Stunner: Quickly Detect Your NAT Type with Multi-Server STUN

Stunner: Quickly Detect Your NAT Type with Multi-Server STUN

Summary

Stunner is an efficient Go CLI tool designed to accurately detect your Network Address Translation (NAT) type. By sending STUN Binding Requests to multiple servers, it classifies your NAT as Full Cone, Symmetric, or Restricted, providing crucial insights into your network environment. This helps users understand network behavior and assess the feasibility of techniques like hole punching.

Repository Info

Updated on May 13, 2026
View on GitHub

Tags

networktailscaleGoNAT detectionSTUNCLI toolnetworking utility

Click on any tag to explore related repositories

Introduction

Stunner is a lightweight yet powerful Go command-line interface (CLI) tool that simplifies the complex task of Network Address Translation (NAT) type detection. It operates by sending STUN Binding Requests to multiple STUN servers, including Tailscale DERP servers, to accurately determine your NAT classification. This process helps identify whether you are behind a Full Cone, Symmetric, Restricted, or other NAT type, offering valuable insights into your network's behavior.

Key features of Stunner include:

  • Multi-Server STUN: Queries more than one server to enhance NAT type detection accuracy.
  • Dynamic DERP Fetching: Automatically fetches and uses two random Tailscale DERP servers if no specific STUN servers are provided.
  • NAT Classification: Provides a clear overall NAT result, labeling it with types like "Open Internet," "Full Cone," or "Symmetric NAT," along with an "Easy" or "Hard" rating for hole punching.
  • Verbose Debug Logging: An optional --debug flag allows for detailed tracing of each request and response.
  • Tabular Output: Presents results in an easy-to-read table format.

Installation

Stunner offers several convenient installation methods:

OS X

Install using Homebrew:

brew install jaxxstorm/tap/stunner

Linux

Download the binary from the releases page:

VERSION=v0.0.10
curl -L "https://github.com/jaxxstorm/stunner/releases/download/${VERSION}/stunner-${VERSION}-linux-amd64.tar.gz" | tar -xz
./stunner --version

Using Go

If you have Go installed, you can build and install it directly:

go install github.com/jaxxstorm/stunner@latest

The resulting binary will be located in your $GOPATH/bin directory.

Examples

Stunner is straightforward to use. Here are some common usage examples:

Let Stunner fetch DERP servers automatically:

./stunner --debug

Supply your own STUN servers:

./stunner --stun-server=stun1.l.google.com --stun-server=stun2.l.google.com

When you run Stunner, it performs the following steps:

  1. Binds a local UDP socket on the specified IP/port.
  2. Sends STUN Binding Requests to each configured server.
  3. Parses the responses, capturing your external IP/port.
  4. Compares the external ports from each server to classify your NAT type.
  5. Prints the results in a clear, tabular format.

Why Use Stunner?

Stunner provides a crucial utility for anyone dealing with network configurations, especially in distributed or peer-to-peer environments. Its multi-server approach significantly enhances the accuracy of NAT type detection, moving beyond the limitations of single-server tests. This precise classification, coupled with an "Easy/Hard" rating for hole punching, empowers developers and network administrators to better understand network traversal challenges. Whether you're troubleshooting connectivity issues or designing robust P2P applications, Stunner offers clear, actionable insights into your network's NAT behavior.

Links