TURN server apparently not working on "ICE Trickle"

668 views
Skip to first unread message

Douglas Samuel

unread,
Jul 20, 2020, 10:07:39 PM7/20/20
to TURN Server (Open-Source project)
Hello, I have a domain that I will call here from domain.com.br
In this domain, I accessed CPanel and assigns the public IP of my server (I consulted on Linux via wget -qO- ifconfig.co/IP) as shown below

NAME                                                                              TTL                       CLASS                TYPE


I installed coturn via apt on Ubuntu 20.02

I ran it via terminal like that:

turnserver -a -o -v -n -p 3478 -L x.x.x.x -r domain.com.br -X yyy.yyy.yyy.yy/x.x.x.x

And also only

turnserver with this config file



When I do the test it returns like this, it only shows "done" when I use STUN



where am I wrong? Should I re-install?
I checked the ports and they are correct, both released for coturn use, the IP I believe is correct too. There is no other instance of coturn being executed.

Diogo Pina Serra

unread,
Jul 21, 2020, 3:31:34 AM7/21/20
to TURN Server (Open-Source project)
Use at least one user for turn authentication 
You can make it in more complex ways but the easier one is to create it on the configuration file like

user=douglas:myspecialpass

Diogo Pina Serra

unread,
Jul 21, 2020, 3:36:51 AM7/21/20
to TURN Server (Open-Source project)
I think the problem is you can't tell you want 

lt-cred-mech (long-term credential mechanism.) and then not providing a user or a way to auth.
Probably with out that you will be able to get TURN without auth , but then anyone will be able to use your turn.
And i'm not very sure but i think that you need auth on webrtc to be able to use a TURN server

Douglas Samuel

unread,
Jul 22, 2020, 8:19:36 PM7/22/20
to TURN Server (Open-Source project)
I did some tests and changes, I installed all coturn and dependencies again.


what is happening now, when I put only the site, it appears that it was not found but if I put the site and the IP, it finds
if I just put the IP it was not found.

Diogo Pina Serra

unread,
Jul 23, 2020, 4:04:48 AM7/23/20
to TURN Server (Open-Source project)
I would say that when you put just the IP it is not validating the realm , and when you put the the domain it validates the realm .... :S 
Can't find any other reason .But only looking on all your settings it is possible to confirm that .
Try to make a very simple configuration first just to debug that .
Are you logging ? Have you tried to see if you have any error when you use just the IP and the auth ? 

Philipp Hancke

unread,
Jul 23, 2020, 4:49:24 AM7/23/20
to TURN Server (Open-Source project)
You are not getting a relay candidate in either of the cases which is what the instructions at the top of the page describe as a necessary requirement.
What the JS code can guess about the reason is rather limited. Typically you'll need to use wireshark and inspect the stun packets. If you don't see any response from the server that typically suggests the udp ports are blocked.

--
You received this message because you are subscribed to the Google Groups "TURN Server (Open-Source project)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to turn-server-project-rfc57...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/turn-server-project-rfc5766-turn-server/da07fad0-a8dc-48f5-88ad-2c6191efdbc0o%40googlegroups.com.

Douglas Samuel

unread,
Jul 23, 2020, 5:07:36 PM7/23/20
to TURN Server (Open-Source project)
I opened the log files



They say nothing about any specific error

Quinta-feira, 23 de julho de 2020 05:04:48 UTC-3, Diogo Pina Serra escreveu:
Eu diria que quando você coloca apenas o IP, ele não está validando o domínio, e quando você coloca o domínio, ele valida o domínio ....: S 
Não é possível encontrar nenhum outro motivo. Mas, olhando apenas todas as suas configurações, é possível confirmar isso.
Tente fazer uma configuração muito simples primeiro apenas para depurar isso.
Você está registrando? Você tentou ver se há algum erro ao usar apenas o IP e a autenticação? 



Na quinta-feira, 23 de julho de 2020 às 1:19:36 UTC + 1 Douglas Samuel escreveu:
Fiz alguns testes e alterações, instalei todos os coturnos e dependências novamente.


o que está acontecendo agora, quando eu coloco apenas o site, parece que ele não foi encontrado, mas se eu colocar o site e o IP, ele encontra
se eu apenas colocar o IP não foi encontrado.

Em terça-feira, 21 de julho de 2020 04:36:51 UTC-3, Diogo Pina Serra escreveu:
Eu acho que o problema é que você não pode dizer que quer 

lt-cred-mech (mecanismo de credencial de longo prazo.) e, em seguida, não fornece um usuário ou uma maneira de autenticação.
Provavelmente, sem que você consiga GIRAR sem autenticação, mas qualquer um poderá usar o seu turno.
E não tenho muita certeza, mas acho que você precisa de autenticação no webrtc para poder usar um servidor TURN



Na terça-feira, 21 de julho de 2020 às 08:31:34 UTC + 1 Diogo Pina Serra escreveu:
Use pelo menos um usuário para autenticação por turno 
Você pode torná-lo de maneiras mais complexas, mas o mais fácil é criá-lo no arquivo de configuração, como

usuário = douglas: myspecialpass




Na terça-feira, 21 de julho de 2020 às 03:07:39 UTC + 1 Douglas Samuel escreveu:
Olá, tenho um domínio que chamarei aqui do domain.com.br.
Nesse domínio, acessei o CPanel e atribui o IP público do meu servidor (consultei no Linux via wget -qO- ifconfig.co/IP ), como mostrado abaixo

NOME TIPO DE CLASSE TTL


Instalei coturn via apt no Ubuntu 20.02 Executei-

o através do terminal assim:

TurnServer -a -o -v -n -p 3478 -L xxxx -r domain.com.br -X .yy / xxxx

E também apenas

TurnServer com este arquivo de configuração



Quando eu faço o teste, ele retorna assim, mostra apenas "concluído" quando uso STUN



onde eu estou errado? Devo reinstalar?
Verifiquei as portas e elas estão corretas, ambas liberadas para uso em coturn, o IP que acredito estar correto também. Não há outra instância de coturn sendo executado.

Warren McDonald

unread,
Jul 23, 2020, 10:30:18 PM7/23/20
to TURN Server (Open-Source project)
The config above looks like lit might be the trouble. The listening IP and relay IP are the internal addresses not the public IP. 
The only entry that should have the Public IP is the External IP. 
Once the external IP is set the turnserver exchanges with the client maps these to the internal listening IP, and the relay IP (if it is the same interface).

Also ff you have one interface and all traffic is internet facing, DO NOT set the relay address or interface. You only really need to set this if you need to relay between 2 interfaces. It will by default use the interface that the request is received on for the relay.    

Warren

Douglas Samuel

unread,
Jul 25, 2020, 10:14:36 PM7/25/20
to TURN Server (Open-Source project)
I did some more tests on the server, it really had its ports open but not on the routers, so the turn ran normally and did not show any errors but it was not accessible by the website or any other instance that is not local.
So I used EC2 free from amazon to see if the problem was on the server and there with the same configuration it worked normally. So I will adjust the server.
Even so, I appreciate all the support and time dedicated to assisting me in solving the problem.
Reply all
Reply to author
Forward
0 new messages