Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

TCP Hole Punching

Tags:

windows

tcp

network-protocols

hole-punching

winsock2

I'm trying to implement TCP hole punching with windows socket using mingw toolchain. I think the process is right but the hole doesn't seems to take. I used this as reference.

  1. A and B connect to the server S
  2. S sends to A, B's router IP + the port it used to connect to S
  3. S does the same for B
  4. A start 2 threads:
    • One thread tries connecting to B's router with the info sent by S
    • The other thread is waiting for an incoming connection on the same port used to connect to its router when it connected to S
  5. B does the same

I have no issue in the code I think since:

  • A and B does get each other ip and port to use
  • They are both listening on the port they used to connect to their router when they contacted the server
  • They are both connecting to the right ip and port but get timed out (code error 10060)

I am missing something ?

EDIT: With the help of process explorer, I see that one of the client managed to establish a connection to the peer. But the peer doesn't seems to consider the connection to be made.

Here is what I captured with Wireshark. For the sake of the example, the server S and the client A are on the same PC. The server S listens on a specific port (8060) redirected to that PC. B still tries to connect on the right IP because it sees that the public address of A sent by S is localhost and therefore uses the public IP of S instead. (I have replaced the public IPs by placeholders)

wireshark

EDIT 2: I think the confusion is due to the fact that both incoming and outcoming connection request data are transfered on the same port. Which seems to mess up the connection state because we don't know which socket will get the data from the port. If I quote msdn:

The SO_REUSEADDR socket option allows a socket to forcibly bind to a port in use by another socket. The second socket calls setsockopt with the optname parameter set to SO_REUSEADDR and the optval parameter set to a boolean value of TRUE before calling bind on the same port as the original socket. Once the second socket has successfully bound, the behavior for all sockets bound to that port is indeterminate.

But talking on the same port is required by the TCP Hole Punching technique to open up the holes !

like image 860
Giann Avatar asked Jan 11 '12 12:01

Giann

People also ask

Is TCP hole punching possible?

One of the most effective methods of establishing peer-to-peer communication between hosts on different private networks is known as “hole punching.” This technique is widely used already in UDP-based applications, but essentially the same technique also works for TCP.

How does NAT hole punch work?

UDP hole punching is one of the most common techniques used to establish UDP connections with systems behind NAT. It is called UDP hole punching because it punches a hole in the firewall of the network which allows a packet from an outside system to successfully reach the desired client on a network using NAT.

Is UDP hole punching reliable?

"does the dual external IP addresses mean that UDP hole punching will never be reliable?" UDP hole punching is never reliable in the first place.

1 Answers

A start 2 threads:
One thread tries connecting to B's router with the info sent by S
The other thread is waiting for an incoming connection on the same port used to connect to its router when it connected to S

You can't do this with two threads, since it's just one operation. Every TCP connection that is making an outbound connection is also waiting for an incoming connection. You simply call 'connect', and you are both sending outbound SYNs to make a connection and waiting for inbound SYNs to make a connection.

You may, however, need to close your connection to the server. Your platform likely doesn't permit you to make a TCP connection from a port when you already have an established connection from that same port. So just as you start TCP hole punching, close the connection to the server. Bind a new TCP socket to that same port, and call connect.

like image 103
David Schwartz Avatar answered Oct 14 '22 05:10

David Schwartz
Sign in to Comment

Related questions

How to make my application be considered as a communication program in Windows
Can I measure branch-prediction failures on a modern Intel Core CPU?
Explanation for tiny reads (overlapped, buffered) outperforming large contiguous reads?
Using multiple versions of Python
Integrate an option to explorer context menu with Electron
About GDI/GDI+ coordinate compatibility?
Is there software for windows that works like Guake? [closed]
Virtualbox virtual machine terminates at startup with exit code 1 [closed]
Why does git keep messing with my line endings?
Is it safe to remove npm-cache folder in windows?
Programmatically disable/enable network interface
Why is UWP 10 development so slow?
Concept of "Performance Counters" in Linux/Unix [closed]
How to profile a C++ function at assembly level?
On windows, how would I detect the line ending of a file?
Win32: How to validate credentials against Active Directory?
Getting an DPI aware correct RECT from GetWindowRect from a external window
An Image Compression tool for windows similar to ImageOptim (of mac) [closed]
When starting off with Qt Framework, what to choose - Widgets or QT Quick? [closed]
MinGW-w64's gcc and Address Sanitizer

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!