Jenkins Software

NAT Punchthrough overview
NAT overview

NAT, or network address translation is a technique used to map one IP, known publicly, to one or more IPs, known privately. This is used to provide more IP addresses when they are scarce behind a LAN, for security, and/or to share internet connections. With a NAT, all packets go to the NAT server. The NAT server has a routing table which will then relay that packet to the correct machine. When a system behind the NAT sends a packet to a system outside the NAT, the NAT will record the sending machine outgoing destination in the table. When a return packet is sent it will do a reverse lookup on this table.

The problem with this for games is that it requires the machine behind the NAT to first send a packet to all machines it wants to get a packet from. This makes it impossible to accept unknown incoming connections, which is a problem for a public game server.

This can be avoided if one computer is behind a NAT and another is not. The player behind the NAT must initiate the connection (the client) while the player not behind the NAT acts as the server.

NAT Punchthrough

If both machines are behind a NAT (router), it is impossible for them to connect to each other unless they know each others public IPs and ports in advance and they happen to try to communicate at the same time. This technique is called NAT punchthrough. One way to know each other's public IPs and ports in advance and how they know to connect at the same time is through a third non-NAT intermediary system. This system could also double as a lobby server, or a lightweight database / directory server.

Using the NatPunchthrough class

The NatPunchthrough class implements the NAT punch through technique, allowing two systems that are behind NATs to connect to each other.
The third system needed, called a facilitator, is the system that is not behind a NAT and that both systems are already connected to.
It will synchronize a send between both NAT systems such that the routers will both consider themselves as handling a reply to a message, when in fact they are handing an initial message. As replies are allowed, both systems get their corresponding messages and the connection takes place.
To use the NatPunchthrough class, you need to consider those 3 involved systems.

Sender= system that wants to connect
Facilitator = the system that is not behind a NAT, to which the other systems connect to.
Recipent = system to get the connection request.

See the sample \Samples\NATPunchtrough
See Also
Index
Lightweight Database