Version 1.2. This is the source code to STUNTMAN - an open source STUN server and client code by john selbie. Compliant with the latest RFCs including 5389, 5769, and 5780. Also includes backwards compatibility for RFC 3489. Compiles on Linux, MacOS, BSD, Solaris, and Win32 with Cygwin. Windows binaries avaialble from www.stunprotocol.org.
Home Page: http://www.stunprotocol.org
License: Apache License 2.0
STUNTMAN - An open source STUN server Version 1.2.16 April 7, 2020 --------------------------------------------------------- Features: Compliant with the latest RFCs including 5389, 5769, and 5780. Also includes backwards compatibility for RFC 3489. Supports both UDP and TCP on both IPv4 and IPv6. Client test app provided. Stun server can operate in "full" mode as well as "basic" mode. Basic mode configures the server to listen on one port and respond to STUN binding requests. Full mode configures the service to listen on two different IP address interfaces (if available) and provide NAT behavior and filtering detection support for clients. Support for running a full mode STUN service on an Amazon EC2 instance. Run "stunserver --help" for visit www.stunprotocol.org on how to configure this mode. Open source Apache license. See LICENSE file fore more details. --------------------------------------------------------- Known issues: TLS mode has yet to be implemented. Server does not honor the stun padding attribute. If someone really wants this support, let me know and I will consider adding it. By default, the stun server operates in an open mode without performing authentication. All the code for authentication, challenge-response, message hashing, and message integrity attributes are fully coded. HMAC/SHA1/MD5 hashing code for generating and validating the message integrity attribute has been implemented and tested. However, the code for validating a username or looking up a password is outside the scope of this release. Instead, hooks are provided for implementors to write their own code to validate a username, fetch a password, and allow/deny a request. Details of writing your own authentication provider code are described in the file "server/sampleauthprovider.h". Dependency checking is not implemented in the Makefile. So if you need to recompile, I recommend "make clean" from the root to preceed any subsequent "make" call. If you run an instance of stunserver locally, you may observe that "stunclient localhost" may not successfully work. This is because the server is not listening on the loopback adapter when running in full mode. The workaround is to specify the actual IP address that the server is listening on. Type "ifconfig" to discover your IP address (e.g. 10.11.12.13) followed by "stunclient 10.11.12.13" --------------------------------------------------------- Testing: Fedora 15 with gcc/g++ 4.6.0 Fedora 17 with gcc/g++ 4.72 Ubuntu 11 with gcc/g++ 4.5.2 Ubuntu 12 with gcc/g++ 4.6.3 Ubuntu 12 with clang/clang++ 3.0 Amazon AWS with gcc/g++ 4.4 MacOS with XCode 7 and command line tools FreeBSD 9.0 with gcc/g++ 4.2.1 Solaris 11 with gcc/g++ 4.5.2 Parsing code has been fuzz tested with zzuf. http://caca.zoy.org/wiki/zzuf --------------------------------------------------------- Prerequisites before compiling and running. The short summary is that you need a C++ compiler (g++ preferred or clang++), GNU make, Boost header files, and the OpenSSL development files in order to compile the code. Below are the set of package installer commands that you can type from the command line to get the tools and libraries you need. Debian/Ubuntu/Mint sudo apt-get install g++ sudo apt-get install make sudo apt-get install libboost-dev # For Boost sudo apt-get install libssl-dev # For OpenSSL RedHat/Fedora and EC2 Amazon Linux AMI sudo yum groupinstall "Development Tools" # For g++, make, et. al. sudo yum install boost-devel # For Boost sudo yum install openssl-devel # For OpenSSL Solaris and Mac OpenSSL is already installed on Solaris and is not needed on Mac. Install Boost locally as per instructions below, then uncomment and edit the top line of the common.inc file. Manual Boost install The compiled Boost runtime is not necessary. Just obtaining and unpacking the Boost source code distribution from www.boost.org will suffice. If you do not have the adminstrative privaleges to install the Boost distribution into a standard system include path, you may uncomment and edit the top line of the common.inc file for the BOOST_INCLUDE variable. The common.inc file is in the same folder as this README file. Manual OpenSSL install You can obtain the OpenSSL development files and runtime from www.openssl.org. On most systems with development tools already installed, OpenSSL include files are already installed in the standard include path. If this is not the case, you can uncomment and edit the common.inc file to have the OPENSSL_INCLUDE variable defined. Other prerequisites pthreads and perl. I've never come across a system where this wasn't already pre-installed. --------------------------------------------------------- Compiling and running Got Boost and OpenSSL taken care of as described above? Good. Just type "make" (or "gmake" on some systems). There will be three resulting binaries in the root of the source code package produced. stuntestcode - This is the unit test code. I highly recommend you run this program first. When run, you'll see a series of lines being printed in regards to different code paths being tested. If you see any line that ends in "FAIL", we likely have a bug. Please contact me immediately if you see this. stunserver - this is the server binary. Run "./stunserver --help" for details on running this program. Running this program without any command line arguments defaults to listening on port 3478 on all adapters. stunclient - this is the client test binary. Run "./stunclient --help" for details on running this program. Example: "./stunclient stun.selbie.com" --------------------------------------------------------- Firewall Don't forget to configure your firewall to allow traffic for the local ports the stunserver will be listening on! --------------------------------------------------------- Feature roadmap (the features I want to implement in a subsequent release) Cleanup Makefile and add "configure" and autotools support Finish Windows port and able to run as a Windows service Scale across more than one CPU (for multi-core and multi-proc machines). The threading code has already been written, just needs some finish work. TLS support --------------------------------------------------------- Docker 1. `docker image build -t=stun-server-image .` 2. `docker container run -d -p 3478:3478/tcp -p 3478:3478/udp --name=stun-container stun-server-image` --------------------------------------------------------- Contact the author John Selbie [email protected]
Stuntman version: 1.2.9
When specifying IPv6 using the client, I get an Unable to resolve hostname error:
$ stunclient --family 6 stun.stunprotocol.org
Unable to resolve hostname for stun.stunprotocol.org
Can't start client
Usage: stunclient [OPTIONS] server [port]
Try 'stunclient --help' for a complete set of options and description of
paramters
Am I using the flag wrong?
how to install
Probably a silly mistake on my end, but I can't get the stunserver to send me back a XOR_MAPPED_ADDRESS, only a MAPPED_ADDRESS.
I'd assume since the stunserver is RFC 3859 compliant it is possible to get the XOR address?
The tags for releases in this repository stop at version 1.2.1, while version 1.2.7 is current. It would be great if they could be added.
Hello,
If I run:
./stunserver --protocol --family 6
Then I'll only get a listener on all IPv6 interfaces, that still accept IPv4 connections through a tunnel (which seems automatic since I never configured one on my Debian 7).
As a result, when discovering my own IPv4 address (no IPv4 at home), the STUN server will send me my IPv4 with an IPv6 prefix, such as:
::ffff:2.2.210.249
Instead of:
2.2.210.249
In order to fix it, I tried to start stunserver both on all IPv4 interfaces and IPv6 interfaces, without any tunneling, but stunserver refuses to start in IPv4 if it is already launched on IPv6. Reverse is the same. Reason: "Address already in use".
That's weird since I have an XMPP server which is listening on both 0.0.0.0 and :: and servicing users without any tunnel in case they are IPv4.
My question: is that a bug or a feature? Is there any way to override this, and have stunserver running both on IPv4 and IPv6 interfaces, and serving users their appropriate IP address without tunneling?
Thanks in advance ;)
PS: powering stun.jappix.com
I reverted stunserver to IPv4 for now on this server, don't test there.
https://blog.csdn.net/fivedoumi/article/details/8168882
I looked in the client source code and found that there is no other public network address.
I'm ran some tests with stunclient and did not really understand what to make of the results (other than "binding"):
$ stunclient --mode full --localport 5061 stun.stunprotocol.org
Binding test: success
Local address: 192.168.1.101:5061
Mapped address: xxx.xxx.xxx.xxx:5061
Behavior test: success
Nat behavior: Endpoint Independent Mapping
Filtering test: success
Nat filtering: Endpoint Independent Filtering
$ stunclient --mode full --localport 5061 yyy.yyy.yyy.yyy
Binding test: success
Local address: 10.0.1.6:5061
Mapped address: zzz.zzz.zzz.zzz:5061
Behavior test: fail
Filtering test: success
Nat filtering: Address and Port Dependent Filtering
It would be nice to have documented in the man page what the behaviour and filtering tests are supposed to find out, and give a brief explanation of the possible outcomes.
I eventually found RFC 4787 etc. which explain these terms. At the minimum, a reference to those RFCs could be added, though I would have preferred a much condensed version ;-)
is it possible to add username and password to the commands?
Hi man, I really like this implementation and it works quite nice as opposed to others I found. The support is not so big but this one looks quite promising, SO BIG THANKS.
However it would be even more interesting to dockerize it. I can help with the image if you need
I got something here, let me know if it helps or needs to be adjusted:
https://github.com/steevehook/webrtc-conference-stun
Also created a PR on this, glad to contribute
You can't compile it using make -j2
Hello @jselbie,
The last version is 1.2.13 (13 Mar 2017), it is possible to release a new build before the Debian 11 freeze (2021-01-12)?
And look to update: https://salsa.debian.org/pkg-voip-team/stunserver?
cc: @linuxmaniac
Hi!
Could you please provide some how-to about enabling simple user/password authorisation for stunserver?
I'm not a C-programmer so it's really hard for me to figure this out.
It would be great if you add this to README/Wiki as well.
Looking forward to hear from you!
Kind Regards.
Seen your STUN Client project, if possible kindly provide some android sample project.
hello jselbie
client:
gengfeipeng@bogon stunserver % ./stunclient --mode full --localaddr 10.2.2.63 --localport 9999 --protocol udp --verbosity 2 117.50.10.29
Resolved 117.50.10.29 to 117.50.10.29:0
config.fBehaviorTest = true
config.fFilteringTest = true
config.timeoutSeconds = 0
config.uMaxAttempts = 0
config.addrServer = 117.50.10.29:3478
socketconfig.addrLocal = 10.2.2.63:9999
Sending message to 117.50.10.29:3478
Got response (68 bytes) from 117.50.10.29:3478 on interface 10.2.2.63:9999
Other address is 117.50.10.29:3479
Preparing message for filtering test #2 (ChangeRequest=AA)
Sending message to 117.50.10.29:3478
Continuing to wait for response...
Continuing to wait for response...
Continuing to wait for response...
Continuing to wait for response...
Continuing to wait for response...
Preparing message for filtering test #2 (ChangeRequest=AA)
Sending message to 117.50.10.29:3478
Continuing to wait for response...
Continuing to wait for response...
Continuing to wait for response...
Continuing to wait for response...
Continuing to wait for response...
Preparing message for filtering test #3 (ChangeRequest=PA)
Sending message to 117.50.10.29:3478
Continuing to wait for response...
Continuing to wait for response...
Continuing to wait for response...
Continuing to wait for response...
Continuing to wait for response...
Preparing message for filtering test #3 (ChangeRequest=PA)
Sending message to 117.50.10.29:3478
Continuing to wait for response...
Continuing to wait for response...
Continuing to wait for response...
Continuing to wait for response...
Continuing to wait for response...
Preparing message for behavior test #2 (destination=AP)
Sending message to 117.50.10.29:3478
Got response (68 bytes) from 117.50.10.29:3478 on interface 10.2.2.63:9999
Binding test: success
Local address: 10.2.2.63:9999
Mapped address: 106.120.244.138:32530
Behavior test: success
Nat behavior: Endpoint Independent Mapping
Filtering test: success
Nat filtering: Address and Port Dependent Filtering
server:
./stunserver --mode full --primaryinterface 10.19.99.42 --altinterface 10.19.179.125 --primaryadvertised 117.50.10.29 --altadvertised 106.75.116.8
stunclient recieve len 800
stunclient recieve len 800
stunclient recieve len 800
stunclient recieve len 800
stunclient recieve len 800
stunclient recieve len 800
This is my entire process. What do you think is the reason why I can't send a message to the server's alternate ip?
Originally posted by @gengfeipeng in #44 (comment)
Hi,
I have a running server on localhost:3000
I use this command: stunclient.exe --localport 3000 stun.stunprotocol.org to obtain a new ip address that will be accessible from outside the network.
That command returns something like this
Binding test: success
Local address: 192.168.0.120:3000
Mapped address: 1.2.3.4:3000After running the command I type in the browser on another pc, which is not in my local network, this address 1.2.3.4:3000 and is not respodning.
Could you let me know why?
It would be nice if releases would be tagged again in git.
Hello, I executed make command but it lags after this function
I'm using amazon linux
Do you have any solution?
Dear @jselbie,
It will be nice to remove old parts like:
Can you add a "move" box like https://sourceforge.net/projects/handbrake for example.
To disable/delete tabs, go here: https://sourceforge.net/projects/stuntman/
To add a new tab, go here: https://sourceforge.net/projects/stuntman/
To change informations, go here: https://sourceforge.net/p/stuntman/admin/overview
To export, go here: https://sourceforge.net/p/stuntman/admin/export
The new place can be added in:
Thanks in advance.
Hello,
I downloaded the Windows Builds and ran the command stunclient --proto tcp --localport 25577 stun.stunprotocol.org
and it only displays the error message: Unable to create local socket for TCP connection (hr == 8800000d)
If I choose another localport or udp as protocol, than I don't get the error message, it displays the ips. How can I fix it? What did I wrong?
Thanks for your help and for this awesome tool.
make[1]: Entering directory '/tmp/stunserver/testcode'
g++ -c -I../common -I../stuncore -I../networkutils -DNDEBUG -Wall -Wuninitialized -O2 testatomichelpers.cpp
g++ -c -I../common -I../stuncore -I../networkutils -DNDEBUG -Wall -Wuninitialized -O2 testbuilder.cpp
g++ -c -I../common -I../stuncore -I../networkutils -DNDEBUG -Wall -Wuninitialized -O2 testclientlogic.cpp
g++ -c -I../common -I../stuncore -I../networkutils -DNDEBUG -Wall -Wuninitialized -O2 testcmdline.cpp
g++ -c -I../common -I../stuncore -I../networkutils -DNDEBUG -Wall -Wuninitialized -O2 testcode.cpp
g++ -c -I../common -I../stuncore -I../networkutils -DNDEBUG -Wall -Wuninitialized -O2 testdatastream.cpp
g++ -c -I../common -I../stuncore -I../networkutils -DNDEBUG -Wall -Wuninitialized -O2 testfasthash.cpp
g++ -c -I../common -I../stuncore -I../networkutils -DNDEBUG -Wall -Wuninitialized -O2 testintegrity.cpp
g++ -c -I../common -I../stuncore -I../networkutils -DNDEBUG -Wall -Wuninitialized -O2 testmessagehandler.cpp
g++ -c -I../common -I../stuncore -I../networkutils -DNDEBUG -Wall -Wuninitialized -O2 testpolling.cpp
g++ -c -I../common -I../stuncore -I../networkutils -DNDEBUG -Wall -Wuninitialized -O2 testratelimiter.cpp
g++ -c -I../common -I../stuncore -I../networkutils -DNDEBUG -Wall -Wuninitialized -O2 testreader.cpp
g++ -c -I../common -I../stuncore -I../networkutils -DNDEBUG -Wall -Wuninitialized -O2 testrecvfromex.cpp
g++ -o stuntestcode testatomichelpers.o testbuilder.o testclientlogic.o testcmdline.o testcode.o testdatastream.o testfasthash.o testintegrity.o testmessagehandler.o testpolling.o testratelimiter.o testreader.o testrecvfromex.o -L../networkutils -L../stuncore -L../common -lnetworkutils -lstuncore -lcommon -lpthread -lcrypto
make[1]: Leaving directory '/tmp/stunserver/testcode'
make --directory=client
make[1]: Entering directory '/tmp/stunserver/client'
g++ -c -I../common -I../stuncore -I../networkutils -I../resources -DNDEBUG -Wall -Wuninitialized -O2 clientmain.cpp
g++ -o stunclient clientmain.o -L../common -L../stuncore -L../networkutils -lnetworkutils -lstuncore -lcommon -lcrypto
make[1]: Leaving directory '/tmp/stunserver/client'
make --directory=server
make[1]: Entering directory '/tmp/stunserver/server'
g++ -c -I../common -I../stuncore -I../networkutils -I../resources -DNDEBUG -Wall -Wuninitialized -O2 main.cpp
main.cpp: In function 'void LogHR(uint16_t, HRESULT)':
main.cpp:64:26: error: invalid conversion from 'int' to 'const char*' [-fpermissive]
pMsg = strerror_r(err, msg, ARRAYSIZE(msg));
~~~~~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~
make[1]: *** [../common.inc:33: main.o] Error 1
make[1]: Leaving directory '/tmp/stunserver/server'
make: *** [Makefile:11: everything] Error 2
@jselbie Kindly visit the below link, i have integrated a lot of stuff but seems like Peer-to-Peer Communication is not being established using Mapped Addresses obtained from STUNTMAN Server.
Can you add the SHA256 support?
Please note:
SHA-256
SHA-512/256
ubuntu@:/src/stunserver$ uname -a/src/stunserver$ ./stunserver --mode basic --primaryinterface 10.123.51.221 --primaryport 34780
Linux ip-10-virtual #59-Ubuntu SMP Tue Aug 30 19:33:19 UTC 2011 x86_64 GNU/Linux
ubuntu@:
Unable to initialize server (error code = x88000062)
ubuntu@:~/src/stunserver$
Why the detected filter types are all AddressAndPortDependentFiltering, but the map detection has EndpointIndependentMapping and AddressAndPortDependentMapping types. Is there anything to pay attention to in filter detection?
As per Joel Feaster:
In Stuntman, running both the behavior test and the filtering test at the same time can cause an incorrect filtering type to be detected. If the filtering is actually "address dependent", the scan will report it as "endpoint independent".
The cause appears to be the order in which the tests are being performed, currently "behavior" tests followed by "filtering" tests. The network traffic from the behavior tests having been run causes the router to allow filtering test responses back through that would not have otherwise been allowed... The behavior tests send traffic to the secondary IP of the STUN server, so the filtering tests are allowed to get responses back from that secondary IP.
There may be a better fix, but just re-ordering the tests seems to resolve the problem for me. In "CStunClientLogic::Initialize", I switched the order that the tests are added to "_testlist". I have not yet checked if this change causes any other problems with the scan or any regressions.
The fix is likely some combination of what Joel said (re-order the tests) or use the a different port for the filtering test.
This is an Enhancement
This server is clearly one of the best out there. However, creating a wrapper for it doesn't allow nearly as much control as having this server as a javascript object.
I wrote some psuedocode a while ago when I was trying to do it myself. However, my lack of c++ experience makes me worried I'll be spending a long time trying to learn the language rather than develop an application. Honestly, I don't like making requests because I know how requests feel. However, I also realize that if I never ask it may never happen. I also have taken a look at your code to see what would need to be changed, though I understood a reasonable amount of the low level aspects due to my Java experience I looked at things from a much higher level.
This was the documentation I was attempting to base it off of
After looking at your code, the files I believe that will need editing will be
I understand if you're not interested in doing this. Just figured I'd mention it
So I've got a situation where I'm using an AWS Code Pipeline to build and deploy the stun server. The code is being built within an Ubuntu container, and then deployed to an Amazon Linux EC2 instance.
The code builds fine, but when I port the stunserver executable over to the EC2 instance and attempt to run it, the server can't run because it can't find libcrypto.so.1.0.0 in the /usr/lib64 folder. If I build directly on the EC2 instance, everything runs fine. I do not want to do the building of the server on the production system.
LDD gives me the following:
ldd /opt/stunserver/stunserver
linux-vdso.so.1 => (0x00007ffddd3b6000)
libcrypto.so.1.0.0 => not found
libstdc++.so.6 => /usr/lib64/libstdc++.so.6 (0x00007f6f145e3000)
libm.so.6 => /lib64/libm.so.6 (0x00007f6f142e1000)
libgcc_s.so.1 => /lib64/libgcc_s.so.1 (0x00007f6f140cb000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f6f13eae000)
libc.so.6 => /lib64/libc.so.6 (0x00007f6f13aec000)
/lib64/ld-linux-x86-64.so.2 (0x0000555a1b111000)
STRACE goes looking for the libcrypto.so.1.0.0 in /usr/lib64 but it doesn't exist (only libcrypto.so exists as a link).
Is there something obvious I'm missing here?
To run the full mode, I need to provide 2 ip addresses, so should I run the same server but on two different server with the same command or just one server computer with two IPs? What is the specifc steps to run full mode?
I tested the client against what I think are the MS Teams STUN servers (i.e. I see UDP comm on port 3478) , but did not get any response.
Does MS use a modified standard ?
Thank you
Markus
I compiled in Ubuntu 20.04 stunserver.
Now I'm trying to understand how to make it properly work.
If I use the IP of the local network, then the binding test succeed.
(base) raphy@pc:~/stunserver$ ./stunclient --mode behavior 192.168.1.7 --verbosity 9
Resolved 192.168.1.7 to 192.168.1.7:0
config.fBehaviorTest = true
config.fFilteringTest = false
config.timeoutSeconds = 0
config.uMaxAttempts = 0
config.addrServer = 192.168.1.7:3478
socketconfig.addrLocal = 0.0.0.0:0
Sending message to 192.168.1.7:3478
Got response (56 bytes) from 192.168.1.7:3478 on interface 192.168.1.7:38521
Binding test: success
Local address: 192.168.1.7:38521
Mapped address: 192.168.1.7:38521
Behavior test: success
Nat behavior: Direct Mapping
If I use the external IP , then the binding test fails :
(base) raphy@pc:~/stunserver$ ./stunclient --mode behavior 109.116.136.120 --verbosity 9
Resolved 109.116.136.120 to 109.116.136.120:0
config.fBehaviorTest = true
config.fFilteringTest = false
config.timeoutSeconds = 0
config.uMaxAttempts = 0
config.addrServer = 109.116.136.120:3478
socketconfig.addrLocal = 0.0.0.0:0
Sending message to 109.116.136.120:3478
Continuing to wait for response...
Continuing to wait for response...
Continuing to wait for response...
Continuing to wait for response...
Continuing to wait for response...
Sending message to 109.116.136.120:3478
Continuing to wait for response...
Continuing to wait for response...
Continuing to wait for response...
Continuing to wait for response...
Continuing to wait for response...
Binding test: fail
Behavior test: fail
What am I doing wrongly? How to correctly obtain Mapped Address from Stunman Server?
It would be nice if the server had some sort of logging when it's started. That way I know it actually did start and it's not in some loop or waiting on some other process. Would also be cool if there was actual logs that could be watched for traffic.
May I ask if this project supports ARM architecture
Can you add missing RFCs?
There are for STUN:
I used stunclient to test nat behavior on NAT1,2,3,4 networks, the result is the same:
Nat behavior: Address and Port Dependent Mapping
Is there a plan to support for full TCP NAT behavior test to distinguish different NAT types?
Is there a theoretical limit to how many requests per second the server can handle? I'm running this on a Ubuntu 22baremetal server with plenty of hardware capacity, in a CDN + P2P video streaming setup (https://github.com/Novage/p2p-media-loader).
Once we have about 40,000 viewers, the server seems to struggle, But CPU and RAM usage are nearly idle.
Is there anything I can do to increase this?
Binding fails when I try a stun request to stun.stunprotocol.org
We have an AWS EC2 instance running stunserver. Its internal IP1 is 172.31.1.1, corresponding to the public (external) IP1 of 1.1.1.1 (BINAT), and internal IP2 is 172.31.2.2, corresponding to the public (external) IP2 of 2.2.2.2 (also through aws igw binat).
Now, using the command stunserver --mode full --primaryinterface 172.31.1.1 --altinterface 172.31.2.2, we can start the Stuntman server. However, due to its lack of awareness of its actual public (external) IP address, there are some issues when communicating with the STUN client. It requires the STUN client to send messages to the internal 172.31 subnet.
Is there any parameter that we haven't discovered yet, which can be used to inform stunserver of the external public IP addresses corresponding to its primary and secondary listening addresses?
Thanks :-)
Hey, I checked both the provided docker image and a custom on that i did, the process entes the SLEEPING status, and it doenst start properly. The only log printed is "Starting server 1". kill -0 1 awakes the process but the container exits. I tested running the server with the same args in the host machine without docker and it works fine.
Is this something that is expected currently, or am I missing something here?
PS: I also tested with specific interfaces, so I dont think the problem resides there either. Also, im not expecting customer support here, I just found it odd. Would rather use this since it works well for my purposes than learning to configure coturn :(
I'm implementing a STUN client and I've been using your server a test endpoint (thanks!). When adhering to RFC3489, I noticed that the server responds with an undocumented XOR_MAPPED_ADDRESS_OPTIONAL attribute, which seemed odd. I found that it comes from an early RFC5780 draft and was made comprehension required in subsequent drafts.
It's not a big deal given that it's comprehension optional but I'd argue that the server should not be sending this attribute at all. This attribute never existed in RFC3489 and any newer client will be using the correct XOR_MAPPED_ADDRESS. I can see that it's used for Vovida compatibility but that appears to be pertinent to the client rather than the server.
I'm not really expecting any change to be made on the back of this issue but for being a stickler for adhering to the standard, I figured I'd present an argument for no longer sending it to legacy clients. I'd happily submit a PR for it.
Thanks again. :)
Hi @jselbie
I have symmetric NAT, so I have to use the TURN server.
Does your program support the TURN server?
If no, do you have an idea how can I use it to connect p2p with another pc in a different network behind which is also behind NAT?
Basically, I want to connect two devices that are in different networks and are behind NAT.
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.