So basically here I am, opening a connection to the publicly accessible S. The router sees it and says oh wow, there's an out going connection to S_IP:S_PORT, I'll assign an R_PORT to it on my publicly visible side and will forward all traffic from S_IP:S_PORT to my internal network client.
But how does that help someone who is not S (has a different IP than S) to use this tunnel set up by router? It (R - router on the NAT) won't ignore the source IP of incoming packets (since two connections are the same only if source and destination IPs and ports are the same - 4 numbers), will it? Traffic coming from S will get forwarded, that I get, but will traffic from ANY source just coming to the appropriate port on R get forwarded just the same way?
You are right but your logic works in tcp connections, that why the method named "udp hole punching", in udp there is no handshake that means i can send you a udp packet looks like it's coming from S_IP:S_PORT.
But how does that help someone who is not S (has a different IP than S) to use this tunnel set up by router? It (R - router on the NAT) won't ignore the source IP of incoming packets (since two connections are the same only if source and destination IPs and ports are the same - 4 numbers), will it? Traffic coming from S will get forwarded, that I get, but will traffic from ANY source just coming to the appropriate port on R get forwarded just the same way?
Good paper.