UDP NAT hole punching
Closed this issue · 14 comments
It will be awesome if you use stun server tu bypass NAT's
and other awesome option will be to support dynamicIP nodes.
in Europe lot of ISP provide a dynamicIP to their clients.
This is not a problem if you connect to a static public IP node like cloud providers but if we want real P2P Vpn we need to conect to all nodes, lot of these nodes can change their public IP after 1day-week so lcvpn could be resilent to that, something like check every X seconds if the ip is the same if not publish the ip to other nodes using a K/V(there are some public services on internet)
@segator I see a problem here as if you're behind a NAT you're not able to handle incoming connections... stun server will allow you just identify your external IP and so on :-( so I see no way to connect 2 nodes if both are behind NAT for now (without some node that has "not-nated" static IP)
It's possible to add some announcement messages to set new IPs and push to all other nodes, but this will still has problems with NAT... if we're talking about home routers it's possible to use UPnP, but if your provider gives you shaded IP you'll be not able to receive packets from IP where you haven't sent anything
Well it's clear you don't know about UDP NAT Hole Punching, this is the technique use to bypass NAT's used for VOIP. Check here https://en.wikipedia.org/wiki/UDP_hole_punching
For dynamic IP could be fixed if clients can publish their IP when changed to other nodes using and intermediary that could be a K/V Store or a node with static IP or whatever other service discovery software
@segator hm, you're right... looks like it's possible :) if we'll have at least 1 instance of lcvpn on public IP it's possible to try to connect other NATed instances to each other directly
will try to implement this on weekend :)
NIce ^^ If I can help you let me know :)
hey, Did you have time to implement it? :P
@segator not yet :-( need to setup some virtual network with NAT and so on :) nothing special, but time consuming :-( but working first on possibility to use NATed "clients" with other not-NATed servers (storing of ip:port, sending keep-alive messages and so on) - most of this will be used also for NAT-NAT hosts
Thats okey, let me know if I can help you testing, I already have 3 vms on nat
@segator got few time for different tests and so on... and it looks too complicated and doesn't work in about 50% times :( on the other hand most of home routers supports UPnP protocol that can be relatively easily implemented and gives stable connection without keepalives and reconnections overhead
what do you think about this way?
why complicated? already exist go lib's for UDP hole punching using a STUN server for discovery.
Anyway I supose UPnP it's fine
because most of routers are losing UDP ports obtained via hope punching within 10-20 minutes :( so some mechanism needed to control if it's still alive and re-connect and so on
with upnp this can be done almost automatically and router will keep port forwarding all the time application is running...
that's normal you need a keep alive mechanism.
even keep-alive messages doesn't help 100% :(
so I'll implement upnp first and then we can see if this is enough for 90% of users :)
@segator sorry for long delay... have very little free time
anyway... I've tried to implement NAT support (+ UPnP), but this increases increases code-base more twice and it will be much more hard to check and analyze :( I think it's not good for this project as I want to keep it as simple as possible
Understood