Learn the vocabulary of letting two peers behind private-address routers establish a direct connection.
0 / 5 completed
1 / 5
At standup, a dev mentions techniques that let two peers, each sitting behind their own private-address router performing network address translation, establish a direct connection to each other despite neither having a publicly reachable address by default. What is this set of techniques called?
NAT traversal is exactly this: it refers to a set of techniques, such as hole punching, that let two peers, each sitting behind their own private-address router performing network address translation, establish a direct connection to each other despite neither having a publicly reachable address by default. A hash collision is an unrelated hash-table concept about two keys sharing a bucket. This connect-despite-private-addresses approach is exactly why peer-to-peer applications like video calls can establish a direct connection between two home routers without either user manually configuring a port forward.
2 / 5
During a design review, the team adds NAT-traversal support to a peer-to-peer video-calling feature, specifically because establishing a direct connection between two peers behind private-address routers avoids routing every call's media through a relay server. Which capability does this provide?
NAT traversal here provides lower-latency, relay-free direct connections between peers behind NAT, since successful traversal lets media flow straight between the two peers instead of being routed through an intermediate relay server that adds latency and server cost. Always routing every call through a relay server works reliably but adds an extra hop's worth of latency and consumes relay bandwidth for every single call. This direct-peer-to-peer-when-possible behavior is exactly why NAT traversal is attempted first in peer-to-peer video-calling and gaming applications.
3 / 5
In a code review, a dev notices a peer-to-peer video-calling feature routes every single call's media through a relay server unconditionally, with no attempt at NAT traversal to establish a direct connection between the two peers first. What does this represent?
This is a missed NAT-traversal opportunity, since attempting a direct connection first would avoid the added latency and server cost of relaying every call's media unconditionally through a relay server. A cache eviction policy is an unrelated concept about discarded cache entries. This always-relay pattern is exactly the kind of unnecessary cost and latency a reviewer flags once many peer pairs could actually connect directly.
4 / 5
An incident report shows a video-calling service's relay servers hit capacity during a usage spike, causing call quality to degrade broadly, because every call was routed through a relay server unconditionally with no attempt at NAT traversal to connect peers directly first. What practice would prevent this?
Attempting NAT traversal before falling back to a relay server lets many calls between peers behind NAT connect directly, never adding load to the relay servers at all. Continuing to route every call through a relay server unconditionally regardless of how much relay capacity gets consumed during a usage spike is exactly what caused the capacity issue described in this incident. This attempt-direct-first approach is the standard fix once relay capacity is confirmed to be a scaling bottleneck.
5 / 5
During a PR review, a teammate asks why the team attempts NAT traversal before falling back to a relay server, instead of simply always routing every call through a relay server for guaranteed reliability. What is the reasoning?
Attempting NAT traversal first succeeds for a large share of peer pairs, giving them a lower-latency direct connection and reducing relay-server load, while always routing through a relay server guarantees connectivity for every pair but adds latency and server cost even to calls that could have connected directly. This is exactly why peer-to-peer applications attempt NAT traversal first and only fall back to a relay server when direct connection fails.