Search code examples
.netsocketsp2p

Open Internet P2P Socket Connection


This is a much-discussed topic, I know, but I'm hoping there are some innovative ways, or some that I just haven't come across to do it. In essence, I need a way of building a peer to peer connection between sockets running on two client machines. The main issues, of course, are the firewall (which should be doable) and the need for port forwarding.

Now, I'm familiar with UPNP and whatnot, I know you can (sometimes, anyway) set up the router for port forwarding, but that just seems like such a messy implementation to me, not to mention unreliable, since a user could switch routers or even have one that does not have UPNP or has it disabled.

I'm open, albeit somewhat reluctant, to adding in an intermediate server to facilitate connections, if need be, but aside from simply copying from one stream to another (the digital equivalent to taping two phones together, with the speaker of one facing the microphone of the other and vice-versa), but, as that analogy hopefully hints at, doing that just doesn't seem like it would be the best way to do it. Perhaps there's a way to take two independently connected, distinct sockets and connect them to each other?

I've seen lots and lots of questions stating more or less exactly what I want, and I recognize the temptation to mark this as a duplicate of some of those, but mostly I'm wondering how applications like TeamViewer or Skype (although I think Skype might have switched to having all communications through a server, if I remember correctly, but at least MSN Messenger used to be P2P) do this.

So, the question: How can I set up a socket, whether through use of an intermediate server or not, that will connect from one client machine to another without having to use UPNP or similarly unreliable port-forwarding techniques?

And a few notes I've made on the way:

  • TeamViewer, at least, does create a few firewall exceptions for itself. And I have no issue doing that. But if it were taking the holding-two-phones-together approach, why would it need these? Outbound requests are (usually) approved by default.
  • I've heard talk of HTML5 with WebSockets allowing browser-to-browser chat, but how does that work? I've seen a few posts on this, and been introduced to WebRTC, but could similar techniques be used outside of the browser? I assume so, since web is, generally speaking, more restrictive of such behaviors.

And just for the record, I do have complete control over both clients and whatever servers are necessary, so I can do whatever it takes. But I would greatly appreciate not having to do something on the initiating client, because I'd love to see Internet Explorer act in that place. Basically I'm looking to write a P2P proxy, so I certainly could do some more advanced stuff by writing my own sockets to talk between them and displaying that (it doesn't have to work super well, just enough to, well, work), but if IE could connect directly through then that would be amazing.

Let me know, I know this is also a little broader than we like to see here, it might be better-suited for Programmers, but I tried to keep it as specific as I could.


Solution

  • Teamviewer, Skype & similar P2P application uses UDP hole punching mechanism to do IPv4 NAT traversal. This makes the P2P application possible. But this kind of hole punching doesn't work if UDP is disabled or the NAT router is symmetric. All P2P mechanism falls back to intermediate server proxy approach if the network doesn't support hole punching. If your building application for home users, then you can have 90% success in establishing P2P connections. But in corporate world only very few allow P2P connections as most use HTTP proxy servers in place of NAT for security reasons. There is one another mechanism for P2P connection is by using IPv6 sockets. With ipv6, NAT is not needed & the machine is directly reachable using a global ipv6 address. This mechanism works atleast in windows vista & above PC since they have a IPv6 address by default using Ipv6 transition technology like teredo ,6to4. You can see this ipv6 address on windows machine with prefix 2001: this is a global ipv6 address using which you can directly establish connection to the PC without need of any intermediate server. Even ipv6 is kind of unreliable as few PCs don't have it enabled. In conclusion, you can use the above two mechanism to build your application to establish P2P connection most times but few times you need to fallback to intermediate server.