Does TCP in applications will be reliable if I will use it over UDP VPN?
For example, I have VPN server with some application listen TCP on 10.8.0.1:8080
and I will connect from TCP from host 10.8.0.2 to 10.8.0.1:8080. Will it be reliable?
|----------| udp tunnel |----------|
| Server |----------------------| Client |
| 10.8.0.1==========tcp=============10.8.0.2 |
| |----------------------| |
|----------| |----------|
TCP is a protocol on top of IP. IP by itself is unreliable, so all the reliability is done at the TCP protocol level. If you use a UDP based VPN it usually encapsulates the IP into UDP, i.e. an unreliable protocol (IP) into another unreliable protocol (UDP). But since the reliability is implemented at the TCP level this does not matter, i.e. TCP over IP over UDP VPN is still a reliable protocol.
Related
So given a network environment as below:
+-----------+ +-------+
| ISP Modem |<----> ... internet ...<------->|Remote |
+-----------+ |Server |
| +-------+
|
|
+------+ +-----------+
|Laptop|-------|Wifi Router|
+------+ +-----------+
Say there is a TCP connection from my laptop to the remote server. When a new public IP address is assigned to the ISP modem due to DHCP renewal, is it going to break the TCP connection? Do I have to recreate the socket?
My understanding is that this should not break the existing connectivity, as the ISP modem is merely a hop on the route at the L3/IP layer. A new public IP address should at most cause some packet loss, which should be retried by TCP protocol.
However this does not match what I observed in reality. I noticed the existing TCP connection won't work any more and requires a re-connection.
I am lacking enough understanding around how the network works at this layer. Could someone please help me understand what is happening under the hood?
NOTE: (I think) This is a different case as in What happens to TCP socket when IP address changes?, in which case the source/target IP of the TCP connection is changed. In my question above, it is the modem IP address changes.
I am debugging some code which is using UDP communications.
My CLIENT is behind a NAT and a Firewall.
My Server is an AWS machine on which I opened said UDP ports.
However, part of this protocol involves the server answering my client. Which I expected not to work (NAT & Firewall). To my surprise, my client is recieving packets from the server!
How is this possible? I mean, TCP (over UDP) has a concept of a connection, so I guess that the NATs and routers can associate an incomming UDP packet as a reply to an egress connection. But how (and why) does this work for a pure UDP protocol? Would my NAT/Firewall let in random UDP into my client machine?
How is this possible?
That's how NAT works. You wrote that the server is answering you client. That means that the client initiated the conversation. It doesn't matter that you're using UDP and not TCP. The NAT device still creates an appropriate mapping to let answers trough. Otherwise all UDP would have been broken behind NAT.
I mean, TCP (over UDP) has a concept of a connection, so I guess that
the NATs and routers can associate an incomming UDP packet as a reply
to an egress connection. But how (and why) does this work for a pure
UDP protocol?
The fact that UDP isn't connection-oriented is irrelevant. Sure, TCP has the concept of sessions, but both have port numbers and that's really all the NAT needs.
Would my NAT/Firewall let in random UDP into my client machine?
It's not "some random UDP". It's a UDP segment from the same IP and port number that the client sent something to.
Are datagrams a protocol or not?
Is "Ping" (protocol ICMP) used in an IP DATAGRAM? Or is it using other protocols, such as TCP or UDP?
How do you know the message "Reply" the way back?
Why the Tel number stays the same?
https://en.wikipedia.org/wiki/IPv4#Protocol
Datagrams are basically the packets that go back an forth over the network at IP level. Each of these packets can specify a protocol. You can have TCP, UDP, ICMP, etc. (see https://en.wikipedia.org/wiki/List_of_IP_protocol_numbers)
So to answer your question, yes the protocol for datagrams is basically IP.
You can have higher level protocols that run over IP such the one above.
See https://en.wikipedia.org/wiki/Internet_protocol_suite
Ping uses the ICMP protocol.
Are datagrams a protocol or no?
'Datagram' is the name of the unit of transmission in the UDP protocol.
Is "Ping" ( protocol ICMP ) used in a IP DATAGRAM?
The question doesn't make sense. It would make more sense to say that the ICMP protocol is transmitted via IP packets.
Or is it using other protocols, such as TCP or UDP ?
ICMP is a protocol: you said so yourself; and it is layered over the IP protocol.
Two clients behind different NATs.
Clinet A --- NAT ----Internet ----- NAT -------Client B.
Can I use UDP for hole punching,After success,I Got the ip and port after NAT.
Can I use the port for TCP connection? Is that possible?
No. TCP ports and UDP ports are completely different namespaces.
If i established openvpn connection through udp(proto udp), can i use tcp in it(tcp convert to udp somehow), or only udp?
In short: Yes, you can send TCP through an VPN-Tunnel which is transported via UDP.
In fact you can tunnel any protocol support by OpenVPN no matter what transport you choose.
You can use any protocol you like, even raw IP. OpenVPN simulates a fully-fledged network device (to some extend – whether it's based on the Ethernet or the IP layer depends on configuration) which behaves like any other network adapter. So you can of course use TCP and UDP in it.
The packages sent via the OpenVPN devices are encrypted and passed through the UDP “connection” used by OpenVPN to the remote side, where they're decrypted and passed on to routing to forward them to their final destination (which might be the remote itself).