Sign up
Login
New
Trending
Archive
English
English
Sign up
Login
New Paste
Add Image
How NAT Port Mapping Works The Basic Problem Your computer has a private IP (e.g., 192.168.1.100). The internet can't route to private IPs. NAT translates your private address to your router's public IP. Your PC Router/NAT Internet 192.168.1.100:49783 → 87.202.101.66:???? → STUN server The question is: what port does the NAT assign externally? Port-Preserving NAT (Cone NAT) Internal External Destination 192.168.1.100:49783 → 87.202.101.66:49783 → stun.google.com 192.168.1.100:49783 → 87.202.101.66:49783 → stun.ekiga.net 192.168.1.100:49783 → 87.202.101.66:49783 → peer at 87.115.91.104 ↑ Same port every time The NAT preserves your port (or at least keeps it consistent). Anyone who knows 87.202.101.66:49783 can send packets to you. Symmetric NAT Internal External Destination 192.168.1.100:49783 → 87.202.101.66:27939 → stun.google.com 192.168.1.100:49783 → 87.202.101.66:35843 → stun.ekiga.net 192.168.1.100:49783 → 87.202.101.66:????? → peer at 87.115.91.104 ↑ Different port per destination! The NAT assigns a different external port for each destination. Why This Breaks P2P You Peer │ │ │ 1. Ask STUN: "What's my public address?" │ │────────────────────────────────────────────────│ │ │ │ 2. STUN says: "You're 87.202.101.66:27939" │ │←───────────────────────────────────────────────│ │ │ │ 3. Tell peer: "Connect to me at :27939" │ │─────────────────────────────────────────────────→ │ │ │ 4. Peer sends packet to :27939 │ │ │ │ ╔═══════════════════════════╗ │ │ ║ BUT your NAT created a ║ │ │ ║ NEW mapping for peer: ║ │ │ ║ :27939 was for STUN ║ │ │ ║ :58421 is for peer ║ │ │ ║ ║ │ │ ║ Peer's packet to :27939 ║ │ │ ║ gets DROPPED! ║ │ │ ╚═══════════════════════════╝ │ The address you discovered via STUN is only valid for talking to the STUN server. When the peer tries to use it, your NAT doesn't recognize the packet and drops it. Why Cone NAT Works You Peer │ │ │ 1. STUN says: "You're 87.202.101.66:49783" │ │ │ │ 2. Tell peer: "Connect to me at :49783" │ │─────────────────────────────────────────────────→ │ │ │ 3. Peer sends packet to :49783 │ │←──────────────────────────────────────────────── │ │ │ ╔═══════════════════════════╗ │ │ ║ NAT uses SAME mapping ║ │ │ ║ for all destinations ║ │ │ ║ ║ │ │ ║ Packet arrives! ✓ ║ │ │ ╚═══════════════════════════╝ │ Your Situation Without VPN: IPv4: 57460 → 1160 (different = symmetric, broken) IPv6: 57460 → 57460 (same = cone, works!) With VPN: IPv4: 49783 → 27939 (different = symmetric, broken) IPv6: gone Your IPv6 was your best path for direct P2P because it preserved ports. The VPN eliminated that advantage.
Settings
Title :
[Optional]
Paste Folder :
[Optional]
Select
Syntax :
[Optional]
Select
Markup
CSS
JavaScript
Bash
C
C#
C++
Java
JSON
Lua
Plaintext
C-like
ABAP
ActionScript
Ada
Apache Configuration
APL
AppleScript
Arduino
ARFF
AsciiDoc
6502 Assembly
ASP.NET (C#)
AutoHotKey
AutoIt
Basic
Batch
Bison
Brainfuck
Bro
CoffeeScript
Clojure
Crystal
Content-Security-Policy
CSS Extras
D
Dart
Diff
Django/Jinja2
Docker
Eiffel
Elixir
Elm
ERB
Erlang
F#
Flow
Fortran
GEDCOM
Gherkin
Git
GLSL
GameMaker Language
Go
GraphQL
Groovy
Haml
Handlebars
Haskell
Haxe
HTTP
HTTP Public-Key-Pins
HTTP Strict-Transport-Security
IchigoJam
Icon
Inform 7
INI
IO
J
Jolie
Julia
Keyman
Kotlin
LaTeX
Less
Liquid
Lisp
LiveScript
LOLCODE
Makefile
Markdown
Markup templating
MATLAB
MEL
Mizar
Monkey
N4JS
NASM
nginx
Nim
Nix
NSIS
Objective-C
OCaml
OpenCL
Oz
PARI/GP
Parser
Pascal
Perl
PHP
PHP Extras
PL/SQL
PowerShell
Processing
Prolog
.properties
Protocol Buffers
Pug
Puppet
Pure
Python
Q (kdb+ database)
Qore
R
React JSX
React TSX
Ren'py
Reason
reST (reStructuredText)
Rip
Roboconf
Ruby
Rust
SAS
Sass (Sass)
Sass (Scss)
Scala
Scheme
Smalltalk
Smarty
SQL
Soy (Closure Template)
Stylus
Swift
TAP
Tcl
Textile
Template Toolkit 2
Twig
TypeScript
VB.Net
Velocity
Verilog
VHDL
vim
Visual Basic
WebAssembly
Wiki markup
Xeora
Xojo (REALbasic)
XQuery
YAML
HTML
Expiration :
[Optional]
Never
Self Destroy
10 Minutes
1 Hour
1 Day
1 Week
2 Weeks
1 Month
6 Months
1 Year
Status :
[Optional]
Public
Unlisted
Private (members only)
Password :
[Optional]
Description:
[Optional]
Tags:
[Optional]
Encrypt Paste
(
?
)
Create Paste
You are currently not logged in, this means you can not edit or delete anything you paste.
Sign Up
or
Login
Site Languages
×
English