I am running a defederated local Matrix server, and I need to set up calls. From what I can tell, the “legacy” calls require a STUN and TURN server, and the new MatrixRTC standard seems to require them as well for Livekit to work. However, I do not want to expose anything out to the public internet, as I want everything to be behind NAT for local access only (all of the clients for the server will also be behind the NATted network). I also have Tailscale running on my servers, and it would be useful if I would be able to connect to the TURN server even when not in the network. Is there a way to get STUN/TURN to work in this situation? It seems that all the servers expect to have public network access.

    • hackysphere@lemmy.caOP
      link
      fedilink
      English
      arrow-up
      1
      ·
      6 hours ago

      Unfortunately my ISP doesn’t support IPv6 yet, both for the public internet and for my local network.

        • hackysphere@lemmy.caOP
          link
          fedilink
          English
          arrow-up
          1
          ·
          4 hours ago

          They only seem to support it for business customers for now, not for consumer usage.

        • hackysphere@lemmy.caOP
          link
          fedilink
          English
          arrow-up
          2
          ·
          edit-2
          4 hours ago

          I live in a rural area, so my only options are dealing with a mobile hotspot for everything or getting satellite internet for more than double the price.

          It’s also not worth it for me to switch internet providers just to have calls on my Matrix server work

      • thelittleblackbird@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        arrow-down
        1
        ·
        15 hours ago

        What a lot of nonsense. Of course the technology exists and of course it can be done. But in reality is not done because it simply doesn’t bring any benefit.

        And in addition a address translation is not nat ™ because the server can be hit from the outside.

        Today in ipv4 we have likely 2 Nats, 1 after your router and the other by the carrier (cgnat) and ipv6 those are non existent

        • Aganim@lemmy.world
          link
          fedilink
          English
          arrow-up
          5
          ·
          edit-2
          9 hours ago

          It was meant tongue-in-cheek, you seem to be taking it much more seriously than I intended it to be. 🙂

          But in reality is not done because it simply doesn’t bring any benefit.

          Fully agree that there is absolutely no benefit to NAT66, it only causes enormous headaches. I sincerely hope nobody uses it these days, this poor bastard however did manage to find a VPS provider that used NAT66 back in 2018: https://blog.apnic.net/2018/02/02/nat66-good-bad-ugly/ 🤢

          • thelittleblackbird@lemmy.world
            link
            fedilink
            English
            arrow-up
            4
            ·
            9 hours ago

            Fuck, there is a law in internet (which name I cannot recall) about the impossibility of distinguish an ironic message.

            I felt in that trap completely!!