Click here to Skip to main content
Click here to Skip to main content

STUN Client

By , 20 Apr 2007
Rate this:
Please Sign up or sign in to vote.
Screenshot - stun.jpg

Introduction

STUN - Simple Traversal of User Datagram Protocol (UDP) through Network Address Translators (NATs). In few words, it just helps you to map your local computer IP:port to public IP:port.

STUN working idea is pretty simple. The client just sends a UDP packet out to the STUN server and the server answers back with IP:port you connected. STUN does three tests to detect the NAT type.

In test I, the client sends a STUN Binding Request to a server, 
without any flags set in the CHANGE-REQUEST attribute, 
and without the RESPONSE-ADDRESS attribute. This causes the server 
to send the response back to the address and port that the request came from.
           
In test II, the client sends a Binding Request with both the 
"change IP" and "change port" flags from the CHANGE-REQUEST attribute set.  
              
In test III, the client sends a Binding Request with only the "change port" flag set.
                          
                                    +--------+
                                    |  Test  |
                                    |   I    |
                                    +--------+
                                         |
                                         |
                                         V
                                        /\              /\
                                     N /  \ Y          /  \ Y             +--------+
                      UDP     <-------/Resp\--------->/ IP \------------->|  Test  |
                      Blocked         \ ?  /          \Same/              |   II   |
                                       \  /            \? /               +--------+
                                        \/              \/                    |
                                                         | N                  |
                                                         |                    V
                                                         V                    /\
                                                     +--------+  Sym.      N /  \
                                                     |  Test  |  UDP    <---/Resp\
                                                     |   II   |  Firewall   \ ?  /
                                                     +--------+              \  /
                                                         |                    \/
                                                         V                     |Y
                              /\                         /\                    |
               Symmetric  N  /  \       +--------+   N  /  \                   V
                  NAT  <--- / IP \<-----|  Test  |<--- /Resp\               Open
                            \Same/      |   I    |     \ ?  /               Internet
                             \? /       +--------+      \  /
                              \/                         \/
                              |                           |Y
                              |                           |
                              |                           V
                              |                           Full
                              |                           Cone
                              V              /\
                          +--------+        /  \ Y
                          |  Test  |------>/Resp\---->Restricted
                          |   III  |       \ ?  /
                          +--------+        \  /
                                             \/
                                              |N
                                              |       Port
                                              +------>Restricted

/// <summary>
/// UDP is always blocked.
/// </summary>
UdpBlocked,

/// <summary>
/// No NAT, public IP, no firewall.
/// </summary>
OpenInternet,

/// <summary>
/// No NAT, public IP, but symmetric UDP firewall.
/// </summary>
SymmetricUdpFirewall,

/// <summary>
/// A full cone NAT is one where all requests from the same internal 
/// IP address and port are mapped to the same external IP address and port.
/// Furthermore, any external host can send a packet to the internal host, 
/// by sending a packet to the mapped external address.
/// </summary>
FullCone,

/// <summary>
/// A restricted cone NAT is one where all requests from the same
/// internal IP address and port are mapped to the same external IP address and port.
///  Unlike a full cone NAT, an external host (with IP address X) 
/// can send a packet to the internal host only if the internal host 
/// had previously sent a packet to IP address X.
/// </summary>
RestrictedCone,

/// <summary>
/// A port restricted cone NAT is like a restricted cone NAT, but the restriction 
/// includes port numbers. Specifically, an external host can send a packet, 
/// with source IP address X and source port P, to the internal host only if 
/// the internal host had previously sent a packet to IP address X and port P.
/// </summary>
PortRestrictedCone,

/// <summary>
/// A symmetric NAT is one where all requests 
/// from the same internal IP address and port, 
/// to a specific destination IP address and port, are mapped to the same external 
/// IP address and port.  If the same host sends a packet with the same source address 
/// and port, but to a different destination, a different mapping is used. 
/// Furthermore, only the external host that
/// receives a packet can send a UDP packet back to the internal host.
/// </summary>
Symmetric

Using the Code

// Create new socket for STUN client.
Socket socket = new Socket
    (AddressFamily.InterNetwork,SocketType.Dgram,ProtocolType.Udp);
socket.Bind(new IPEndPoint(IPAddress.Any,0));

// Query STUN server
STUN_Result result = STUN_Client.Query("stunserver.org",3478,socket);
if(result.NetType != STUN_NetType.UdpBlocked){
    // UDP blocked or !!!! bad STUN server
}
else{
    IPEndPoint publicEP = result.PublicEndPoint;
    // Do your stuff
}

History

  • 20.04.2007 - Initial version

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

About the Author

Ivar Lumi

Estonia Estonia
No Biography provided

Comments and Discussions

 
GeneralRe: Sample Application required PinmemberIvar Lumi20-Sep-07 0:59 
GeneralRe: Sample Application required Pinmemberkapil bhavsar20-Sep-07 1:51 
GeneralRe: Sample Application required PinmemberIvar Lumi20-Sep-07 1:55 
GeneralExcellent!!! Pinmemberhitesh_sharma3-Jul-07 8:19 
GeneralGreat... and what about STUNT Pinmembercdemez25-Apr-07 23:19 
GeneralRe: Great... and what about STUNT PinmemberIvar Lumi26-Apr-07 0:07 
GeneralRe: Great... and what about STUNT Pinmembercdemez26-Apr-07 1:08 
GeneralRe: Great... and what about STUNT PinmemberIvar Lumi26-Apr-07 1:23 
reliable is implemented through retransmittion as STUN RFC says, so thats not problem.
 
OK getting same orer is another stuff, with UDP yep its harder to distinguish them through transaction ID.
But thats not problem too, because to get reliable result you pass valid socket (the one you use later when public IP is known), socket local endpoints differ every time.
Like what i mean:
if you need send audio through RTP, first you create socket for audio, then use same socket to do STUN, after successful STUN, you must use same socket for audio.
 
So far i dont see any real reason for TCP version of stun, if some one can really tell why, i'll add TCP support.

GeneralRe: Great... and what about STUNT Pinmembercdemez26-Apr-07 20:56 
GeneralRe: Great... and what about STUNT PinmemberIvar Lumi26-Apr-07 21:07 
GeneralRe: Great... and what about STUNT Pinmembercdemez26-Apr-07 22:50 
GeneralSimply Stunning! Pinmemberstano24-Apr-07 2:04 
GeneralRe: Simply Stunning! PinmemberIvar Lumi24-Apr-07 3:07 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Mobile
Web01 | 2.8.140415.2 | Last Updated 20 Apr 2007
Article Copyright 2007 by Ivar Lumi
Everything else Copyright © CodeProject, 1999-2014
Terms of Use
Layout: fixed | fluid