This blog was originally started to better help me understand the technologies in the CCIE R&S blueprint; after completing the R&S track I have decided to transition the blog into a technology blog.

CCIE #29033

This blog will continue to include questions, troubleshooting scenarios, and references to existing and new technologies but will grow to include a variety of different platforms and technologies. Currently I have created over 185 questions/answers in regards to the CCIE R&S track!! Note: answers are in the comment field or within "Read More" section.

You can also follow me on twitter @FE80CC1E


Friday, July 1, 2011

STUN

STUN - Session Traversal Utilities for NAT (RFC 5389) - used in NAT Traversal for applications real-time video, voice, messaging and other IP communications that are interactive.

STUN works with the following types of NAT
- Full cone NAT
- Restricted cone NAT
- Part Restricted cone NAT

STUN does not work with bi-directional NAT (Symmetric NAT). TURN works better with this type of NAT

STUN works as follows
- Client (OS or application) on a private network sends a "binding request" to the STUN server on the public internet.
- STUN Server sends "success response" that contains an IP address and PORT as observed from the the STUN servers. (After the Client has been natted)

Once the client is aware of its external IP address and port number it uses this external IP address and port number when communicating to its peers. This allows its peers to establish communications to the device which would otherwise not be accomplished since the client is on a private IP network.

Standard Ports for STUN
UDP/TCP 3478
TLS 5349

0 comments:

Post a Comment