I am developing a TCP/IP server side application that, when accepting a new client connection, must open (in a client role) an independent connection back to a service that is running at the client’s workstation and listening on a known port. If additional clients at that workstation connect to my server I want to detect that I’m already communicating with the service running there and not connect again.
If the client workstation is not behind NAT, then the client workstation’s ip address can be retrieved when the accept is done at my server and the server then opens a connection to the known port at that ip address. The client’s ip address can be placed in a memory table so if another application from the same workstation connects to the server it is a simple lookup to see that the independent connection back has already been done.
Is there a way to accomplish the same functionality when the client workstation is behind NAT? Now when the server accepts the new connection the ip address that it sees is the one exposed by NAT and not that of the actual client workstation. The sin-port that can be obtained provides a mapping (known to NAT of course) back to the specific client that sent the message in. But there doesn’t seem to be sufficient information for the server to open a connection to the well known port at the workstation behind NAT where the client that originated the message is running.
I understand there is inbound NAT mapping but that seems to target the need to open to a limited number of apps behind the NAT and not a service on every single machine. And even if inbound mapping were done it is not clear that my server would know who to try and connect with. And if I can achieve the desired functionality without inbound mapping, is it then possible to configure NAT to allow all inbound communication to the known port regardless of which machine behind the NAT that it is destined for?
Any help would be appreciated.
If the client workstation is not behind NAT, then the client workstation’s ip address can be retrieved when the accept is done at my server and the server then opens a connection to the known port at that ip address. The client’s ip address can be placed in a memory table so if another application from the same workstation connects to the server it is a simple lookup to see that the independent connection back has already been done.
Is there a way to accomplish the same functionality when the client workstation is behind NAT? Now when the server accepts the new connection the ip address that it sees is the one exposed by NAT and not that of the actual client workstation. The sin-port that can be obtained provides a mapping (known to NAT of course) back to the specific client that sent the message in. But there doesn’t seem to be sufficient information for the server to open a connection to the well known port at the workstation behind NAT where the client that originated the message is running.
I understand there is inbound NAT mapping but that seems to target the need to open to a limited number of apps behind the NAT and not a service on every single machine. And even if inbound mapping were done it is not clear that my server would know who to try and connect with. And if I can achieve the desired functionality without inbound mapping, is it then possible to configure NAT to allow all inbound communication to the known port regardless of which machine behind the NAT that it is destined for?
Any help would be appreciated.
