Connecting two computers behind routers over the internet

[Denvildaste]

Hello,

I'm working on a code that connects two computers together to transfer files between them, right now if one computer is behind a router I make it the client and the other computer becomes the server, however if both computers are behind routers I can't seem to do anything about it.

I do understand I can do port-forwarding to solve this problem, but I'm trying to do it without having the user do any extra configuration, I have a server in the middle between the two computers where they have to authenticate before I establish a direct link between them, I can use that to get extra info about the two computers.

So the question is as follows:

Is it possible to have a direct connection between two computers if both computers are behind routers? considering I can get all kinds of information about those computers from the server (i.e the lan-address of each)?

There's a software called TeamViewer that does this, how does it work?

 

[North323]

are the two computers behind the router on the same IP subnet?

 

[Denvildaste]

I should clarify more, the computers aren't on the same network, the communication I want to do is over the internet.

So basically each computer is behind a different router.

 

[North323]

then you need acl for the unc path and routes from one subnet to the other subnet. if they are in two different locations, you will most likely need a vpn tunnel to see the two networks

 

[Denvildaste]

Well, that's what I'm trying to avoid, I don't want the user to do any extra configuration.

My question is there anyway to establish the connection without any extra configuration?

There's a software called TeamViewer that does that, do you know how it works?

 

[Noway2]

I have never heard of TeamViewer, so I can´t comment on that.

If you have a server in th middle, perhaps you could either create a virtual bridge port that could join the two networks or use do some IP forwarding (often times referred to as IP Masquerade). I don´t know a whole lot about HOW to do that, so I can´t offer implementation details but it is something to look into.

 

[Denvildaste]

I'll read about that, I'll let you know what I find out.

If anyone has any other ideas or suggestions I'd appreciate it.

 

[North323]

are both locations on mpls? you could advertise your bgp route and that could work. you would be in two AS groups.

 

[Denvildaste]

Well, the two locations are undefined, it could be anywhere connecting to anywhere, I'm writing a software that'll be used by many people, what I'm trying to achieve is a software with minimal configuration especially when it comes to networks and routers.

 

[North323]

then write the software that creates an ssl connection

 

[Denvildaste]

Could you clarify more please?

 

[North323]

can you write this 'software' to be web based so that anyone in the world can access this. then you would not have the issues of people not having acces. if you have the website have an ssl connection (secure socket layer).

 

[Denvildaste]

I wish it was that simple, the software has to be desktop based since its main purpose is to view and transfer files between computers

 

[North323]

sorry, out of my knowledge base

 

[burtsbees]

TeamViewer works pretty much the same as RDP across the internet, but with ssl authentication (your "secret code"). I will do more research when I get to work later...

/

tim@tim-laptop ~ $ sudo apt-get install windows
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Couldn't find package windows...Thank Goodness!

 

[Denvildaste]

Well guys, I made some progress in my research, what I got is the following:

1. If either router supports UPnP (basically a way to tell the router to forward ports from my application) I'd forward the port I need from my application and use it as a server.

2. If not, there's a nice method called TCP hole punching discussed here:

http://tools.ietf.org/html/rfc5128

Neither way is guaranteed to work, but it's a good starting point.

 

[Denvildaste]

Well, I've did some packet sniffing on Team Viewer, the data bulk was being sent directly and not through their servers.

 

[rapidsol]

Hello,

I am trying to do a similar software which allows the serial port to be accessed from anywhere.

Just wanted to know how you are progressing. your findings may help me too.

Thanks

 

[Denvildaste]

Hello,

I ended up implementing UDP Hole punching technique, it has a high success rate and it's easy to implement.

The basic concept is that both computers A and B must send a UDP packets to each other at the same time, you'll need a rendezvous server to sync between the two computers before any communication can be made.

Read here in details:

http://www.brynosaurus.com/pub/net/p2pnat/

Section 3, UDP Hole Punching

If you have any questions I'm ready