ICMP hole punching

[maci0]

Would it be beneficial to support ICMP hole punching in addition to UDP hole punching? See http://samy.pl/pwnat/ and http://samy.pl/pwnat/pwnat.pdf

[adamierymenko]

Have to give that a read... looks potentially interesting.

One problem you can run into with some NAT traversal techniques is that they look like port scans or other funny business, and can therefore set off IDS alarms. This is to some extent unavoidable -- when I did netsec I saw VoIP phones and similar things set off the IDS. But it's something to be aware and careful about.

[adamierymenko]

Looked into this a bit, and I'm not sure the success rate would be high enough to justify the work. I've also been researching IP TTL external port mapping discovery and found that the success rate there is also pretty low -- many NATs remap inside ICMP replies, rendering the information invisible.

[adamierymenko]

The other problem with this is multiple devices behind the same NAT. ICMP has no port number concept, so it doesn't seem like this would be useful in that case. Multiple devices behind the same NAT would all step on each other.