Skip to main content

mastodon - Link to source

More thoughts on the STUN server fallback question:

· This is something other #XMPP Clients just do quietly without having a big debate about it¹

· I don't think users should configure this. Anyone who knows what a STUN server is will likely switch to a server offering one.

· Treat it like channel search. On first use (call, file transfer), ask once: Use our fallback STUN server? Yes/No.

¹: github.com/dino/dino/blob/v0.4…


dino/plugins/ice/src/plugin.vala at v0.4.4 · dino/dino

Modern XMPP ("Jabber") Chat Client using GTK+/Vala - dino/dino
GitHub
#xmpp
in reply to Daniel Gultsch

Gary "grim" Kramlich
mastodon - Link to source
Gary "grim" Kramlich

with @pidgin we never officially had one nor did we default to anyone in particular. We looked at doing it for awhile but never went forward with it.

This is something we will be looking at again in the nearish future though, but we'd just be offering ip lookups and maybe udp hope punching, but we also don't want our servers to be used in illicit activity either which is where all of this becomes problematic.

@Pidgin Instant Messenger
in reply to Gary "grim" Kramlich

Daniel Gultsch
mastodon - Link to source
Daniel Gultsch

@grimmy @pidgin To be clear I’m only talking about STUN. I have no intention of running a TURN server.

The specific STUN server that we would be using (stun.conversations.im) is quasi public already.

@Gary "grim" Kramlich @Pidgin Instant Messenger
in reply to Daniel Gultsch

Gary "grim" Kramlich
mastodon - Link to source
Gary "grim" Kramlich

@pidgin gotcha. Originally I was just looking at stun as well, but since that would typically be used for p2p file transfers and stuff, the idea of turn came up.

Also I was looking at using coturn as the actual service. I'll probably set that up soonish even though we're very far away from needing it in pidgin 3 but I could also point pidgin2 at it and get some basic usage monitoring on it.

@Pidgin Instant Messenger
in reply to Gary "grim" Kramlich

Daniel Gultsch
mastodon - Link to source
Daniel Gultsch
@grimmy @pidgin Offering TURN has diminishing returns. STUN gets you from not being able to establish any connections outside of your local network to 70%. TURN gets you the other 30% but at crazy costs as who ever runs it will be paying for the traffic.
@Gary "grim" Kramlich @Pidgin Instant Messenger
in reply to Daniel Gultsch

Gary "grim" Kramlich
mastodon - Link to source
Gary "grim" Kramlich
@pidgin yea that's why I would rather support udp hole punching but there's not much support for that in existing protocols.
@Pidgin Instant Messenger
in reply to Daniel Gultsch

monal-im.org
mastodon - Link to source
monal-im.org

at monal we are offering a stun and turn server as fallback (you can disable this in the settings).

So far (over the last ~12 month) we didn't have any traffic excess.
Our stun and turn server seems to be used way less than originally anticipated.

This entry was edited (3 days ago)
in reply to Daniel Gultsch

Zash
mastodon - Link to source
Zash
Another thing to think about is that STUN servers being used in reflection attacks. Doesn't amplify a lot, unless you enable authentication(?!?). So encouraging all server operators to deploy more STUN servers isn't without its complications.