Session Traversal Utilities for NAT (STUN) is a standardized set of methods, including a . The STUN protocol and method were updated in RFC , retaining many of the original specifications as a subset of methods, but removing others. 21 Oct STUN was first defined in RFC (standards) back in , and then revised two times once in RFC (standards) in and again in. Session Traversal Utilities for NAT (STUN). This RFC was published in Abstract. Session Traversal Utilities for NAT (STUN) is a protocol that serves.
|Published (Last):||4 November 2010|
|PDF File Size:||1.16 Mb|
|ePub File Size:||2.9 Mb|
|Price:||Free* [*Free Regsitration Required]|
This unfortunate rfc 5389 is due to assignment of values in [ RFC ] that did not consider encoding Indications, Success, and Errors using bit fields.
Session Traversal Utilities for NAT (STUN)
Wing, The Internet Society October The methods of RFC proved too unreliable to cope with the plethora of different NAT implementations and application scenarios encountered in rfc 5389 networks. Sending the Request or Indication Following the fixed header comes zero or more attributes, which are Type-Length-Value extensions that convey additional information rfc 5389 the specific message. Each usage specifies the mechanisms allowed with that usage. The class indicates whether this is a request, a success response, an error response, or an indication.
This provides another way to rfc 5389 STUN packets from packets of other protocols. Although there are four message classes, there are only two types of transactions in STUN: A temporary username and rfc 5389 password that represent a shared secret between client and server. The details of the encoding, and of the attributes themselves are given in Section The method and class are orthogonal, so that for each method, a request, success response, error rfc 5389, and indication are possible for that method.
Extensibility was added to the protocol in a more structured way. Session Traversal Utilities for NAT STUN is a standardized set of methods, including a network protocol, for traversal of network address translator NAT gateways in applications of real-time voice, video, messaging, and other interactive communications.
The client, typically operating inside a private networksends rrc binding request to a STUN server on the public Internet.
The authentication mechanisms revolve around the use of a username, password, and message-integrity value. Processing a Success Response In tfc specification, rfc 5389 terms STUN server and server are synonymous.
From Wikipedia, the free encyclopedia. For indications, it is chosen by the agent rff the indication. This is called a reflexive transport address. Long-term credentials are generally granted to the client when a subscriber enrolls in a service and persist until the subscriber leaves the service or explicitly changes the credential. Unless otherwise noted, numeric constants are in decimal base Though it is possible rfc 5389 a protocol may be able to use STUN by itself rfc 5389 STUN as a traversal solution, such usage is not described here and is strongly discouraged for the reasons described above.
STUN, Simple Traversal of UDP Through NAT
There are other, more minor changes. Following the STUN fixed portion of the header are zero or more attributes. The Interactive Connectivity Establishment ICE protocol provides a structured mechanism to determine the optimal communication path between two peers. As a result, the source transport address rc the request received by the rfc 5389 will be the public IP address and port created by the NAT closest to the server. A rcf cookie mechanism rfc 5389 demultiplexing STUN with application protocols was added by stealing 32 bits from the rfc 5389 transaction ID defined in RFCallowing the change to be backwards compatible.
This document obsoletes RFC The initial period of time between transmission of a request and the first retransmit of rfc 5389 request. Since Rfc 5389 does not provide reliable transport guarantees, reliability is achieved by application-controlled retransmissions of the STUN requests. Resends of the same request reuse the same transaction ID, but the client MUST choose a new transaction ID for new transactions unless the new request is bit-wise identical to the previous request and sent from the same transport address to the same IP address.
When there is rfx intervening NAT between the client and the other host, the reflexive transport address represents the mapped address allocated to the client on rfc 5389 public side of the NAT. Changes to Server Processing It primarily serves to correlate requests with responses, though it also plays a small role.
These mechanisms include DNS discovery, a redirection technique rfc 5389 an alternate server, a fingerprint attribute for demultiplexing, and two authentication and message-integrity exchanges.
Rfc 5389 algorithm is not reliably successful and only applicable to a subset of NAT devices deployed. It is implemented as a light-weight client-server protocol, requiring only simple query and response components with a third-party server located on the rfc 5389, easily accessible network, typically the Internet.
Attributes are divided into two types: However, experience since the publication of RFC has found that classic Frc simply does not work sufficiently well to rtc a deployable solution.
rfc 5389 For other uses, see STUN disambiguation. As a result, it allows a wide variety of applications to work through existing NAT infrastructure. The specific scope of a short-term credential is defined by the application usage.
Two authentication mechanisms, the long-term credential mechanism and the short-term credential mechanism, are rfc 5389 in this specification. Distribution of this memo is unlimited.
Extensions defining new methods MUST indicate which classes are permitted for that method. Private network 2 connects to the public Internet through NAT 2. Classic STUN provided no way to discover whether it would, in fact, work or not, rfc 5389 it provided no remedy in cases where it did not.
The lower agent in the rfc 5389 is the client, and is connected to private network 1. Typically, a usage indicates when STUN messages get sent, which optional attributes to include, what rfc 5389 is rfc 5389, and what authentication mechanism is to be used.
A STUN server can also send indications. It can also be used to check connectivity between two endpoints, and as dfc keep-alive protocol to maintain NAT bindings. An entity that implements the STUN protocol. Forming a Success or Error Response