Connect to TURN Server with DTLS

[Oliver]

Hello everyone,

I'm having problems getting DTLS to work.

UDP and TLS are working with ICE Servers configured like this:

{"url": "turn:turn.myturnserver.net:55555?transport=udp",

"username": "user",

"credential": "cred"}

{"url": "turns:turn.myturnserver.net:443?transport=tcp",

"username": "user",

"credential": "cred"}

Trying to use DTLS with this ICE Server configuration:

{"url": "turns:turn.myturnserver.net:55555?transport=udp",

"username": "user",

"credential": "cred"}

Testing the Hello World App with both Chrome and Firefox with Wireshark shows that no packets are sent to the turnserver on port 55555.

What might I be doing wrong?

Thanks,

Oliver

[Ivan Gracia]

Hi Oliver,

I'm not really sure what you expect to be connecting to the TURN server, as that seems like a JS configuration for the RTCPeerConnection. Could you explaion a bit what is the expected behavior?

Ivan Gracia

--
You received this message because you are subscribed to the Google Groups "kurento" group.
To unsubscribe from this group and stop receiving emails from it, send an email to kurento+u...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Ivan Gracia]

You porbably need to configure that TURN in your KMS instance, too.

Ivan Gracia

[Oliver]

Hi Ivan,

using turns and ?transport=tcp Wireshark shows TLSv1.2 Client Hello, Server Hello, Encrypted Handshake Message etc.. Turnserver -v also logs session 00...01: [...] cipher=...AES256... method=TLSv1.2 (SSLv23).

Using turns and ?transport=udp Wireshark shows no udp packets being sent to the turnserver on port 55555. I would expect a DTLS handshake. Turnserver -v of course logs nothing, I would expect something similar to TLS.

I configured the TURN in WebRtcEndpoint.conf.ini:
"turnURL" : "user:cr...@turn.myturnserver.net:55555?transport=udp"
Is this correct? I do not know how to specify turns AND give credentials. turns:user:cr...@turn.myturnserver.net seems weird. ;)

Thanks for your help,
Oliver

[Ivan Gracia]

Hum, don't know if libnice supports that. Have you checked with them?

Ivan Gracia

[Ivan Gracia]

Hi Oliver,

did you finally check with libnice if they support this?

Thanks,

Ivan Gracia

[Oliver]

Hi Ivan,

we decided to stick with DTLS for now.

But thanks for the advice.

Thanks,

Oliver

Am Mittwoch, 23. Dezember 2015 10:32:40 UTC+1 schrieb igracia:

Hi Oliver,

did you finally check with libnice if they support this?

Thanks,

Ivan Gracia

On Tue, Dec 15, 2015 at 7:48 PM, Ivan Gracia <igr...@kurento.org> wrote:

Hum, don't know if libnice supports that. Have you checked with them?

Ivan Gracia

On Fri, Dec 4, 2015 at 4:02 PM, Oliver <o.wei...@oevermann.de> wrote:

Hi Ivan,

using turns and ?transport=tcp Wireshark shows TLSv1.2 Client Hello, Server Hello, Encrypted Handshake Message etc.. Turnserver -v also logs session 00...01: [...] cipher=...AES256... method=TLSv1.2 (SSLv23).

Using turns and ?transport=udp Wireshark shows no udp packets being sent to the turnserver on port 55555. I would expect a DTLS handshake. Turnserver -v of course logs nothing, I would expect something similar to TLS.

I configured the TURN in WebRtcEndpoint.conf.ini:
"turnURL" : "user:cr...@turn.myturnserver.net:55555?transport=udp"

Is this correct? I do not know how to specify turns AND give credentials. turns:u...@turn.myturnserver.net seems weird. ;)

[Ivan Gracia]

Ok, thanks for the feedback.

Ivan Gracia