On Tuesday 05 August 2008 16:47:15 ext Iljitsch van Beijnum, you wrote: > What's the difficulty with TCP? If I understand things correctly, once > you use a certain port as a source port number on the public side, a > behave-compliant NAT will forward incoming sessions towards that port > number to you. So the only thing the application has to do is figure > out what the address/port is that others see and not release the port > number and it's in business.
The passive side of the TCP connections can hardly be behind a NAT. So there is no way the NAT can know about it. That's why we have UPnP IGD and NAT-PMP. So... One proposed work-around is for both sides to be simultaneously active. The TCP spec allows this, but: 1/ Most firewalls and many NATs do not support this. They reset the connection. 2/ Some OS's do not support it either. 3/ When the OS supports it, it needs a cumbersome socket API hack involving a listening socket and an connecting socket on the same port. -- Rémi Denis-Courmont Maemo Software, Nokia Devices R&D _______________________________________________ Int-area mailing list [email protected] https://www.ietf.org/mailman/listinfo/int-area
