exactly they maintain state for NAT purposes. In the previous example, what if client X sends a packet to port 1234? Does it still go to client A? Or does the source IP have to match as well? How does the router select ports? If it uses 1234 for a mapping, will 1235 be next? With use of a mediator and a little guesswork, one can often times successfully establish communication between two hosts that are each behind some form of NAT by having them simultaneously trying to contact each other.

Poke around on wikipedia and find technical docs for protocols incl. UPnP, STUN, and ICE.

Looking purely at return on investment, I'd say that you should try UPnP (I think theres a library included on most recent versions of windows) and tell your users to forward manually if it fails.

Dec 29th, 2007, 6:00 PM	#2
Dameon Troll Join Date: Apr 2005 Location: Texas Posts: 732 Rep Power: 4	Re: ok I need some experianced directions (virtual lans) There are several methods. UPnP is supported and enabled by default on many home routers these days. Applications can automatically request port forwards. I've seen this used by Xbox Live and various bittorrent clients among other things. It's a solution that may "just work" -- it certainly doesn't hurt to try -- but you'd want to include an option to disable it so that your users can forward ports manually. I can't remember if Hamachi attempts to use UPnP. I do know that it's strongest point is in its udp hole punching algorithm. It works very reliably in my experience, even behind corporate firewalls and the like. But it's certainly not the first or only program to function in this way. NAT is an ugly but necessary hack. Typically (but not always) one is multiplexing a single public address for use by many private ones. This is done by rewriting packet headers on the fly. Doing so requires maintaining a certain amount of state. Client A sends a packet from port 4567 (random available port chosen by OS) to google.com on port 80. The router creates a mapping. The packet is rewriten such that the source is the public address on port 1234. When the response comes back from google on port 1234, the router knows to change the destination to client A on port 4567. 'Port forwarding' is just setting up a static mapping, so that external hosts can initiate communication. UDP hole punching is a hack of a hack. Various routers differ on how exactly they maintain state for NAT purposes. In the previous example, what if client X sends a packet to port 1234? Does it still go to client A? Or does the source IP have to match as well? How does the router select ports? If it uses 1234 for a mapping, will 1235 be next? With use of a mediator and a little guesswork, one can often times successfully establish communication between two hosts that are each behind some form of NAT by having them simultaneously trying to contact each other. Poke around on wikipedia and find technical docs for protocols incl. UPnP, STUN, and ICE. Looking purely at return on investment, I'd say that you should try UPnP (I think theres a library included on most recent versions of windows) and tell your users to forward manually if it fails. __________________ MD5(sig) = bcef75433db02e9ad9bf81d6f7c5c270