Skip to content

Instantly share code, notes, and snippets.

@santisaez

santisaez/gist:3187798

Created July 27, 2012 12:57
Show Gist options
  • Star 17 You must be signed in to star a gist
  • Fork 3 You must be signed in to fork a gist
  • Save santisaez/3187798 to your computer and use it in GitHub Desktop.
Save santisaez/3187798 to your computer and use it in GitHub Desktop.
Download ZIP
State of the Art: STUN + TURN servers on Linux (July 2012)
Raw
gistfile1.md

STUN implementations

  • stund

  • Content: server daemon and test client for STUN, RFC-3489 only

  • URL does not load, the project seems abandoned

  • The code is also available on SourceForge, last update was on January 2012

  • TCP and TLS modes not supported

  • The server needs two IPs, it’s mandatory and can not be configured

  • C++, no extra libraries required, Windows port available

  • Version = 0.97 (0.96 package available on Debian, 5 years without updates)

  • stunserver aka stuntman

  • Content: high performance STUN server, a client application and code libraries

  • RFC-5389 + backwards compatibility with RFC-3489

  • UDP and TCP modes with either IPv4 or IPv6

  • STUN code library and client application implement all NAT detection tests specified in RFC-5780

  • "Basic" and "Full" modes to facilitate NAT + firewall behavior detection (with 1 or 2 IPs/ports)

  • Available on GitHub, last commit 2 months ago

  • C++ and boost library (libboost-dev package available on Debian)

  • License: Apache 2.0

  • Version = 1.1.3

  • TLS mode + multi-core support in the roadmap, not implemented

  • Example C++ code available to implement your own authentication system

  • --maxconn feature

STUN + TURN implementations

  • [restund] (http://www.creytiv.com/restund.html)

  • Content: modular STUN + TURN server (in the same daemon), designed around the principle of a lightweight core and plugins that extend its functionality

  • RFC-compliancy: RFC-5389 (STUN), RFC-5766 (TURN), RFC-5780 and RFC-6156

  • UDP, TCP and TLS support, IPv4 and IPv6

  • C89 and C99 source code and re library is needed (real-time communications with async IO support and a complete SIP stack)

  • Version = 0.4.1 (last update: 21-Apr-2012)

  • User Authentication through MySQL: in order to provide user auth and relay traffic the server needs to access a database backend, storing a copy of the entire user database in a local hash table (this might be a problem)

  • Statistics about received STUN messages

  • "Basic" and "Full" modes (1 or 2 IPs for NAT type discovery)

  • Max connections for TURN service + max lifetime

  • BINDING requests support

  • Status Interface module that provides server status through HTTP

  • TurnServer

  • The project aims to be compliant with the TURN and STUN standards (respectively, RFC-5766 and RFC-5389)

  • TURN-IPv6 support (RFC-6156)

  • RFC-6062 support aka TURN-TCP (relay data with TCP)

  • TLS support

  • License: GPLv3

  • Current stable version = 0.6 (released on 2012-02-24)

  • DTLS (Datagram TLS) support, experimental feature not defined in TURN standard

  • Max TURN relay connections per user and max connection lifetime

  • Limit user bandwidth + quota support (in KBytes/s)

  • ACLs to deny relaying

  • Run as unprivileged user on Linux

  • ReTurn

  • STUN/TURN server and client library (RFC-5389 and RFC-5766)

  • Support for UDP, TCP and TLS protocols, both IPv4 and IPv6

  • Synchronous and asynchrounous client APIs provided

  • RFC-3489 backwards compatibility support

  • Channel Binding

  • Hardcoded Settings = changed by modifying the code in ReTurnConfig.cxx and recompiling

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment