0

I coded a server/client application which i ran first locally and then over the internet. Therefore i configured my router that it accepts data on port xxxx and forward it to my machine where my server runs and where it accepts connections from client sockets. So everything runs fine and the clients can send there messages to each other. So now my question is, how is it possible that the server can send data to the clients in other networks where port forwarding isn´t activated but when i try it manually it doesn´t work.

I already tried searching about how the TCP saves IPs and ports and I also looked up how the concept of the Internet/TCP/UDP works but couldn´t find an answer to the question.

So first of all I wanted to know that before I implement my server without port forwarding and it would also be appreciated if you could give code examples for c++ on windows if you have any ideas so that i can establish such connections without port forwarding and extern serverhosts on the internet.

MaestroD
  • 51
  • 5
  • Search for _"NAT hole punching"_ and you will find articles like https://stackoverflow.com/questions/23176800/whats-so-hard-about-p2p-hole-punching – Richard Critten Apr 27 '19 at 23:24
  • @RichardCritten yeah i read something like that but isnt it necessary for it that there is an online hosted server where the clients "meet"? Or is it also possible that the server runs on my machine an all the clients connect to it through the Internet? Also everytime when I searched something like that there weren´t real examples of how to accomplish something like that there were only schemes. – MaestroD Apr 27 '19 at 23:31
  • Port forwarding is only needed for NAPT. It basically places a manually configured entry in the NAT table. That will happen automatically when traffic is originated from the inside. – Ron Maupin Apr 27 '19 at 23:31
  • @RonMaupin so that is why the server can send messages to the clients ? – MaestroD Apr 27 '19 at 23:32
  • Assuming it is IPv4 behind a NAPT, then, yes, but remember that not everything is that way. I know many people who connect their PC directly to the ISP connection, so they hav public addresses on their PCs, and there is no NAPT. – Ron Maupin Apr 27 '19 at 23:40
  • [This answer](https://networkengineering.stackexchange.com/a/53937/8499) contains some information about NAT/NAPT and the drawbacks. – Ron Maupin Apr 27 '19 at 23:45
  • @RonMaupin Would it then theoretically be possible if I just take the NAPT address of my server and let the clients connect to it ? So this way i wouldn´t need then the port forwarding ? Like this https://de.wikipedia.org/wiki/Port_Address_Translation – MaestroD Apr 27 '19 at 23:52
  • If your server is addressed with a Private address, then it cannot be directly contacted across the public Internet. – Ron Maupin Apr 27 '19 at 23:55

1 Answers1

0
Clint -> NAT (router) -> ... -> NAT (router) -> server

When client sends a message (it can be a connection attempt in case of TCP or just a message if it's UDP), its NAT doesn't block it and remembers which local address:port it's coming from and to which address:port it's going to: [client address:port, server address:port]. When the message hits server's NAT, the NAT knows about your server because you configured "port forwarding" and passes the message to local network. Now, when server sends message back to client and it reaches client's NAT, the NAT checks its internal table, finds a record for this particular server address:port, retrieves client address:port part and passes the message to it. So everything works as expected.

It's why usually when you open your browser and go to some web link, you receive server response with web page without problems despite you are behind NAT.

It's a simplified explanation which omits local/global address:port details.

Andriy Tylychko
  • 15,967
  • 6
  • 64
  • 112
  • Port forwarding is only needed for NAPT, not basic NAT. It is NAPT that involves transport protocol addresses (ports). – Ron Maupin Apr 28 '19 at 00:00
  • @RonMaupin: OP mentioned port forwarding and I used it as a reference for easier understanding of the explanation. I had to intention to describe unrelated concepts for brevity. – Andriy Tylychko Apr 28 '19 at 00:03
  • "_without problems despite you are behind NAT._" But you can be behind NAT and have everything work correctly without port forwarding. It is NAPT that requires port forwarding. – Ron Maupin Apr 28 '19 at 00:05
  • @RonMaupin: this paragraph and described use case doesn't mention/involve any port forwarding – Andriy Tylychko Apr 28 '19 at 00:08
  • You are missing my point. NAT doiesn't use port forwarding because it doesn't do anything with ports. NAPT is what must use port forwarding. I see many DMZs using NAT where there is a public address for each private server address. That is simply using NAT, and there is no port translation and no port forwarding. It is simply NAT (Network Address Translation). When you involve ports, it is NAPT (Network Address Port Translation). The terminology is defined in [RFC 2663](https://tools.ietf.org/html/rfc2663). – Ron Maupin Apr 28 '19 at 00:13
  • And how long does this record exists ? Does it exist for the duration of the connection or for a longer time? – MaestroD Apr 28 '19 at 08:07
  • @RonMaupin could you also pls explain me the difference between napt and nat because on wikipedia it seems for me that source/destination nat and napt are pretty much the same. – MaestroD Apr 28 '19 at 08:25
  • NAT replaces either or both (source and destination) of the network (layer-3) addresses in a packet header. NAPT replaces either or both (source and destination) of the network (layer-3) addresses, and the transport (layer-4) addresses. The layer-3 addresses are IPv4 addresses (IPv6 doesn't have NAT or NAPT), and the layer-4 addresses are ports. The RFC I linked above explains how they work. – Ron Maupin Apr 28 '19 at 15:58
  • The RFC section 4 describes various NAT flavors: Traditional NAT (or) Outbound NAT, Basic NAT, Network Address Port Translation (NAPT), Bi-directional NAT (or) Two-Way NAT, Twice NAT, and Multihomed NAT. – Ron Maupin Apr 28 '19 at 16:05