Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Even if it is mainly about NAT, how else would you do NAT traversal?


Hole punching: https://en.wikipedia.org/wiki/Hole_punching_(networking)


Oh I guess that’s STUN that does the hole punching.

I’m so used to seeing both STUN and TURN together.


STUN is merely a well-thought out signaling protocol. The simplest, and most common, route is for each party to reach out to the rendezvous (STUN server), which then responds with the port and IP in the other peer. Each party then uses the same address and port it received, because remember that a typical NAT merely maps a port to a port on one of its managed/internal endpoints. The mapping that was created for the STUN server is just as good for use by the other peer.

You could do all of that with your own protocol, but...

Some NATs will include the remote IP in the "key" of the mapping, or even more restrictive approaches, meaning that STUN will have to fall back to other strategies and eventually give up and use TURN.

These days you'll also find that mDNS and other local broadcasts play a role, so that the internet can be avoided entirely for LAN peers.


Right, so hole punching alone doesn’t solve the problem of NAT traversal, which is why TURN and things like it are needed.

when I wrote my other comment in my head TURN and STUN were practically synonymous, since I’ve never seen one without the other.


You aren’t completely wrong apparently.

> TURN is considered an extension to the STUN. So, a typical TURN server would include a STUN server implementation by default.

https://www.100ms.live/blog/webrtc-turn-server


Isn't STUN hole punching? TURN is what you do when STUN fails.


by not having nat?

...only if ipv6 wasn't written by the very people profiting from NAT.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: