[Shtoom] shtoom through NAT

Anthony Baxter anthony at interlink.com.au
Thu Mar 3 14:38:54 CET 2005

On Friday 04 March 2005 00:28, Dafydd Harries wrote:
> So UPnP is the sanest of the available NAT-punching protocols?

I wouldn't call UPnP "sane" in any sense of the word. It's certainly the
easiest, tho.

> In which cases does Shtoom need to be able to accept incoming
> packets? Are these packets TCP or UDP or both?

UDP. Unfortunately, it's UDP on dynamically allocated ports. If you
have anything _but_ a symmetric NAT, shtoom does sufficient magic
to enable it to just work, without having to change anything(*). UPnP 
allows shtoom to tell the NAT what ports it needs punched down, on the

There's a fair amount of text on this issue in an appendix to the paper I 
presented at OSDC2004 - see 

(*) There's an issue with communications between two people who are both 
behind RestrictedCone-style NATs - I have a workaround planned for these,
but it's awaiting some round-tuits to do the work. For now, UPnP or an 
outbound proxy work best for these.

Anthony Baxter     <anthony at interlink.com.au>
It's never too late to have a happy childhood.

More information about the Shtoom mailing list