I found the following document and a bunch of similar ones while surfing the net on a Saturday night. Apparently I have no life. :) You can Google for lots of similar documents by searching for UDP and NAT.
http://rfc3489.x42.com The document describes something called STUN - Simple Traversal of User Datagram Protocol (UDP) Through Network Address Translators (NATs). It seems that the most common way to get around a normal NAT firewall is to send a keep-alive UDP packet every 30 seconds or so to any IP address on the other side of the NAT box. The document is proposing that method as a standard. This opens a hole in the NAT box. Any other IP address can send a reply to the NAT box on the port used to send the keep-alive. This allows the following communication: Box A is behind a NAT Firewall called Firewall A. Box B is behind a NAT Firewall called Firewall B. IP Address C is a random IP address on the public network that Box A through Firewall A can send data to. IP Address D is a random IP address on the public network that Box B through Firewall B can send data to. Freenet is started on Box A. The user enters the IP address of Firewall A as the Node Address. This could be made automatic by asking a public IP address what the address of the Firewall is. Box A begins sending a single UDP packet every 30 seconds or so on the Freenet port to random IP Address C. Now any Freenet node can communicate with Box A through UDP. Freenet is started on Box B. The user enters the IP address of Firewall B as the Node Address. This could be made automatic by asking a public IP address what the address of the Firewall is. Box B begins sending a single UDP packet every 30 seconds or so on the Freenet port to random IP Address D. Now any Freenet node can communicate with Box B through UDP including Box A. UDP could be the solution to the NAT problem. The UDP keep-alive traffic could even be slightly modified so that it looks like streaming audio or something similar. If we don't need 2 boxes that are both behind NATs to communicate, a public node could use UDP through the keep-alive hole in the firewall to tell a node behind a firewall to open a TCP connection back to the public node so the public node can make a request stream. _______________________________________________ devl mailing list [EMAIL PROTECTED] http://hawk.freenetproject.org:8080/cgi-bin/mailman/listinfo/devl
