UDP hole punching | The Backend Engineering Show

Starting the day with some Backend Engineering is substantially motivating to get some real engineering work done.

biplobmanna

7:38 I was thinking of Pam from The Office. When she was receiving huge bouqes of flower on Valentine's Day. But none of them were for herself. She got really sad seeing that.
She kept of "routing" the boques to Phyllis :(

zaheeruddinfaiz

Dude the hole thing came in just brilliant 🤣

withdjmorris

For TCP, holepunching is not the only method, because you can use server polling to receive incoming packets without directly connecting.
firewall security is not "too strict", it is security. STUN is basically just a handshake server for holepunching.

tutacat

I really like the way you explain the concepts behind the terms like this one. Very understandable and clear.

Shuriken

You are explaining UDP hole punching so good

louiswong

Thank you thank you thank you!!! Quality content, great mic quality, clear and concise talk, not overwhelming yet very informative. Subbed!

GmanGavin

Hi Hussein. Once you punched a hole with UDP and start the peer-to-peer communication between two computer, is it possible to keep that connection but convert it from UDP to TCP, so that you can continue the communication with TCP (instead uf UDP) ?

jolachye

I just re-watched this after looking at libp2p hole punching. This is a good explainer. But fun fact we can do p2p through symmetric nat because of the sync packet being set. Pretty cool stuff

lukaswerner

Hussain, what about the Virtual Server setting that is present on the routers. I think we can use that to forward the packet to the relavent machine in the private network.
While setting this, we specify the private ip address of the machine and the port of the machine where we want to route the packet to.

zaheeruddinfaiz

great information! can you tell me why I can't get my UDP hole punching script to work inside a docker container when it works just fine outside it?

Shadrak

A sort of TCP holepunching exists, but obviously requires a less secure firewall setting. This means with sequential ports guessing of the new port to be opened, someone could interfere with your standard insecure HTTP connection, so it is avoided

tutacat

If I have a server (that is already port forwarded) and a client

Can I just add a STUN library like libnice to the server, and fetch the public ip/port from the server, then send to the server again with this info, and then they communicate?

if summerrical NAT only accepts return packets from whom it sent the first packet to, then this should solve this issue, without the need to configure an in the middle server

snowzZzZz

Hi Hussein and thanks for a great video. Is there any time limit for how long each hole exists before the router closes it?

itherna

thank you, was easy to follow through :)

noraalsulttan

why can't 2 peers simply message eachother?
if i host, and try to message you, you will ignore it, but now didn't i just open up a hole for you to be able to message me?

stephenkamenar

Great video and explanation of UDP hole punching.

bossragegamer

Would have been nice if you add some illustration on the side

TiaE-ub

@Hussain Nasser give us your top10 book for back end programmers!

rocketleague

11:20 that sounds like an other backronym
13:28 it's especially problematic if both sides have port randomization.
15:43 unless you are Dan Kaminsky of course... (RIP) see: DNS Rebinding And More Packet Tricks at 24c3

autohmae