Jump to content
Posted 14 May 2013 - 07:04 PM
Posted 15 May 2013 - 05:23 AM
Take a look at the following scenario:
client A at local network 192.168.1.1:8080
client B at same local network 192.168.1.2:8080
behind global NAT 184.108.40.206
server at global network 220.127.116.11:9000
now A and B send requests to server and getting the following public endpoint:
client A: 18.104.22.168:9000
client B: 22.214.171.124:9001
The problem is, if client A tries to contact client B by 126.96.36.199:9001 it would send a message through the router to itself, which will most likely not work. In this case it just needs to use its local (aka private) endpoint (192.168.1.2:8080) to contact it. Therefor you send requests to both, private (if behind the same NAT) and public (if behind other NAT).
Edited by Ashaman73, 15 May 2013 - 05:27 AM.
Posted 15 May 2013 - 08:08 AM
Posted 15 May 2013 - 09:40 AM
Yes, it is totally possible, and sometimes preferrable, for A to talk to B using the private IP address. The main problem is establishing that A and B are, in fact, both on the same private network. If their public IP is the same, then that's a good clue.
In fact, certain NAT gateways don't support "hairpin NAT" -- if A tries to talk to B using the B public IP/port, the router just drops the packet, rather than properly forwarding and re--re-writing it. Thus, you may *have* to support the direct mode for these kinds of clients if you want a very robust NAT traversal solution.
Posted 15 May 2013 - 11:42 PM
why A don't compare the public endpoints of A and B and if they have the same IP use the private endpoint to contact B
The client do not know its own public endpoint, only the server know it. Either the server would check if two clients have the same public endpoint and send therefor only the private endpoint to the client, or the server sends the clients public endpoint to the client itself. But all this is more complex and very theoretically, just testing if one of the two possible endpoints works is more practically.
Posted 16 May 2013 - 07:33 PM
No, it's an excellent question. There is no reason to probe both, and given that internal networks share a common address space, I'd say it is bad form.
NAT tunneling is mediated by the Matchmaker anyway. Have each client report its internal IP address and port when it contacts the Matchmaker. When coordinating matches, if the external IP is the same, the Matchmaker returns the external IP/Port that it determined for the parties, otherwise it returns the internal version. No additional information is sent, and no duplicate connecting is needed.