NAT Breakout Code Testing
I am very interested in at least trying to implement NAT for my older project. (I am doing a networking API). This is not even a requirement of my project, just my interest. I know the basics of how this works, correct me if I'm wrong: Two clients connect to a server that is not behind NAT and this server, knowing the IP address of these two clients, tell the clients to connect to each other in the same time. Thus, "Breakthrough".
It seems to be terribly easy or terribly difficult to code. That said, the part I'm stuck on is testing this. Is there a sane setup I can do with only one router / one NAT and my three available computers?
Thanks for any advice!
source to share
In terms of code / theory, when NAT is violated, I cannot give advice, but I can make some suggestions for setting up a test environment.
You can download a copy of m0n0wall and run it inside the virtual PC image (both are free). This will give you a second router without purchasing any additional hardware. With this additional router, you can create a separate subnet for your two clients.
Another, easier-to-understand option is to simply choose a second router, you can get a good one that is fairly cheap.
Then configure your existing router and server as now, subnet 192.168.1.x / 24; then configure the second router (m0n0wall / hardware router) as subnet 192.168.2.x / 24 and connect the second "internet port" of the router to one of the "PC" ports on your first router. Then connect both clients to the second router.
(i realize this is a bit confusing, comment if you can't follow what i mean)
source to share
Let me see if I have it straight. You have two clients that are behind NAT and the server is not. Both clients connect to the server and report the other's public IP address. Since each of them now has a destination, it disconnects from the server and connects directly through the appropriate NAT fields to each other. Is this your thinking? If so, I may have bad news for you.
For this to work at all, you need to configure dedicated ports in each NAT configuration to forward at least one external port to a predefined internal IP address / port number. In a general NAT setup, outbound connection requests will be captured by NAT, which will open a temporary external port. This external port number is only used to communicate with one outgoing address and port. When the connection is closed, this external port will disappear and will be reassigned to another connection later. Therefore, if both clients talk to the server and then disconnect, the information sent to them by the server is now invalid.
Assuming you got around this somehow, it is sufficient to simply connect both clients to the "inside" side of the NAT and the server PC to the "outside" side. Then you should hope that your NAT box is smart enough to bypass packets from one local outside port to another. I'm sure netfiler can be configured this way, but I doubt a home internet router (like Linksys, NetGear, etc.) will do it off the shelf.
source to share