I am trying to make an application which consist of a Java UDP client and a PHP UDP server. I am thinking about binding the server with the client over internet, because the client may not have real/public ip address. Though the server is a web application itself which will open a listener on the public address over some port. The task of the client is to communicate (send/receive) data over UDP.
Communicating parts:
Client: Windows/Linux OS connected to Internet (Java application)
Server: Windows IIS Server, with a real ip and domain (PHP web application)
This will depend on the firewalling/NAT-ing policy at a given client site, but the usual setup is to allow UDP out to the server and then allow corresponding reply packets back in, based on source and destination addresses and port numbers.
It would be a problem if you were to try and create a server behind your router.
Your router will replace the client's local ip address with the public ip address of your router at the moment that you send something to the server. The router will internally keep a translation table. This translation table is consulted when the server sends a reply to retrieve the original IP adress where the request originated and then the reply is simply forwarded to that IP address. As such it seems as if you are using the ip# that is allocated for you usually using DHCP by your router. But this local ip# is never seen on the internet only on your local lan.
Because the translation table is built by you trying to send to a server, you cannot easily setup a server behind your router. Simply because your router will not have an entry in its translation table to route the request coming from the internet to your server. This is called NAT/PAT. Because the translation table keeps track of ip adressen and ports.
All IP addresses are real. But people talk about a public IP# and a local IP#. The public IP# is the one that is used on the internet where the local ip# is the one that you use on your local LAN.
Related
I'm trying to write a simple chat program using TCP in java.
To connect to a server I need to know its IP address. I'm connected to a router in my network, that connects me to the Internet.
When I type local IP (assigned by router) it works pretty well between my two computers.
But when I typed public IP (I got it from google: "what is your ip"...) - it didn't work.
So I opened router's setup and make forwarding rule from my public IP and specific port to the local IP - and it worked.
--------- Question:
But how to do this without forwarding? I want to write a chat program. I can't tell my users: "just do the port forwarding" ;)
One opens my program and logs into central server, then writes there public IP. Some other user opens this server, download the file and gets first user's IP (or any other needed info).
But if first user didn't do the port forwarding, it won't work. How to make it work?
For this you will need to understand how something called NAT (network address translation) works. In simple terms the NAT is responsible for sending packets to the right computer on the internal network from the external.
Say for example you have computer A as a server on the internal network, and have computer B on the external. If you then try to connect to computer A from computer B, it will not work because NAT (your router) doesent know what computer to send that packet of data to, on the internal network.
Its diffrent when you want to connect to an external server. Lets say computer A (client) is on the external network, and computer B (server) is on the internal network with the router port forwarded to its IP-address. Then you will be able to connect to the server because NAT knows where to send the data packets.
So to keep all your users from port forwarding their routers:
Port forward your server on your internal network
Connect the clients on another network
For clients on the internal network; use the local IP of the server
Hope this helped!
-Kad
server code:
String ip = request.getRemoteAddr()
if(ip='127.0.0.1')
System.out.print("hello");
Now I am accessing that remote site from my machine, so obvious my IP address should be like 192.*.*.*.
How can I cheat the server(IP spoofing) so server always prints "hello" for my request?
New answer to edited question:
You can't in Java. If need to pretend that the request is coming from 127.0.0.1 (the server itself), so you'll need to hack into the network stack of your operating system.
Old answer:
The IP Address your client uses to connect to the server depends on the network interface it uses and the kind of network attached to this network interface.
Example:
If your client is a laptop it most likely has only one network interface. This network interface uses 192.168.1.10 as its IP address (e.g., assigned from the DHCP on your router) as its internal IP address. Your router might also be connected to the internet, with an IP, say 20.20.20.20, which it shares with connected devices via NAT.
If you use this to connect to your server which is on your local network, the client's IP address that the server sees will be 192.168.1.10; if you connect to your server which is not on your local network but somewhere on the internet, your client's IP (that the server sees) will be 20.20.20.20
So you cannot make your client pretend to use 127.0.0.1 (if server and client are running on the same machine, your client will most likely have 127.0.0.1). Of course there are techniques like IP spoofing where you pretend to have a different IP than you actually have, but that's totally different issue.
I developed a chat application which is working great on same wifi connections on different machines.
Concept is.. One Server program is running on One machine which is set by ip and particular Port number so that client hit to server on a particular Port number.
There are two wifi connection running FCS and FCS1
My laptop is getting access to FCS wifi and if client interface is running on same wifi it's working; but when it connects to FCS1 the server doesn't get the IP info from the FCS1 network.
I'm not sure whether the problem is redirecting the IP on the router. Do I need to configure the router?
If the server and the client are running on two different networks without a valid IP address for the server, you need to use a VPN connection.
Or if you have control over the router, you could give a static IP address to the server and redirect any traffic on port -say- 7644 on router to server:7644.
I'd like to get a tcp/ip connection working over the internet. I already have two classes, one tcpserver which handles requests and a tcpclient which connects, sends and receives data.
Until now I had it working perfectly on local networks. The usual 127.0.0.1 / localhost and my 192.168.xxx.xxx adresses are not giving any problems.
My question is, what do I have to do to make it work over the internet. As I might want to do some research involving a simple http/server I need this to work.
I doubt its my firewall but maybe its the ISP that blocks this type of connection. Anybody has an idea?
You need to open a port in the router that leads to the one that the server is listening on. You then connect to your public IP. This ip can be found on http://www.visaminip.se/
To provide a service over the internet you need a public IP address. 10.x.x.x and 192.168.x.x are private networks. 127.x.x.x is for the local machine only.
The client can connect to the public IP address of a sepecific port.
The server's modem/router/firewalls allows this port to be open and passes traffic to your server on that port.
I am writing a distributed Java app, but the networking side of things is stumping me. For some reason it's not working correctly. I think it's because the IP address I get through ipconfig /all is not accessible from outside the LAN. I appreciate any tips or advice.
Overview
You need what is commonly-known as "NAT Traversal", or ICE. There are two primary protocols used on the internet today TCP and UDP. TCP sockets carry a significant amount of session state information in them; consequently it is a significantly more difficult protocol to use for P2P than UDP.
UDP Tunneling
The following list is a simplified outline of the more general STUN Protocol (RFC 5389) that you could use to implement a P2P service based on UDP NAT Traversal...
Deploy a UDP server with a public address and start listening for UDP packets from your clients. Clients will embed their private IP address inside the UDP packets sent to your server; it would be a good idea to implement some form of authentication to ensure you are getting connections from a valid client (instead of some random packet scanner).
The server reads how their private IP address has been translated into a public IP address from the UDP Datagrams.
If you want to make connections between specific users, also embed this information inside packets sent from the clients to your server; your server will implement a username directory to associate client UDP socket information with usernames (that peers will try to connect to).
Your UDP server should send the corresponding information back to the other relevant peer(s).
Now, peers can communicate directly by sending UDP datagrams to these translated addresses; these packets will go through client NAT devices in the path as long as the UDP ports in question are allowed and the delay introduced by this protocol does not trigger state timeouts in the NAT devices.
After you have established UDP connectivity, you could form an UDP SSL VPN between the two clients using something like OpenVPN; this would give you a trivial channel to initiate a TCP connection between the clients. However, there are non-trivial security and trust issues to consider in this connectivity model; it is unlikely to be useful between random users on the internet.
TCP
If TCP connectivity is required, I suggest looking at this internet draft, MMUSIC-ICE-TCP: TCP Candidates with Interactive Connectivity Establishment (ICE)
some ip address are not routable: http://en.wikipedia.org/wiki/IP_address - if you have one of those, you wont be able to access it from outside the lan directly. you can access the other addresses on your lan from one that is on that lan.
if you are outside the lan, you can not start a tcp connection to a specific machine on the lan, but that machine can start one with you: http://en.wikipedia.org/wiki/Network_address_translator