Problem configuring TURN Server

[Naveed]

I am trying to configure TURN server with no-auth option to use it with my SIP Server (Kamailio 4). 

Here is my config file

listening-device=eth0
listening-port=3478
listening-ip=<local ip>
relay-device=eth0
relay-ip=<local ip>
external-ip=<public ip>
no-auth
mobility
server-relay

In my case STUN works perfectly in all but  one scenario(3G/4G Connection) where i get no audio when one of my clients is using 3G/4G connection. I could'nt understand how to configure it to use TURN when STUN fails..

I am using Linphone as my SIP Client with ICE enabled and my TURN server is behind a NAT as well with relevant ports (3478, 49152 - 65535)  forwarded.

PS: I also posted this question yesterday but i did'nt appeared!

[Oleg Moskalenko]

Some advises:

1) Remove listening-device and relay-device configuration parameters. They are known to cause problems. Add them only after everything already is working fine.
2) Why you are using server-relay ? Do you really need it ? No normal application needs it. If your application require that, then something is very wrong with your application. I'd suggest to remove it.
3) Are you really using "mobility" ? Do you understand what it is ? I'd suggest to remove it.
4) relay-ip is redundant here. Remove it.
5) listening-port=3478 is not necessary, that is the default value.
6) Try to add "fingerprint", that may be helpful for some applications.

This is what has to be enough for your purpose:

listening-ip=<local ip>
external-ip=<public ip>
fingerprint
no-auth


Now run your application with wireshark listening to the TURN address. Check what is really going on with your TURN sessions.

We cannot tell you how to configure your phone application - we can only answer questions how to configure the TURN server.

Remember that some client applications can work only when authentication is required (for example, WebRTC). Check that this is not the case in your application.

Oleg

[Rock Hero]

Hi Oleg,

Thanks for your reply..

We modified the server configuration as you mentioned.

STUN it is still working fine.. But in case of our 3G/4G networks, audio is still not working.. 

As per our understanding when STUN is not working ICE should route/relay all the traffic through TURN server. YES?

We monitored traffic using Wireshark, only STUN binding request messages are going from application to TURN server.

Request to Server:

STUN 62 Binding Request

Response from Server:

STUN 138 Binding Success Response XOR-MAPPED-ADDRESS: <public-ip>:7079 MAPPED-ADDRESS: <public-ip>:7079 RESPONSE-ORIGIN: <private-ip>:3478

Is there any way of routing all the traffic only from TURN server? means only TURN mode (no-stun). I tried no-stun option but it is not working. 

I am hoping to read soon from you.

Regards,

Naveed

--
You received this message because you are subscribed to a topic in the Google Groups "TURN Server project rfc5766-turn-server" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/turn-server-project-rfc5766-turn-server/WE5FGz-piEQ/unsubscribe.
To unsubscribe from this group and all its topics, send an email to turn-server-project-rfc57...@googlegroups.com.
To post to this group, send email to turn-server-project...@googlegroups.com.
Visit this group at http://groups.google.com/group/turn-server-project-rfc5766-turn-server.
For more options, visit https://groups.google.com/groups/opt_out.

[Oleg Moskalenko]

Naveed, if the turn server is receiving only stun requests then it can perform only stun operations. The turn server is passive - it is doing what it was asked to do. You have to check your clients and your ICE configuration - the problem is not in the turn server.

Regards,

Oleg

Sent from my iPhone