[lug] Listening services and NAT on both ends

John Hernandez jph at jph.net
Tue Jan 18 11:25:26 MST 2011 

Hamachi works pretty well, but it's probably on borrowed time.  As we
approach IPv4 address exhaustion, Hamachi will likely start
conflicting with legitimate Internet addresses.  Below excerpt from
the Hamachi Wikipedia article:

"The 5.0.0.0/8 address block was allocated by IANA[1] to RIPE NCC in
November 2010. Some prefixes from the range is currently being
announced by the RIPE NCC debogon project[2]. Hamachi users will not
be able to connect to any Internet IP addresses within the range as
long as the Hamachi client is running."

On Tue, Jan 18, 2011 at 9:56 AM, Stephen Kraus <ub3ratl4sf00 at gmail.com> wrote:
> 3rding Hamachi, its cheap as in free and easy to implement and has minor
> encryption on it.
>
> On Tue, Jan 18, 2011 at 9:54 AM, Will <will.sterling at gmail.com> wrote:
>>
>> I would also suggest Hamachi.  I was going to send an e-mail earlier
>> suggesting it but couldn't rembmer the name.
>>
>> On Tue, Jan 18, 2011 at 9:32 AM, Landon Cox <landon at 360vl.com> wrote:
>>>
>>> LogMeIn Hamachi does this.   It's not OSS and has a light monthly service
>>> charge for commercial use and 100% free for non-commercial use.   It has
>>> easy to install clients which work well on Windows, Mac, and Linux:
>>>
>>> https://secure.logmein.com/products/hamachi2/
>>>
>>> I've used this for both the NAT<->NAT case as well as similar
>>> NAT<->cellular client...mainly used ssh machine-to-machine over it, but
>>> there was nothing special to do - should work with any protocol.  In the
>>> cellular case, the cell companies clearly don't want you to host any kind of
>>> service on a cell connected system, but for lots of applications, it's valid
>>> and critical to do so.  This solution gets around the problem of cell
>>> providers blocking inbound ports particularly.
>>>
>>> Hamachi's probably the simplest, fastest to setup VPN solution I've seen
>>> out there.  Would be interested to hear others experiences with similar
>>> solutions,
>>>
>>> Landon
>>>
>>> On Jan 18, 2011, at 9:07 AM, Chris Riddoch wrote:
>>>
>>> > Here's a scenario: two users across the internet from each other would
>>> > like to provide each other access to their systems - perhaps SSH, or
>>> > HTTP, but the specific service doesn't really matter.  Both are behind
>>> > NAT.
>>> >
>>> > If one user has access to the system doing the NAT, they can set up a
>>> > port forwarding rule to direct appropriate ports to the system
>>> > providing the service.  This isn't even that hard anymore.
>>> >
>>> > But suppose both users are on laptops at coffee shops, where neither
>>> > has access to set up port forwarding rules, and neither has a hosted
>>> > server someplace else they could both connect through - they're
>>> > nontechnical users, with no need for such a server in general.
>>> >
>>> > For most cases of chat services or VoIP, they'll both be connecting
>>> > through some outside server.  But suppose it were a service that's not
>>> > designed for use with intermediaries, like SSH or VNC?  Something
>>> > where you'd ordinarily set up a port forward, if you had permission to
>>> > do so?
>>> >
>>> > Someone asked me about a specific case of this problem the other day,
>>> > and honestly, I'm stumped.  What would you suggest?
>>> >
>>> > --
>>> > Chris Riddoch
>>> > _______________________________________________
>>> > Web Page:  http://lug.boulder.co.us
>>> > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>>> > Join us on IRC: irc.hackingsociety.org port=6667
>>> > channel=#hackingsociety
>>> >
>>>
>>> _______________________________________________
>>> Web Page:  http://lug.boulder.co.us
>>> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>>> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
>>
>>
>> _______________________________________________
>> Web Page:  http://lug.boulder.co.us
>> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
>
>
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: irc.hackingsociety.org port=6667 channel=#hackingsociety
>

More information about the LUG mailing list