42 points | by Bogdanp 10 hours ago
5 comments
Can confirm that it still works in 2025, and also via netcat.
I wonder if it's also theoretically possible for a pair of clients to connect to each other like this?
The tailscale client does this trick to force its way through NAT-to-NAT connections.
"How NAT traversal works" - https://tailscale.com/blog/how-nat-traversal-works > "The benefits of birthdays"
Yeah a pair of clients can via “tcp simultaneous open” but you’ll need to arrange for each client to know about the source port of the other. So bypass the usual ephemeral port choice made by the OS. And it’s still highly sensitive to timing.
Intuitively it doesn't sound like it would work. The program doesn't call listen() or accept() on the socket.
The comment section on it answered that: it's TCP simultaneous open.
Can confirm that it still works in 2025, and also via netcat.
I wonder if it's also theoretically possible for a pair of clients to connect to each other like this?
The tailscale client does this trick to force its way through NAT-to-NAT connections.
"How NAT traversal works" - https://tailscale.com/blog/how-nat-traversal-works > "The benefits of birthdays"
Yeah a pair of clients can via “tcp simultaneous open” but you’ll need to arrange for each client to know about the source port of the other. So bypass the usual ephemeral port choice made by the OS. And it’s still highly sensitive to timing.
Intuitively it doesn't sound like it would work. The program doesn't call listen() or accept() on the socket.
The comment section on it answered that: it's TCP simultaneous open.