[ejabberd] Nat ejabberd

ricky gutierrez xserverlinux at gmail.com
Sat Jan 3 06:26:55 MSK 2015

2015-01-02 16:48 GMT-06:00 Holger Weiß <holger at zedat.fu-berlin.de>:
> Clients usually try to establish a peer-to-peer connection for
> audio/video streams.  Of course, this can easily fail when those clients
> are behind NATs or packet filters.

holger my dear friend , thanks for replying to this thread , explain a
bit my situation, I have in front of my server ejabberd a firewall
with two interfaces one public and one private for my local network ,
redirect ports from the firewall to my ejabberd server that is within
the local network.

> Therefore, the clients are expected
> to query a STUN server to figure out their public IP addresses.  They
> can then try some tricks to traverse the NATs.  This might or might not
> work, depending on the details of their NAT/firewall environments.  If
> this fails, clients are expected to fall back to using TURN server that
> relays the audio/video stream.

Here I am confused a little , I read a little, ejabberd brings a
module to make it work with stun

tcp        0      0      *
udp        0      0      *

I'm not sure or do not understand is that if the stun server must be
on my server ejabberd this within my network lan.

> ejabberd provides built-in STUN and TURN servers, but you won't have fun
> setting those up behind a NAT.  If you don't have a server with a public
> IP address you could use for this purpose, you *might* get away by
> configuring your clients to use some external STUN servers instead
> (you'll find some if you search the web).

I understand a little of this, could I put in my firewall server
another ejabberd? but only  "configured" the part of stun and turn?

> Good luck, Holger

I need :)




More information about the ejabberd mailing list