STUN / TURN
What is Port 3478?
Port 3478 is the default port for STUN (Session Traversal Utilities for NAT) and TURN (Traversal Using Relays around NAT) servers, which are essential for establishing peer-to-peer connections through NAT and firewalls. Defined in RFC 5389 (STUN) and RFC 5766 (TURN), these protocols are critical components of WebRTC (Web Real-Time Communication), the technology powering browser-based video calls, voice calls, and peer-to-peer file sharing. STUN helps clients discover their public IP address and the type of NAT they're behind. When direct peer-to-peer connections aren't possible, TURN relays traffic through the server. Services like Zoom, Google Meet, Microsoft Teams, and Discord all rely on STUN/TURN infrastructure.
Common Uses
- WebRTC NAT traversal for video/voice calls
- VoIP call setup and media relay
- Online gaming peer-to-peer connections
- IoT device communication through firewalls
Technical Details
Copy-paste commands to check port 3478 (STUN / TURN) from your terminal
Test connectivity
nc -zv example.com 3478
curl -v --max-time 5 http://example.com:3478/
telnet example.com 3478
nmap -p 3478 -sU -sV example.com
(echo > /dev/tcp/example.com/3478) 2>/dev/null && echo "open" || echo "closed"
Open port in firewall
sudo ufw allow 3478/tcp
sudo iptables -A INPUT -p tcp --dport 3478 -j ACCEPT
sudo firewall-cmd --permanent --add-port=3478/tcp && sudo firewall-cmd --reload
Security Considerations
TURN servers can be abused as open relays if not properly secured with authentication. Always require credentials for TURN usage and use time-limited credentials. STUN servers have minimal security risk as they only reflect IP information. Monitor TURN bandwidth usage for abuse. Use TLS (port 5349) for encrypted STUN/TURN communication.
Popular Ports Reference
The most commonly used and referenced network ports