Categories
Blog: My thoughts Networking Operating System Programming

NAT traversal a Pratical Solution

I have been working and researching on NAT traversal from quite sometime. I found that there are quite a few options available in market for the same. Some of then are very well known STUN, Rend. Server. I also use PwNAT software for the same. But none of them works for me either due to high development cost or Additional server requirements. Also, some of my test shows that they are not reliable either.

I was almost about to lose hope when I read about IPv6. From there I go back in time, when all realize that number of Internet Address (IP) are very limited with existing IPv4. That article tells that since IPv4 was sighted to get finish one day, ISP and router maker decide to use Subnet mask and invent the Private LAN IP. With private LAN IP, it is necessary to have a NAT. And this is were we need NAT traversal.

But how can IPv6 solve this problem? Well Answer is straight, Since IPv6 has enough IP to cover all Internet enable device to have their unique Identification through IPv6 address, we don’t need Private IP [conceptually] and hence not need NAT. So the Protocol Design of IPv6 doesn’t have any definition of NAT. So no NAT, no Traversal need. IPv6 one family says 2001:: has enough IP that covers all IPv4 devices and still left with 4 billion IP spare. (2001:: is Microsoft Teredo Address family). For seen future this is more than enough and easy for traversal.

Just to remind that NAT was never there for security. The NAT is to distribute the network packet to correct home. like a Local Postmaster, taking all packet from world and then distribute them in your region/area. Security is part of Firewall or other concepts. So it is not a harmful thing.

So, we now decide to Use IPv6 as it is support by Mac, Linux and Windows XP onwards. It is safe bet to use.

Categories
Operating System Programming Server Configuration

PWNAT: Windows Complied Version

Recently I complied the PWNAT on windows, and already got few mail asking on how I did that. So to help all fan of great software, I am uploading the Windows Compatible Source.

Disclaimer: I haven’t modify any license Information. All Copyrights and signature are same as Official release of Pwnat 0.3 Beta by Samy on his site. I only remove the compile error for Windows NMAKE Utility, and I have complied the software using NMake that got shipped with visual Studio 2008. But my guess is it will work fine with any nMake version.

Note:

1. To get it complied you need to have Windows SDKs 6.0A, I try to compile it with SDK 5.0 but it failed on Winsock Library.

2. Complied Version works fine on Windows XP SP2 and Later for me. I believe it works on Windows XP onwards.

Hope I cover all notes. So enough talking here is Download Link of the same:

http://www.sumitgupta.net/download/pwnat.zip

I feel bad about this software is that it is first time when I try to contact some author he didn’t respond back, and that is why inspite been very good concept and software I found people are finding its solution somewhere else. I wish Samy, you take care of your software well. This Code is still 100% yours, I just move some line in few condition.

Categories
Concept/algorithm Networking Programming

PWNAT : Example

I am having trouble to run PwNAT successfully. The problem was created due to sample provided on official site. Here is how you should run it for case

Machine A (IP: 192.168.1.3) -> NAT A (IP: 122.x.x.x) -> Internet -> NAT B (IP: 59.x.x.x) -> Machine B (192.168.2.10)

Now if Machine A wants to connect to Machine B and want to access Machine B’s Webserver. Here is what you do

Machine B is a Server in our case so run server here:

#./pwnat.exe -s 192.168.2.10 2222

Now on Machine A run this

#./pwnat.exe -c 192.168.1.3 2222 59.x.x.x 2222 localhost 80

Let me explain which values came from what.

First for server:

If you do not define the local IP, and define something like 0.0.0.0 which is ANY IP for machine, then PwNAT do not send the correct IP through NAT A and hence NAT A never forward any incoming request to you. So server IP must be your machine main IP or LAN IP that is connected to NAT A router. IF you have multiple IP Only specific the IP that NAT A router can understand, otherwise it will fail for sure.

You can define any port by since pwnat use 2222 as default I use that

Now on client, I again define Local IP that is understand by NAT B, to avoid any confusion, but here it can be anything because it is used for Tunnel and hence it will not interact with NAT. Port is again any random port you want. Later we define the NAT B Server’ IP because we want to make sure we send Packet to that router. hence we use 59.x.x.x IP. Please note that while establishing connection PWNAT do not use any port. Now Proxy Port is 2222 this should be the same port that server is open. Otherwise connection won’t happen for obvious reason.

Localhost and port 80 is Domain or IP where you want to get connected through NAT traversal Proxy.

I will try to write a code in .NET library but for now. I will use my NMAKE complied copy of pwnat 0.3 beta version. Yes I compile it using NMAKE without Cygwin and it works superb on my windows 7 machine.

Categories
Bookmarked Links

PwNAT

Not sure how the author want to write it down, but I like PwNAT, looks cool. Anyways, I want to bookmark Samy’s work http://samy.pl/pwnat/ nice piece of code. While working on Video Conference software, we are having trouble bypassing NAT routers and this piece of code looks promising. At least its concept looks good. However it is in C language and we are looking for managed .NET code alternative.

Samy looks interesting guy too, he is a hacker or I would say a Better class of programmer.