STUN

Motivation

Two main approaches to direct connections:

  1. Client-server model where client connects directly to an exposed server port
  2. Client-client model facilitated by a server

Common illustrations of the client-server model include VNC, RDP, NoMachine, blah. This contrasts with, say, Teamviewer, which instead hosts a server as the middleman to facilitate P2P connections. The latter is useful in cases where network address translation (NAT) is beyond our control, e.g. in enterprise networks where connections via Wi-Fi is not granted access to the internal network, blah.

There are different approaches to traversing this NAT. Some concepts:

Some modern implementations:

A good search of "wireguard stun server" yielded these gold mine of resources: