I want to connect two devices that are in different locations but connected to internet, a computer running windows 10 and a smartphone android. The application is a simple UDP socket to transmit data between them, but I have different scenarios.
1st Scenario. PC with Public IP and Smartphone behind 3G/4G CG-NAT)
The PC opens de UDP socket and the Smartphone connects to the public IP, easy and fast.
2nd Scenario. PC behind a NAT with public IP and Smartphone behind 3G/4G NAT)
Option A) The PC configures a port forwarding to the NAT to it’s internal IP and then the Smartphone connects to that public IP. Easy but not fast because client has to configure the NAT.
Option B) Use UDP HOLE PUNCHING to open a hole on the NAT and then the client connects to it.
3rd Scenario. PC and Smartphone both behind CG-NAT.
Here is my problem, PC sometimes is behind a CG-NAT, maybe because of ISP using this technique or maybe connected to internet using Wifi Hotspot from another Smartphone.
As far as I know, I can’t configure CG-NAT with any protocol (UPnP, PCP, etc…), so I can’t do port forwarding. UDP Hole Punching is neither an option because of the “port randomize”, so the ISP changes my source port when going outside the CG-NAT and this changes for each connection.
I’m developing a project that relies on this, direct connection between a PC and Smartphone without technical details, and working always that both clients have internet, never mind if firewalled, behind NAT’s, etc…
I was thinking about using a 3rd cloud server with public IP to connect them BUT just for stablishing the connection, not to forward all the traffic because this adds latency and traffic costs to my project which are not affordable.
So… is there any technique to give a solution to my problem?
Thanks!
Related
I have an android client which has to communicate through socket to a c# based pc server. The question is, if the pc server is behind a router which somwhow does not seem to support port forwarding through upnp, or even through configuration, it simply cant get connection.
These routers are some kind of free wifi zones prepared for free by some kind of companies, so I can't have any access to it's configs. The upnp or configuring my router both works fine, but I dont really know what to do about these routers.
It's common for a home router to only allow established connections by default. Even with a VPN tunnel or CHAP Callback, you would still need configuration on both ends imho.
I'm building a system that relies on a central server to send the IP address and port of the first user (on mobile or desktop app) to a second user (on mobile or desktop app). The second user establishes a P2P encrypted connection with the first user, using the IP address and port sent by the central server, to send a large file directly (ideally, the actual file doesn't pass through the central server).
This system needs to work even if the users are behind different firewalls / NATs and on mobile or desktop devices, without requiring users to manually open ports.
I've been looking into NAT Traversal Protocol (Teredo IPv6), libjingle (Google's open source suite), STUN, direct socket connections, and direct VPNs between the users.
I'm confused if I'm approaching this correctly. Would all of these options solve this problem independently? Or am I approaching this wrong? Would direct IPv6 connections would straight out, even behind IPv4 routers?
P2P connection is not guaranteed to succeed always. It can fail for the following reasons:
1) Two peers are behind symmetric NAT. (Although Teredo works if one peer is behind symmetric nat.) 2) UDP is blocked
3) If the peer is behind proxy.
4) Double NAT scenarios.
There are three types of ipv6 address - link local, private address & global. Two peers can connect directly over the internet if they have global address. Global address prefix is (200:....). If your building P2P system, you should have fallback mechanism in which case the central server should relay the data between the peers. This way you can make your application reliable at the time make connection faster for most peers using p2p.
I'm writing a C# remote control for my media player. It runs on my Android phone.
I have a client app listening for TCP connections on my computer which, one a connection has been established, processes commands (Volume up, volume down, ...). I've tested that part using telnet 127.0.0.1 on my computer, and it works great.
Things are trickier when it comes to connecting from my phone, since it's not on the same network (I don't have Wi-Fi, only wired connections), so I'm not sure how to proceed. Basically I want to connect to a computer that's behind a router.
Should I rather host the TCP server on my phone, and have the PC connect to it? Take IRC as an example: although I'm behind a router, I can connect to servers outside, without port forwarding.
Or if hosting the server on my computer is fine, how do I connect to it?
I don't understand everything to this yet, so feel free to correct me if I got something wrong.
It would be more logical to keep the PC hosting the server, and configure your router to forward connections to your PC. You have two options:
Establish a DMZ: all incoming connections on the router will be forwarded to one PC only. This is easiest when you only have 1 PC on the network that needs to accept connections.
Configure port forwarding: you can instruct the router to forward connections incoming on port X to the IP Y on port Z. This way, multiple PC's can listing for connections (using different ports on the router). It is also a bit more secure.
How to set these up depends on your router, but most routers just accept connections on their port 80 and offer an easy web-interface. If you give your router brand, we can link you to the manual.
Things are trickier when it comes to connecting from my phone, since
it's not on the same network (I don't have Wi-Fi, only wired
connections), so I'm not sure how to proceed. Basically I want to
connect to a computer that's behind a router.
What you want to achieve is possible, but you need to learn about NAT traversal and hole punching.
Most often, devices behind a NAT/Router have a private IP address only valid on the LAN. Remote devices can't guess it. This private address is translated into a public IP address by the NAT when the device wants to communicate with the WAN.
The easy solution is you can give a public IP address to the device behind the NAT. In this case, remote devices on the WAN will easily be able to reach it, because its address is public.
I want to develop an iPhone app with a simple IM feature. I am thinking about setting up an HTTP server on an iPhone. If the iPhone is using wifi and is behind a firewall, how can I make sure that other iPhone clients can connect to it?
It's not the firewall that will disturb the connection as much it is the NAT.
When you are connected through wireless router to connect the internet you are surfing via NAT. it means you dont really have an extenral IP but once you initiate connection the router will map your intenral IP to one of his externatl ports and for certain time window he will pass connections to you if he will get it to the right port.
That being said, there is no actual way of setting a server behind a NAT unless you can configure port forwarding in the router and internal static IP.
Hope i was clear enough, good luck
I do not really think that you need to get an HTPP server up and running on iPhone to make an application that can send and receive messages (IM). The idea of making one iPhone user to directly connect to one another does not seem right to me since the users will need to know IP addresses of one another to do that.
Interconnectivity between different users of the chat can be solved by making your application communicate via a dedicated TCP port. It is generally advisable to choose ports with a number higher than 1024 since those below are generally found on the list of so-called well-known ports and are used for Web (like port 80), FTP (port 21), SSH (22), DNS (53), etc., it will be the responsibility of the user to make sure the port used by your application is open on the firewall. In order to solve this problem you can actually use port 80 for communication if you find that the port you have selected is blocked. You can do this because you know that this port will not be blocked in most cases. Indeed Yahoo Messenger is reported to use this technique when the firewall blocks the port it uses for communication.
The port should be used by your application to connect to the Web-server that will actually store user credentials, perform authentication, message transmission, etc., and the server should reside on capable hardware to be able to support large number of simultaneous connections. I can suggest using either a VPS (like the one provided by Linode) or a cloud (like Amazon EC2, Google Application Engine, Rackspace).
Hey I'm trying to get a CFStream connection going over 3G. I can get it working over wifi using the host name, but when I try to connect directly to the ip address it fails.
Is there a guide out there on how to connect over 3G?
Thanks
ASH
You can use NAT traversal in some cases. This is not a guaranteed method and depends on the type of NAT so you will still need a relay server if you want to guarantee connectivity.
A general rule is if both clients are behind symmetric NATs then a relay server is required.
If only one NAT is symmetric then STUN, ICE, methods can be helpful in establishing P2P connections.
The following might help you:
Interactive Connectivity Establishment see en.wikipedia.org/wiki/Interactive_Connectivity_Establishment
PJNATH Open source project for NAT traversal in SIP/VoIP solutions see PJSIP.ORG
When you are connected to 3G then you are usually behind a router that implements some 'NAT' scheme. This means that your iPhone gets a private internal IP address on the inside (the 3G network) and a shared 'real' public IP address on the outside (the Internet).
This is all fine when you are just a client connecting to services on the Internet, but it will fail horribly when you try to connect to other clients in the same situation.
There is no simple solution for this. Programs like Skype work around this problem by using intermediate servers with public IP addresses that can relay network traffic between hosts behind such 'NATted' networks.