[midcom] Announcing: TCP NAT Traversal Library

Saikat Guha <sg266@cornell.edu> Sun, 25 September 2005 14:24 UTC

Received: from localhost.localdomain ([] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EJXQu-0003oN-9Z; Sun, 25 Sep 2005 10:24:48 -0400
Received: from odin.ietf.org ([] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1EJXQr-0003oC-NX for midcom@megatron.ietf.org; Sun, 25 Sep 2005 10:24:46 -0400
Received: from ietf-mx.ietf.org (ietf-mx []) by ietf.org (8.9.1a/8.9.1a) with ESMTP id KAA13504 for <midcom@ietf.org>; Sun, 25 Sep 2005 10:24:43 -0400 (EDT)
Received: from exchfenlb-2.cs.cornell.edu ([] helo=exchfe2.cs.cornell.edu) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1EJXXh-0006od-4K for midcom@ietf.org; Sun, 25 Sep 2005 10:31:51 -0400
Received: from exchfe1.cs.cornell.edu ([]) by exchfe2.cs.cornell.edu with Microsoft SMTPSVC(6.0.3790.1830); Sun, 25 Sep 2005 10:23:48 -0400
Received: from himalaya.cs.cornell.edu ([]) by exchfe1.cs.cornell.edu over TLS secured channel with Microsoft SMTPSVC(6.0.3790.1830); Sun, 25 Sep 2005 10:23:47 -0400
From: Saikat Guha <sg266@cornell.edu>
To: "Peer-to-peer development." <p2p-hackers@zgp.org>
Content-Type: text/plain
Date: Sun, 25 Sep 2005 10:29:02 -0400
Message-Id: <1127658542.3061.59.camel@himalaya.cs.cornell.edu>
Mime-Version: 1.0
X-Mailer: Evolution 2.2.3 (2.2.3-2.fc4)
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 25 Sep 2005 14:23:47.0573 (UTC) FILETIME=[BE11CA50:01C5C1DC]
X-Spam-Score: 1.9 (+)
X-Scan-Signature: d0bdc596f8dd1c226c458f0b4df27a88
Content-Transfer-Encoding: 7bit
Cc: midcom@ietf.org, Bram Cohen <bram@bitconjurer.org>, Behave <ietf-behave@list.sipfoundry.org>, copano-l@cs.cornell.edu, nutss-devel@gforge.cis.cornell.edu
Subject: [midcom] Announcing: TCP NAT Traversal Library
X-BeenThere: midcom@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: midcom.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/midcom>, <mailto:midcom-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:midcom@ietf.org>
List-Help: <mailto:midcom-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/midcom>, <mailto:midcom-request@ietf.org?subject=subscribe>
Sender: midcom-bounces@ietf.org
Errors-To: midcom-bounces@ietf.org

Hi all,
(apologies if you get multiple copies of this)

I'd like to announce the availability of a open-source TCP NAT
Traversal/Hole-Punching library based on our research published in [1].

[1] "Characterization and Measurement of TCP Traversal through NATs 
     and Firewalls", S. Guha and P. Francis. IMC 2005.

The key result of the paper is: TCP NAT Traversal can work 85%-90% of
the time today (without any special assumptions on NATs), and 100% of
the time between pairs of certain well-behaved NATs. See [1] for more

An open-source Java library for TCP NAT Traversal is now available: 
 binaries: http://nutss.net/stunt.jar
 source: http://nutss.net/jstunt_cvs.php
 documentation for library users: http://nutss.net/jstunt/doc
 documentation for library developers: http://nutss.net/jstunt/devdoc

The above library has been tested for pair-wise connectivity across 11
brands of NATs from Windows and Linux hosts. NATs tested were Linksys,
DLink, Netgear, Belkin, 3Com, Netopia, Allied Telesyn, SMC, Trendnet,
USR. Out of the 121 possible pair-wise combinations, 113 connections are
successful. The only ones that failed are when both the endpoints are
behind the _same_ NAT that does not support TCP hairpin-behavior yet
(see [1]). 

The java library is released under LGPL; contact me if this does not
meet your needs. Feel free to extend it/port it etc.

For P2P developers and users of the library
The JAR file above includes a sample echo-server/client program. The
source code for the sample applications is at
http://nutss.net/EchoServer.java and http://nutss.net/EchoClient.java
respectively. To start the server, on a host behind a NAT, execute: 
        java -cp stunt.jar EchoServer you@your.domain.com
To connect to your echoserver from a client, execute:
        java -cp stunt.jar EchoClient you@your.domain.com
(if you cannot run your own echo server, try pointing the client to the
one I am running at echo@nutss.net)

If everything goes well, you'll see something along the lines of:
On Server: Accepted saikat930@ed.u.cs.cornell.edu
On Client: Greetings saikat930@ed.u.cs.cornell.edu, this is the
           EchoServer at echo@nutss.net. Now you say something.
On the client, you'll be able to type lines and have it be echoed by the
server when you press enter. The library takes between 200ms to 1 second
to connect, but slow DNS (sometimes due to the NAT) can increase the
connection time by a bit.

For people who want to develop the library further
Anonymous CVS access is at: 
        cvs -d :pserver:anonymous@gforge.cis.cornell.edu:/cvsroot/nutss
        checkout stunt_java
The TCP hole-punching code and state machine are in the file
STUNTCont.java. Extensive online documentation of all internal functions
is provided. Things to do:
- Wrap a java Sockets or Channels api around the existing API
- Port to C, Python etc (may require writing a separate STUNT server)
- Implement SIP backend for signaling messages (framework glue in place)
- Implement some ICE-type negotiations for stacks of NATs
- Integrate UDP hole-punching

If you have any questions, comments, suggestions, or problems, do not
hesitate to contact me. Cheers and have fun.

midcom mailing list