Blog: My thoughts Networking Operating System Programming

NAT traversal a Pratical Solution

I have been working and researching on NAT traversal from quite sometime. I found that there are quite a few options available in market for the same. Some of then are very well known STUN, Rend. Server. I also use PwNAT software for the same. But none of them works for me either due to high development cost or Additional server requirements. Also, some of my test shows that they are not reliable either.

I was almost about to lose hope when I read about IPv6. From there I go back in time, when all realize that number of Internet Address (IP) are very limited with existing IPv4. That article tells that since IPv4 was sighted to get finish one day, ISP and router maker decide to use Subnet mask and invent the Private LAN IP. With private LAN IP, it is necessary to have a NAT. And this is were we need NAT traversal.

But how can IPv6 solve this problem? Well Answer is straight, Since IPv6 has enough IP to cover all Internet enable device to have their unique Identification through IPv6 address, we don’t need Private IP [conceptually] and hence not need NAT. So the Protocol Design of IPv6 doesn’t have any definition of NAT. So no NAT, no Traversal need. IPv6 one family says 2001:: has enough IP that covers all IPv4 devices and still left with 4 billion IP spare. (2001:: is Microsoft Teredo Address family). For seen future this is more than enough and easy for traversal.

Just to remind that NAT was never there for security. The NAT is to distribute the network packet to correct home. like a Local Postmaster, taking all packet from world and then distribute them in your region/area. Security is part of Firewall or other concepts. So it is not a harmful thing.

So, we now decide to Use IPv6 as it is support by Mac, Linux and Windows XP onwards. It is safe bet to use.

Concept/algorithm Networking Programming

PWNAT : Example

I am having trouble to run PwNAT successfully. The problem was created due to sample provided on official site. Here is how you should run it for case

Machine A (IP: -> NAT A (IP: 122.x.x.x) -> Internet -> NAT B (IP: 59.x.x.x) -> Machine B (

Now if Machine A wants to connect to Machine B and want to access Machine B’s Webserver. Here is what you do

Machine B is a Server in our case so run server here:

#./pwnat.exe -s 2222

Now on Machine A run this

#./pwnat.exe -c 2222 59.x.x.x 2222 localhost 80

Let me explain which values came from what.

First for server:

If you do not define the local IP, and define something like which is ANY IP for machine, then PwNAT do not send the correct IP through NAT A and hence NAT A never forward any incoming request to you. So server IP must be your machine main IP or LAN IP that is connected to NAT A router. IF you have multiple IP Only specific the IP that NAT A router can understand, otherwise it will fail for sure.

You can define any port by since pwnat use 2222 as default I use that

Now on client, I again define Local IP that is understand by NAT B, to avoid any confusion, but here it can be anything because it is used for Tunnel and hence it will not interact with NAT. Port is again any random port you want. Later we define the NAT B Server’ IP because we want to make sure we send Packet to that router. hence we use 59.x.x.x IP. Please note that while establishing connection PWNAT do not use any port. Now Proxy Port is 2222 this should be the same port that server is open. Otherwise connection won’t happen for obvious reason.

Localhost and port 80 is Domain or IP where you want to get connected through NAT traversal Proxy.

I will try to write a code in .NET library but for now. I will use my NMAKE complied copy of pwnat 0.3 beta version. Yes I compile it using NMAKE without Cygwin and it works superb on my windows 7 machine.

Links Networking Server Configuration

Subnet Mask Calculator

Every need to calculate subnet mask, you will need this site if you are system administrator:

Calculate the subnet mask with ease.