NAT Punch Through Protocol
Author
When doing punch through what is a good TTL to use when sending the punch messages? I'm currently using a value of 5, is that good? Also does the data or frequency matter? My current scheme is to send 5 messages every 100ms containing the words "punch through" with a TTL of 5. After sending 5 messages I then wait 500ms and try to connect. Is this good?
That'll probably work fine. You typically only need one datagram, not 5, but can't hurt :-) Using short-TTL for the first packet is a work-around for certain broken firewalls/routers that "blacklist" certain incoming traffic, so you're already doing better than the "default" implementation.
Also, you might want to ramp the TTL. Send with TTL 2 in the first packet, TTL 3 in the second packet, ...
The most important part is to make sure both ends have sent out their short-lived punch packets before they try to send the actual payload data.
Also, you might want to ramp the TTL. Send with TTL 2 in the first packet, TTL 3 in the second packet, ...
The most important part is to make sure both ends have sent out their short-lived punch packets before they try to send the actual payload data.
Author
Ok so I tested my first real punch through between two Win 7 machines, both running windows firewall and both have NAT routers/firewalls as well. Results were mixed, I couldn't connect at all to my friend at first (who didn't have any windows firewall rules setup), so then he tried to connect to me and it worked right away (which I have windows firewall excpeptions for my app), then I tried to him again and it took a few tries but worked eventually. It doesn't appear this punch through technique works with windows firewall or should it?
(neither of us have any rules in our NAT/routers, so it is penetrating the NAT properly, my guess is its getting hung up on his windows firewall, strange that it worked the second time though after repeated attempts, maybe I need to increase my timeouts)
(using the enet lib)
(neither of us have any rules in our NAT/routers, so it is penetrating the NAT properly, my guess is its getting hung up on his windows firewall, strange that it worked the second time though after repeated attempts, maybe I need to increase my timeouts)
(using the enet lib)
It doesn't appear this punch through technique works with windows firewall or should it?
[/quote]
Windows Firewall will shut down anything that hasn't gotten an exception. There is an IFwConfig interface (or similar -- I forget the exact name) and you're supposed to register an exception for your application as part of your installation package.
This is one of many reasons why "software installation" on Windows is more than just dropping an EXE and some files in the right place -- you really need a proper MS Installer (.msi) package to do it right.
Author
I use the NSIS installer and have found a plugin SimpleFC to add the windows firewall exception, thanks 
I use the NSIS installer and have found a plugin SimpleFC to add the windows firewall exception, thanks
The NSIS installer does Windows Installation Wrong in general. I highly recommend upgrading to WiX.
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement
