rfc5766-turn-server as TURN and STUN for webrtc application

[Guy]

I have implemented rfc5766-turn-server and have it running on my own server.

in the app, i set : 

pc_config = {"iceServers": [{"url":"turn:username@<turn_server_address>", "credential":"password"}]};

it seems to be working, but i have couple of questions:

1. is having the app set this way , with rfc5766-turn-server is enough to act as a TURN and also STUN server

or do i also need to run a stun server.

a turn server is also stun so will the rfc5766-turn-server function as a stun server (on most cases) and a turn server when needed?

2. for testing purposes it seems to work fine with the username and password given in the app, but eventually when the app is in production and have many users , do all users use the same username/password for the TURN server??


hope my question make sense...

Thanks

[Lee Sylvester]

Hi Guy,

1. Yes, the TURN server also acts as a STUN server.

2. The implementation for a production server is entirely up to you. If you want to restrict potential leaching of resources, however, I would advise using unique username/passwords for each user.  The rfc5766-turn-server provides a number of ways to do this, by adding new users in a database. Those users are then instantly available to the TURN server.

I hope that answers your questions.

Regards,

Lee

[Guy]

Hi Lee,

Thank you for your answer, 

I know the TURN also acts as STUN, what I wanted to know is (maybe I was unclear) how to set it up in the apprtcdemo app so it will function as both.

in the demo app a stun server is given in the iceServers list:

stun.l.google.com:19302

and afterwards it looks for a TURN server (if non was received in the iceServers list)
and gets it from here :

https://computeengineondemand.appspot.com/turn?username=test&key=test

so both a TURN and STUN server are provided .

I wanted to know if by providing the TURN directly in the iceServers list (like the example from my original question) is enough for both STUN and TURN needs.
If not, what are the necessary changes?

Regarding my second question:

I decided to use the TURN Rest API , and it seem to be working. My concern is that, even though the username:password are generated according to a timestamp, if lets say 2 users tried connecting through the TURN server within one second they will have the same credentials.

what will happen in this case? will one of them be rejected by the TURN??

Thanks

-Guy

בתאריך יום חמישי, 23 באוקטובר 2014 10:53:08 UTC+3, מאת Lee Sylvester:

[Kaiduan Xie]

You need to supply a STUN server and a TURN server in the ICE server list.

/Kaiduan

> --
>
> ---
> You received this message because you are subscribed to the Google Groups
> "discuss-webrtc" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to discuss-webrt...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.