Guest wrote:
So basically if I create an outgoing connection, that connection can then be used by the other computer to send me data?
If a computer (call it computer A) behind a proxy (call it computer B) can connect to a remote host on the other side of the proxy (call it computer C), then that remote host must be able to send data back. Otherwise the computer behind the proxy wouldn't be able to do anything at all.
Quote:
If this is the case then how does the other computer know the IP of my computer, it seems as though there really should be a way to create a incoming connection as well, internet explorer is able to function normally, or would this also do something similar to what you mentioned.
The Internet as a whole only sees computer B. It isn't aware of computer A. Similarly, computer A only talks to computer B. The proxy software on computer B knows where to forward requests, and when it gets data back from computer C, it knows where to return it. It requires special intelligence in the proxy.
For example, with HTTP, computer A sends a request to computer B saying "GET
http://www.somesite.com/". Computer A then waits for some data back from computer B. Computer B makes a connection to
www.somesite.com and says "GET /". Computer B waits for some data back from
www.somesite.com and sends it back to computer A. The web browser on computer A knows about proxies, so it connects to computer B instead of trying to connect directly to
www.somesite.com.
Network address translation (NAT) works differently. Computer A has its IP default gateway set to the IP address of computer B. That is, if the IP stack on computer A doesn't know where to send packets to (such as computer C), it sends them to computer B. Computer B is set up as a NAT server, so it knows to accept packets from computer A. Although these packets have arrived at computer B, they're still stamped with the address of computer C, so computer B forwards them on, and remembers that it has sent them. When computer C sends a packet back in reply, computer B knows to send it back to computer A.
However, incoming connections on NAT don't automatically go all the way through to computer A. Computer B doesn't know the difference between a connection request to computer A and a connection request to itself; remember, the only host that computer C can see is B. So the operating system on computer B has special configuration options which say, "if you get a connect request on port X, send it to computer B".
Quote:
I am assuming that pppoa is the interface used to negotiate connections, I don't use ethernet (assuming eth0 is ethernet) so I don't know why they are there, so if pppoa is the interface then 203.xxx.xxx.xxx is the address to talk to and I can be uniquely identified with the /32 part does this sound like anything??
Not sure what this table means. You might have to look at your modem's documentation.
Quote:
In practical use I would probably implement the outgoing only stuff you mentioned as this is probably more user friendly but I want to understand this other stuff just for the knowledge.
Yeah, your options are:
- Design support for proxies into your protocol (this is what HTTP-based protocols do)
- Require that users behind NAT set up their router correctly
It's not an easy problem to solve 100% of the time.