The TURN server is a part of WebRTC environment that transmits media traffic between peers if a direct peer-to-peer connection is not available (for example due to firewall restrictions).
When is a turn server necessary?
- the following port range 1024-65536 blocked on Publisher/Receiver side
- one of the peers located under symmetric NAT
Review the definitions, according to RFC 3489
Full Cone NAT is one where all requests from the same internal IP address and port are mapped to the same external IP address and port. Furthermore, any external host can send a packet to the internal host, by sending a packet to the mapped external address.
Symmetric NAT is one where all requests from the same internal IP address and port, to a specific destination IP address and port, are mapped to the same external IP address and port. If the same host sends a packet with the same source address and port, but to a different destination, a different mapping is used. Furthermore, only the external host that receives a packet can send a UDP packet back to the internal host.
*An address should be taken to mean an IP Address with Port number.
-
You internet provider blocks p2p connections - sometimes it's happened with ADSL providers.
Deployment
There are a lot of TURN server installation packages. You can use any preferable TURN server, Medialooks WebRTC solution will work with any TURN server.
We have tested the following TURN servers
- TurnServer from the SourceForge, but it's not a mandatory. You can use any other TURN server in your environment. To deploy the TurnServer you need to:
- Download it from the SourceForge.
- Install it following the instructions.
2. Coturn good TURN for deployment usage
Possible installations:
The package manager
sudo apt-get install coturn
Build from the source code, the latest source could be founded here downloads
# admin
sudo -i # install the dependencies
apt-get update && apt-get install libssl-dev libevent-dev libhiredis-dev make -y
# Download the source turnserver-4.5.0.7.tar.gz latest at the current moment.
wget -O turn.tar.gz http://turnserver.open-sys.org/downloads/v4.5.0.7/turnserver-4.5.0.7.tar.gz # unzip
tar -zxvf turn.tar.gz cd turnserver-* ./configure make && make install
Start TURN server command example
turnserver -a -o -v -n -u user:root -p 3478 -L INT_IP -r someRealm -X EXT_IP/INT_IP --no-dtls --no-tls
command description:
- -X - your amazon instance's external IP, internal IP: EXT_IP/INT_IP
- -p - port to be used, default 3478
- -a - Use long-term credentials mechanism
- -o - Run server process as daemon
- -v - 'Moderate' verbose mode.
- -n - no configuration file
- --no-dtls - Do not start DTLS listeners
- --no-tls - Do not start TLS listeners
- -u - user credentials to be used
- -r - default realm to be used, need for TURN REST API
Usage
To use a TURN server you should specify the address and password by "turn_server" and "turn_password" MWebRTC object properties.
Here is a syntax example:
"old" style TURN configuration - was stayed for backward compatibility, you can use it if you are using only one TURN server or in the case when each of your TURN servers has the equal user and password.
turn_server = turn:custom.turn.server1:1234;turn:custom.turn.server2:1234 turn_password = password1
Where:"turn" - service keyword
"user1" - the username
"turn:custom.turn.server1:1234" - turn server1 address and port
";" - sparating character for turn server1 and turn server2
"turn:custom.turn.server2:1234" - turn server 2 address and port
"password1" - password
"new" JSON style TURN configuration - was added with ability to use more than one TURN server, unlike "old" style string configuration you are able to set different users and passwords for TURN servers
[{"username": "User1","credential": "Password1","urls": ["turn:custom.turn.server1:1234"]},{"username": "User2","credential": "Password2","urls": ["turn:custom.turn.server2:1234"]}]
- In a registry
HKEY_CURRENT_USER\Software\Medialooks\WebRTC turn_server = turn:custom.turn.server1:1234;turn:custom.turn.server2:1234 turn_password = password1
Please note register configuration working only for a desktop application, it will not set TURN server for your web pages, for web pages you should use iceServers SimpleWebRTC object field or signaling server configuration files.
- Signaling server configuration files
..\SIGNALING SERVER\config\development.json ..\SIGNALING SERVER\config\production.json
With token
"turnservers": [
{
"urls": [ "turn:turn_ip:port" ],
"secret": "pass",
"expiry": 86400
}
]
or directly with user/password
"turnservers": [
{
"urls": [ "turn:turn_ip:port" ],
"username": "user",
"credential": "password"
}
]
- Code configuration IMProps Interface
-For desktop application using an "old" style TURN or JSON configuration strings
a) Via "old" style TURN configuration string
PropsSet("stun_server", "stun:stun.l.google.com:19302;stun:custom.stun.server:12345"); PropsSet("turn_server", "turn:custom.turn.server1:1234;turn:custom.turn.server2:1234"); PropsSet("turn_user", "User1"); PropsSet("turn_password", "Password1");
Please note in current case turn_user and turn_password should be equal for each turn_server.
b) Via JSON string - this will give you the opportunity to set different users and passwords for each server.
PropsSet("stun_server", "[{"url": "stun:stun.l.google.com:19302"},{"url": "stun:custom.stun.server:12345"}] "); PropsSet("turn_server", "[{"username": "User1","credential": "Password1","urls": ["turn:custom.turn.server1:1234"]},{"username": "User2","credential": "Password2","urls": ["turn:custom.turn.server2:1234"]}]");
-For Web pages
Stun/Turn configuration available via iceServers
var webrtc = new SimpleWebRTC({ target: targetId, url: signalingServer, iceServers: [{url: "stun:stun.l.google.com:19302"},{url: "stun:custom.stun.server:12345"},{username: "User1", credential: "Password1", urls: ["turn:custom.turn.server1:1234"]}, {username: "User2", credential: "Password2", urls: ["turn:custom.turn.server2:1234"]}], localVideoEl: , remoteVideosEl: , autoRequestMedia: false, debug: false, detectSpeakingEvents: true, autoAdjustMic: false });
Important!
TURN server consumes a lot of traffic and calculation power because it has to transmit the media content between the peers. Make sure that you have a powerful hardware and wide traffic bandwidth to manage this task.