ICMP Hole Punching, TCP Hole Punching, UDP Hole Punching

Total Page:16

File Type:pdf, Size:1020Kb

ICMP Hole Punching, TCP Hole Punching, UDP Hole Punching International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 07 Issue: 04 | Apr 2020 www.irjet.net p-ISSN: 2395-0072 Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP Hole Punching Ms. Pooja Pemare ---------------------------------------------------------------------***---------------------------------------------------------------------- Abstract— Hole punching (or in some cases punch-through) two customers shows the culmination of an opening is a strategy in PC organizing for setting up an immediate punching strategy. association between two gatherings in which one or both are behind firewalls or behind switches that utilization of Examples of Hole punching: network address translation (NAT). To punch an opening, every customer associate with an unlimited outsider server VoIP products, online gaming applications, and P2P that incidentally stores outer and inner location and port networking software all use hole punching. data for every customer. The server at that point transfers every customer's data to the next, and utilizing that data Telephony programming Skype utilizes every customer attempt to build up direct association; opening punching to permit clients to because of the associations utilizing legitimate port speak with at least one clients discernibly. numbers, prohibitive firewalls or switches acknowledge and Fast-paced online multi-player games may forward the approaching parcels on each side. utilize an opening punching method or Hole punching does not require any learning of the system or expect clients to make a lasting firewall network topology to work. ICMP hole punching, UDP hole pinhole so as to diminish arrange idleness. punching and TCP hole punching separately use Internet VPN application Hamachi or Zerotier uses Control Message, User Datagram and Transmission Control gap punching to permit clients to associate Protocols. Utilizing TCP nefarious hole punching, it is legitimately to bought in gadgets behind possible to send compacted SYN packets through into a firewalls. typical ACK way. Keywords— Hole Punching, Network Address Decentralized shared record sharing Translation (NAT), ICMP, TCP and UDP hole punching, programming depends on gap punching for Protocols, Firewall, Packets document dispersion. 2. Network address translation (NAT) 1. INTRODUCTION Organized gadgets with open or all-around available IP Network address translation (NAT) is a locations can make associations between each other methodology for remapping one IP address space into effectively. Customers with private locations may likewise another by changing framework address information in the effectively associate with open servers, as long as the IP header of bundles while they are in movement over a customer behind a switch or firewall starts the association. traffic guiding gadget. The method was initially utilized as an Not with standing, gap punching (or some other type of NAT easy route to keep away from the need to readdress each traversal) is required to set up an immediate association host when a system was moved. It has turned into a well- between two customers that both dwell behind various known and fundamental device in monitoring worldwide firewalls or switches that utilization network address location space even with IPv4 address weariness. One translation (NAT). Internet-routable IP address of a NAT passage can be utilized for a whole private system. The two customers start an association with an unlimited server, which notes endpoint and session data including open IP and port alongside private IP and port. The firewalls additionally note the endpoints so as to enable reactions from the server to go back through. The server at that point sends every customer's endpoint and session data to the next customer, or companion. Every customer attempt to interface with its companion through the predetermined IP address and port that the friend's firewall has open for the server. The new association endeavour punches a gap in the customer's firewall as the endpoint currently winds up open to get a reaction from its friend. Contingent upon system conditions, one or the two customers may get an association demand. Successful trade of a validation nonce between the © 2020, IRJET | Impact Factor value: 7.34 | ISO 9001:2008 Certified Journal | Page 38 International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 07 Issue: 04 | Apr 2020 www.irjet.net p-ISSN: 2395-0072 on the Internet including has associated in private systems, particularly in peer-to-peer and Voice over Internet Protocol (VoIP) arrangements. ICMP hole punching sets up availability between two hosts conveying across at least one Network address translation in either a distributed or customer server model. Ordinarily, outsider has on the open travel organize are utilized to set up UDP or TCP port expresses that might be utilized for direct interchanges between the conveying has, anyway ICMP hole punching requires no outsider association to pass data between at least one NATs by misusing a NAT's free acknowledgment of inbound ICMP Time Exceeded parcels. Fig1. NAT Advantages of NAT: • The primary bit of leeway of NAT (Network Address Translation) is that it can avoid the exhaustion of IPv4 addresses. • NAT (Network Address Translation) can give an extra layer of security by making the original source and goal tends to cover up. • NAT (Network Address Translation) gives expanded adaptability when interfacing with the open Internet. • NAT (Network Address Translation) permits to utilize your own private IPv4 tending to the framework and avoid the inner location changes on the off chance that you change the specialist co-op. Fig 2. Maintaining Access with ICMP Hole Punching. Disadvantages of NAT: When an ICMP Time Exceeded bundle arrives at the goal • NAT (Network Address Translation) is a processor and NAT, discretionary information in the parcel expected by the memory asset devouring innovation, since NAT (Network NAT permits the bundle to arrive at the goal server, Addresss Translation) need to decipher IPv4 addresses for permitting the goal server to get the customer's open IP all approaching and active IPv4 datagrams and to keep the address and other information put away in the packet from interpretation subtleties in memory. the customer. • NAT (Network Address Translation) may cause delay in 4. TCP Hole Punching IPv4 correspondence. TCP hole punching (sometimes NAT punch-through) • NAT (Network Address Translation) cause loss of end- happens when two hosts behind a network address gadget to end-gadget IP discernibility translation (NAT) are attempting to associate with one another with outbound TCP associations. • Some advances and system applications won't work true to form in a NAT (Network Address Translation) designed At the point when hosts are behind the NAT boxes it is system difficult to set up association all things considered arrange on the grounds that NAT boxes drop the approaching 3. ICMP HOLE PUNCHING solicitations. Hole Punching is a system that permits a host found behind a firewall/NAT to send traffic to another host ICMP hole punching is a strategy utilized in Network without coordinated effort of the NAT itself. With the address translation (NAT) applications for keeping up assistance of the notable Rendezvous server (RS), clients can Internet Control Message Protocol (ICMP) parcel streams establish these direct sessions. First has set up starting UDP that navigate the NAT. NAT traversal methods are ordinarily session with the RS and the server later trades the required for customer to-customer organizing applications association subtleties with both the hosts. Since every device © 2020, IRJET | Impact Factor value: 7.34 | ISO 9001:2008 Certified Journal | Page 39 International Research Journal of Engineering and Technology (IRJET) e-ISSN: 2395-0056 Volume: 07 Issue: 04 | Apr 2020 www.irjet.net p-ISSN: 2395-0072 knows the other peer's details, they can build up an 5. UDP HOLE PUNCHING association by sending a beginning request. Figure 3 illustrates the hole punching process. UDP hole punching is a regularly utilized method utilized in network address translation (NAT) applications for keeping up User Datagram Protocol (UDP) packet streams that cross the NAT. UDP hole punching sets up availability between two hosts communicating across at least one system address interpreters. Normally, outsider has on the open travel arrange are utilized to set up UDP port expresses that may be used for direct interchanges between the conveying has. When port state has been effectively settled and the hosts are communicating, port state might be kept up either by ordinary interchanges traffic, or in the prolonged absence thereof, by keep-alive packets, for the most part comprising of void UDP packets or packets with insignificant non-non-intrusive content. UDP hole punching empowers two clients to set up an immediate distributed UDP session with the assistance of a well-known rendezvous server, regardless of whether the clients are both behind NATs. Different restrictive conventions, for example, those for on-line gaming, additionally use UDP hole punching. Fig 3. Hole punching with Rendezvous server 6. Conclusion Hole punching is a broadly useful system for building up peer-to-peer connections within the sight of NAT. For Transmission Control Protocol (TCP) is connection whatever length of time that the NATs included meet certain oriented and reliable protocol basically
Recommended publications
  • N2N: a Layer Two Peer-To-Peer VPN
    N2N: A Layer Two Peer-to-Peer VPN Luca Deri1, Richard Andrews2 ntop.org, Pisa, Italy1 Symstream Technologies, Melbourne, Australia2 {deri, andrews}@ntop.org Abstract. The Internet was originally designed as a flat data network delivering a multitude of protocols and services between equal peers. Currently, after an explosive growth fostered by enormous and heterogeneous economic interests, it has become a constrained network severely enforcing client-server communication where addressing plans, packet routing, security policies and users’ reachability are almost entirely managed and limited by access providers. From the user’s perspective, the Internet is not an open transport system, but rather a telephony-like communication medium for content consumption. This paper describes the design and implementation of a new type of peer-to- peer virtual private network that can allow users to overcome some of these limitations. N2N users can create and manage their own secure and geographically distributed overlay network without the need for central administration, typical of most virtual private network systems. Keywords: Virtual private network, peer-to-peer, network overlay. 1. Motivation and Scope of Work Irony pervades many pages of history, and computing history is no exception. Once personal computing had won the market battle against mainframe-based computing, the commercial evolution of the Internet in the nineties stepped the computing world back to a substantially rigid client-server scheme. While it is true that the today’s Internet serves as a good transport system for supplying a plethora of data interchange services, virtually all of them are delivered by a client-server model, whether they are centralised or distributed, pay-per-use or virtually free [1].
    [Show full text]
  • Distributed Deep Learning in Open Collaborations
    Distributed Deep Learning In Open Collaborations Michael Diskin∗y~ Alexey Bukhtiyarov∗| Max Ryabinin∗y~ Lucile Saulnierz Quentin Lhoestz Anton Sinitsiny~ Dmitry Popovy~ Dmitry Pyrkin~ Maxim Kashirin~ Alexander Borzunovy~ Albert Villanova del Moralz Denis Mazur| Ilia Kobelevy| Yacine Jernitez Thomas Wolfz Gennady Pekhimenko♦♠ y Yandex, Russia z Hugging Face, USA ~ HSE University, Russia | Moscow Institute of Physics and Technology, Russia } University of Toronto, Canada ♠ Vector Institute, Canada Abstract Modern deep learning applications require increasingly more compute to train state-of-the-art models. To address this demand, large corporations and institutions use dedicated High-Performance Computing clusters, whose construction and maintenance are both environmentally costly and well beyond the budget of most organizations. As a result, some research directions become the exclusive domain of a few large industrial and even fewer academic actors. To alleviate this disparity, smaller groups may pool their computational resources and run collaborative experiments that benefit all participants. This paradigm, known as grid- or volunteer computing, has seen successful applications in numerous scientific areas. However, using this approach for machine learning is difficult due to high latency, asymmetric bandwidth, and several challenges unique to volunteer computing. In this work, we carefully analyze these constraints and propose a novel algorithmic framework designed specifically for collaborative training. We demonstrate the effectiveness of our approach for SwAV and ALBERT pretraining in realistic conditions and achieve performance comparable to traditional setups at a fraction of the cost. arXiv:2106.10207v1 [cs.LG] 18 Jun 2021 Finally, we provide a detailed report of successful collaborative language model pretraining with 40 participants. 1 Introduction The deep learning community is becoming increasingly more reliant on transfer learning.
    [Show full text]
  • NAT Traversal About
    NAT Traversal About Some difficulties have been encountered with devices that have poor NAT support. FreeSWITCH goes to great lengths to repair broken NAT support in phones and gateway devices. In order to aid FreeSWITCH in traversing NAT please see the External profile page. Some routers offer an Application Layer Gateway feature which can prevent FreeSWITCH NAT traversal from working. See the ALG page for more information, including how to disable it. Using STUN to aid in NAT Traversal STUN is a method to allow an end host (i.e. phone) to discover its public IP address if it is located behind a NAT . Using this method requires a STUN server on the public internet and a client on the phone. The phone's STUN client queries the STUN server for it's own public IP and transmits the information it has received in it's connection information in the SIP packets it sends to the SIP server. Enable and configure STUN settings on your phone in order correctly to report your phone's contact information to FreeSWITCH when registering. Unfortunately, not all phones have a properly working STUN client. STUN servers This site contains a list of public STUN servers: https://gist.github.com/zziuni/3741933 stun.freeswitch.org is never guaranteed to be up and running so use it in production at your own risk. There are several open source projects to run your own STUN server, e.g. STUNTMAN Using FreeSWITCH built-in methods to aid in NAT Traversal nat-options-ping This parameter causes FreeSWITCH to regularly (every 20 - 40s) send an OPTIONS packet to NATed registered endpoints in order to keep the port on the clients firewall open.
    [Show full text]
  • NAT and NAT Traversal Lecturer: Andreas Müller [email protected]
    NAT and NAT Traversal lecturer: Andreas Müller [email protected] NetworkIN2097 - MasterSecurity, Course WS 2008/09, Computer Chapter Networks, 9 WS 2009/2010 39 NAT: Network Address Translation Problem: shortage of IPv4 addresses . more and more devices . only 32bit address field Idea: local network uses just one IP address as far as outside world is concerned: . range of addresses not needed from ISP: just one IP address for all devices . can change addresses of devices in local network without notifying outside world . can change ISP without changing addresses of devices in local network . devices inside local net not explicitly addressable, visible by outside world (a security plus). NetworkIN2097 - MasterSecurity, Course WS 2008/09, Computer Chapter Networks, 9 WS 2009/2010 40 NAT: Network Address (and Port) Translation rest of local network Internet (e.g., home network) 10.0.0/24 10.0.0.1 10.0.0.4 10.0.0.2 138.76.29.7 10.0.0.3 All datagrams leaving local Datagrams with source or network have same single source destination in this network NAT IP address: 138.76.29.7, have 10.0.0/24 address for different source port numbers source, destination (as usual) NetworkIN2097 - MasterSecurity, Course WS 2008/09, Computer Chapter Networks, 9 WS 2009/2010 41 NAT: Network Address Translation Implementation: NAT router must: . outgoing datagrams: replace (source IP address, port #) of every outgoing datagram to (NAT IP address, new port #) . remote clients/servers will respond using (NAT IP address, new port #) as destination addr. remember (in NAT translation table) every (source IP address, port #) to (NAT IP address, new port #) translation pair -> we have to maintain a state in the NAT .
    [Show full text]
  • Peer-To-Peer NAT-Traversal for Ipsec
    Peer-to-Peer NAT-Traversal for IPsec y Anonymized peer registration y Endpoint discovery and relaying y Peer-initiated hole punching y IKEv2 Internet draft in preparation [email protected] [email protected] IKEv2 Mediation IKEv2 Mediation Server Mediation Connection Connection NAT Router NAT Router 1.2.3.4:1025 5.6.7.8:3001 IKEv2 Mediated Connection 10.1.0.10:4500 10.2.0.10:4500 Direct IPsec Tunnel using NAT-Traversal Peer Alice Peer Bob www.strongswan.org The double NAT case - where punching holes counts! ● You are selling automation systems all over the world. In order to save on travel expenses you want to remotely diagnose and update your deployed systems via the Internet. But security counts – thus IPsec is a must! Unfortunately both you and your customer are behind NAT routers so that no direct VPN connection is possible. You are helplessly blocked! ● You own an apartment at home, in the mountains or even abroad. You want to remotely control the heating or your sophisticated intrusion detection system via ADSL or Cable access. But since you and your apartment are separated by two NAT routers your are helplessly blocked. How it works! ● Two peers want to set up a direct IPsec tunnel using the established NAT traversal mechanism of encapsulating ESP packets in UDP datagrams. Unfortunately they cannot achieve this by themselves because neither host is seen from the Internet under the standard IKE NAT-T port 4500. Therefore both peers need to set up a mediation connection with an IKEv2 mediation server. In order to prevent unsolicited connection attempts by foreign peers, the mediation connections use randomized pseudonyms as IKE peer identities.
    [Show full text]
  • Problems of Ipsec in Combination with NAT and Their Solutions
    Problems of IPsec in Combination with NAT and Their Solutions Alexander Heinlein Abstract As the Internet becomes more and more a part of our daily life it also evolves as an at- tractive target for security attacks, often countered by Internet Protocol Security (IPsec) to establish virtual private networks (VPNs), if secure data communication is a primary objective. Then again, to provide Internet access for hosts inside Local Area Networks, a public IP address shared among all peers is often used, achieved by Network Address Translation (NAT) deployment. IPsec, however, is incompatible with NAT, leading to a variety of problems when using both in combination. Connection establishments origi- nating from the outside are blocked and NAT, as it modifies the outer IP header, breaks IPsec’s security mechanisms. In the following we analyze problems of NAT in combination with IPsec and multiple approaches to solve them. 1 Introduction The current TCP/IP protocols originate from a time where security was not a great concern. As the traditional Internet Protocol (IP) does not provide any guarantees on delivery, the receiver cannot detect whether the sender is the same one as recorded in the protocol header or if the packet was modified during transport. Moreover an attacker may also easily replay IP packets or read sensitive information out of them. In contrast, today, as the Internet becomes more and more a part of our everyday life, a more security aware protocol is needed. To fill this gap the Internet Engineering Task Force (IETF) worked on a new standard for securing IP, called Internet Protocol Security (IPsec).
    [Show full text]
  • The Impact of Network Address Translation on Peer-To-Peer Live Video Streaming Systems
    The Impact of Network Address Translation on Peer-to-Peer Live Video Streaming Systems by Zhonghua Wei M.Sc., University of London, 2006 B.Eng., Beijing Univ. of Posts and Telecommunications, 2005 A Thesis Submitted in Partial Fulfillment of the Requirements for the Degree of MASTER OF SCIENCE in the Department of Computer Science c Zhonghua Wei, 2011 University of Victoria All rights reserved. This thesis may not be reproduced in whole or in part, by photocopying or other means, without the permission of the author. ii The Impact of Network Address Translation on Peer-to-Peer Live Video Streaming Systems by Zhonghua Wei M.Sc., University of London, 2006 B.Eng., Beijing Univ. of Posts and Telecommunications, 2005 Supervisory Committee Dr. Jianping Pan, Supervisor (Department of Computer Science) Dr. Kui Wu, Departmental Member (Department of Computer Science) iii Supervisory Committee Dr. Jianping Pan, Supervisor (Department of Computer Science) Dr. Kui Wu, Departmental Member (Department of Computer Science) ABSTRACT Video streaming over the Internet can be very difficult under the traditional client-server model. Peer-to-peer (P2P) systems, in which each participating peer contributes its upload bandwidth to other peers while it downloads data, have been successful in file-sharing applications, and they appear to be promising in delivering video contents, too. However, the existence of network address translation (NAT) is always considered as a challenge to peer-to-peer systems. NAT has been a practical solution to the Internet Protocol version 4 (IPv4) address exhaustion problem, as it reduces the usage of IP addresses by allowing multiple private hosts to share a single public IP address, but NAT can degrade the performance of a peer-to-peer system as it limits the direction of connectivity.
    [Show full text]
  • Developing P2P Protocols Across NAT Girish Venkatachalam
    Developing P2P Protocols across NAT Girish Venkatachalam Abstract Hole punching is a possible solution to solving the NAT problem for P2P protocols. Network address translators (NATs) are something every software engineer has heard of, not to mention networking professionals. NAT has become as ubiquitous as the Cisco router in networking terms. Fundamentally, a NAT device allows multiple machines to communicate with the Internet using a single globally unique IP address, effectively solving the scarce IPv4 address space problem. Though not a long-term solution, as originally envisaged in 1994, for better or worse, NAT technology is here to stay, even when IPv6 addresses become common. This is partly because IPv6 has to coexist with IPv4, and one of the ways to achieve that is by using NAT technology. This article is not so much a description of how a NAT works. There already is an excellent article on this subject by Geoff Huston (see the on-line Resources). It is quite comprehensive, though plenty of other resources are available on the Internet as well. This article discusses a possible solution to solving the NAT problem for P2P protocols. What Is Wrong with NAT? NAT breaks the Internet more than it makes it. I may sound harsh here, but ask any peer-to-peer application developer, especially the VoIP folks, and they will tell you why. For instance, you never can do Web hosting behind a NAT device. At least, not without sufficient tweaking. Not only that, you cannot run any service such as FTP or rsync or any public service through a NAT device.
    [Show full text]
  • Lecture 11 – Network Address Translators and NAT Traversal * Introduction
    S38.3115 Signaling Protocols – Lecture Notes Spring 2015 lecture 11 S38.3115 Signaling Protocols – Lecture Notes Lecture 11 – Network Address Translators and NAT Traversal * Introduction ..................................................................................................................... 1* What are NATs and why are they needed ...................................................................... 3* Problems created by NATs to Voice Applications ......................................................... 4* Types of NATs ................................................................................................................ 4* Mapping behavior ....................................................................................................... 6* Address pooling behavior ........................................................................................... 7* Port Assignment .......................................................................................................... 8* Filtering behavior ........................................................................................................ 9* Need for optimization of NAT traversal ......................................................................... 9* STUN a toolbox for NAT traversal .............................................................................. 10* An extension to STUN: Relay operation .................................................................. 11* NAT traversal solutions: SIP Outbound ......................................................................
    [Show full text]
  • Traversing NAT: a Problem
    Dakota State University Beadle Scholar Masters Theses & Doctoral Dissertations Spring 3-2021 Traversing NAT: A Problem Tyler Flaagan Dakota State University Follow this and additional works at: https://scholar.dsu.edu/theses Part of the Information Security Commons, OS and Networks Commons, and the Systems Architecture Commons Recommended Citation Flaagan, Tyler, "Traversing NAT: A Problem" (2021). Masters Theses & Doctoral Dissertations. 365. https://scholar.dsu.edu/theses/365 This Dissertation is brought to you for free and open access by Beadle Scholar. It has been accepted for inclusion in Masters Theses & Doctoral Dissertations by an authorized administrator of Beadle Scholar. For more information, please contact [email protected]. Traversing NAT: A Problem A dissertation submitted to Dakota State University in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Cyber Operations March 2021 By Tyler Flaagan Dissertation Committee: Dr. Kyle L. Cronin Dr. Michael J. Ham Dr. Mark L. Hawkes DocuSign Envelope ID: 8BDB3DA0-604E-4AB7-9BFE-F25909CF4FC0 DISSERTATION APPROVAL FORM This dissertation is approved as a credible and independent investigation by a candidate for the Doctor of Philosophy degree and is acceptable for meeting the dissertation requirements for this degree. Acceptance of this dissertation does not imply that the conclusions reached by the candidate are necessarily the conclusions of the major department or university. Student Name: Tyler Flaagan Dissertation Title: Traversing NAT: A Problem
    [Show full text]
  • Technology Stack for Decentralized Mobile Services
    Technology Stack for Decentralized Mobile Services Matouš Skála Technology Stack for Decentralized Mobile Services by Matouš Skála to obtain the degree of Master of Science at the Delft University of Technology, to be defended publicly on Monday August 31, 2020 at 3:00 PM. Student number: 4893964 Project duration: November 15, 2019 – August 31, 2020 Thesis committee: Dr.ir. J.A. Pouwelse, TU Delft, supervisor Dr. J.S. Rellermeyer, TU Delft Dr. N. Yorke-Smith, TU Delft An electronic version of this thesis is available at http://repository.tudelft.nl/. Preface When I was choosing my thesis topic, I originally came up with an idea of designing a decen- tralized social network. After realizing how ambitious that goal was, I later decided to focus on more fundamental issues first and create a library that would allow for building any de- centralized applications, running purely on an overlay network consisting of smartphones. Rather than reinventing the wheel, I took inspiration from an existing networking library de- veloped at TU Delft over the last decade and created its wire-compatible implementation in Kotlin. Interestingly, in the end, I have even implemented a trivial social network to demon- strate the usage of the library, returning back to the original idea. I would like to thank my supervisor Johan Pouwelse for an endless stream of fresh ideas and valuable feedback, and to PhD students of the Delft Blockchain Lab for numerous coffee meetings and for serving me as a walking documentation of the existing codebase. Matouš Skála Prague,
    [Show full text]
  • Technical Report Sce-12-04 Nat Traversal in Peer-To
    TECHNICAL REPORT SCE-12-04 DEPARTMENT OF SYSTEMS AND COMPUTER ENGINEERING CARLETON UNIVERSITY NAT TRAVERSAL IN PEER -TO -PEER ARCHITECTURE Marc-André Poulin¹, Lucas Rioux Maldague¹, Alexandre Daigle¹, François Gagnon² 1 Cégep de Sainte-Foy, Canada [email protected] , [email protected] , [email protected] 2 Carleton University, Canada [email protected] Abstract. Peer-to-peer networks are well known for file sharing between multiple computers. They establish virtual tunnels between computers to transfer data, but NATs makes it harder. A NAT, Network Address Translation , is a process which transforms private IP addresses, such as 192.168.2.1, into public addresses, such as 203.0.113.40. The idea is that multiple private addresses can hide behind a single public address and thus virtually enlarge the number of allocable public IP addresses. When an application in the local network establishes a connection to Internet, the packet passes through the NAT which adjusts the IP header and maps an external port to the computer which sent the request. When packets are received from the Internet by the NAT, they are forwarded to the internal host which is mapped to the port on which the packet was received, or dropped if no mapping exists. In this paper, we will introduce you to NAT and P2P, we will discuss the numerous ways NATs use to translate private IP addresses into public ones, we will discuss known techniques used to fix the problem and we will also present how popular peer-to-peer programs bypass NATs. This paper is written so anybody with a reasonable knowledge of networking would grasp the essentials.
    [Show full text]