Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

UDP hole punching does not work with all types of NAT, e.g. symmetric NAT where a user can appear from the outside to be coming from multiple different IP addresses. (This makes the STUN server useless for telling the other peer where to connect.) Symmetric NAT is common in corporate networks, which I suppose is not the first place you'd find gamers (or you could just run LAN games with co-workers). I guess WebRTC is the first place you'd run in to networking problems with NAT outside of gaming, torrents and bitcoin - and is perhaps the first developer-accessible peer-to-peer tech which is obviously useful in the workplace.


"UDP hole punching does not work with all types of NAT..."

I think what you mean to say is the STUN and TURN solutions do not work.

What else have you tried?

I personally do not use those solutions.

The last resort is for a peer outside the problem NAT to forward traffic. This is not true peer-to-peer (IMO) but it does work.

If what you suggest were true, that reliable peer-to-peer is "impossible" because of some types of NAT, then how do you explain the success of Skype?

If you give specifics about what exactly you were trying to do, and what exactly you did to try to accomplish this, maybe someone could offer suggestions.

I already knew that STUN and TURN have problems. That's why I do not even bother with those "solutions".


Skype are a commercial company that has hundreds of millions of dollars in yearly revenue. Doubtless they have their own relay servers which they pay to run and connect everyone up. However it would be great if hackers and startups didn't have to deal with all of that.

Ideally it would not be necessary to try anything else and peers would just be able to directly connect. In practice TURN is a standardised way of doing relay, and what else are you going to do? Invent your own? How will you test it across the 1000s of different network configurations and know with any confidence that it actually works across the open Internet? Skype might have the resources to pull that off, but the next peer-to-peer startup might not.


I may be wrong but I don't think Skype works without at least a browser extension.


Skype does not require a web browser to do NAT piercing.

Nor does NAT piercing require a web browser.


So Skype has a 100% success rate piercing NATs and does not require any fallbacks? Also you mentioned that you do not use STUN/TURN, what other solutions are there that allow for p2p data streams between browsers?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: