Re: NAT and keepaliveopen connection over TCP

that's excatly what I did in the end..
but , do you have some information what isthe % of routers in the market
that have this bug ?
thanks a lot
"Alexander Nickolov" <agnickolov@xxxxxxxx> wrote in message
news:e1oEtENDHHA.4992@xxxxxxxxxxxxxxxxxxxxxxx
I think I see you problem finally. The NAT router is indeed
of the cone type, but it has a bug. It closes its binding as
soon as it processes a TCP FIN message, e.g. it has a shared
binding for all of your connections. I'd recommend you don't
use your server connection for anything else after you punch
the hole - simply open another connection for communication
with your server.

--
=====================================
Alexander Nickolov
Microsoft MVP [VC], MCSD
email: agnickolov@xxxxxxxx
MVP VC FAQ: http://www.mvps.org/vcfaq
=====================================

"semedao" <semedao@xxxxxxxxxxxxxxxx> wrote in message
news:OQJ5$XuCHHA.4928@xxxxxxxxxxxxxxxxxxxxxxx
Yes , but I succeded to:
1. make connection to the server X from the peer that exist in internal
host on port Y
2. the server can responed me
3. I succeded to make a connection to the other peer that also exist in
internal host under a different NAT
ONLY when I want to close the connection with the other peer using
RemotePeerSocket.ShutDown... the connection with the Server is closing!
If it was symmetric nat case , I was unable to make the first succeded
hole punching , not ?
"Alexander Nickolov" <agnickolov@xxxxxxxx> wrote in message
news:O8nfyonCHHA.3600@xxxxxxxxxxxxxxxxxxxxxxx
Hole punching does not work through symmetric NATs.
This should be clear from the article you referenced.

--
=====================================
Alexander Nickolov
Microsoft MVP [VC], MCSD
email: agnickolov@xxxxxxxx
MVP VC FAQ: http://www.mvps.org/vcfaq
=====================================

"semedao" <semedao@xxxxxxxxxxxxxxxx> wrote in message
news:%23%23tgjehCHHA.4292@xxxxxxxxxxxxxxxxxxxxxxx
Hi,
I implement keepAlive every 30 seconds without success...
What I determine now is that this is not the problem ! when I made peer
to peer connection with other remote peer (not server)
when I call to remotePeerSocket.Shutdown(SocketShutdown.Both)
It's also disconnect from the public server !!!

If I don't call this shutdown , the server socket is still alive even If
I didn't send keepAlive for couple of minutes.
I implement the hole punching based on :
http://www.brynosaurus.com/pub/net/p2pnat/ in C#.
So , based on this article I bind the
remotePeerSocket to the same port that my ServerSocket is binding before
using
remotePeerSocket.SetSocketOption(SocketOptionLevel.Socket,
SocketOptionName.ReuseAddress, 1);

and

remotePeerSocket.ExclusiveAddressUse = false;

in the server side I can't see it when it happen , only with Packet
Sniffer I see some package from the same IP but on other port, So the
server application don't get it because this socket doesn't made Connect
before sending this packet.

I only see it in the sniffer...
it's look like that the Nat think that It should disconnect from the
server also , and next time it connect - it using new port number...


Why it's happen , and what are the ways to handle it?
If I can't avoid it , can I identify the type of Nat's that will cause
this problem?
"Alexander Nickolov" <agnickolov@xxxxxxxx> wrote in message
news:OyW79iRCHHA.4060@xxxxxxxxxxxxxxxxxxxxxxx
The TCP protocol specifies that keep-alive messages are
sent after 10 minutes of inactivity on the TCP connection.
You only have a boolean flag to enable them.

OTOH with application level protocl you can choose
your keep-alive period yourself. Yes - it means actually
sending and receiving keep-alive data as part of your
main data exchange protocol.

--
=====================================
Alexander Nickolov
Microsoft MVP [VC], MCSD
email: agnickolov@xxxxxxxx
MVP VC FAQ: http://www.mvps.org/vcfaq
=====================================

"semedao" <semedao@xxxxxxxxxxxxxxxx> wrote in message
news:ud%23PV%23ICHHA.4024@xxxxxxxxxxxxxxxxxxxxxxx
thanks Alexandre
what about using:
byte[] optionInValues = new byte[] {0x01, 0x00, 0x00, 0x00, 0x30,
0x75,
0x00, 0x00, 0x10, 0x27, 0x00, 0x00};

byte[] optionOutValues = BitConverter.GetBytes(0);

socket.IOControl(IOControlCode.KeepAliveValues, optionInValues,
optionOutValues);



instead of

socket.SetSocketOption(SocketOptionLevel.Tcp,
SocketOptionName.KeepAlive,
true); ?

or you want that I will code the socket itself to use Send(...) every
30
seconds for ex ?

"Alexander Nickolov" <agnickolov@xxxxxxxx> wrote in message
news:u0T6wnCCHHA.4428@xxxxxxxxxxxxxxxxxxxxxxx
A more primitive NAT could do that, sure. Your connection
is busted at that point. The client will realize it after it's
sent back an RST. The server will realize it much later when
the TCP keep-alive kicks in (10 minutes of inactivity). The
basic problem is of course inactivity on the connection.
There's no minimum set time how long a NAT router should
maintain its bindings. Thus if you send data after the binding
has expired, the NAT router simply creates a new binding
naturally using a new public port number. I said more primitive
NAT routers, because most NAT routers actually inspect the
TCP packets a bit more and only open new bindings for TCP
packets containing the SYN flag. Other TCP packets would
cause the NAT router to drop the packet and return an RST
packet back to your client.

The only solution to your problem is if you send keep-alive
messages yourself as part of your protocol and actively
time-out inactive connections at the server. While there's no
minimum inactivity time for NAT bindings to expire, a good
number to pick would be 30 seconds to 1 minute between
keep-alives. Shorter times means increase in useless traffic,
longer times increase the risk of NAT bindings expiration.
YMMV...

--
=====================================
Alexander Nickolov
Microsoft MVP [VC], MCSD
email: agnickolov@xxxxxxxx
MVP VC FAQ: http://www.mvps.org/vcfaq
=====================================

"semedao" <semedao@xxxxxxxxxxxxxxxx> wrote in message
news:OqBpfTCCHHA.4844@xxxxxxxxxxxxxxxxxxxxxxx
Hi,

I have a TCP server that listening to tcp clients, this server can
accept
incoming tcp requests.

Some of the clients are behind NAT.

The client makes connection, and then I set keepalive on both sides
(server & client)

in some Nat's it's work fine , and in others the client suddenly
after
work correctly send the packets with other port (external - Nat port)
to
the server , even if I use the same already opened socket !

For ex.

Client A (192.168.1.1) is behind NAT B (60.78.95.144) make connection
to
Server S (87.170.65.132) on that listening on port 1000.

The NAT will change the port number from 1000 to 2000

The connection established.

Then

When the connection is still established the client try to send let
say
30 bytes to the server

In the server we have connection to 60.78.95.144:2000 and we try to
read
from it.

But the packet from the NAT will come from 60.78.95.144:3000



What cause it?

There is some specific Nat that make it?

How can I identify that Nat will act like this (in the program c#)

How to correct it?

Maybe I should avoid the keepalive and use my "keep alive" by sending
packets to the server every X interval? (And if yes, how to know what
is
the interval)

Or maybe the server should send to the client?

Thanks
















.

Relevant Pages

  • Re: FTP Server setup... Im so close!
    ... > I have installed the Internet Information Services, etc, and have the FTP ... Your external client is trying to use Passive Mode. ... Since your server is behind NAT, ...
    (microsoft.public.windowsxp.network_web)
  • Re: .Net Scalability problem
    ... LoadRunner will peak out a server with a few virtual users. ... To get an idea of load, ... Fire off the test client and watch the number of ... > So I think that the MTC generate concurrent connection and per ...
    (microsoft.public.dotnet.framework.adonet)
  • Re: Connection lost at same time every hour (sometimes)
    ... After making the two following alterations on the server the problem seems ... After analyze your ipconfig on SBS and client, ... Then, other connection is good, ...
    (microsoft.public.windows.server.sbs)
  • Re: server disconnection - very often
    ... Reason of permanent popups is VMware server aplication on clients. ... Run CEICW to configure the network of SBS: ... Two network adapters - manual router connection to broadband ... Uninstall VMware on client. ...
    (microsoft.public.windows.server.sbs)
  • Re: Lan setup 2 nic
    ... The external nic only has TCP/IP enabled. ... Ipconfig of the server is looking good, but the client is still missing the ... > connection so we have a 2 nic with router setup now. ...
    (microsoft.public.windows.server.sbs)