翻訳と辞書 |
Hole punching (networking) : ウィキペディア英語版 | Hole punching (networking) In computer networking, hole punching is a technique for establishing a direct connection between two parties in which one or both are behind restrictive firewalls, or behind routers that use network address translation (NAT). To "punch" a hole, each client connects to an unrestricted third-party server that temporarily stores external and internal address and port information for each client. The server then relays each client's information to the other one, and using that information both clients try to establish a connection between themselves; as a result of the connections using valid port numbers, restrictive firewalls or routers accept and forward the incoming packets on each side. Hole punching does not require any knowledge of the network topology to function. ICMP hole punching, UDP hole punching and TCP hole punching respectively use Internet Control Message, User Datagram and Transmission Control Protocols. Using TCP nefarious hole punching, it is possible to send compressed SYN packets through into a common ACK path. ==Overview== Networked devices with public or globally accessible IP addresses can create connections between one another easily. Clients with private addresses may also easily connect to public servers, as long as the client behind a router or firewall initiates the connection. However, hole punching is required to establish a direct connection between two clients that both reside behind different firewalls or routers that use network address translation (NAT). Both clients initiate a connection to an unrestricted server, which notes endpoint and session information including public IP and port along with private IP and port. The firewalls also note the endpoints in order to allow responses from the server to pass back through. The server then sends each client's endpoint and session information to the other client, or peer. Each client tries to connect to its peer through the specified IP address and port that the peer's firewall has open for the server. The new connection attempt punches a hole in the client's firewall as the endpoint now becomes open to receive a response from its peer. Depending on network conditions, one or both clients might receive a connection request. Successful exchange of an authentication nonce between both clients indicates the completion of a hole punching procedure.〔Ford, Bryan; Srisuresh, Pyda; Kegel, Dan (2005), (Peer-to-Peer Communication Across Network Address Translators )〕
抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)』 ■ウィキペディアで「Hole punching (networking)」の詳細全文を読む
スポンサード リンク
翻訳と辞書 : 翻訳のためのインターネットリソース |
Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.
|
|