I would like to understand how udp hole punching works when two hosts each behind the port restricted cone NAT establish connection.
As I understood, it happens in several stages and involves three hosts.
Host A and host B are behind the port restricted cone NAT.
Host C is a server that can receive packets from the hosts A and B.
- A sends a packet to C.
- C receives packet from A and determines A's external address:port pair
- B sends a packet to C.
- C receives packet from B and determines B's external address:port pair
- C sends the external address:port of B to A
- C sends the external address:port of A to B
- A sends packet_1 to B's external address
- B sends packet_2 to A's external address
The questions are:
How can A behind the restricted cone NAT receive a packet from B which is also behind the restricted cone NAT?
The port restricted cone NAT do not allow packets, in which the source address:port pair does not match the destination address:port pair of packets sent by it, to be received. Why do other packets sent between A and B arrive to A and to B?
Is it because the port restricted cone NAT considers packet_2 as the response from B?
So packet_1 will be lost but packet_2 arrives to B. Am I right?
Thank you in advance.