high quality stunt

[rogerdpack]

Anybody know if OpenVPN's NAT traversal is as sophisticated as say http://nutss.gforge.cis.cornell.edu//stunt.php ?
If not could I make a small feature request that it be made so?
Thank you--saved me tons of time in not having to recreate OpenVPN
-roger-

[Bebop]

STUNT

Simple Traversal of UDP Through NATs and TCP too (STUNT), which extends STUN to include TCP functionality, is a lightweight protocol that allows applications running behind a NAT to determine external IP and port-binding properties, packet filtering rules and various timeouts associated with TCP connections through the NAT. Knowing these parameters allows applications to establish TCP sessions between two NAT'ed hosts. As a result P2P and other applications can work through existing NAT infrastructure without sacrificing the benefits of TCP.

Most interesting indeed. I wonder if this technology has filtered through to any apps in the mainstream already. As for your question about adapting OpenVPN to incorporate STUNT like nat traversal -- that would be a question best answered by the dev's and build team.

[janjust]

how do you envisage the use of STUN/STUNT ? an openvpn client in TCP mode can connect via almost any NATting solution out there. OpenVPN *server* mode is a different story, but remember that openvpn is not a true P2P app; how would the client and the server be told of the upcoming connection? in P2P applications this is arranged by the P2P platform (e.g. the Skype directory, or the Torrent head node). A regular OpenVPN setup is not P2P aware so there is no way of letting a server behind a NAT box know that a client wants to connect unless either the server is connected to some third-party host or unless the server itself is listening on a public port (which defeats the purpose of NAT).