Solved

Bypass NAT Router Solution - by using a intermediate "server/service"

Posted on 2006-06-13
9
1,453 Views
Last Modified: 2008-01-09
Need some sample code or direction on how to Bypass NAT (Network Address Translation).


(Destop Application)---->NAT Router------>(Log Server)<--------(Client)

I want the "System" to work as follows:

(a)
The Desktop Application Authenticates to the Log Server, and Anounces its IP Adress when Ever it Changes with its ID.
(b)
The Log Server keeps track of the Desktop IP and ID.
(c)
Client connects Log Server and gives it an ID to Connect to, It receivec the IP Address of the Desktop Application.

In short I am not sure if this will work in practice.

What I need to do is be able to connect to the Desktop Application from the Client, even if the Desktop is behind a
NAT Router with a changing IP Address.

The internet connection can be either a Cell Phone Connection or a ADSL Line for the (Desktop Application).

Example Code would be Nice. Any Language will Do but preferably Java or Delphi.
Also need something that can withstand Load on the Billing Server, Where TCP Throughput is VERY VERY important.
"my thoughts are that the" Log server runs on Linux/FreeBsd where I can make use of an EXREMELY fast Database.










0
Comment
Question by:crestty
  • 4
  • 2
9 Comments
 
LVL 8

Accepted Solution

by:
colr__ earned 250 total points
ID: 16894753
You cannot bypass NAT, it is a network infrastructure in place mostly  for security reasons.

As long as your are plugged nto the router, and the router is configured to use NAT, then this is not bypassable.

colr__
0
 
LVL 8

Expert Comment

by:colr__
ID: 16894817
Since the router maps NAT addresses to local addresses, there isnt any way to go through the NAT with a public IP address - the only IP address that exists for each machine is a local domain address.

The only way round this would be to add a router table entry that maps a public IP address to a specific local machine, but a seperate public IP address and router entry would be required for each machine, essentially making this unmanageable.
0
 

Author Comment

by:crestty
ID: 16894962
mmm.


I must disagree,  for Peer to Peer applications Bypass NAT Routers.

Then I do not want to make use of peer 2 peer, I want to use the Log Server as a GATEWAY that knows the Destination.
But I guess this would mean that the Desktop would always keep a connection open to the LOG SERVER or else the NAT
Server will TimeOut the "Nat Structure" on the Router.

I am just guessing here. But surely it can be done.

If the Desktop connects to the Log Server via the NAT router: and keeps a structure similar to that of the NAT Router, would it not be possible to
communicate to the Desktop via the Log Server, if the Log Server knows the NAT structure.

I assume the Nat structure looks similar to this.

 Source IP : The Desktop IP
 Source PORT : The Desktop Port
 Dest IP : the Log Server IP
 Dest Port : the Log Server Listening Port
 NAT Port : The New Source Port/Fake, actual Open Port on the NAS Router.
 NAT IP: The Ip Address of the NAT Router.

Can one not then Establish a connection to the Desktop from the client if that structure is known via the Log Server?


0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 8

Expert Comment

by:colr__
ID: 16895059
I dont think so, although you might want to post a similar question in the networking forum - youll probably get a better answer there.

colr__
0
 

Author Comment

by:crestty
ID: 16895089
Thankx, for the answer though, debate is hard via a Forum, lol. , it is not my intenention though.
0
 
LVL 8

Expert Comment

by:colr__
ID: 16895106
Not probs, a bit of debate never hurt anyone!

;-)
0
 
LVL 3

Assisted Solution

by:stimpyjcat
stimpyjcat earned 250 total points
ID: 16954163
The way to "bypass" NAT is to have a server which is reachable by both parties negotiate connections on behalf of both of them.  Let A, B be peers and C be the reachable server.  

A connects to C.
B connects to C.

A requests a connection to B (the problem of A knowing about B is a separate issue).
C uses its existing connection to B to request another channel.
B connects again to C (or multiplexes its existing channel).
C connects the channel on which A's connection request arrived to the new channel from B.
A and B can now talk to each other.

The networking complexity is increased because you now have 4 points of failure (A, B, C, and NAT) rather than just two (A, B).

It's generally not possible with NAT to have an entity outside the NAT make a direct connection to an entity within the NAT.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Suggested Solutions

For customizing the look of your lightweight component and making it look opaque like it was made of plastic.  This tip assumes your component to be of rectangular shape and completely opaque.   (CODE)
For customizing the look of your lightweight component and making it look lucid like it was made of glass. Or: how to make your component more Apple-ish ;) This tip assumes your component to be of rectangular shape and completely opaque. (COD…
Video by: Michael
Viewers learn about how to reduce the potential repetitiveness of coding in main by developing methods to perform specific tasks for their program. Additionally, objects are introduced for the purpose of learning how to call methods in Java. Define …
Viewers will learn about arithmetic and Boolean expressions in Java and the logical operators used to create Boolean expressions. We will cover the symbols used for arithmetic expressions and define each logical operator and how to use them in Boole…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now