AutoNAT

Background

While the identify protocol allows peers to inform each other about their observed network addresses, sometimes these addresses are inaccessible as the peer may be located in a private network (i.e., behind a NAT or a firewall).

To prevent this problem of advertising and dialing unreachable addresses, libp2p has implemented a protocol called AutoNAT, which allows nodes to determine whether or not they are behind a NAT.

What is AutoNAT?

AutoNAT allows a node to request other peers to dial its presumed public addresses.

For private nodes located behind a NAT, it is strongly recommended to:

  • Not advertise private addresses
  • Get a reservation with a relay to improve connectivity to public networks and advertise relay addresses instead.

For public nodes, it is suggested to:

  • Start a relay to assist other nodes
  • Consider activating DHT server mode to improve connectivity to public networks.

If most of these dial attempts are successful, the node can be reasonably sure that it is not behind a NAT. On the other hand, if most of these dial attempts fail, it strongly indicates that a NAT is blocking incoming connections.

The AutoNAT protocol uses the protocol ID /libp2p/autonat/1.0.0 and involves the exchange of Dial and DialResponse messages.

To initiate the protocol, a node sends a Dial message to another peer containing a list of multiaddresses. The peer then attempts to dial these addresses using a different IP and peer ID than it uses for its regular libp2p connection. If at least one of the dials is successful, the peer sends a DialResponse message with the ResponseStatus: SUCCESS to the requesting node.

If all dials fail, the peer sends a DialResponse message with the ResponseStatus: E_DIAL_ERROR. The requesting node can use the response from the peer to determine whether or not it is behind a NAT.

If the response indicates success, the node is likely not behind a NAT and does not need to use a relay server to improve its connectivity. If the response indicates an error, the node is likely behind a NAT and may need to use a relay server to communicate with other nodes in the network.

Top