TURN (Traversal Using Relays around NAT) servers are essential when direct peer-to-peer WebRTC connections cannot be established due to restrictive network conditions (e.g., firewalls or symmetric NATs). This article explains how to configure the default TURN server in the WebRTC 2.0 signaling server, how to override it using SDK properties or registry settings, and how web clients receive this configuration automatically.
TURN Server setup
The default TURN server is defined in the signaling server's configuration file:
\signaling2.0\config\production.jsonbefore starting the TURN image, you have to change the TURN server configuration via docker-compose.xml file
Specify the TURN user, password, and your current TURN server public IP address.
docker-compose.yml
- USERNAME=
- PASSWORD=
- REMOTE_IP=
Signaling server TURN configuration
Go to your signaling server Docker image and specify your TURN server in the signaling server configuration. Edit the signaling2.0/signaling2.0/config/production.json. You need to find the "turn_server": and specify the like
"turn_server" :
"user1@password1:your_turn_server1:3478;
user2@password2:your_turn_server2:3478;
user3@password2:your_turn_server3:3478"
For example:
signaling2.0/signaling2.0/config/production.json
{
"isDev": false,
"server": {
"port": 8888,
"secure": false,
"key": "config/sslcerts/key.pem",
"cert": "config/sslcerts/cert.pem",
"password": null,
"pingTimeout": 10000,
"pingInterval": 4800,
"loglevel": 1
},
"metadata" : {
"turn_server": "user1@password1:your_turn_server1:3478;
user2@password2:your_turn_server2:3478;
user3@password2:your_turn_server3:3478"
"special_rooms" : {
"gateways": { "name": "VTGateways", "role": "gateway" },
"auth": { "name": "Auth", "role": "auth" }
}
},
"auth": {
"vt_auth_user": "default",
"vt_auth_pass": "default"
}
}
The format should follow this pattern:username@server:ip:port
STUN Server Implicitly Included
When you specify a TURN server, you do not need to define a separate STUN server. The specified TURN server will automatically serve as both a STUN and TURN server, as this is standard behavior for TURN infrastructure.
Overriding the TURN Server via SDK
If a TURN server is defined through IMFProps or registry settings, this configuration will override the value set in the signaling serverproduction.json
TURN Server Propagation to Web Clients
When a TURN server is configured in the signaling server's production.json, it is automatically sent to all web clients during the signaling handshake. Web-based applications that connect via the public API endpoint will receive the TURN configuration from the signaling server and apply it as part of their ICE candidate gathering process.
This behavior ensures that all TURN/STUN settings are consistent and do not require hardcoding in your web client code.
TURN Server Docker Image
Medialooks provides a Docker-based TURN server image for your convenience.
Turn server WebRTC 2.0 docker image download
To run the TURN server from Docker:
docker compose build docker compose up -d Once deployed, you can reference this TURN server in your production.json as described earlier.