diff options
Diffstat (limited to 'contrib/examples/nat-hole-punching/README')
-rw-r--r-- | contrib/examples/nat-hole-punching/README | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/contrib/examples/nat-hole-punching/README b/contrib/examples/nat-hole-punching/README new file mode 100644 index 0000000..46e6201 --- /dev/null +++ b/contrib/examples/nat-hole-punching/README @@ -0,0 +1,41 @@ +== NAT Hole Punching Example == + +This code should never be used, ever. But, it's a nice demonstration of how +to punch holes and have two NAT'd peers talk to each other. + +Compile with: + $ gcc nat-punch-client.c -o client -lresolv + $ gcc nat-punch-server.c -o server + + +Server is 1.2.3.4 and is on the public internet accepting UDP:49918. +Client A is NAT'd and doesnt't know its IP address. +Client B is NAT'd and doesnt't know its IP address. + + +Server runs: + $ ./server + +Client A runs: + # ip link add wg0 type wireguard + # ip addr add 10.200.200.1 peer 10.200.200.2 dev wg0 + # wg set wg0 private-key ... peer ... allowed-ips 10.200.200.2/32 + # ./client 1.2.3.4 wg0 + # ping 10.200.200.2 + +Client B runs: + # ip link add wg0 type wireguard + # ip addr add 10.200.200.2 peer 10.200.200.1 dev wg0 + # wg set wg0 private-key ... peer ... allowed-ips 10.200.200.1/32 + # ./client 1.2.3.4 wg0 + # ping 10.200.200.1 + +And voila! Client A and Client B can speak from behind NAT. + + + +----- +Keep in mind that this is proof-of-concept example code. It is not code that +should be used in production, ever. It is woefully insecure, and is unsuitable +for any real usage. With that said, this is useful as a learning example of +how NAT hole punching might work within a more developed solution. |