Communicating over the Internet

[brentnewbury]

Hiya all,

I’m having problems with an application I’m developing for my own research purposes. It’s similar to MSN/Windows Messenger in that it allows users to converse over the internet by text. However, I’ve run into a big problem. I cannot get the application to connect to a computer outside of my home network. The application has been added to the exceptions list in Windows Firewall on both computers, but still no luck. I think it’s something to do with Network Address Translation (NAT) on my home router.

Does anyone have an example or explanation of how to get an application to connect over the Internet? One that preferably doesn’t fall apart when NAT is involved. I’ve had a look on Google and could only find one on The Code Project but however hard I tried I just could not understand it. If someone could give me a working example or simply explain what the sample in the article is doing, I would be most grateful – I’m pulling my hair out with this one.


Thank you for your time,

Brent Newbury

 

[oppcos]

The article is assuming that port 80 (http) is open for one of the peers or a mediating server in the middle.

NAT gives several internal computers with internal IP addresses one shared external IP address. Because of this, if a remote computer makes a request to the external IP address (the only one available to it), then the router doesn't know which computer to forward the request to unless you explicitly tell the router by programming in the route you would prefer. The external computer can not request which route it would like as this would be a major security issue.

In other words, one of your computers needs to have 1 IP address that is public with 1 port out of the 65,000 or so available per IP address that is forwarded to itself. Then the other computer can establish the connection and the two can chat.

Let me know if that doesn't make sense or if you need clarification on any given point.

 

[brentnewbury]

Hiya oppcos,

I fully understand what you said. The problem is, how do programs like MSN/Windows Messenger do it? They don't need port forwarding on my router.


Thank you for your time,

Brent Newbury

 

[oppcos]

MSN Messenger works because it uses Microsoft’s website as an in-between point of contact that each client is pre-programmed to connect to. As long as there is one point where everyone can agree on connecting, then they can communicate, even if others are behind firewalls and such. (Well, some firewalls block outgoing requests as well, which is why the Codeproject article suggests using port 80, which rarely blocked for outgoing traffic.)

 

[brentnewbury]

Thank you oppcos,

I'm starting to get the idea of what's involved. It seems as though I need a service running on a server with direct access to the Internet (either via DMZ or Port Forwarding). When someone "logs on" they connect to the server. When they send a message to someone, the message is sent to the service running on the server which then routes the message to the correct machine (which would already have a connection open with the same service on the same port).

There is only one problem I see with this method. How would the service route the message to the correct computer? If all clients are connected to the same server on the same port, the server would only be able to broadcast the message, wouldn't it? There are inherent problems with broadcasting messages.

I apologise for taking so much of your time. I really appreciate the help you are giving me.


Regards,

Brent Newbury

 

[oppcos]

No problem at all. You've got the right idea.

Behind the scenes, when Windows accepts a socket connection for an application listening on a port, it actually randomly picks another unused port number (usually a very high number) to actually communicate on. Same with Unix and any other system. So although the initial request is made to port X, the communication all happens on random port Z. The service is then free to spawn a new thread to continue listening on the original port while it handles communication with the previous client to make a request.

You simply use your Socket reader and writer and you can be confident* that you are always talking to the same client.

The client then needs to identify itself to the server in some unique way (user name / password for instance) so that the server knows who it is talking to in which thread and can pass messages between clients appropriately.

*There are ways to attack a connection between a client and a server where a different client attempts to impersonate a client that is already connected to the server and interject its own commands and such. Encryption helps guard against this, but that’s another topic.

 

[oppcos]

I should also mention a lot of services disconnect and reconnect continually rather than maintain a connection to the server. As long as they authenticate each time, the server will know who they are and be able to relay any messages it is holding for them. This is the case if you are going to use standard ASP or PHP server side web scripting to facilitate your communication, for instance.

By disconnecting, at least during idle periods, the client frees up server resources. There are only so many connections a single server can maintain at one time, so with a lot of traffic, clients need to share time.

 

[brentnewbury]

Ahhh right.

Thank you very much for your time and help. I'll definately try to mock up something similar when I get home. If I have any other problems I'll be sure to post back.

Again, thank you for your help,

Brent Newbury