UDP Question + Proxy Protocol

[4ydx]

I hope this question isn't too out of scope, but I didn't see a slack channel etc.

Is it possible to use the proxy protocol in conjunction with udp connections when sending connections through nginx to a stun server? Is tcp an option? Or does proxy protocol support need to be added somehow?

[ernado]

Hi, can you please describe more details of what you are trying to achieve?

Do you want to place STUN server behind the Nginx?

It is possible to use STUN/TURN over TCP, yes.

The question is slightly out of scope of this library, but in scope of gortc project in general, so I'll try to help you.

[4ydx]

I was trying to put the STUN service behind nginx using udp streaming but i can see that the STUN server returns the ip address of the nginx server itself. The STUN client's ip address is lost of course. The only way I know to address this is the proxy protocol.

I could imagine a config option where the STUN server is made aware that incoming connections will have proxy protocol data, but I don't know if just having the original client ip address is enough to fulfill all of the requirements a STUN server is expected to have. So I was hoping to find out if:

1) Using proxy protocol to solve this is even an option. 2) How that might be implemented in this library.

I am not too familiar with nginx streaming, but it might be the case that proxy protocol information is only available for streaming TCP. Ideally it would be UDP too, but I'm not sure. In the event that only TCP is available, that would be fine as well. I just want to see if putting STUN behind nginx is possible or not.

[ernado]

I think that putting STUN behind nginx is pointless in general.

Commonly UDP servers are behind L4 load balancers.

Feel free to re-poen that issue if anything specific can be implemented in stun package scope.