UPnP support in tinc
Guus Sliepen
guus at tinc-vpn.org
Thu Nov 12 23:23:30 CET 2015
On Thu, Nov 12, 2015 at 10:05:19PM +0000, Etienne Dechamps wrote:
> My best guess is that it's simply a direct application of
> probabilities: if the probability that a NAT is "compliant" is 70%,
> then the probability that *both* NATs at both ends of the tunnel are
> "compliant" is only 50% (0.70*0.70). Indeed both NATs need to be
> compliant in order for UDP hole punching to work.
That's not true, full cone or address restricted NAT can still
communicate with a symmetric NAT. It's only port restricted NAT that
cannot communicate with symmetric NAT. So in the second graph, it's
PAR-SYM and SYM-SYM that don't work, the rest do.
> > Of course if there is a lightweight,
> > cross-platform library that is easy to integrate we should have a look
> > at that. If that can be done with MiniUPnP, go ahead.
>
> Understood. I'll get busy this week-end :)
Great :)
> > NAT-PMP (and PCP?) seems interesting to, maybe it is simple enough to
> > code directly into tinc?
>
> Well, the author of miniupnpc also wrote libnatpmp, which apparently
> *is* specifically designed to be integrated into an event loop:
> http://miniupnp.free.fr/libnatpmp.html
Oh, nice! Hopefully it supports Windows as well.
--
Met vriendelijke groet / with kind regards,
Guus Sliepen <guus at tinc-vpn.org>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: Digital signature
URL: <http://www.tinc-vpn.org/pipermail/tinc/attachments/20151112/52089791/attachment-0001.sig>
More information about the tinc
mailing list