Reputation: 507
send UDP to client behind a nat using STUN
I want to test stun client/server and the send udp traffic from server side to client side.
I run stun client in a local machine, I get the following result.1.
Lenovo-Z50-70:~/iop-bb$ stun -v my_stun_server
STUN client version 0.96
Opened port 22948 with fd 3
Opened port 22949 with fd 4
Encoding stun message:
Encoding ChangeRequest: 0
About to send msg of len 28 to 212.227.107.179:3478
Encoding stun message:
Encoding ChangeRequest: 4
About to send msg of len 28 to 212.227.107.179:3478
Encoding stun message:
Encoding ChangeRequest: 2
About to send msg of len 28 to 212.227.107.179:3478
Received stun message: 88 bytes
MappedAddress = 41.224.250.29:22948
SourceAddress = 212.227.107.179:3478
ChangedAddress = 127.0.0.1:3479
XorMappedAddress = 41.224.250.29:22948
ServerName = Vovida.org 0.96
Received message of type 257 id=1
- On the server side, I execute the following, echo "hello" | nc -w1 -u 41.224.250.29 22944.
But, in the client side I didn't receive the packet. Any suggestion?
Upvotes: 2
Views: 2465
Answers (2)
Reputation: 104514
You would need to match the port on both sides and do a hole punching step after obtaining your public ip and port.
You ran a stun client listening on local port 22948 to the server (listening on port 3478). From that port you sent a stun binding request request to your server.
The server responded back with a response indicating that your public ip:port was
41.224.250.29 22948.
So now you know that your local ip (e.g. 192.168.1.2) maps to 41.224.250.29 and your local port 22948 maps to the public port 22948.
You could in theory start communicating between client port 22948 and server 3478, but 3478 is already in use by the server. You need to do a hole punching step using the same port you obtained from the STUN response.
The hole punching step with your other service goes like this. Client sends from port 22948 to server (port 9876 for example).
echo "hello there" | nc -p 22948 server 9876
The server could respond:
echo "I see you" | nc -p 9876 41.224.250.29 22948
Upvotes: 3
Reputation: 394
On the server side, I execute the following, echo "hello" | nc -w1 -u 41.224.250.29 22944
Does this received any packet prior from that client or using the address "41.224.250.29 22944"? If not, client end NAT will not allow this incoming traffic unless it's a full-cone NAT. It's also important that client is using a socket which is ready to receive any packet from that external source. Basically, you have to make sure that binding is there for that external source.
Upvotes: 0
Related Questions
- Python3: getting external port from stun server
- webrtc peer to peer video chat behind NAT without STUN server
- Using Stun's server reflexive transport
- does stun client launch UDP server to get incoming traffic
- Hole punching using STUN
- UDP hole punching for Server/Client communication under NAT with STUN
- How to implement NAT traversal using STUN/ICE on my Raspberry Pi
- Connecting to STUN returned External IP address
- Java UDP STUN Hole Punching with DatagramSocket
- udp packets dont make it back to the device