I found a tutorial that shows you how to create server and client programs, and make them communicate over a network.
http://www.win32developer.com/tutorial/winsock/winsock_tutorial_1.shtm
I can make a client program connect to, for example, 192.168.0.4 on my local network, and I can make it connect to 74.125.225.96. But what if I wanted to make it communicate with 192.168.0.4 on the network of 74.125.225.96, instead of just the default server on 74.125.225.96? I'm having a difficult time finding the answer with Google.
Is there even a way to do this? If not, then how are Gnutella and Bittorrent, able to connect computers directly together to share files?
To do what you are asking, 74.125.225.96 would have to be assigned to a router that is configured to forward inbound connections on the target server port to the machine that is running 192.168.0.4.
BitTorrent and other file sharing apps use various techniques, like NAT traversal, hole punching, etc to get connections through routers and firewalls. For example, if one party is behind a router/firewall and the other party is not, then the two apps first try to connect to each other in one direction, and if that fails then they reverse roles - client becomes server and server becomes client - and they try again. If that still fails, they could then connect to a middleman server that both parties have access to, and let it delegate the connections.
Related
Question:
Is there a way to safely reach an opened socket on a machine from the internet, knowing the routers external ip, the private network internal ip and the port, without having to explicitly configure the router and the firewall? Given that many machines on the private network run the targeted application and will only accept authentified and encrypted requests.
Things I've explored:
Hole punching, ssh, proxy/vpn: They all seem like they need to configure the router to forward the port.
UPnP: Would seem like the solution, but Google tells me it's been shown to be used by malicious softwares, so maybe not a long term solution?
Context:
I'm designing a system with a program (mini-server) that collects local data from the computer it is installed on and waits for a request from a known outside program (big-client), installed somewhere in the cloud, to send the collected data only when requested. I expect to have many of these mini-servers installed on many physical machines within a customer's private network, behind its router and firewall, where they would send to the big-client their external ip (internet exposed), local ip (on the local network) and port upon behind booted. These mini-servers can talk to each other on the network to resolve port conflicts and such, but I want to be able to dynamically add new ones without having to go back again in the router config, as this isn't scalable.
I understand the security necessity for this to be difficult to do, but when I think about software like Teamviewer and other remote desktop applications, they seem to be able to act on many machines behind a router without any conflict, and that upon request from the outside.
Guidance on how to connect to SQL Server 2012 needed.
I am on Windows 10 Home Edition
I have set up SQL Server Express to allow remote connections on my database machine to serve up data to three client machines.
Firewall has been set for ports - check
Allowed mixed mode logins - check
Setup IPs through SQL Configuration Manager - check
The server is something like 192.168.1.40,1433 and I can login successfully through SQL Server Express on my client machines. I had a long LAN cable running along the floor which is not optimal. So, I went to the store and bought a router so that I could connect wirelessly but have limited experience in networking.
After, installation of the router I can no longer connect to SQL Server. This makes sense since there is another piece of hardware in the chain.
After doing an IP config on the command line I see that the IPV4 address has changed. I assume I am not picking up the private IP address of the router rather than the modem that I was initially connected to.
Should I be port forwarding?
What are my options?
I explored what I thought may be reasonable leads to get this working.
First, I tried to create a virtual server (I also assume this is how to port forward on my particular router). I didn't really know what to put in five fields that were given other than server name and Protocol TCP or if I was on the right track at all.
The other three fields consist of:
External Port, Internal IP, and Internal Port
If this is a reasonable solution can you let me know what to put in these fields and any changes to the SQL Server configuration or firewall might be?
Should I VPN ?
After exploring this option on google I also notice people saying, "set up a VPN is the correct way to go." However, I don't really know how to do this. The only VPNs I know of are external VPN providers. It seems that I would be setting up a VPN server if I am not corrected(maybe on the server computer) and connecting via my client machines.
Any clarification or direction would be greatly appreciated. I am sure I have missed the mark on many things here but still would like to make ground.
I am working on a program related to network, and there's a situation that the client has to connect to a server which is inside a LAN.
As I know, when establishing a TCP connection, the port the server is listening on has to be accessable to the client. If the server is inside a LAN, port accesses are blocked by the router. One solution I know is to use UPnP to perform a port mapping on the router. However, in some cases, the router does not support UPnP, are there other solutions?
IM applications came up into my mind. Many IM applications have the functionality that users can send files to each other, whatever the network environment is, as long as you can access to the internet. I don't think a public server is used as a file data exchanger between the two, the connection has to be a direct one. How do they actually do to enable the client to connect to a "hidden" server?
Typically such programs try a series of steps:
A connect directly to B
B connect directly to A
A tries to connect to a firewall (uPnP) forwarded port to B
B tries to connect to a firewall (uPnP) forwarded port to A
A and B both connect to a central server and exchange data through that
The last step is obviously the least preferred because the provider has to have sufficient resources to manage all simultaneous transfers. Rate-limiting is common.
Since IM has central management anyway, it's not too difficult to coordinate all this.
If uPnP or an open port can't be done at one end or the other then the only option left would seem to be passing it via a server in the middle
Some background first. I have a .net client agent installed on each of the machines in the lan. They are interacting with my central server [website] also on the same lan.
It is important for my website to figure out which of the machines can talk to each other. For example, machines of one subnet cannot directly talk to machines of another subnet without configuring the routers and such. But machines in the same subnet should be able to talk to each other directly.
The problem I am facing is when the lan setup is like in Figure 1.
Because Comp1, Comp2 and Comp3 are behind a router, they have got the ipaddress 192.168.1.2 till 192.168.1.4. My client agent on these machines report the same ipaddress back to the server. However, machines Comp4, Comp5 also have the same ipaddresses.
Thus, as far as my server is concerned, there are 2 machines with the same ipaddress. Not just that, because the subnet mask is 255.255.255.0 for all machines, my server is fooled into thinking that Comp1 can directly talk to Comp5, which is not possible.
So, how do I solve this? What do I need to change in my client or in my server, so that I can support this scenario. These two are the only things in my control.
EDIT: Seems that the network diagram
is over simplified and there could be
multiple router/subnet levels. My
original answer will not handle this
scenario. Also, with the restriction
of modifying only the client app or server
app and not tampering with the
routers and firewalls makes
it more difficult.
EDIT2: Using 'arp -a' you can extract
the MAC address of the router. If the
client apps can manage to do this then
the puzzle is solved!
The client app knows the local machine address and passes it to the server app.
The server app knows the remote address when a connection comes in. This would be machine address or a router address.
From these two values you can work out what you ask.
For example:
Server app receives connection from 10.10.10.2 with client supplying 192.168.1.2
Server app receives connection from 10.10.10.3 with client supplying 192.168.1.3
The 'remote address' distinguishes the subnets.
So, all you need to figure out is how to extract the remote address of a client connection. If you are using any of the popular web technologies for your server app then this is very easy.
One approach is for the individual client machines to determine who they can see using a broadcast message. Have each client listen on some particular UDP port, and each client broadcast its presence to whatever the local broadcast domain is. When clients can see each other in this way, they can probably also make TCP connections to each other.
If the server needs to know which clients can talk to each other, just have the clients tell the server.
If the network diagram is complicated enough I think if would be very difficuilt to find what you need.
You should also take into account that Comp1 can establish direct connection to Comp6.
The solution I can suggest is probing. Client receives list of all other clients from server and tries to establish connection to each of them. I think that would be the only way to know which clients are REALLY accessible assuming any number of routers/firewalls/NATs in the network. Doesn'r scale much for a big number of computers of course.
In short: How to reliably discover a server running somewhere on a (presumably multi-segmented) local area network with zero client configuration
My client application has to locate the server application without knowing the server IP address. It has to work on a local LAN that may be split into segments with hubs or other switching devices.
I already have a working solution, but it is a bit cumbersome to get it working on multi-segment networks. It works as follows:
When the client starts up, it sends UDP broadcasts on its own network segment. If the server is running on the same segment, it works without any issues - the server responds with the appropriate messages.
If the server and client are running on networks separated by a hub / switch that won't forward UDP (the most likely case), then I have a server instance running on each segment, and they forward client requests to each other via TCP - but I need to configure this for the server instances (simple, but still a pain for tech support.) This is the main problem that I need to address. There are sites where we have hundreds of clients running on 5 or 6 separate segments.
The problems I'm facing:
1. Although my application installer enables the appropriate ports on the firewall, sometimes I come across situations where this doesn't seem to happen correctly.
2. Having to run multiple server instances (and therefore configure and maintain them) on hub/switched networks that won't forward UDP
Finally I need a solution that will work without maintenance on a minimal Windows network (XP / 2000 / Vista) that probably doesn't have Active Directory or other lookup services configured.
I don't want to tag on any runtime stuff for this - should be able to do it with plain VC++ or Delphi.
What approaches do commercial apps usually take? I know that SQL Server uses a combination of broadcast and NetBEUI calls (I may be wrong about this).
Thanks in advance.
You have a few terminology issues:
Where you say "network segment" you appear to mean "IP subnet". Devices on the same network segment can see the same IP broadcasts.
Where you say "hub/switch" you appear mean "IP router".
Where you say "won't forward UDP", the problem is actually "won't forward IP broadcasts".
Once we get past that, you have a few options:
Your servers could register themselves under a well-known name in DNS, if you have a DNS server that allows dynamic DNS updates. You should probably use a SRV record as specified in RFC2782. The clients then do a DNS lookup to find the server(s).
You could statically assign your server(s) well-known names in the organisation's DNS, perhaps with a SRV record as with the previous option.
Your servers could join an IP multicast group, if your routers support IP multicast. The clients then send their initial discovery request as a UDP packet to the (pre-ordained) multicast address.
If you have domain server, I would go with small service on it. You can connect with other services to it and use it as distribution point.
Why domain server? It is relatively easy to find it's name (DsGetDcName).
Other choices would include DHCP server, DNS server or something of that kind that needs to be filled by maintenance staff anyhow.