You are here: Administration > Platform configuration > STUN servers

Using STUN servers with Pexip Infinity

A STUN server allows clients, such as Conferencing Nodes or Infinity Connect WebRTC clients, to find out their public NAT address.

When a client is deployed behind a NAT, it can send a STUN request to the STUN server, which responds back to the client and tells it from which IP address it received the STUN request. Using this method, the client can discover its public NAT address, which is important in order for ICE to work between Conferencing Nodes and other ICE-enabled clients (for example, WebRTC and Lync / Skype for Business clients). In relation to ICE, this public NAT address is also known as the server reflexive address.

In Microsoft Lync and Skype for Business deployments it is essential that a Conferencing Node can discover its public NAT address.

Conferencing Nodes

If a Conferencing Node is deployed on a private network behind a NAT, its system location may already be configured with the details of a TURN server (such as the Pexip TURN server). Often, that TURN server can act as a STUN server and a separate STUN server is not normally required.

By default, Conferencing Nodes send their STUN requests to the TURN server, but if the TURN server is not located outside of the enterprise firewall then the Conferencing Node will not be able to discover its public NAT address. If this is the case in your deployment scenario, you must configure a separate STUN server — the Conferencing Node's STUN requests will then be sent to the STUN server, instead of the TURN server.

A STUN server is not required if:

  • your Conferencing Nodes are publicly-addressable, either directly or via static NAT, or
  • the STUN requests sent from the Conferencing Nodes to the TURN server will return the public NAT address of the Conferencing Node.

The STUN servers that you use with Pexip Infinity must be located outside of the enterprise firewall and must be routable from your Conferencing Nodes.

Infinity Connect WebRTC clients

When connecting to a privately-addressed Conferencing Node, Infinity Connect WebRTC clients that are behind a NAT may also use a STUN server to find out their public NAT address.

When an Infinity Connect WebRTC client connects to a Conferencing Node, the node will provision it with a set of STUN server addresses that it should use to discover its public NAT address.

For more information, see When is a reverse proxy, TURN server or STUN server required?.

How Conferencing Nodes decide which STUN server to use

The STUN server used by a Pexip Infinity Conferencing Node handling a call is determined as follows:

  • Conferences: uses the STUN server associated with the location of the Conferencing Node that is handling the call signaling.
  • Point-to-point calls via the Pexip Distributed Gateway: uses the STUN server associated with the Call Routing Rule that matched the call request. If there is no STUN server associated with the rule, then the STUN server associated with the location of the Conferencing Node that is handling the call signaling is used instead. Note that rules can optionally be configured on a per-location basis.

If a STUN server is not configured for a location or rule, but a TURN server is configured, the Conferencing Node will send STUN requests to that TURN server.

Nominating the STUN servers used by Pexip Infinity and Infinity Connect WebRTC clients

Within Pexip Infinity you can configure the addresses of one or more STUN servers. You then associate those STUN servers with each System location (with separate configuration for the STUN server used by Conferencing Nodes in that location, and the STUN servers to offer to Infinity Connect clients connected to that Conferencing Node), and with each Call Routing Rule.

Configuring STUN server addresses

To add, edit or delete STUN server connection details, go to Call control > STUN servers. The options are:

Option Description
Name The name used to refer to this STUN server in the Pexip Infinity Administrator interface.
Description An optional description of the STUN server.
Address The IP address or FQDN of the STUN server. This should not be the same address as any of your configured TURN servers.
Port

The IP port on the STUN server to which the Conferencing Node will connect.

Default: 3478.

Note that Pexip Infinity ships with one STUN server address already configured by default: stun.l.google.com. This STUN server is typically used by Infinity Connect WebRTC clients and uses port 19302 (rather than the common 3478).

Associating STUN server addresses with Conferencing Nodes

To associate a STUN server address with a Conferencing Node, you must configure the node's system location:

  1. Go to Platform configuration > Locations.
  2. Select the Conferencing Node's location.
  3. Select a STUN server and select Save.

All Conferencing Nodes in that location will use the nominated STUN server for conference calls.

Associating STUN server addresses with gateway calls

If a gateway call is being placed to an ICE-enabled client (such as Lync / Skype for Business clients and Infinity Connect WebRTC clients), the Conferencing Node placing the call will use the STUN server associated with the matching rule. (For gateway calls, the Conferencing Node does not use the STUN sever associated with its system location.)

To associate a STUN server address with a Call Routing Rule:

  1. Go to Service configuration > Call routing.
  2. Select the relevant rule.
  3. Select a STUN server and select Save.

Configuring the STUN server addresses provided to Infinity Connect WebRTC clients

To configure the specific STUN server addresses that are provisioned to Infinity Connect WebRTC clients, you must configure the system locations used by the Conferencing Nodes that the clients connect to:

  1. Go to Platform configuration > Locations.
  2. Select the Conferencing Node's location.
  3. Select one or more Client STUN servers and select Save.

    Note that stun.l.google.com is added by default to every location.

When an Infinity Connect WebRTC client connects to a Conferencing Node in that location, the Conferencing Node will provide it with the addresses of the nominated STUN servers. These STUN servers are used by the client to discover its public NAT address.

If no Client STUN servers are configured for that node/location, the Infinity Connect client may still be able to communicate by using a TURN relay, if a TURN server is configured on the Conferencing Node, but this may cause delays in setting up media.

For clients on the same network as the Conferencing Nodes, where no NAT is present, users may find that WebRTC call setup time is improved by removing all Client STUN servers.