Computer-to-computer connection over the Internet with dynamic IP
Very often we hear that establishing a computer-to-computer connection over the Internet with dynamic IPs is impossible without an external server.
And also thought, until a certain time. Then my suspicions crept in ... And after I learned a lotand secret things.
However, Skype, ICQ to transfer files, torrents, in the end, somehow use a direct connection.
How? That's what I want to tell.
All matches are random, the numbers were originally invented.
')
In fact, without an external server this is really unreal. But there are "hacks" and "fashion" that will help us.
I will chew hard. Some of my explanations may not coincide with reality, but this is done to make it clear how and what works, since in practice this knowledge is enough.
NAT is what gives each of us the ability to connect to the Internet who sits with IPv4. If you give each computer an IPv4 address, they are not enough.
NAT allows us to hide certain services only for the network ... And precisely because of it we cannot, in the majority, reach the computer from the Internet.
Imagine that you are connecting to an FTP server in passive mode.
Your external address: 43.12.102.14
Your internal address: 192.168.0.2
Your NAT Address: 192.168.0.1
You create a TCP connection with your IP 192.168.0.2, create a request for an address with a 21 port.
Next, the request goes to your NAT, which creates a correspondence in its small table: TCP connection is an internal IP 192.168.0.2, port 21.
Externally, he also creates a port, for example, 54321 with his address.
And redirects your request to the FTP server on port 21.
The FTP server, receiving the request, sees that the request is set to IP 43.12.102.14 and port 54321.
Now, for the duration of the connection, this port is a redirector to your computer on port 21 for a TCP connection.
As soon as you close the connection, the port hangs from 3-10 seconds and is removed from the NAT table.
Most UDP connections and TCP connections in programs are created via data hacks, constantly maintaining the connection.
Let me explain how to create a connection between computers when you are sitting, for example, in ICQ.
You initially create a connection with the ICQ server, which opens you a port on a computer, for example, 5191. On another computer, the port also opens with the number 5191.
The IP and ports of these users in NAT will look, for example, like this:
1 user: 43.12.102.14 light6742
2 user: 43.12.102.15:61782
After that, the ICQ server reports to each client their external IP address and external port.
User 1 makes a connection to this external IP: Port (43.12.102.15:61782) and goes to the internal port 5191.
User 2 agrees to connect to IP: Port of user 1 (43.12.102.15:61782), which is forwarded from NAT to user 1 on port 5191. Next, the files are sent and the connection is closed. After some time, NAT, seeing that the external and internal ports are no longer in use and the connection is closed, removes this port in order to use it for other connections.
In the picture it will look like this:
Of course, not every one of us at the beginning of his career had an external server that would tell each user its external IP address and port.
But for these solutions there are own implementations, for example, STUN servers, which are worldwide, even public.
In the majority, they are created for the UDP protocol, which is used in the same torrents. However, there are STUNT servers for TCP protocol implementation.
Create, create, all in your hands.
PS: Not all NATs are able to provide such a connection, however, most closed NATs that monitor IP connections are not used in the provision of service providers.
UDP: in this context, dynamic IPs, are called IP addresses that are not external, but are issued by higher NAT.
And also thought, until a certain time. Then my suspicions crept in ... And after I learned a lot
However, Skype, ICQ to transfer files, torrents, in the end, somehow use a direct connection.
How? That's what I want to tell.
All matches are random, the numbers were originally invented.
')
In fact, without an external server this is really unreal. But there are "hacks" and "fashion" that will help us.
I will chew hard. Some of my explanations may not coincide with reality, but this is done to make it clear how and what works, since in practice this knowledge is enough.
Theory
NAT is what gives each of us the ability to connect to the Internet who sits with IPv4. If you give each computer an IPv4 address, they are not enough.
NAT allows us to hide certain services only for the network ... And precisely because of it we cannot, in the majority, reach the computer from the Internet.
Imagine that you are connecting to an FTP server in passive mode.
Your external address: 43.12.102.14
Your internal address: 192.168.0.2
Your NAT Address: 192.168.0.1
You create a TCP connection with your IP 192.168.0.2, create a request for an address with a 21 port.
Next, the request goes to your NAT, which creates a correspondence in its small table: TCP connection is an internal IP 192.168.0.2, port 21.
Externally, he also creates a port, for example, 54321 with his address.
And redirects your request to the FTP server on port 21.
The FTP server, receiving the request, sees that the request is set to IP 43.12.102.14 and port 54321.
Now, for the duration of the connection, this port is a redirector to your computer on port 21 for a TCP connection.
As soon as you close the connection, the port hangs from 3-10 seconds and is removed from the NAT table.
Most UDP connections and TCP connections in programs are created via data hacks, constantly maintaining the connection.
Practice
Let me explain how to create a connection between computers when you are sitting, for example, in ICQ.
You initially create a connection with the ICQ server, which opens you a port on a computer, for example, 5191. On another computer, the port also opens with the number 5191.
The IP and ports of these users in NAT will look, for example, like this:
1 user: 43.12.102.14 light6742
2 user: 43.12.102.15:61782
After that, the ICQ server reports to each client their external IP address and external port.
User 1 makes a connection to this external IP: Port (43.12.102.15:61782) and goes to the internal port 5191.
User 2 agrees to connect to IP: Port of user 1 (43.12.102.15:61782), which is forwarded from NAT to user 1 on port 5191. Next, the files are sent and the connection is closed. After some time, NAT, seeing that the external and internal ports are no longer in use and the connection is closed, removes this port in order to use it for other connections.
In the picture it will look like this:
How to implement?
Of course, not every one of us at the beginning of his career had an external server that would tell each user its external IP address and port.
But for these solutions there are own implementations, for example, STUN servers, which are worldwide, even public.
In the majority, they are created for the UDP protocol, which is used in the same torrents. However, there are STUNT servers for TCP protocol implementation.
Create, create, all in your hands.
PS: Not all NATs are able to provide such a connection, however, most closed NATs that monitor IP connections are not used in the provision of service providers.
UDP: in this context, dynamic IPs, are called IP addresses that are not external, but are issued by higher NAT.
Source: https://habr.com/ru/post/129347/
All Articles