Session Traversal Utilities for NAT (STUN) is a standardized set of methods, including a network protocol, used for traversal of network address translator (NAT) gateways in applications of real-time voice, video, messaging, and other interactive communications[1].
It is primarily used to discover the public IP address of a device running behind a NAT[2].
- Tell me my public ip address/port through NAT
- Works for Full-cone, Port/Address restricted NAT
- Doesn't work for symmetric NAT
- STUN server port 3478, 5349 for TLS
- Cheap to maintain
Problems STUN Solves
- NAT Traversal: STUN is used to overcome the problem of NAT traversal. It allows network devices to discover post-NAT IP addresses and port numbers of communicating parties and to use this information to establish peer-to-peer (P2P) data channels[3].
- IP Discovery: STUN answers the question "what is my IP address?" by using a STUN server. This server runs on the public network and replies to incoming requests with the public IP address the request was sent from[4].
Pros of STUN
- Compatibility: STUN works with existing NAT devices and does not require any changes to network devices[3:1].
- Simplicity: STUN uses the client/server model, which is simple and easy to implement. Only one STUN server needs to be deployed on the network[3:2].
- Use in Various Applications: STUN is used in several different network implementations and scenarios, one of which is in VoIP implementations[2:1].
Cons of STUN
- Limited NAT Traversal: STUN is not a self-contained NAT traversal solution applicable in all NAT deployment scenarios. It works with three types of NAT: full cone NAT, restricted cone NAT, and port restricted cone NAT[1:1].
- Security Concerns: STUN servers can be vulnerable to various security risks, such as man-in-the-middle attacks or unauthorized access[5].
In the context of WebRTC, STUN is usually deployed with TURN servers. Configuring TURN/UDP implicitly also implements the STUN protocol[4:1].
Create your own STUN & TURN server
COTURN open source project
https: //github.com/coturn/coturn
