Furor Teutonicus
https://www.furorteutonicus.eu/2014/09/30/choosing-and-using-coturn-as-a-stun-and-turn-server-for-ice/
Export date: Tue Jul 23 7:14:47 2019 / +0000 GMT

Choosing and using CoTurn as a STUN and TURN server for ICE


Introduction


Internet Protocol (IP) based voice and messaging are very popular and increasingly so. SIP phone systems such as Lynx and Asterisk and XMPP based instant messengers (IM) from Facebook and Google are gradually replacing traditional phone systems and older IM clients. I have written previously on the good client Jitsi that handles both protocols. Another development is the rise of WebRTC for in-browser conferencing.

However, to enable systems to communicate, they have to see each other. Many devices have "hidden" private IP addresses because we don't have enough IPv4 addresses and therefore use Network Address Translation (NAT). NAT makes it difficult for devices to transmit files, video and voice. A method to bypass NAT is ICE. ICE makes use of other protocols, notably STUN and TURN. In order to use ICE (and make those nice phone calls), you want a server that implements both protocols. Actually, there are quite a few that do.

But what is the best STUN and TURN server for your ICE based NAT traversals? (The rest of the article is rather technical.)

Lots of choices


I prefer C/C++ implementations over Java ones because better CPU and memory usage -- not unimportant on your server or maybe your small Raspberry Pi! So I will leave out most of the Java implementations. This is one of the well-known Java implementations:

These are C/C++ servers but they lack some features:

A C/C++ server with many features is CoTurn:

CoTurn installation


From the INSTALL 7 file for v4.1.1.1:

Debian


Debian "jessie" (and the recent version of Ubuntu and Mint) have the predecessor of this project packaged as "rfc5766-turn-server", see the link: http://packages.qa.debian.org/r/rfc5766-turn-server.html 8

So we need to install a newer version.

If you are using the Debian package from the project download site, then follow these instructions:

Unpack the archive:
$ tar xvfz turnserver-<...>.tar.gz

Read the INSTALl file:
$ cat INSTALL

Install the *.deb file:
$ sudo apt-get update
$ sudo apt-get install gdebi-core
$ sudo gdebi coturn*.deb

(to install the bare package without any dependencies, type:
$ sudo dpkg -i coturn_*_*.deb)

And enable coturn:
$ vim /etc/default/coturn

After the install, read the documentation in /usr/share/doc/coturn directory.

All binaries will be installed in /usr/bin/ directory. The turn*.conf config files are in /etc directory.

The service start-up control scripts will be in /etc/init.d/coturn and in /etc/defaults/coturn files.

Builing your own is needed if you have a Raspberry Pi or whatever.
apt-get install gcc build-essential
apt-get install libssl-dev libevent-dev libpq-dev mysql-client libmysqlclient-dev libhiredis-dev
wget URL-TO-SOURCES
tar xzf SOURCES.tgz
cd SOURCES
make
make install

Arch Linux


ArchLinux has this TURN server package:

https://aur.archlinux.org/packages/coturn/ 9

CoTurn configuration


from /usr/local/share/doc/turnserver/postinstall.txt
1) If you system supports automatic start-up system daemon services,
the, to enable the turnserver as an automatically started system
service, you have to:

a) Create and edit /etc/turnserver.conf or
/usr/local/etc/turnserver.conf .
Use /usr/local/etc/turnserver.conf.default as an example.

b) For user accounts settings, if using the turnserver
with authentication: create and edit /etc/turnuserdb.conf
file, or set up PostgreSQL or MySQL or MongoDB or Redis database
for user accounts.
Use /usr/local/etc/turnuserdb.conf.default as example for flat file DB,
or use /usr/local/share/turnserver/schema.sql as SQL database schema,
or use /usr/local/share/turnserver/schema.userdb.redis as Redis
database schema description and/or
/usr/local/share/turnserver/schema.stats.redis
as Redis status & statistics database schema description.

c) add whatever is necessary to enable start-up daemon for the
/usr/local/bin/turnserver.

2) If you do not want the turnserver to be a system service,
then you can start/stop it "manually", using the "turnserver"
executable with appropriate options (see the documentation).

3) To create database schema, use schema in file
/usr/local/share/turnserver/schema.sql

4) For additional information, run:

$ man turnserver
$ man turnadmin
$ man turnutils

Create a self-signed certificate


openssl req -x509 -newkey rsa:4096 -keyout turnserver.key -out turnserver.crt -days 9999 -nodes

Ports needed on your firewall


(UDP & TCP)

  • 3478

  • 3479

  • 5349

  • 5350

Excerpt: How to install CoTurn to enable NAT traversal for SIP and XMPP clients.
Links:
  1. https://github.com/jitsi/turnserver
  2. http://turnserver.sourceforge.net/
  3. https://www.resiprocate.org/ReTurn_Overview
  4. http://www.creytiv.com/restund.html
  5. https://code.google.com/p/rfc5766-turn-server/w/li st
  6. https://code.google.com/p/coturn/
  7. http://turnserver.open-sys.org/downloads/v4.1.1.1/ INSTALL
  8. http://packages.qa.debian.org/r/rfc5766-turn-serve r.html
  9. https://aur.archlinux.org/packages/coturn/
Post date: 2014-09-30 18:48:00
Post date GMT: 2014-09-30 17:48:00

Post modified date: 2014-09-30 18:48:00
Post modified date GMT: 2014-09-30 17:48:00

Export date: Tue Jul 23 7:14:47 2019 / +0000 GMT
This page was exported from Furor Teutonicus [ https://www.furorteutonicus.eu ]
Export of Post and Page has been powered by [ Universal Post Manager ] plugin from www.ProfProjects.com