开发者

private vs public ports

I am having a tough time with private and public udp ports. I am doing a client-server VoIP program and have some questions.

1) the private port is the one you use in bind() right?

2) the public port is assigned by the firewall right? as it is the port visible outside my local network.

3) When I am debugging between two machines on my local network, I am specifying both to send/recv to the private port, and communication works. If I would be communicating with a client outside my network I would use the public port, right?

4) Is there any way for two hosts on the local network to communicate on the public ports? since that's what its going to be in release mode, it would be good to make sure it works.

5) will the router forward packets sent to the public port to the application listneing on the private port? so the sender (if outside the local network) specifies the public port and not the private port.

Hope开发者_如何学Python that was clear, just ask otherwise!

Thanks in advance! Johan


1) the private port is the one you use in bind() right?

Right.

2) the public port is assigned by the firewall right? as it is the port visible outside my local network.

Well, yes, but it's not exactly the firewall. It's the NAT. Of course, NAT could be (and most often is) implemented in the firewall, but there are also firewalls that don't use any NAT. Another thing to note is that you may have multiple levels of NAT (like one at home and one at ISP), in this case it probably makes sense to refer to the port assigned by the outermost NAT as the public one.

3) When I am debugging between two machines on my local network, I am specifying both to send/recv to the private port, and communication works. If I would be communicating with a client outside my network I would use the public port, right?

That depends on the network setup. Since you mention "client-server" in your question, I assume that the client "connects" (sends the first packet) to the server. If the server isn't behind any NAT, then its public IP/port pair would be the same as the local one. But if the server is behind a NAT, then you can't just connect to it because it has no public port assigned yet. Just opening a port doesn't cause the NAT to assign a public port, you need to actually send something from that port.

So if your server is behind NAT, then it must act as a client, and the client must act as a server, provided that the client isn't behind NAT too. If both sides are behind NAT, then you'll need a third-party non-NATed server to perform hole punching. Note that when using hole punching, usually both private and public endpoints are used just in case that both sides happen to be in the same LAN by pure chance.

4) Is there any way for two hosts on the local network to communicate on the public ports? since that's what its going to be in release mode, it would be good to make sure it works.

That depends on the NAT setup. It could just ignore everything that comes from inside the LAN and has the NAT's public address as destination. For example, I can't even ping my own public address from my home PC.

5) will the router forward packets sent to the public port to the application listneing on the private port? so the sender (if outside the local network) specifies the public port and not the private port.

See my answer to 3). Of course it will forward packets as soon as the public port is assigned, because that's what it assigns it for in the first place. But it will probably check that the incoming packet is coming from the same address and port that the packet that caused the port to be opened was sent to, so it's a valid response to a packet sent earlier, not just some random hacker trying to break in.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜