Why no "what's my ip" well-known port/service?

A:

If such a peername service existed, your NAT gateway could choose to modify the service's response, replacing the external address with the internal one, again.

Also, in case of a double-natted system: how would you get at the middle address?

Martin v. Löwis 2009-07-24 15:39:32

I don't think anyone ever really cares about the middle address. What end users typically care about is "Hey, I'm hosting a Ventrilo server and want my friends to connect to it - what address do they type in to get here?"

17 of 26 2009-07-24 15:45:46

Why would NAT mess with the external address? Presumably it would be passed back in the payload and NAT really shouldn't be messing with that.

Newton Falls 2009-07-24 16:11:37

NAT devices typically mess with the payload when they recognize a wire protocol that transmits IP addresses. The primary example is ftp, which otherwise wouldn't work.

Martin v. Löwis 2009-07-24 22:24:27

That must be related to the "protocol" byte in IP Header or something similar, no? NAT can't be messing with every protocol's payload or there would be chaos.

Newton Falls 2009-07-24 23:38:59

No, it's related to the port number. If they recognize and ftp control connection, they inspect it. So if a new service would be registered (as the OP suggests), this very registration might defeat its purpose.

Martin v. Löwis 2009-07-25 07:41:12

It will not defeat it's purpose. STUN, TURN, ICE and other protocols are well defined and noone will mess with them at router level exactly because they should be left alone. You know.. obscurity is not protection, etc. These are protocols that are designed to help connections from behind nat.

viraptor 2009-07-25 09:51:02

A:

There's going to be no widespread fix. 'When/if IPv6 ever fully replaces IPv4 then the abundance of available addresses will make NAT, and thus this issue, a thing of the past.

whatsisname 2009-07-24 15:45:16

IPv6 will only replace NAT where it makes sense for each device to have a publicly-addressable IP address. In most situations, that's not desirable for security reasons.

richardtallent 2009-07-24 15:49:00

I think you have it backwards. The abundance of NAT has made the need for IPv6 disappear.

17 of 26 2009-07-24 15:49:05

+4 A:

It's standarised with the STUN protocol in RFC 5389

Of course, vendors have to support standards to make them useful.

Related threads on StackOverflow. They all mention STUN:

nos 2009-07-24 16:19:05

Interesting. I am only superficially aware of STUN so it will take a while to go through this. Offhand it seems like overkill for the basic situation outlined. Using a howitzer to get a gnat? (Sorry, couldn't resist.)

Newton Falls 2009-07-24 17:38:51

STUN is complicated because the world is complicated. There are many sort of NAT routers; each with different behaviour.

bortzmeyer 2009-07-26 09:53:05

+1 A:

You really need more than to know what your IP address is "right now". You need to have it stay that way.

More importantly, it seems that the reason you need to know your IP address is that you need to tell some other machine how to connect to you. What's really needed, then, isn't a low-level hack, but rather some protocol that configures all interested Network-layer devices to make sure that you can be reached, and that the connection stays open (or that it can reconnect if broken).

For instance, it's possible for your router to lose its connection to your ISP. When it gets a new connection, it could have a different IP address. You need to address that problem. In a Corporate environment (yes, corporations do use P2P), any number of network reconfigurations may take place, all without informing the peers about changes in IP address. This needs to be addressed as well.

The overall problem is that you're depending on a Network-layer entity (IP Address) to remain useful for the upper layers. That's not the job of an IP address - it's only meant to get your datagrams to their destination. There's nothing inherent in knowing your IP address that says they'll still get to their destinations tomorrow by using that same address.

John Saunders 2009-07-24 19:59:45

Valid points. I guess I am coming from the opposite vantage point. Simple things can be put together to do complex things (e.g. 'cat' not so useful by itself but powerful when piped into other pgms). This is a very simple service. If, and how, it might fit into a larger protocol is the problem of someone with a bigger itch to scratch. It would be their problem to adequately deal with broken connections and such.

Newton Falls 2009-07-24 21:23:03

But why even bother, knowing that the Network Layer is in charge of these numbers, and not you?

John Saunders 2009-07-24 21:52:02

But every layer is forced to deal with the fragility of those beneath it. IP has deal with various media idiosyncrasies like fragmentaion, etc. I guess I don't see how this is terribly different (albeit simpler) than something like dynamic DNS, a somewhat similar service created by some of the same factors (e.g. lack of static IPs, ISP IP changes, etc).

Newton Falls 2009-07-24 23:19:46

Read my answer. I don't have a problem with creating a service to do this all properly. My only problem is if there is _no_ service purpose-built to solve the problem. In that case (the present case), people are depending on the Network layer to do their job for them, which places constraints on the Network layer that do not belong there. I say, decide what you would like to have in an ideal world, then design a protocol to get it.

John Saunders 2009-07-25 03:58:14

ansaurus

tags:

views:

answers:

Why no "what's my ip" well-known port/service?

related questions