STUN (Simple Traversal of UDP through NAT)

Simple Traversal of UDP through NAT (STUN) is a protocol that governs the exchange of data over a User Datagram Protocol (UDP) connection by communications devices operating behind a Network Address Translator (NAT) or firewall. The main objective of STUN is to overcome some of the problems associated with the lack of standardized behaviors in NATs. STUN works with a variety of NATs and application programs. However, STUN does not allow incoming UDP packets through symmetric NATs and cannot be used to obtain an Internet Protocol address (IP address) to communicate with a peer behind the same NAT.

A NAT translates an IP address used within a network to a different IP address within another network. This enhances security because each outgoing or incoming request must go through a translation process that offers the opportunity for authentication. The use of a NAT can also minimize the number of global IP addresses that an enterprise requires. A firewall is a set of programs, located at a gateway server, that protects the resources of a private network from users residing on other networks. An enterprise with an intranet that allows its workers access to the wider Internet  can install a firewall to prevent outsiders from accessing its private data and to control the outside resources its own users can access.

This was last updated in October 2006

Dig Deeper on Network protocols and standards