NAT背后的UDP穿孔 [英] UDP Holepunching behind NAT
问题描述
我正在尝试在Java中实现UDP-Holepunching的简单草图以测试其概念,并稍后在我的C/C ++应用程序中使用它.
I am trying to implement a simple sketch of UDP-Holepunching in Java to test it's concept and use it in my C/C++ application later on.
根据Wikipedia的理解,这个概念是这样的: 假设A和B是未定义网络结构背后的客户端,而C是著名的公共可访问服务器.
As from Wikipedia I understood the concept as this: Let A and B be clients behind an undefined networkstructure and C a well-known public reachable server.
- A将数据包发送到服务器C,服务器保存其IP地址和端口. C将获得A的NAT的公共IP地址.这样做,A前面的NAT将创建一条路由,该路由会将此端口上的所有数据包传递给A.
- B的行为与A相同,向服务器C发送数据包,然后将其保存到地址和端口,B的NAT创建路由,依此类推.
- 这时,C知道每个客户端的地址和端口. C会将B的地址和端口发送给A,再从A发送给B.
- A向B发送一个数据包,该数据包将被B的NAT拒绝,但这样做会在A的NAT中打开一个漏洞",从而使来自B的其他数据包得以通过.
- B向A发送了一个数据包,该数据包将到达A,因为之前已打孔"了一个孔".这样做还会在B的NAT中打开一个漏洞",让A的其他数据包通过.
- 打孔已经完成,A和B应该能够彼此进行P2P通信了.
这在localhost上都运行良好(这并不奇怪),但是在实际示例中,此操作失败.
This is all working well over localhost (which is not such a big surprise), but in a real-world-example this fails.
A和B都能够连接到服务器C,服务器C获取它们的数据包,存储其地址和端口,并将其传输到另一个客户端. 但是在这一点上它失败了. A和B无法相互通信. 所以我问自己我做错了什么.我花了几天时间在google和stackoverflow中搜索工作示例,但我偶然发现的建议就是使用STUN,这不是我想要的.
A and B are both able to connect to server C, which gets their packets, stores their address and port and transmits it to the other client. But at this point it fails. A and B are not able to communicate with each other. So I am asking myself where I did wrong. I spent days searching for working examples in google and stackoverflow but all I stumbled upon is the suggestion to use STUN which is not what I want.
下面,我将用Java发布我的草图,因为我不知道我的概念或实现是否有问题.
Below I will post my sketch in Java, as I do not know whether I have a problem with my concept or my implementation.
public class Server
{
public static void main(String[] args)
{
int port1 = 0, port2 = 0;
String address1 = null, address2;
byte[] bytes = new byte[1024];
try
{
System.out.println("Server waiting");
DatagramSocket ds = new DatagramSocket(789);
while(!Thread.interrupted())
{
DatagramPacket p = new DatagramPacket(bytes, bytes.length);
ds.receive(p);
if(port1 == 0)
{
port1 = p.getPort();
address1 = p.getAddress().getHostAddress();
System.out.println("(1st) Server received:" + new String(bytes) + " from " + address1 + " on port " + port1);
}
else
{
port2 = p.getPort();
address2 = p.getAddress().getHostAddress();
System.out.println("(2nd) Server received:" + new String(bytes) + " from " + address1 + " on port " + port1);
sendConnDataTo(address1, port1, address2, port2, ds);
sendConnDataTo(address2, port2, address1, port1, ds);
}
}
ds.close();
}
catch(Exception e)
{
e.printStackTrace();
}
}
public static void sendConnDataTo(String a1, int p1, String a2, int p2, DatagramSocket ds)
{
byte[] bA, bP;
bA = a1.getBytes();
bP = Integer.toString(p1).getBytes();
DatagramPacket pck;
try
{
pck = new DatagramPacket(bA, bA.length, InetAddress.getByName(a2), p2);
ds.send(pck);
pck = new DatagramPacket(bP, bP.length, InetAddress.getByName(a2), p2);
ds.send(pck);
}
catch(Exception e)
{
e.printStackTrace();
}
}
}
请注意,这只是一些草图,没有实际应用.服务器应该只从两个客户端接收数据包,保存它们的地址和端口,然后将其传递给另一个客户端.
Please note, that this is just some sketch, no real application. The server should only receive packets from two clients, save their address and port and pass it to the other client.
public class Client
{
private DatagramSocket socket;
private int init = 0;
private String target;
private int port;
public Client()
{
try
{
socket = new DatagramSocket();
}
catch(SocketException e)
{
e.printStackTrace();
}
Thread in = new Thread()
{
public void run()
{
while(true)
{
byte[] bytes = new byte[1024];
DatagramPacket packet = new DatagramPacket(bytes, bytes.length);
try
{
socket.receive(packet);
bytes = Arrays.copyOfRange(bytes, 0, packet.getLength());
String s = new String(bytes);
System.out.println("Received: " + s);
if(init == 0)
{
target = s;
System.out.println("Target: " + target);
init++;
}
else if(init == 1)
{
port = Integer.parseInt(s);
System.out.println("Port: " + port);
init++;
}
else System.out.println(new String(bytes));
}
catch(IOException e)
{
e.printStackTrace();
}
}
}
};
in.start();
connectToSupervisor();
}
private void connectToSupervisor()
{
byte[] bytes = new byte[1024];
System.out.println("Greeting server");
System.arraycopy("EHLO".getBytes(), 0, bytes, 0, 4);
try
{
DatagramPacket packet = new DatagramPacket(bytes, bytes.length, InetAddress.getByName("localhost"), 789);
socket.send(packet);
System.out.println("Greetings sent...");
}
catch(IOException e)
{
e.printStackTrace();
}
send();
}
private void send()
{
while(init != 2)
{
try
{
Thread.sleep(20L);
}
catch(InterruptedException e)
{
e.printStackTrace();
}
}
System.out.println("Init completed!");
while(true)
{
byte[] b2 = "Hello".getBytes();
byte[] b1 = new byte[6];
System.arraycopy(b2, 0, b1, 0, b2.length);
try
{
DatagramPacket packet = new DatagramPacket(b1, b1.length, InetAddress.getByName(target), port);
socket.send(packet);
}
catch(Exception e)
{
e.printStackTrace();
}
}
}
public static void main(String[] args)
{
new Client();
}
}
客户端将只向服务器发送一个数据包,侦听来自它的数据包,从另一个客户端获取连接数据,然后将持续向其发送包含"Hello"的数据包.
The client will just send a packet to the server, listen for packets from it, grab the connection-data from the other client and will then continuously send packets containing "Hello" to it.
很抱歉,代码太长,但我想保持完整.
I am sorry for the long code but I wanted to keep it complete.
如果你们中的任何人都可以指出我在做的错误,向我解释为什么这没有用,给我一个有效的例子,或者至少指出一个替代方法,我会很高兴.
I would be glad if anyone of you could point me to the mistakes I am doing, explain me why this is not working, give me a working example or at least point me to an alternative.
推荐答案
您的代码似乎正确.我测试了您的代码,它工作正常.这个概念也是正确的.但是,请检查您运行的两个客户端是在同一NAT设备中还是在不同的NAT设备中.如果您的两个客户端都在同一NAT设备下运行,则可能无法正常工作,因为并非所有NAT设备都支持发夹,即两个客户端都将数据包发送到NAT的外部IP,而该IP需要传递给自身.有关更多信息,请参见以下链接: http://tools.ietf.org/html/rfc4787#section-6
Your code seems to be correct. I tested your code and it works fine. The concept is also correct. But please check whether both the clients you run are within same NAT device or different NAT devices. If your are running both the clients under same NAT device then it may not work because not all NAT devices support hair pinning i.e, both clients send packets to NAT's external IP which needs to be passed to itself. For more information refer this link: http://tools.ietf.org/html/rfc4787#section-6
这篇关于NAT背后的UDP穿孔的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
