4.1 Example NAT Resolver Query and Response
The following example has two participants:
The server – IPv4 address 65.52.10.10, port 2506.
The client – IPv4 address 192.168.1.2, port 2302. Network Address Translation (NAT) will remap the client’s packets as IPv4 address 65.52.252.61.
The client issues a NAT_RESOLVER_QUERY message to the server (that is, from 192.168.1.2:2302 to 65.52.10.10:2506) with a value of 54769 (0xD5F1) for the wMessageID field and a value of 3125876284 (0xBA51163C) for the dwSourceID field, as seen in the following frame contents (Ethernet, IPv4, and UDP headers included):
-
0000 00 0F B5 95 C3 C8 00 1D 92 37 5E 40 08 00 45 00 ..µ.ÃÈ...7^@..E. 0010 00 24 7E 09 00 00 80 11 A7 EF C0 A8 01 02 41 34 ..~.....§ïÀ¨..A4 0020 0A 0A 08 FE 09 CA 00 10 87 92 00 06 F1 D5 3C 16 ...þ.Ê......ñÕ<. 0030 51 BA Qº
The NAT device remaps the source address and port for the message from 192.168.1.2:2302 to 65.52.252.61:2302. The NAT resolver server receives the message and sends a NAT_RESOLVER_RESPONSE message back to that address. The reply contains the XOR-obfuscated address, as well as the echoed values from the query. The NAT device at 65.52.252.61 maps the destination address and port of the reply to 192.168.1.2:2302 so the client can receive the message, as seen in the following frame contents (Ethernet, IPv4, and UDP headers included):
-
0000 00 1D 92 37 5E 40 00 0F B5 95 C3 C8 08 00 45 00 ...7^@..µ.ÃÈ..E. 0010 00 2A 42 F2 00 00 7C 11 E7 02 41 34 0A 0A C0 A8 ..Bò..|.ç..ÂA4..¨ 0020 01 02 09 CA 08 FE 00 16 1D 45 00 07 F1 D5 3C 16 ...Ê.þ...E..ñÕ<. 0030 51 BA 7D 22 AD 87 F9 2B Qº}"¬.ù+
The client validates the reply and then de-obfuscates the public address and port included in the message. The client can display, advertise, or otherwise use its newly learned public address as appropriate.