Why can't I connect to my server using my public IP?

Question

I have a server program and a client program. While developing the program I run the server and the client on the same machine for convenience. The server starts listening to incoming connections using these lines:

var listener = new TcpListener(IPAddress.Any, 7070);
listener.Start();

The client connects to the server using these lines (simplified):

var client = new TcpClient(AddressFamily.InterNetwork);
client.Connect(IPAddress.Loopback, 7070);

I use IPAddress.Loopback because I run the programs on the same machine. But, knowing that the server and the client won't be necessarily run on the same machine in the future, I changed it to my public IP from http://icanhazip.com (IPAddress.Parse(...)). Because of that the client was unable to connect to the server on the same machine with the exception No connection could be made because the target machine actively refused it <my public ip:7070>.

I tried disabling my firewall but it's still not working. Why is the server refusing the connection? Didn't I specifically tell it to listen to all interfaces with IPAddress.Any?

Why does that happen and how do I fix it?

Answer 1

Here's an answer built from my comments on the question, which are hopefully correct:

Your public IP is provided by your ISP and is actually the address of your router. The router does network address translation (NAT) for outgoing connections from computers within your local network. These requests look to the Internet like they're all coming from one IP, and your router sends responses to the right local computer based on an address translation table. This works for outgoing connections but not incoming connections.

If something tries to open a TCP connection from the Internet to your router, the router has no idea what local computer it might be trying to connect to unless you specifically configure it to forward that traffic to a particular computer on your local network. That's where port forwarding comes in. If you haven't configured port forwarding, the router just says, "sorry, I'm not handling incoming requests on port 7070."

Answer 2

Is your development machine behind a router?

Network traffic sent to you via your public IP address reaches your router on a given port via a specific networking protocol. Your router needs to know where to send this traffic internally on your network. Traffic is coming from the Internet to your machine, and your router either cannot or will not forward the traffic to your computer's machine.

You don't notice this in your day-to-day life thanks to the power of Network Address Translation (NAT) and Universal Plug and Play (UPnP). Glossing over some details here, Network Address Translation allows traffic headers to be modified to route traffic from your public IP to your actual machine's IP on the network. When incoming traffic attempts to open a port for connectivity on your network, the router needs to be configured to forward that traffic appropriately. Universal Plug and Play is a protocol supported on many modern routers to allow software and devices to seamlessly route traffic without the need to forward ports.

This leaves you with two options:

1. For development purposes, access your router and forward the desired port to your development machine

2. For a more robust application, especially if you're going to be running this on different machines or different networks, consider adding UPnP support to your application while also understanding that UPnP may not be supported or enabled by some users, in which case port forwarding is still necessary.