Re: Is it possible to use Iperf behind a NAT?
Right;
The URL listed below is globally accessable so you can test it out. The
code is available via my anonymous FTP server
achilles.ctd.anl.gov/pub/web100 (link near the bottom of this web
page). To make full use of this program the server must have the Web100
kernel patches and userland library installed. Without them, you get a
simple throughput test between the server and a Java enabled client.
Rich
At 08:11 AM 12/21/02 -0500, Raghurama 'REDDY' wrote:
>I blieve the Rich Carlson of ANL has a server that does what you are
>looking for:
>
> http://miranda.ctd.anl.gov:7123/
>
>This is a Web100 based server that runs Iperf tests and provides an
>anlysis of path.
>
>Thanks!
>
>--Reddy
>
>From: SMTP%"jdugan --at-- ncsa.uiuc.edu" "Jon Dugan" 20-DEC-2002 22:47:57.65
>To: dspisak --at-- nonmundane.org
>CC: iperf-users --at-- dast.nlanr.net
>Subj: Re: Is it possible to use Iperf behind a NAT?
>
>On Fri, Dec 20, 2002 at 05:18:38PM -0800, Daniel Spisak wrote:
> > Jon,
> >
> > Thanks for your reply to my questions I do appreciate them! here are
> > my responses to what you wrote:
> >
> > > First off, I'm not quite sure what the setup is here. Do you have a
> > > collection of machines that can participate in these tests or are you
> > > testing from the user's brower to the server?
> >
> > The scenario is this is for any old random machine on our network to
> use, as
> > a client. The server will always be the same system. Some machines will
> have
> > directly routable IP addresses whereas other systems lie behind a router
> > doing NAT, so the system has a non-routable IP address.
>
> OK. So you're delivering an application to the users to run?
>
> > >will do testing in both directions. That is the client will contact the
> > >server and it will do a test one direction and then test the other.
> > >Assuming that we use the same TCP connection for both directions, it will
> > >Just Work (TM).
> >
> > That would be a pretty awesome feature for Iperf to have.
>
> It's coming, but it's not here yet.
>
> > >Iperf doesn't presently support this, but it could be added
> > >easily -- if you do decide to add it please send us the patch.
> >
> > I know some C and some X86 asm but I've never coded a project like what
> > Iperf is so I am afraid I would be at a loss at where to even begin to
> start
> > to give Iperf NAT functionality. Basically, since my clients will live
> > behind a NAT router that they are probably not comptent enough to setup
> port
> > mappings for, nor would my tech support staff wish to have to walk an
> > uninformed user through that process.
>
> It's really not that bad. The only functionality I was suggesting was the
> ability to set the port which Iperf uses to initiate it's connection
> when it
> is a client.
>
> > The only way I guess I could see it working is if I modified the Iperf code
> > so that I could have a user behind the NAT initiate a test as a client
> to my
> > static server, and the server records the port the Iperf client opened
> from.
> > Then after the client to server test completes Iperf on the client side
> > would spawn a server Iperf process on the old source port on the clients
> > side.
>
> This is actually what I was suggesting. There is a problem though, since
> everyone is connecting to the same server to do their tests you can't spawn
> a seperate Iperf to do the test because to get back through the NAT you
> need
> to source your traffic from the same port the server was on. There is
> however a way around this -- using a proxy. The proxy listens on a
> particular port on the server and clients connect to it and the proxy
> starts
> an Iperf server on another port and tells the client to test against that
> port. Once the test is complete the client starts a server listening
> on the
> port that it used as a client and then the proxy starts a client targetted
> at machine behind the NAT.
>
> > And I am not even sure if that method would work, I'm just
> speculating. The
> > reason why I was thinking about a static file download test is that using
> > Java, I could have their browser download a file from my static server,
> once
> > that file was downloaded it would record the time it took and calculate the
> > users download speed. The Java app would then have the client side browser
> > upload the just downloaded file back to the server to get an
> upload/upstream
> > throughput speed.
>
> Yep, that would work fine. It sounds like it might be the easiest to
> implement. For your application this might be the best thing. It will
> allow you to have people point their web browsers at a website and get
> a report. Otherwise you would need to maintain a binary for each platform
> you support.
>
> > I was just trying to see if there was a way to do this with Iperf without
> > having to setup a portmapping on the users NAT router.
>
> There is, it just requires being a bit tricky.
>
> Good luck!
>
>Jon
>--
>Jon Dugan | Senior Network Engineer, NCSA Network Research
>jdugan --at-- ncsa.uiuc.edu | 269 CAB, 605 E Springfield, Champaign, IL 61820
>217-244-7715 | http://www.ncsa.uiuc.edu/~jdugan/
------------------------------------
Richard A. Carlson e-mail: RACarlson --at-- anl.gov
Network Research Section phone: (630) 252-7289
Argonne National Laboratory fax: (630) 252-4021
9700 Cass Ave. S.
Argonne, IL 60439