I’m finding surprisingly little information about sockets on the internet. Maybe it’s because of my search strategy.
Will binding a socket to an end point chosen by the operating system/NAT (what is it actually chosen by?) ensure that packets sent using it will always have the same source port?
For example if I were to create socket and bind it to a port chosen by Windows (i.e. pass new IPEndPoint(IPAddress.Any, 0)) and then send two packets to different hosts, will the source port of the two packets be the same?
If yes, what’s “NAT port randomisation”? I’ve heard that it makes the NAT select a new port for each host you’re sending data to … is that the case?
Let’s say on your local PC computer you binded to a specific port (or even port 0 – such that the operation system picks a port for you). All packets leaving the PC will have the same source port. Guaranteed.
But the NAT – may do something entirely different. The NAT will definitely translate the IP address to the external IP address it was assigned. And the “source port” will undergo a “mapping” translation.
Most, but not all, well behaved NATs will try to do the following. This does not include behaviors setup via port-forwarding rules that the user may have setup manually or via UPNP.
Some NATs will try to “map” the source port of the internal host to the same port value when retransmitting UDP or making a TCP connection. This isn’t always possible if another host behind the same NAT is already using that port. In that case, another port is picked.
For outbound TCP connections, the port mapping will occur as the outbound SYN packet leaves the NAT. The source port mapping will remain consistent for the lifetime of the TCP connection.
If a host behind a NAT sends consecutive UDP packets to the same remote IP:port pair within a given internal, a well behaved NAT will maintain the same port mapping. That is, the source port remains the same.
And most well behaved NATs will maintain the same source port mapping independent of what the destination IP or destination port is. That is, if a PC behind the NAT sends UDP packets from local port 3000 to two different IP:port addresses, the NAT will translate the source port the same. This is called “address independent mapping” and is an important characteristic with setting up P2P connections with other hosts that might be behind a NAT.
There are NATs that are not so well behaved. The primary fault they have is this:
When the NAT maintains “Address and port dependent” mapping (aka “symmetric NAT”). This is where the NAT picks a random source port for each unique IP:port pair that a host behind the NAT communicates with. As such, it becomes very difficult for two hosts (both behind different symmetric NATs) to communicate with each other without a relay service. I am told that most mobile devices communicating over 3G exhibit this behavior.
Some not-so-well-behaved NATs will even sniff the data of the packets looking for protocols that might contain internal IP addresses and then attempt to “fix” the packet such that the internal IP address communicated in the packet data is now the external IP address. This fixes problems for legacy protocols like FTP. But for other applications, this can be create more problems.
There is a set of technologies for traversing NATs. Please read up on STUN, TURN, and ICE.