如何在没有端口转发或集中式服务器的情况下创建对等连接? [英] How do you create a peer to peer connection without port forwarding or a centeralized server?

问题描述

我记得曾经读过一篇有关提议的方法的文章.如果我没记错的话，研究人员通过相互发送HTTP数据包而成功建立了到另一个网络上的客户端的连接，而无需端口转发(Alice假装Bob是HTTP Web服务器，而Bob假装Alice是Web服务器).

我不确定这是否有意义，但是是否有人知道我在哪里可以找到该文章，或者是否有人有其他想法如何将两个客户端连接在一起而无需中央服务器或端口转发?

有可能吗?

我会知道程序监听的计算机和端口的IP.

解决方案

有可能.对于您的问题，我至少看到了 2个部分. (它不会是HTTP数据包.它要复杂得多.)

首先，我相信您可能正在谈论一个称为分散式P2P网络的概念.分散式对等网络背后的主要思想是，这样的网络中的节点联合将不需要中央服务器或服务器组.

您可能已经知道，大多数常见的集中式对等网络都需要这种集中式系统来交换和维护节点之间的互连性.基本概念是这样的，一个新节点将连接到主服务器之一，以检索有关网络上其他节点的信息，以保持其连接性和可用性.服务器通过不断同步网络状态，相关信息以及彼此之间的中央协调来维护中央系统.

另一方面，分散网络不具有任何结构或预定的核心.这种对等模型也称为非结构化P2P网络.任何新节点都将从父"节点复制或继承原始链接，并随时间形成其自己的列表.这种非结构化网络的分散化有几类.

有趣的是，由于没有中央命令和控制系统，它成为现代恶意软件僵尸网络的首选解决方案.一个很好的例子是Storm僵尸网络，它使用了所谓的被动P2P监视器(PPM).无论受感染的主机是否位于防火墙或NAT之后，PPM都能找到受感染的主机并建立对等列表. Wikipedia的文章 风暴僵尸网络 很有趣.还有一个很棒的合作研究，叫做 在对等点中完成节点枚举对等僵尸网络 ，它为Storm僵尸网络提供了出色的概念分析和技术.

第二个，您可能正在谈论UDP打孔.这是一种技术或算法，用于通过第三个集合服务器使用第3条注释主机来维护NAT路由器/网关后面的2台主机之间的连接.

Bryan Ford，Pyda Srisuresh和Dan Kegel撰写了一篇很棒的论文，称为 跨网络地址转换器的对等通信 .

I recall reading an article about a proposed way to do this. If I recall correctly, the researchers successfully created a connection to a client on another network without port forwarding by sending HTTP packets to each other (Alice pretends that Bob is an HTTP web server while Bob pretends Alice is a web server).

I'm not sure if that makes sense, but does anyone know where I can find the article or does anyone have any other ideas how to connect two clients together without a central server or port forwarding?

Is it even possible?

Edit: I would know the IPs of both computers and port the program listens on.

解决方案

It is possible. I see at least 2 parts to your question. (It is not going to be HTTP packet. It is a lot more complex than that.)

First off, I believe you might be talking about a concept called decentralized P2P network. The main idea behind a decentralized peer-to-peer network is the fact that nodes conjoint in such a network will not require central server or group of servers.

As you might already know, most common centralized peer-to-peer networks require such centralized system to exchange and maintain interconnectivity among nodes. The basic concept is such, a new node will connect to one of the main servers to retrieve information about other nodes on the network to maintain its connectivity and availability. The central system gets maintained through servers constantly synchronizing network state, relevant information, and central coordination among each other.

Decentralized network, on the other hand, does not have any structure or predetermined core. This peer-to-peer model is also called unstructured P2P networks. Any new node will copy or inherit original links from the "parent" node and will form its own list over time. There are several categories of decentralization of such unstructured networks.

Interestingly enough, the absence of central command and control system makes it solution of choice for modern malware botnets. A great example could be Storm botnet, which employed so-called Passive P2P Monitor (PPM). PPM was able to locate the infected hosts and build peer list regardless whether or not infected hosts are behind a firewall or NAT. Wikipedia's article Storm botnet is an interesting read. There is also great collaborative study called Towards Complete Node Enumeration in a Peer-to-Peer Botnet, which provides excellent conceptual analysis and techniques employed by Storm botnet network.

Second of all, you might be talking about UDP hole punching. This is a technique or algorithm used to maintain connectivity between 2 hosts behind NATed router/gateway using 3rd comment host by means of a third rendezvous server.

There is a great paper by Bryan Ford, Pyda Srisuresh, and Dan Kegel called Peer-to-Peer Communication Across Network Address Translators.

这篇关于如何在没有端口转发或集中式服务器的情况下创建对等连接?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！