Jump to content
  • Advertisement

Archived

This topic is now archived and is closed to further replies.

Connect through a firewall without forwarding ports - ACE

This topic is 5147 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

Is there any way to connect to someone behind a firewall without manually forwarding packets on the known port? I'm using ACE if it matters any. [edited by - Vulcan on April 10, 2004 1:13:19 AM]

Share this post


Link to post
Share on other sites
Advertisement
Using UDP and an introducer (matchmaker) you can make this work, assuming the other end wants to be connected to. Google for "UDP introducer NAT" perhaps?

Share this post


Link to post
Share on other sites
Something that article at Intel doesn''t point out about NAT is that some NATs timeout the port based on idle timeout, or even an arbitrary timeout. There are a couple of scenarios where packets are dropped, particularly with UDP. One such scenario follows:
The NAT port is timed out at some arbitrary time interval (or even if it''s an idle timeout). This results in incoming packets being dropped until the next outgoing packet is sent which opens up another (possibly arbitrary!) port in the NAT. At this point your virtual connection is broken, with no route to host - you''ll see ICMP errors if you are checking for them in your recv code.

Share this post


Link to post
Share on other sites
Thx for the article thats pretty nice... explained nice and simple (maybe even too simple ). I wasn''t aware of how NAT tables work, now i do :D

It doesn''t really explain at the end how the two computers are then instructed to connect directly to each other... i doubt that you want all the game data to pass through the master server. But i think i can see how it works.

Share this post


Link to post
Share on other sites
You likely want a heartbeat between each directly connected peer every few seconds.

Note that a name server may take several seconds to answer a name lookup (named runs as UDP on port 53, typically), so the time-out on those firewalls will be at least bigger than that.

If you didn''t google, then you probably missed this link, btw. (it has links to other references, too)

Share this post


Link to post
Share on other sites
So this is a lil confusing to me: If anyone behind a NAT has ever used AIM to try to send someone a file, it OFTEN fails, especially if it is being sent to someone that is also behind a NAT. Now does AIM often fail because the developers of it happened to miss these articles or are there just situations that exist where a peer-to-peer connection simply isn't possible?

[edited by - tieTYT on April 15, 2004 2:23:06 AM]

Share this post


Link to post
Share on other sites
I just read this an i think i found a biiig mistake in it.

This is the slide: http://www.intel.com/cd/ids/developer/asmo-na/eng/79524.htm?page=5

It says that the NAT table for bob has bob''s private ip address but joe''s public ip address. And it says that joe''s NAT table has joe''s private ip address but bob''s public ip address. Shouldn''t the public ip address of the NAT table be the same as the public ip address of the router?

Share this post


Link to post
Share on other sites
No, why should the address of the router show up in the router's NAT table?

edit: let me expand that some. The NAT table works by taking the source address of the incoming packet and mucking with the destination according to the entries in the table. There should be no need for the router to store its own public address in the table, because it already knows the address of the relevant interface.

[edited by - SiCrane on April 15, 2004 6:28:49 PM]

Share this post


Link to post
Share on other sites
quote:
Original post by SiCrane
No, why should the address of the router show up in the router''s NAT table?

edit: let me expand that some. The NAT table works by taking the source address of the incoming packet and mucking with the destination according to the entries in the table. There should be no need for the router to store its own public address in the table, because it already knows the address of the relevant interface.

[edited by - SiCrane on April 15, 2004 6:28:49 PM]


Ok, that makes sense to me, but right on the page before that

http://www.intel.com/cd/ids/developer/asmo-na/eng/79524.htm?page=4

it says joe gets a packet and it shows Joe''s router''s NAT table and that NAT table has joe''s router in it. So does this mean that Page 4 is the one that''s wrong?

Share this post


Link to post
Share on other sites

  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

Participate in the game development conversation and more when you create an account on GameDev.net!

Sign me up!