Difference between revisions of "Setting up a TURN server"
From Organic Design wiki
(Create page with basic summary.) |
(Automatic and manual configuration, Debugging and See Also sections.) |
||
| Line 1: | Line 1: | ||
TURN is a subset of STUN that provides a mechanism for routing traffic through the server as a fallback as well as the standard hole punching that STUN provides. | TURN is a subset of STUN that provides a mechanism for routing traffic through the server as a fallback as well as the standard hole punching that STUN provides. | ||
| + | |||
| + | == Automated Setup using BBB == | ||
| + | Big blue button has a [https://github.com/bigbluebutton/bbb-install#install-a-turn-server script] to automatically install configure coturn for BBB. I found that this script ran into problems when setting up so I had to manually configure it. | ||
| + | |||
| + | == Manual Configuration == | ||
| + | === Install === | ||
| + | <source lang="bash"> | ||
| + | sudo apt-get install coturn | ||
| + | </source> | ||
| + | |||
| + | Configure file: '''/etc/turnserver.conf''' | ||
| + | === Firewall === | ||
| + | Open the required ports in the firewall with: | ||
| + | <source lang="bash"> | ||
| + | sudo ufc allow 3478 | ||
| + | sudo ufc allow 5349 | ||
| + | </source> | ||
| + | |||
| + | == Manually Generate Credentials == | ||
| + | You can manually generate TURN credentials with the following script: | ||
| + | |||
| + | <source lang="bash"> | ||
| + | #!/bin/bash | ||
| + | |||
| + | HOST=turn.example.com | ||
| + | SECRET=YourSecretHere | ||
| + | |||
| + | time=$(date +%s) | ||
| + | expiry=8400 | ||
| + | username=$(( $time + $expiry )) | ||
| + | |||
| + | echo | ||
| + | echo " https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/" | ||
| + | echo | ||
| + | echo URI : turn:$HOST:5349 | ||
| + | echo username : $username | ||
| + | echo password : $(echo -n $username | openssl dgst -binary -sha1 -hmac $SECRET | openssl base64) | ||
| + | echo | ||
| + | </source> | ||
| + | |||
| + | == Debugging == | ||
| + | You can use [https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/ Trickle ICE] to test if your TURN server is working. | ||
| + | Test STUN functionality with "all" mode and TURN with "relay" mode. | ||
| + | |||
| + | If your coturn server doesn't "just work" I would recommend disabling the firewall before testing with | ||
| + | <source lang="bash"> | ||
| + | sudo ufc disable | ||
| + | </source> | ||
| + | |||
| + | == See Also == | ||
| + | * https://docs.bigbluebutton.org/2.2/setup-turn-server.html | ||
| + | * https://github.com/matrix-org/synapse/blob/master/docs/turn-howto.md | ||
Revision as of 21:03, 1 June 2021
TURN is a subset of STUN that provides a mechanism for routing traffic through the server as a fallback as well as the standard hole punching that STUN provides.
Contents
Automated Setup using BBB
Big blue button has a script to automatically install configure coturn for BBB. I found that this script ran into problems when setting up so I had to manually configure it.
Manual Configuration
Install
sudo apt-get install coturnConfigure file: /etc/turnserver.conf
Firewall
Open the required ports in the firewall with:
sudo ufc allow 3478
sudo ufc allow 5349Manually Generate Credentials
You can manually generate TURN credentials with the following script:
#!/bin/bash
HOST=turn.example.com
SECRET=YourSecretHere
time=$(date +%s)
expiry=8400
username=$(( $time + $expiry ))
echo
echo " https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/"
echo
echo URI : turn:$HOST:5349
echo username : $username
echo password : $(echo -n $username | openssl dgst -binary -sha1 -hmac $SECRET | openssl base64)
echoDebugging
You can use Trickle ICE to test if your TURN server is working. Test STUN functionality with "all" mode and TURN with "relay" mode.
If your coturn server doesn't "just work" I would recommend disabling the firewall before testing with
sudo ufc disable
