Symmetric NAT Holepunching

Does the current go-libp2p holepunch implementation work in situations where two peers who are both behind symmetric NATs wish to connect directly? I don’t think so, but maybe I’m mistaken.

This is an older paper that describes a method of holepunching that claims to achieve 97% success rate, including symmetric NATs, using port prediction. Just wanted to bring it to your attention if you haven’t seen it yet, or something similar. I think it would require the use of two seperate autonat servers.

https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.455.3700&rep=rep1&type=pdf

Also, maybe better in a different thread, but has anyone tried the current holepunch implementation with mobile carriers, or cgnat?

No it does not support symetric NAT hole punching (yet).

See CGNAT traversal

Note that DCUtR can be used for symmetric hole punching as is, the difficulty is in port prediction.

Isn’t it what the blog article states, though?

Thanks for the article, it’s a good read. They mention symmetric NAT briefly:

There are situations in which hole punching will not work, most notably when one of the nodes is behind a symmetric NAT. In such cases, nodes can instead explicitly add port mappings, either manually or by using UPnP (opens new window). As a last resort, nodes can leverage external relay (opens new window)nodes.

Symmetric NATs are difficult because they map each outbound address to a different source port while only allowing replies from those specific IPs on their specific ports. The port allocation can be somewhat predictable or it can be random, depending on the NAT implementation.