STUN_SERVER - Session Traversal Utilities for NAT ======================================================= .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **What is STUN_SERVER?** STUN server helps devices behind a NAT (Network Address Translation) discover their public IP address and the type of NAT they are behind. This is essential for peer-to-peer communication over the internet. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Why is STUN important in WebRTC?** STUN is crucial in WebRTC to: * Discover the public-facing IP and port of a device * Enable direct peer-to-peer connections * Facilitate NAT traversal without requiring a relay server (like TURN) .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **How does a STUN server work?** The client sends a **binding request** to the STUN server, which replies with the public IP and port it sees. This helps the client understand how it appears to the outside world. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **What is the difference between STUN and TURN?** * **STUN:** Used to discover public IP and port; works for most NATs * **TURN:** Used when STUN fails; relays media through a server, which is more resource-intensive .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Are STUN servers free to use?** Yes, many public STUN servers are available for free. For example: * `stun.l.google.com:19302` * `stun1.l.google.com:19302` .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Can I host my own STUN server?** Yes. You can use open-source software like: * **Coturn** (supports both STUN and TURN) * **reTurnServer** .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **What ports do STUN servers use?** Typically, STUN uses: * UDP port **3478** (default) * Can also use TCP or TLS for secure communication .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Is STUN secure?** STUN itself is not encrypted. For secure communication, use **STUN over TLS** or combine it with **DTLS-SRTP** in WebRTC. .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **What are common issues with STUN?** * Some NAT types (e.g., Symmetric NAT) may not work well with STUN * Firewalls may block STUN traffic * STUN alone doesn't guarantee connectivity — TURN may be needed .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **How do I test if a STUN server is working?** You can use tools like: * `stunclient` (CLI tool) * `trickle ICE` (WebRTC testing tool) * Browser-based WebRTC test pages .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow **Which OSI layer does STUN belong to?** * STUN is a **control protocol** that assists applications in NAT traversal * It operates between the **Transport Layer (Layer 4)** and **Application Layer (Layer 7)** * Most commonly considered to function at **Layer 7** due to its use in signaling and real-time communication protocols .. panels:: :container: container pb-4 :column: col-lg-12 p-2 :card: shadow Topics in this section, * :ref:`Learnings in this section ` * :ref:`Terminology ` * :ref:`Version Info ` * :ref:`STUN_SERVER Version&RFC Details ` * :ref:`STUN_SERVER Basic Setup on Ubuntu using IPv4 ` * :ref:`STUN_SERVER Basic Setup on Ubuntu using IPv6 ` * :ref:`STUN_SERVER Protocol Packet Details ` * :ref:`STUN_SERVER Usecases ` * :ref:`STUN_SERVER Basic Features ` * :ref:`STUN_SERVER Feature : Public IP Discovery ` * :ref:`STUN_SERVER Feature : NAT Type Detection ` * :ref:`STUN_SERVER Feature : Port Mapping Discovery ` * :ref:`STUN_SERVER Feature : Lightweight Protocol ` * :ref:`STUN_SERVER Feature : Client-Server Architecture ` * :ref:`STUN_SERVER Feature : Support for IPv4 and IPv6 ` * :ref:`STUN_SERVER Feature : Used in WebRTC and VoIP ` * :ref:`Reference links ` .. _STUN_SERVER_step1: .. tab-set:: .. tab-item:: Learnings in this section * In this section, you are going to learn .. _STUN_SERVER_step2: .. tab-set:: .. tab-item:: Terminology * Terminology .. _STUN_SERVER_step3: .. tab-set:: .. tab-item:: Version Info * Version Info .. _STUN_SERVER_step5: .. tab-set:: .. tab-item:: STUN_SERVER Version&RFC Details .. csv-table:: :file: ./STUN_SERVER/STUN_Server_RFC_Details.csv :widths: 1,10,10,10,30 :header-rows: 1 .. _STUN_SERVER_step16: .. tab-set:: .. tab-item:: STUN_SERVER Basic Setup on Ubuntu using IPv4 * Setup .. _STUN_SERVER_step17: .. tab-set:: .. tab-item:: STUN_SERVER Basic Setup on Ubuntu using IPv6 * Setup .. _STUN_SERVER_step6: .. tab-set:: .. tab-item:: STUN_SERVER Protocol Packet Details **Binding Request** .. csv-table:: :file: ./STUN_SERVER/STUN_Server_Protocol_Packet_1.csv :widths: 10,20,30,10 :header-rows: 1 **Binding Success Response** .. csv-table:: :file: ./STUN_SERVER/STUN_Server_Protocol_Packet_2.csv :widths: 10,20,30,10 :header-rows: 1 **Binding Error Response** .. csv-table:: :file: ./STUN_SERVER/STUN_Server_Protocol_Packet_3.csv :widths: 10,20,30,10 :header-rows: 1 **Shared Secret Request** .. csv-table:: :file: ./STUN_SERVER/STUN_Server_Protocol_Packet_4.csv :widths: 10,20,30,10 :header-rows: 1 **Shared Secret Response** .. csv-table:: :file: ./STUN_SERVER/STUN_Server_Protocol_Packet_5.csv :widths: 10,20,30,10 :header-rows: 1 **Shared Secret Error** .. csv-table:: :file: ./STUN_SERVER/STUN_Server_Protocol_Packet_6.csv :widths: 10,20,30,10 :header-rows: 1 .. _STUN_SERVER_step7: .. tab-set:: .. tab-item:: STUN_SERVER Usecases .. csv-table:: :file: ./STUN_SERVER/STUN_Server_Usecase.csv :widths: 10,20,30 :header-rows: 1 .. _STUN_SERVER_step8: .. tab-set:: .. tab-item:: STUN_SERVER Basic Features .. csv-table:: :file: ./STUN_SERVER/STUN_Server_Features.csv :widths: 10,10,30 :header-rows: 1 .. _STUN_SERVER_step9: .. tab-set:: .. tab-item:: STUN_SERVER Feature : Public IP Discovery **Public IP Discovery - Testcases** .. csv-table:: :file: ./STUN_SERVER/STUN_Server_Feature-1_Public_IP_Discovery_Testcase.csv :widths: 10,10,30,20 :header-rows: 1 .. _STUN_SERVER_step10: .. tab-set:: .. tab-item:: STUN_SERVER Feature : NAT Type Detection **NAT Type Detection - Testcases** .. csv-table:: :file: ./STUN_SERVER/STUN_Server_Feature-2_NAT_Type_Detection_Testcase.csv :widths: 10,10,30,20 :header-rows: 1 .. _STUN_SERVER_step11: .. tab-set:: .. tab-item:: STUN_SERVER Feature : Port Mapping Discovery **Port Mapping Discovery - Testcases** .. csv-table:: :file: ./STUN_SERVER/STUN-Server_Feature-3_Port_Mapping_Discovery_Testcase.csv :widths: 10,10,30,20 :header-rows: 1 .. _STUN_SERVER_step12: .. tab-set:: .. tab-item:: STUN_SERVER Feature : Lightweight Protocol **Lightweight Protocol - Testcases** .. csv-table:: :file: ./STUN_SERVER/STUN_Server_Feature-4_Lightweight_Protocol_Testcase.csv :widths: 10,10,30,20 :header-rows: 1 .. _STUN_SERVER_step13: .. tab-set:: .. tab-item:: STUN_SERVER Feature : Client-Server Architecture **Client-Server Architecture - Testcases** .. csv-table:: :file: ./STUN_SERVER/STUN_Server_Feature-5_Client-Server_Architecture_Testcase.csv :widths: 10,10,30,20 :header-rows: 1 .. _STUN_SERVER_step14: .. tab-set:: .. tab-item:: STUN_SERVER Feature : Support for IPv4 and IPv6 **Support for IPv4 and IPv6 - Testcases** .. csv-table:: :file: ./STUN_SERVER/STUN-Server_Feature-6_Support_for_IPV4_and_IPV6_Testcase.csv :widths: 10,10,30,20 :header-rows: 1 .. _STUN_SERVER_step15: .. tab-set:: .. tab-item:: STUN_SERVER Feature : Used in WebRTC and VoIP **Used in WebRTC and VoIP - Testcases** .. csv-table:: :file: ./STUN_SERVER/STUN_Server_Feature-7_Used_in_webRTC_and_VoIP_Testcase.csv :widths: 10,10,30,20 :header-rows: 1 .. _STUN_SERVER_step18: .. tab-set:: .. tab-item:: Reference links * Reference links