STUN stands for Session Traversal Utilities for NAT.
It is a standard method of NAT traversal used in WebRTC. It is defined in IETF RFC 5389.
It is one of two NAT traversal servers that are used in WebRTC (the other one is TURN).
At its core, it’s purpose is to answer the question “what is my IP address?” It does that by using a STUN server.
It is a client-server protocol.
A STUN server is a server that runs on the public network and replies to incoming requests. The responses it sends out include the public IP address the request was sent to him from. This effectively answers the question “what is my IP address?”
In most cases, the servers aren’t installed and managed as separate entities but are rather installed together with TURN servers.
While there are free public servers that can be used (such as the one Google operates), it isn’t advisable to use them in commercial services as your main NAT traversal mechanism.
A WebRTC client has to know its public IP address in order to get more sessions connected successfully. For that purpose, WebRTC sends a request to a STUN server asking for its public IP address. The server replies back to the WebRTC client with the public IP address the request came from. This way, the WebRTC client learns what its public IP address is.
The WebRTC client then shares the public IP address it recieved from the server with its peer.
It might not always work. With some network architecture and NAT device types, the public IP address obtained via STUN will not work. This is why it is used in conjunction with TURN and ICE.
As a protocol, it is lightweight and simple, making the availability of public, free and open servers possible.
There are various free STUN servers available out there.
It is lightweight and carry no real authentication mechanism to it. This makes it simple for developers to connect to freeservers without any technical hurdles. It is not advisable to do so.
WebRTC Glossary is a collaborative space where users can learn more about WebRTC related terms. Anyone can also modify or add new terms to this glossary, but it requires registration to the site first.