http://www.cppblog.com/peakflys/archive/2013/01/25/197562.html
https://www.usenix.org/legacy/event/usenix05/tech/general/full_papers/ford/ford_html/
The addresses allocated by IPv4 are limited and cannot meet current needs, and IPv6 is not directly backward compatible, so there is NAT, Network Address Translation Protocol.
Public network IPs are generally fixed IPs, but the ones our families generally use are not fixed and do not need to be, because we are not online (connected to the external network) all the time, so only general operators have fixed IPs. Our IP address is just a private address in the subnet, and NAT is responsible for converting the address when we connect to the external network. (The router also contains the NAT function)
NAT solves the problem of insufficient IP addresses, but in P2P, it creates new problems. (The internal network may not be actively connected by programs on the external network.)
In P2P transmission, if A transmits data to B, it needs to know B’s IP address and port number. In NAT implementation, there are four situations: Cone NAT
:
- Full Cone: Maps all requests from the same internal IP address and port to the same external IP address and port. Any external host can send IP packets to the internal host through this mapping.
- Restricted Cone: Maps all requests from the same internal IP address and port to the same external IP address and port, but only when the internal host first sends an IP packet to the external host with IP address X, the external host can send an IP packet to the internal host. Send IP packets.
- Port Restricted Cone: Similar to 2, but with additional port restrictions. Only when the internal host first sends an IP packet to the external host with the IP address add1 and port number port1, the external host can send the IP packet with the source port number port1. to the internal host.
symmetric NAT:
- Reassign the port number, that is, when internal host A communicates with external B, the external port number port1 is used, and when internal host A communicates with other external devices such as C, the external port number will be changed.
In P2P transmission, if A and B are both on the internal network and do not use Full Cone, A cannot send information to B. In this case, a middleman C is needed, who has communicated with A and B in advance. , when A wants to send information to B, A needs to request C, and then C requests B to send a UDP packet to A's external network IP, so that A can send information to B. The process of issuing a contract is to make holes.
However, if both parties adopt the implementation of symmetric NAT, and the replacement port numbers are not directly increased in sequence, then neither C nor A will know what the newly assigned external network port number is by B, even if C requires B to change the new port number. The port number is informed to C, and C then informs A. When A sends information to B, A uses a new port number (because B's port is new, although the IP address has not changed), then A reaches B When using NAT, the packet will be discarded because A uses a new port number, so it still cannot send information, and this is an endless loop. So how does symmetric NAT make holes? (To be continued)
What was discussed above is that both parties use the same NAT implementation. It can also be deduced that A and B use different NAT implementations respectively, so I won’t go into details.
There are many more hole punching techniques, this is just the one used initially.