Connecting private IPs

Question

A friend of mine told me there was a way to connect two private IPs without using a proxy server. The idea was that both computers connected to a public server and some how the server joined the private connections and won't use any more bandwidth.

Is this true? How's this technique named?

Answer 1

There is a technique called "Hole Punching" that works well with "Cone" NAT (Cone is a technical familly of router). That's not an 100% sure technique, today, it works well with UDP on about 80% of the router.

There is some implementations of library to realize Hole Punching: STUN (wikipedia)

Answer 2

This is true. It's the way FogCreek Copilot works

Take a look at item 2 on Joel's Copilot 2.0 post.

Answer 3

Your friend might be referring to VIP's (Virtual IP's). From my understanding a VIP is usually controlled by a piece of hardware like a router and then redirects to one of your 2 private IP's. We use this with a cluster of machines behind a VIP. I'm not a network guy so that's pretty much the extent of my knowledge.

Answer 4

If you're looking at joining two private networks (two networks of machines behind a NAT), the best way to do this is with a VPN. There are many pieces of equipment available to accomplish this.

Answer 5

I'm not sure it's what you're thinking of, but you could do something similar with ssh tunneling. Let's say you wanted userA on 10.1.2.3/24 to connect a mysql server on userB's on 192.168.0.3/24. There's no direct network connectivity between the two networks, but both machines can connect to serverA on the public internet.

userB runs this command:

ssh -R localhost:13306:localhost:3306 username@serverA

userA runs this command:

ssh -L 3306:localhost:13306 username@serverA

Now userA can use whatever tool they please to connect to mysql on localhost and the cxn will be tunneled through serverA and to the mysql daemon running on localhost on userB's machine.

(hopefully no typos, typed with one hand as I hold my two day old daughter =))