No audio/video when clients are on different networks

Jo Yum

unread,

Jun 11, 2015, 1:40:21 AM6/11/15

to discuss...@googlegroups.com

Hello,

I'm running a slightly modified version of the https://bitbucket.org/webrtc/codelab Step-6 code, which uses node.js, socket.io, node-static for the signaling channel.

I installed the signaling code (node.js, socket.io, node-static) on a public server, so I can test the Step-6 code over the Internet.

This code only uses a STUN server (stun.l.google.com:19302), and no TURN server.

With two Chrome clients on the same network, the audio/video chat works perfectly. But, with two Chrome clients on different networks, the audio/video chat doesn't work.

On the other hand, https://apprtc.appspot.com works fine with two Chrome clients on different networks (or on the same network.)

Is WebRTC 100% guaranteed not to work peer-to-peer (i.e. without TURN), when one or both clients are behind NAT routers?

Is there a free public TURN server that I can use for testing? If not, can you recommend an open-source TURN server?

Thank you.

Christoffer Jansson

unread,

Jun 11, 2015, 3:16:36 AM6/11/15

to discuss...@googlegroups.com

On Thu, Jun 11, 2015 at 7:40 AM Jo Yum <conr...@hotmail.com> wrote:

Hello,

I'm running a slightly modified version of the https://bitbucket.org/webrtc/codelab Step-6 code, which uses node.js, socket.io, node-static for the signaling channel.
I installed the signaling code (node.js, socket.io, node-static) on a public server, so I can test the Step-6 code over the Internet.
This code only uses a STUN server (stun.l.google.com:19302), and no TURN server.

With two Chrome clients on the same network, the audio/video chat works perfectly. But, with two Chrome clients on different networks, the audio/video chat doesn't work.

On the other hand, https://apprtc.appspot.com works fine with two Chrome clients on different networks (or on the same network.)

Is WebRTC 100% guaranteed not to work peer-to-peer (i.e. without TURN), when one or both clients are behind NAT routers?

Depends on the nat configuration, if they are behind a symmetric nat, turn is your only option. Check wikipedia for more info.

Also use this nifty demo page to check if you get valid candidates from the stun servers in the list. You can add your own as well.

Is there a free public TURN server that I can use for testing? If not, can you recommend an open-source TURN server?

Not sure, a quick search returns 5 different Turn servers in the top 7 results, maybe look into one of those?

Thank you.

--

---
You received this message because you are subscribed to the Google Groups "discuss-webrtc" group.
To unsubscribe from this group and stop receiving emails from it, send an email to discuss-webrt...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/discuss-webrtc/921b53a6-0e7b-4e49-bb3b-ccd2080bab3d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Jo Yum

unread,

Jun 12, 2015, 6:03:23 PM6/12/15

to discuss...@googlegroups.com

Hi Christoffer,

One of the problems with testing a WebRTC app is that you need at least two clients on two different networks.

I tried using a cable network and a mobile network from the same physical location, but mobile data gets expensive with WebRTC video.

Any ideas how to test from one location on two different networks without spending a lot of money?

Also, how do you secure your TURN server from unauthorized users, when the TURN auth credentials are inside your client JavaScript code?

Thank you

Nazmus Shakeeb

unread,

Jun 13, 2015, 10:00:08 PM6/13/15

to discuss...@googlegroups.com

Hi Jo Yum,

>>Is there a free public TURN server that I can use for testing?

You can use http://numb.viagenie.ca/ . You can also use http://www.anyfirewall.com/

if your username contain '@' , you should configure in the following way.

var config =

{

'iceServers':

[

{'url': 'stun:66.228.45.110:3478'},

{'url': 'turn:66.228.45.110:3478?transport=udp','credential':'xxxxx','username': 'xx...@yyyy.com'}

]

};

>>One of the problems with testing a WebRTC app is that you need at least two clients on two different networks.

>>I tried using a cable network and a mobile network from the same physical location, but mobile data gets expensive with WebRTC video.

>>Any ideas how to test from one location on two different networks without spending a lot of money?

Yes. you can do this. Just add multiple networks in your PC ( with corresponding gateway). You can test all combination of P2P and Relay if you filter candidates properly.

Example to force relay.

var index = pc2.localDescription.sdp.search('typ relay');

if (index>=0)

{

console.log('callback2: adding ice candy to pc1');

pc1.addIceCandidate(new RTCIceCandidate(event.candidate));

}

>>Also, how do you secure your TURN server from unauthorized users, when the TURN auth credentials are inside your client JavaScript code?

You should use REST api to secure credentials. REST api uses time limited credentials. so it is safe to use in the java script. rfc5766-turn-server supports REST api.

anyfirewall.com also supports REST api.

Thanks.

Christoffer Jansson

unread,

Jun 15, 2015, 5:02:54 AM6/15/15

to discuss...@googlegroups.com

On Sun, Jun 14, 2015 at 4:00 AM Nazmus Shakeeb <sha...@eyeball.com> wrote:

Hi Jo Yum,

>>Is there a free public TURN server that I can use for testing?

You can use http://numb.viagenie.ca/ . You can also use http://www.anyfirewall.com/

if your username contain '@' , you should configure in the following way.

var config =
{
'iceServers':
[
{'url': 'stun:66.228.45.110:3478'},
{'url': 'turn:66.228.45.110:3478?transport=udp','credential':'xxxxx','username': 'xx...@yyyy.com'}
]
};

>>One of the problems with testing a WebRTC app is that you need at least two clients on two different networks.

>>I tried using a cable network and a mobile network from the same physical location, but mobile data gets expensive with WebRTC video.

>>Any ideas how to test from one location on two different networks without spending a lot of money?

Yes. you can do this. Just add multiple networks in your PC ( with corresponding gateway). You can test all combination of P2P and Relay if you filter candidates properly.

You can do as Nazmus suggest, you can also setup two physical routers connected to the same network and have your clients behind each and you could also create a couple of virtual machines using them as clients using your favorite virtualization software (e.g. virtualbox) and create virtual networks for them.

Example to force relay.

var index = pc2.localDescription.sdp.search('typ relay');
if (index>=0)
{
console.log('callback2: adding ice candy to pc1');
pc1.addIceCandidate(new RTCIceCandidate(event.candidate));
}

>>Also, how do you secure your TURN server from unauthorized users, when the TURN auth credentials are inside your client JavaScript code?

You should use REST api to secure credentials. REST api uses time limited credentials. so it is safe to use in the java script. rfc5766-turn-server supports REST api.

anyfirewall.com also supports REST api.

Thanks.

On Thursday, June 11, 2015 at 11:40:21 AM UTC+6, Jo Yum wrote:
Hello,

I'm running a slightly modified version of the https://bitbucket.org/webrtc/codelab Step-6 code, which uses node.js, socket.io, node-static for the signaling channel.
I installed the signaling code (node.js, socket.io, node-static) on a public server, so I can test the Step-6 code over the Internet.
This code only uses a STUN server (stun.l.google.com:19302), and no TURN server.

With two Chrome clients on the same network, the audio/video chat works perfectly. But, with two Chrome clients on different networks, the audio/video chat doesn't work.

On the other hand, https://apprtc.appspot.com works fine with two Chrome clients on different networks (or on the same network.)

Is WebRTC 100% guaranteed not to work peer-to-peer (i.e. without TURN), when one or both clients are behind NAT routers?

Is there a free public TURN server that I can use for testing? If not, can you recommend an open-source TURN server?

Thank you.

--

---
You received this message because you are subscribed to the Google Groups "discuss-webrtc" group.
To unsubscribe from this group and stop receiving emails from it, send an email to discuss-webrt...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/discuss-webrtc/2ca46807-7c37-477a-a893-79d2e0695fea%40googlegroups.com.

Jo Yum

unread,

Jun 15, 2015, 6:53:00 PM6/15/15

to discuss...@googlegroups.com

On Sun, Jun 14, 2015 at 4:00 AM Nazmus Shakeeb <sha...@eyeball.com> wrote:

Yes. you can do this. Just add multiple networks in your PC ( with corresponding gateway). You can test all combination of P2P and Relay if you filter candidates properly.

Hi Nazmus, are you saying this? ... Create two peer-connections, pc1 and pc2, then don't install onicecandidate on pc1 but do install on pc2, then filter the pc2 candidates, then add only the chosen candidate to pc1, then use pc1 for the offer/answer?

On Monday, June 15, 2015 at 1:02:54 AM UTC-8, Christoffer Jansson wrote:

You can do as Nazmus suggest, you can also setup two physical routers connected to the same network and have your clients behind each and you could also create a couple of virtual machines using them as clients using your favorite virtualization software (e.g. virtualbox) and create virtual networks for them.

Hi Chris, are you saying this? ... If the two clients are on different local sub-nets, (even though they're connected to the same Internet-provider network), for example one client on 192.168.1/24 and the other client on 192.168.5/24, then WebRTC will negotiate a TURN relay candidate, and WebRTC will not select a P2P candidate between the two clients.

Thank you both

Nazmus Shakeeb

unread,

Jun 16, 2015, 1:00:44 AM6/16/15

to discuss...@googlegroups.com

>>Create two peer-connections, pc1 and pc2, then don't install onicecandidate on pc1 but do install on pc2, then filter the pc2 candidates, then add only the chosen candidate to pc1, then use pc1 for the offer/answer?

Yes. For your convenience I have attached two files.

Thanks

adapter.js

force_relay.html

Jo Yum

unread,

Jun 16, 2015, 3:27:58 AM6/16/15

to discuss...@googlegroups.com

On Monday, June 15, 2015 at 9:00:44 PM UTC-8, Nazmus Shakeeb wrote:

Yes. For your convenience I have attached two files.

Thanks

Hi Nazmus, thanks for the files. I tried them in P2P mode, and they work fine in P2P mode. At the moment I don't have a TURN server to test with, but I'll try the files again in relay mode once I get a TURN server.

Christoffer Jansson

unread,

Jun 16, 2015, 4:14:22 AM6/16/15

to discuss...@googlegroups.com

Depends on the NAT and firewall config of the routers, enterprise grade routers usually offer more configuration in this area. Another way is that you could just filter out candidates and only use the relay type candidates (given you have a working turn server up and running) for testing.

Thank you both

--

---
You received this message because you are subscribed to the Google Groups "discuss-webrtc" group.
To unsubscribe from this group and stop receiving emails from it, send an email to discuss-webrt...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/discuss-webrtc/f96abc7e-32c5-433a-bd7b-9e029cd2e86a%40googlegroups.com.

Reply all

Reply to author

Forward