[Standards] Do we need STUN?

Matt Tucker matt at jivesoftware.com
Thu Mar 8 20:16:30 UTC 2007


Sean,

> > > <iq type="result" to="user at server.com" from="server.com"> 
>  <ipcheck>
> > >     <address>204.122.135.52</address>  </ipcheck> </iq>
> > This won't work if your Jabber server is on the local 
> network. It will 
> > see you connecting from a (non-routable) local network address.
> 
> Also, this won't create bindings through the NAT. The 
> important thing about STUN is that it returns you both your 
> "server reflexive address"
> and the port that your NAT device has bound you too. For many 
> NAT devices the NAT will forward any packet received on that 
> port to your machine.
> 
> If you know only your IP address, your NAT device will have 
> to have port forwarding configured or something similar in 
> order for packets to reach your machine.

Heh, I just *knew* I shouldn't have posted a fake half-example. Of
course you need the UDP part to get through the NAT device and to
establish the "tunnel". Once all the candidates are determined, we're
using a simple UDP echo scheme to evaluate all of them. I think I'm
going to wait until we've documented everything before posting more, as
that will make what we're talking about much easier.

Thanks,
Matt



More information about the Standards mailing list