Kurento Room Demo and TURN

[dev...@gmail.com]

Hi,

in the past weeks I've been working to build a proof of concept WebRTC room server. I've successfully made KMS and kurento-room-demo work together. They're both deployed on the same host and have an apache httpd server in front (of the room server, logically) so that users can connect to the room server url at port 443. This is because the demo environment is known to include also clients behind a corporate network with very restrictive firewall policy and ... symmetric NAT in place.

So everything works like charm with people at home, at "non-excessively restricted" offices, connected via 3G/4G with different operators, except this doesn't apply in the restrictive corporate with symmetric NAT. Thus I've configured TURN (STUN already done before) on KMS. But it seems to have no impact. Looking better at it, I saw in chrome's webrtc-internals that my clients were not using the STUN server I did configure on KMS, but something else. Then I found out in kurento-utils-js that by incorporating freeice, a random STUN server among the ones embedded therein was used. I've hence built my own version of kurento-utils-js that just makes sure a copy of my own stun.json and turn.json are included in the build, and hence included in the subsequent build of kurento-room-demo.

I know for a fact that the TURN server itself (currently using a free Viagenie one for this stage)

{
        "url": "turn:66.228.45.110:3478",
        "credential": "my_pwd",
        "username": "my_username"3
}

works, by checking it with the help of this script: http://stackoverflow.com/a/34033998/5889082

Yet, via webrtc-internals I keep seeing only the STUN server I configure, not the TURN one. And, indeed, users on the restricted corporate can't connect. 

At this very moment, I've no clue on how to make tell kurento-room-demo to use my TURN sever. Any idea that could put me in the right direction would be greatly appreciated.

Thanks in advance

Peppe

[Ivan Gracia]

Hi Peppe,

There’s no need to brew your own kurento-utils version, as you can pass that as params when creating the peer. Just put the key iceServers in the options passed when creating the peer.

TURN is for now disabled in KMS, as we’ve found errors in the libnice version we are using. You just need to set a valid TURN server in your client, and that should work.

Ivan Gracia

​

--
You received this message because you are subscribed to the Google Groups "kurento" group.
To unsubscribe from this group and stop receiving emails from it, send an email to kurento+u...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[dev...@gmail.com]

Thanks a lot Ivan,

following your hint I had a closer look  to the code (I'm more of a sysadmin than a developer) and found out the point where your suggestion could be applied.

As an alternative solution, looking further I found out that all of the problem with the freeice not reading the turn.json config file was an hard-coded constant in the index.js, the one you hereafter see set to 0:

  var stunCount = (opts || {}).stunCount || 2;

  var turnCount = (opts || {}).turnCount || 0;

this code is actually saying to extract 2 out of the list of STUN servers passed in the stun.json file, and 0 TURN servers from the turn.json file. By changing the zero to something higher than that, the TURN server is correctly read. Moreover I see that the subsequent call to the normalice function is able to parse TURN server parameter and, if passed in the compact format:

username:credential@server_ip?transport=[tcp|udp]


then split it in the three components (username, credential, server_url).

So thanks a lot for your prompt answer and useful hint, and in general for being so responsive to the enquiries by the kurento community.

Peppe

[Ivan Gracia]

Hey Peppe! Glad to know it worked out.

--

[Marc Backes]

Hi, nice to see that you got it to work. Do you mind pasting the code you ended up using? I can't get it to work.

To make a proof-of-concept, I just adapted the kurento-utils.js for now and inserted the STUN/TURN Servers manually:

[...]

},{"./stun.json":6,"./turn.json":7,"normalice":12}],6:[function(require,module,exports){
module.exports=[
  "stun.mydomain.com:443"
]
},{}],7:[function(require,module,exports){
module.exports=[
    "myuser:myp...@turn.mydomain.com:443?transport=udp",
    "myuser:myp...@turn.mydomain.com:443?transport=tcp"
]

[...]