Why TCP hole punching in this way doesn't work?

Question

My understand of NAT table is

NAT table maps only (Private IP:Port) -> (Public IP:Port)
It doesn't care about protocol or socket connection

In this manner, I thought TCP hole punching could done by reusing local port.

Host A behind NAT connect to server S, NAT of host A maps its pair

Host A(192.0.0.1:100)            ->            NAT            ->            Server
                             (192.0.0.1:100 -> 121.0.0.1:200) MAPPED

Host A closes that socket and open new listening socket on same local port(100)

Host A(listening 192.0.0.1:100)   ->            NAT            ->            Server
                             (192.0.0.1:100 -> 121.0.0.1:200) MAPPED

Then, I thought any client can connect to Host A (get 121.0.0.1:200 from server) by using already mapped pair (192.0.0.1:100 -> 121.0.0.1:200)
Because NAT table only considers dest IP and port not source IP and port.

But this doens't work! I found other complex implementation, but I curious what is problem in this way.

Dupe of: http://stackoverflow.com/questions/26694286/how-do-i-do-tcp-hole-punching — selbie, Nov 28 '16 at 06:28

score 0 · Answer 1 · answered Nov 28 '16 at 14:55

0

Okay if anyone reaches here, read "Methods of translation" part in https://en.wikipedia.org/wiki/Network_address_translation

answered Nov 28 '16 at 14:55

JokyDandy

59
1
8

Why TCP hole punching in this way doesn't work?

1 Answers1