Home Arrow Icon Knowledge base Arrow Icon Global Arrow Icon How do STUN and TURN servers interact with firewalls and NATs


How do STUN and TURN servers interact with firewalls and NATs


STUN (Session Traversal Utilities for NAT) and TURN (Traversal Using Relays around NAT) servers interact with firewalls and NATs in the following ways:

STUN Server Interaction with Firewalls and NATs

1. STUN Server: STUN servers help devices behind a NAT (Network Address Translation) to discover their public IP address and the type of NAT they are behind.
2. Firewall Interaction: STUN servers can help devices behind a firewall to determine if they can establish a direct connection with the peer. If the direct connection fails, the STUN server can help the device to determine the type of NAT it is behind and the public IP address it should use to establish a direct connection.
3. NAT Interaction: STUN servers can help devices behind a NAT to determine if they can establish a direct connection with the peer. If the direct connection fails, the STUN server can help the device to determine the type of NAT it is behind and the public IP address it should use to establish a direct connection.

TURN Server Interaction with Firewalls and NATs

1. TURN Server: TURN servers are used to relay traffic around restrictive networks. They help establish a relayed connection between two peers when a direct connection cannot be established.
2. Firewall Interaction: TURN servers can help devices behind a firewall to establish a relayed connection with the peer. This is done by relaying the traffic through the TURN server, which is typically running on a public IP address and port.
3. NAT Interaction: TURN servers can help devices behind a NAT to establish a relayed connection with the peer. This is done by relaying the traffic through the TURN server, which is typically running on a public IP address and port.

Example Code

Here is an example of how you can use both STUN and TURN servers in your WebRTC application:

javascript
var myPeerConnection = new RTCPeerConnection({
  iceServers: [
    {
      urls: "stun:stun.l.google.com:19302",
    },
    {
      urls: "turn:relay.metered.ca",
      username: "your-turn-server-username",
      credential: "your-turn-server-password",
    },
  ],
});

Conclusion

In summary, STUN and TURN servers interact with firewalls and NATs by helping devices behind these networks to establish direct or relayed connections with peers. STUN servers help devices to determine their public IP address and the type of NAT they are behind, while TURN servers relay traffic around restrictive networks. By using both STUN and TURN servers, you can ensure that your WebRTC application can establish reliable connections even in restrictive network environments.
Citations:
[1] https://github.com/react-native-webrtc/react-native-webrtc/blob/master/Documentation/ImprovingCallReliability.md
[2] https://developer.liveswitch.io/liveswitch-server/guides/what-are-stun-turn-and-ice.html
[3] https://blog.ivrpowers.com/post/technologies/what-is-stun-turn-server/
[4] https://www.metered.ca/stun-turn
[5] https://webrtc.org/getting-started/turn-server