Simple p2p

First of all how are you trying to establish the connection here? Do you mean a VPN tunnel when you say tunnel? and please post the network diagram which would help us better with the setup.

We cannot eliminate the server in a client- server model for obvious reasons.

First of all how are you trying to establish the connection here? Do you mean a VPN tunnel when you say tunnel? and please post the network diagram which would help us better with the setup.

We cannot eliminate the server in a client- server model for obvious reasons.

Well, I hoped I was clear enough :D Anyway, I'll try again.

I used the world "tunnel" without knowledge of VPN, but accidentally it turned out to be quite accurate.
1)So I want the clients (without public ips) to ask the central server for connection.
2)Than I want the server to establish a direct connection between those clients (if it is possible)
3)The result should be that all data sent from client_1 to client_2 does NOT go through central server. Of course after the server establishes connection between clients.

Bye

I'm afraid that the previous diagram might be a little misleading, so I post another one more precise.

Such a this diagram is really help me... so thanks for that...

- If you are trying to have a VPN tunnel between them then you can have a Site to Site VPN tunnel between the two clients which would take the 'Server' out of the picture.
- If it is necessary to have the server then as per my knowledge it is not possible to eliminate the server after the connection has been made with clients.

http://computer.howstuffworks.com/vpn3.htm

But remember that the clients do NOT have public ips. Neither of them can just ask the other one for connection. Initially all they can do is connect to the server which has a public ip.

The question is if the clients can somehow establish a DIRECT connection. So that the server would be no more necessary for data transmission.

PS. I'm not insisting on using VPN. If there is another way, I'm OK with that. I'm interested in the final result :)

Frankly I don't think you have much of an option without either some kind of centralized environment or know who you want to connect to on the other end. You say you want a connection even if the central server went down? I'm assuming (and only assuming) that this is some kind of domain controller and your addresses are managed locally.
It is possible for the central server to manage the connection without really seeing any traffic but this depends on your implementation.

If you could offer more scope on what you are trying to accomplish we might be able to offer a good solution rather than (again, ASSUMING) one end user speaking with another end user. Is your project more for redundancy or security, or is it that you want to do something else entirely?

Well, I don't exactly mean a connection without a central server. It's rather something like this:

1) Let's say I have a cheap and weak server. Internet connection is slow. CPU is weak, and there is not much RAM. The only advantage of this server is a public ip address, and price. :)

2) There is a list of users on this server.

3) After some users log in, they should be able to establish a direct connection between them (I mean a pair of the users logged in). And the only task for the server should be to help them to establish this direct connection. (After clients log into the server, the server already "knows" how to send data to those clients and this "knowledge" should be passed to both clients that want a direct connection. After that the server would be no more needed for this two clients)

4) The server should no more take part in this connection for 2 reasons:
- the server is weak and slow and it can't manage many such connections at one time
- I don't want to take ANY responsibility for what the users send between them

It could be as simple as shared folders perhaps? After the users are on the network (authenticated from the central server or where ever) they can browse the network shares and send files over to whom ever. The central server will not even look at the data, it will only 'tell you' what computers are available. The down side to this is setup and management, it will all need to be done at each location and each computer for the entirety of the network. You should give meaningful names to your shares to be able to identify them.

I'm guessing that the central server was also where you stored whatever data for the end users and you want to mitigate that responsibility away from the server, maybe smaller local servers then? I'm sure you looked at the risks of moving to P2P but if there is a way to reduce stress from your central server while still keeping something of a centralized data environment would you be open to it?

Are you in a Windows environment or some thing else?

I'm thinking rather about something more user-friendly, where no shared folders and no configuration at all would be necessary. The user just selects a file, selects another user and sends the file.

After a user_1 logs in, the server should capture his connection data. Than when the user_2 wants to send a file to user_1 the server should just pass user_1's connection data to user_2.
1) Either the server should help the users to establish a direct connection and than back down. (So that no more of server's resources and internet transfer is used)
2) Or just send them the other's connection data, so they could establish this connection themselves.

In both solutions I want the data flow (not the connection) to be independent from the server.

The servers uses linux. But the clients would rather be for Windows.

Well the server will likely never handle the actual data in most any type of transfer for what you're looking to do. If you are looking for something user friendly there are a few applications out there that will help you to accomplish this and perform nearly all of the setup (save for maybe something at the server end). You could also code something that will do what you need and that will also make the necessary setup on the client computers. Beware that a lot of applications don't like to see much beyond the subnet they are running in.

You are going to need some way of having the end users identify each other, whatever application they are using to send files will need to give them this information. Understanding how you want to do that is likely to be the pivot point of this solution.

Thanks for the tips, but there still is a crucial problem that I'm trying to expose since the very beginning. How can I get a direct connection between 2 clients neither of whom have a public ip.

I have an idea of using a central server as some kind of an "information desk". The ONLY job it's supposed to do is to give a client_1 information how to directly connect to client_2 or somehow help the clients establish this direct connection.

I'm interested in a low level solution, that wouldn't require any shared folders or other things. I want my application to have as much control of what's going on as possible.

For now I'm interested ONLY in the issue of this direct connection. This isn't my job, it's just for fun. And that's why I'm looking for a specific solution that fits my expectations. And only if I really like the idea I will start coding and maybe create something interesting. :)

I hope that now you can see my point :)

The client sending data would need to be in a network environment where it can open port(s) on the public IP address to establish a direct connection without a central server.

It could do this using UPnP if it's available in the network as a lot of BitTorrent clients do to connect to uploaders.

If the sending/uploading client cannot open a port, and it cannot connect to a central server, then they cannot establish a connection together.