以编程方式从已知的公共服务器遍历NAT

Question

I have already done some research about NAT traversal, and got some suggestions from the web about the P2P applications. But my case is somewhat different than one traditional P2P applications.I already have one public Server, i just need to access the devices behind NAT from the known public Server.

The detail info about my case is as following:

1.PC-A have public IP
2.PC-B is behind NAT, does not have public IP. In my case PC-A and PC-B is under full control.
3.PC-C is also behind NAT, and could be reached from PC-B

The question is that:

1. Is there any way so that i could build a tunnel between the public server PC-A and PC-B, so that i could reach PC-C from PC-A with TCP protocol(or even UDP)?
2. It's worth noting that all should be done programmatically, especially in Java.Is there any library could do that?

Answer 1

Your PC-A is often called a 'relay' in P2P talk.

The basic principle is that all peers behind firewalls (PC-B and PC-C in your case) establish outbound connections to PC-A. PC-A then "links/bonds" the connections. Usually these connections are made over HTTP, which is firewall friendly. So for PC-B to talk to PC-C, a simplified sequence is:

• PC-B and PC-C both establish an HTTP connection to PC-A
• PC-B signals to PC-A that it wants to send data to PC-C
• PC-B sends its data to PC-A on the outbound request
• PC-A forwards the data to PC-C on the synchronous response.

Things get (very) complicated when you throw in

• authentication
• security
• redundant relays
• connection timeouts, reliability, recovery, etc...

Most P2P frameworks implement some kind of relays. This is the case for JXTA and XMPP (check ICE).

I believe Ian Mc Ginniss also developed something called HTTP Tunnel as part of the Netty project (originally as replacement for JXTA relays which are somewhat sub-optimals)