Skip to content
GitLab
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • S Snowflake
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 90
    • Issues 90
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 6
    • Merge requests 6
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • The Tor Project
  • Anti-censorship
  • Pluggable Transports
  • Snowflake
  • Issues
  • #34129
Closed
Open
Issue created May 06, 2020 by Cecylia Bocovich@cohoshOwner

Use STUN to determine NAT behaviour of peers

In investigating high proxy failure rates at clients (legacy/trac#33666 (moved)) and the logistics of running our own STUN server (legacy/trac#25591 (moved)), I came across RFC5780, which outlines steps to identify NATs with "endpoint independent mapping and filtering".

Section 4.3 outlines how a client can use a STUN server with an alternate IP address (returned in the first STUN binding request response) to determine how restrictive their NAT is.

This would be useful to match up clients with snowflake proxies that have compatible NATs. We still have the following questions:

  • are there public STUN servers that support this feature? Yes there are several candidates.

  • does the pion/stun library we use support this feature for STUN clients? Not yet but we can implement the feature.

  • If we're able to implement our own STUN server behind a domain-fronted connection (legacy/trac#25591 (moved)), how can we implement this functionality?

I see at least one open source STUN server implementation that claims to support this (written in C): https://github.com/coturn/coturn

Assignee
Assign to
Time tracking