I want to perform the fastest possible TCP based file transfer between two machines sitting behind two different NATs, in a situation where a public port cannot be redirected to any of the two machines (local policies).


So far I could: 1) Set up a VPN with a central public node acting as relay (OpenVPN), 2) Set up a mesh VPN to get a direct link between both machines without relay (tinc). The VPN can then be used seamlessly to perform data transfer through whatever third party file transfer client/server (as if both machines where on the same LAN).


The line between the two machines is quite unstable and a single TCP stream typically only achieves a tiny fraction of the available bandwidth. Additionally encapsulating TCP over TCP induces extra overhead and is notoriously inefficient for unstable lines. I would hence like to establish a direct (no relay) and native traffic link (no VPN encapsulation) between the two machines. A natural choice is the STUN framework but I came to the conclusion that to interact with a public STUN server and achieve NAT traversal an application must be compiled with ad-hoc STUN libraries, and rely on STUN specific sockets instead of regular sockets. This basically means that every new set of STUN enabled client/server applications need to be written from scratch.


To simplify the process I am wondering whether it would be possible to implement a generic STUN client that would basically run as a daemon on both machines. The clients would connect to a public STUN server to register and query information on other clients. They would also redirect all the outgoing traffic from a local monitored port to the correct IP/port (user configuration + STUN server information) to reach the other machine. This could allow any third party client/server application to seamlessly open regular TCP sockets (possibly several) and establish a connection with the other machine (as if it was on the same LAN).

You can try SoftEther VPN - it:

It's IMO quite good piece of software which can save you lot of work...

    Your Answer


    By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.

    Not the answer you're looking for? Browse other questions tagged or ask your own question.