如何找到 LAN 上另一台无法公开访问的计算机的正确 IP 地址？

发布于 2024-11-18 07:20:26 字数 114 浏览 3 评论 0原文

我正在编写一个分布式 Java 应用程序，但网络方面的问题困扰着我。由于某种原因它无法正常工作。我认为这是因为我通过 ipconfig /all 获得的 IP 地址无法从 LAN 外部访问。我很感激任何提示或建议。

原文

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

若相惜即相离 2024-11-25 07:20:26

概述

您需要通常称为的“NAT 穿越”，或ICE。当今互联网上使用两种主要协议：TCP 和 UDP。 TCP 套接字中携带了大量的会话状态信息；因此，它是一种比 UDP 更难用于 P2P 的协议。

UDP 隧道

以下列表是更通用的 STUN 协议 (RFC 5389) 您可以使用它来实现基于 UDP NAT 遍历的 P2P 服务...

部署具有公共地址的 UDP 服务器并开始侦听来自客户端的 UDP 数据包。客户端会将其私有 IP 地址嵌入到发送到您的服务器的 UDP 数据包中；实施某种形式的身份验证以确保您从有效的客户端（而不是某些随机数据包扫描器）获得连接是一个好主意。
服务器读取其私有 IP 地址如何从 UDP 数据报转换为公共 IP 地址。
如果您想在特定用户之间建立连接，也可以将此信息嵌入从客户端发送到服务器的数据包中；您的服务器将实现一个用户名目录，将客户端 UDP 套接字信息与用户名（对等点将尝试连接的用户名）关联起来。
您的 UDP 服务器应将相应的信息发送回其他相关对等点。
现在，对等点可以通过将 UDP 数据报发送到这些转换后的地址来直接进行通信；只要允许相关 UDP 端口并且该协议引入的延迟不会触发 NAT 设备中的状态超时，这些数据包就会通过路径中的客户端 NAT 设备。

建立 UDP 连接后，您可以使用 OpenVPN 之类的工具在两个客户端之间形成 UDP SSL VPN；这将为您提供一个简单的通道来启动客户端之间的 TCP 连接。然而，在此连接模型中需要考虑一些重要的安全和信任问题；它不太可能在互联网上的随机用户之间有用。

TCP

如果需要 TCP 连接，我建议查看此互联网草案 MMUSIC-ICE-TCP：具有交互式连接建立 (ICE) 的 TCP 候选

Overview

You need what is commonly-known as "NAT Traversal", or ICE. There are two primary protocols used on the internet today TCP and UDP. TCP sockets carry a significant amount of session state information in them; consequently it is a significantly more difficult protocol to use for P2P than UDP.

UDP Tunneling

The following list is a simplified outline of the more general STUN Protocol (RFC 5389) that you could use to implement a P2P service based on UDP NAT Traversal...

Deploy a UDP server with a public address and start listening for UDP packets from your clients. Clients will embed their private IP address inside the UDP packets sent to your server; it would be a good idea to implement some form of authentication to ensure you are getting connections from a valid client (instead of some random packet scanner).
The server reads how their private IP address has been translated into a public IP address from the UDP Datagrams.
If you want to make connections between specific users, also embed this information inside packets sent from the clients to your server; your server will implement a username directory to associate client UDP socket information with usernames (that peers will try to connect to).
Your UDP server should send the corresponding information back to the other relevant peer(s).
Now, peers can communicate directly by sending UDP datagrams to these translated addresses; these packets will go through client NAT devices in the path as long as the UDP ports in question are allowed and the delay introduced by this protocol does not trigger state timeouts in the NAT devices.

After you have established UDP connectivity, you could form an UDP SSL VPN between the two clients using something like OpenVPN; this would give you a trivial channel to initiate a TCP connection between the clients. However, there are non-trivial security and trust issues to consider in this connectivity model; it is unlikely to be useful between random users on the internet.