-
What is NAT Hole Punching?
- NAT hole punching is a technique used to establish direct connections between devices behind Network Address Translation (NAT) routers or firewalls.
- The goal is to allow communication between two devices (let’s call them Node A and Node B) that are both behind different NATs.
-
The Problem with NATs:
- NATs map private IP addresses to a single public IP address.
- When Node A wants to communicate with Node B, their private IP addresses are not directly reachable from the public internet.
- NATs typically block unsolicited incoming traffic (for security reasons), making direct communication impossible.
-
The Hole Punching Process:
- Here’s how NAT hole punching works step by step:
- Rendezvous Server (S):
- A publicly reachable server (often called a rendezvous server) acts as an intermediary.
- Both Node A and Node B connect to this server.
- Exchange Addresses:
- Node A sends a connection request to the server, indicating its desire to communicate with Node B.
- The server responds by sharing Node B’s public IP address and port with Node A, and vice versa.
- Initial Garbage Messages:
- Node A sends a “garbage” message to Node B (e.g., an empty packet).
- Node B does the same, sending a garbage message to Node A.
- These initial messages are intentionally discarded by their respective NATs.
- NAT State Tracking:
- However, the NATs on both sides remember the address and port to which the garbage messages were sent.
- Any incoming messages from that address are considered related to the previous (failed) communication attempt.
- Second Attempt:
- Now, Node A and Node B try again, sending meaningful messages (not garbage).
- The NATs recognize these messages as replies to the previous attempt and allow them through.
- Voilà! A connection is established, and the “hole” is punched.
- Direct Communication:
- Node A and Node B can now communicate directly using their public IP addresses and ports.
- Rendezvous Server (S):
- Here’s how NAT hole punching works step by step:
-
Terminology:
- A: Node 1 (e.g., your computer)
- B: Node 2 (e.g., your friend’s computer)
- S: Rendezvous server
-
Safety and Consent:
- Hole punching is safe because both ends must initiate the connection.
- Consent from both users is required for the process to work.
NAT punching hole tech
2024/10/25 18:24:39
来源:https://blog.csdn.net/raidtest/article/details/139951257
浏览:
次
关键词:NAT punching hole tech
版权声明:
本网仅为发布的内容提供存储空间,不对发表、转载的内容提供任何形式的保证。凡本网注明“来源:XXX网络”的作品,均转载自其它媒体,著作权归作者所有,商业转载请联系作者获得授权,非商业转载请注明出处。
我们尊重并感谢每一位作者,均已注明文章来源和作者。如因作品内容、版权或其它问题,请及时与我们联系,联系邮箱:809451989@qq.com,投稿邮箱:809451989@qq.com
——文本向量化/文本表示)
)
暂停程序执行并等待用户按键输入函数waitKey()的使用)
热文排行
最新新闻
- NAT punching hole tech
- Webpack: 借助 Babel+TS+ESLint 构建现代 JS 工程环境
- arcgis for js点位渲染与实际坐标不一致且popupTemplate偏移
- MySQL基本语法、高级语法知识总结以及常用语法案例
- PHP框架中的模型:核心组件解析
- 统一 SASE 架构中的网络和安全融合
- 【QT Quick】页面布局:布局 (Layouts)
- 【Python快速入门和实践019】Python常用脚本-查看视频信息并压缩视频
- 使用 AES 算法在 C# 中实现安全字符串加密和解密
- ERROR: Cannot find command ‘git’- do you have ‘git’ installed and in your PATH?
推荐新闻
- NAT punching hole tech
- Webpack: 借助 Babel+TS+ESLint 构建现代 JS 工程环境
- arcgis for js点位渲染与实际坐标不一致且popupTemplate偏移
- MySQL基本语法、高级语法知识总结以及常用语法案例
- PHP框架中的模型:核心组件解析
- 统一 SASE 架构中的网络和安全融合
- 【QT Quick】页面布局:布局 (Layouts)
- 【Python快速入门和实践019】Python常用脚本-查看视频信息并压缩视频
- 使用 AES 算法在 C# 中实现安全字符串加密和解密
- ERROR: Cannot find command ‘git’- do you have ‘git’ installed and in your PATH?