Re: NAT and keepaliveopen connection over TCP

The TCP protocol specifies that keep-alive messages are
sent after 10 minutes of inactivity on the TCP connection.
You only have a boolean flag to enable them.

OTOH with application level protocl you can choose
your keep-alive period yourself. Yes - it means actually
sending and receiving keep-alive data as part of your
main data exchange protocol.

--
=====================================
Alexander Nickolov
Microsoft MVP [VC], MCSD
email: agnickolov@xxxxxxxx
MVP VC FAQ: http://www.mvps.org/vcfaq
=====================================

"semedao" <semedao@xxxxxxxxxxxxxxxx> wrote in message
news:ud%23PV%23ICHHA.4024@xxxxxxxxxxxxxxxxxxxxxxx
thanks Alexandre
what about using:
byte[] optionInValues = new byte[] {0x01, 0x00, 0x00, 0x00, 0x30, 0x75,
0x00, 0x00, 0x10, 0x27, 0x00, 0x00};

byte[] optionOutValues = BitConverter.GetBytes(0);

socket.IOControl(IOControlCode.KeepAliveValues, optionInValues,
optionOutValues);



instead of

socket.SetSocketOption(SocketOptionLevel.Tcp, SocketOptionName.KeepAlive,
true); ?

or you want that I will code the socket itself to use Send(...) every 30
seconds for ex ?

"Alexander Nickolov" <agnickolov@xxxxxxxx> wrote in message
news:u0T6wnCCHHA.4428@xxxxxxxxxxxxxxxxxxxxxxx
A more primitive NAT could do that, sure. Your connection
is busted at that point. The client will realize it after it's
sent back an RST. The server will realize it much later when
the TCP keep-alive kicks in (10 minutes of inactivity). The
basic problem is of course inactivity on the connection.
There's no minimum set time how long a NAT router should
maintain its bindings. Thus if you send data after the binding
has expired, the NAT router simply creates a new binding
naturally using a new public port number. I said more primitive
NAT routers, because most NAT routers actually inspect the
TCP packets a bit more and only open new bindings for TCP
packets containing the SYN flag. Other TCP packets would
cause the NAT router to drop the packet and return an RST
packet back to your client.

The only solution to your problem is if you send keep-alive
messages yourself as part of your protocol and actively
time-out inactive connections at the server. While there's no
minimum inactivity time for NAT bindings to expire, a good
number to pick would be 30 seconds to 1 minute between
keep-alives. Shorter times means increase in useless traffic,
longer times increase the risk of NAT bindings expiration.
YMMV...

--
=====================================
Alexander Nickolov
Microsoft MVP [VC], MCSD
email: agnickolov@xxxxxxxx
MVP VC FAQ: http://www.mvps.org/vcfaq
=====================================

"semedao" <semedao@xxxxxxxxxxxxxxxx> wrote in message
news:OqBpfTCCHHA.4844@xxxxxxxxxxxxxxxxxxxxxxx
Hi,

I have a TCP server that listening to tcp clients, this server can accept
incoming tcp requests.

Some of the clients are behind NAT.

The client makes connection, and then I set keepalive on both sides
(server & client)

in some Nat's it's work fine , and in others the client suddenly after
work correctly send the packets with other port (external - Nat port) to
the server , even if I use the same already opened socket !

For ex.

Client A (192.168.1.1) is behind NAT B (60.78.95.144) make connection to
Server S (87.170.65.132) on that listening on port 1000.

The NAT will change the port number from 1000 to 2000

The connection established.

Then

When the connection is still established the client try to send let say
30 bytes to the server

In the server we have connection to 60.78.95.144:2000 and we try to read
from it.

But the packet from the NAT will come from 60.78.95.144:3000



What cause it?

There is some specific Nat that make it?

How can I identify that Nat will act like this (in the program c#)

How to correct it?

Maybe I should avoid the keepalive and use my "keep alive" by sending
packets to the server every X interval? (And if yes, how to know what is
the interval)

Or maybe the server should send to the client?

Thanks








.

Relevant Pages

  • Re: WinRoute Pro
    ... If a RST is sent to a TCP protocol host, ... 1/ Check the NAT table. ... 2/ Open a TCP connection to a host using a port tool. ... Winroute's logs are no substitute for a decent packet sniffer. ...
    (comp.security.firewalls)
  • Re: [2.6.24.3][net] bug: TCP 3rd handshake abnormal timeouts
    ... server via TCP and non-persistent connections and all application level ... "Sometimes" when establishing a TCP connection to the server, ... Here is a simplified version of what _both_ the server and the client ...
    (Linux-Kernel)
  • Re: [2.6.24.3][net] bug: TCP 3rd handshake abnormal timeouts
    ... server via TCP and non-persistent connections and all application level ... "Sometimes" when establishing a TCP connection to the server, ... Here is a simplified version of what _both_ the server and the client ...
    (Linux-Kernel)
  • Re: NAT and keepaliveopen connection over TCP
    ... It's also disconnect from the public server!!! ... it's look like that the Nat think that It should disconnect from the server also, and next time it connect - it using new port number... ... sent after 10 minutes of inactivity on the TCP connection. ... The client will realize it after it's ...
    (microsoft.public.win32.programmer.networks)
  • Re: NAT and keepaliveopen connection over TCP
    ... Microsoft MVP, MCSD ... use your server connection for anything else after you punch ... If it was symmetric nat case, I was unable to make the first succeded ...
    (microsoft.public.win32.programmer.networks)