On Mon, Mar 05, 2007 at 03:06:35PM -0500, Colin Davis wrote: > As for NAT issues, forgive my being out of touch, but I thought that was > solved a year ago.. If I recall, I thought that even if Side-A and > Side-B were both firewalled, they could connect.. > > When Side-A added the noderef of B, it would start sending out packets > to B, knowing that they won't get returned.. But the Sending of these > packets would open a NAT-hole.. > Then, Side-B would get around to adding the noderef of A, and start > sending packets to A, opening a NAT-hole on their own side.. Side A's > packets then get in through this hole, just as B's now arrive at A.
Only if both A and B know the other's IP address. That's not easy. Most people don't know their IP address. There are several issues here: 1. How to deal with NATs. I'm leaning strongly towards implementing UP&P. This might even remove the need for using central STUN servers - at least most of the time after installation. 2. How to easily give somebody a node reference that Just Works, without them having to do anything beyond double clicking on the file. Two options: 1) IP:port + password (password may be auto-generated, and probably should be one-time), 2) one-time references. 3. How to get the node source code in the first place, and whether it's a good idea for this to be distributed; if it is, we can include the initial noderef. (It probably is, but we need #2 as well for e.g. if the user already has a node or has other safe means of obtaining fred). > > What am I missing? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20070305/710deead/attachment.pgp>
