Turn server load balancing and reliability questions

[Alexander Marquardt]

I am in the initial phases of setting up a rfc5766-turn-server TURN/STUN server, and have a few questions in anticipation of things that I will have to deal with. I am just getting started with TURN servers as well as Load Balancers, so please be gentle if my questions have "obvious" answers.

I will likely use Google Compute Engine to host the TURN sever, which from other postings that I have read should not be a problem. In the Google Compute Engine, there is a built-in load balancer that I will likely use, which leads me to the following set of questions:

1) If a load balancer is used, then presumably a relay/connection through the TURN server would require that both parties connect to the exact same server behind the load balancer (which is not guaranteed if the balancer assigns each party to a different server). Is this a valid concern, and what is the best approach to get around this problem?

2) Is each TURN server aware of it's own IP address - and if so, would it consider it's own IP address to be the load balancer IP address or it's "internal" IP address? How does the TURN server determine it's IP address?

3) What is the best way to determine if the current TURN servers are running at capacity, and therefore another TURN server instance should be launched? Is there any monitoring built into the TURN server itself, or is this best done through monitoring the CPU usage and/or other statistics on the server?

4) In the Google Compute Engine Load Balancer there are built in solutions to detect if an entire server is down. What is the best way or standard method to detect if the TURN server itself has crashed and to re-start it if necessary? 

Thank you and kind regards

Alexander

[Oleg Moskalenko]

See below in the text:

On Wednesday, May 21, 2014 5:31:24 PM UTC-7, Alexander Marquardt wrote:

I am in the initial phases of setting up a rfc5766-turn-server TURN/STUN server, and have a few questions in anticipation of things that I will have to deal with. I am just getting started with TURN servers as well as Load Balancers, so please be gentle if my questions have "obvious" answers.

I will likely use Google Compute Engine to host the TURN sever, which from other postings that I have read should not be a problem. In the Google Compute Engine, there is a built-in load balancer that I will likely use, which leads me to the following set of questions:

1) If a load balancer is used, then presumably a relay/connection through the TURN server would require that both parties connect to the exact same server behind the load balancer (which is not guaranteed if the balancer assigns each party to a different server).

That's not true. Check how the TURN is behaving and you will get more understanding why it does not matter.

Although, the "collocation" of the sessions may be required if:

1) You are using RTCP "even ports" functionality;
2) You are using "mobile" sessions (I assume you are not);

In those two cases, different sessions must have information about each other. There is no way around it, at the present moment, with the current implementation.

Otherwise, it must work just fine if different peer sessions are attached to different TURN servers.


 

Is this a valid concern, and what is the best approach to get around this problem?

 

2) Is each TURN server aware of it's own IP address - and if so, would it consider it's own IP address to be the load balancer IP address or it's "internal" IP address? How does the TURN server determine it's IP address?

Check how the TURN server is configured. You must tell the TURN server which local IP address(es) it has to use. You can configure the "external" public IP address with -X option.
 

3) What is the best way to determine if the current TURN servers are running at capacity, and therefore another TURN server instance should be launched? Is there any monitoring built into the TURN server itself, or is this best done through monitoring the CPU usage and/or other statistics on the server?

You have to monitor the CPU statistics and the network card statistics.
 

4) In the Google Compute Engine Load Balancer there are built in solutions to detect if an entire server is down. What is the best way or standard method to detect if the TURN server itself has crashed and to re-start it if necessary? 

To check whether the TURN server is alive you can just send an HTTP GET request to the TURN server endpoint, it will return HTTP OK if it is alive.
 
Oleg

[Alexander Marquardt]

Hi Oleg, 

Thank you very much for your excellent answers!

I am not totally clear on how the protocol routes packets between two users that are each connected to distinct TURN servers that are behind a load balancer. Do you know of any documents for further reading that would help to clarify this? (specifically, I am not clear on how the packets are routed from one TURN server to the other TURN server, which should be necessary since each TURN server is communicating with a different client)

Kind Regards

Alexander

[Oleg Moskalenko]

For each TURN session, a new network relay endpoint is getting created. That relay endpoint is used as a surrogate client endpoint - for communications with whatever peer the client has. The peer can be a real client, or another relay endpoint of another client - whatever, the TURN server does not need to know that. If another relay endpoint is located on another TURN server, that's fine, because it is getting treated regardless of location in the same way.

If this explanation is not enough, then read the original RFC 5766 document, it is all described there quite well.

Oleg

[Alexander Marquardt]

Thank you very much for your help! I'll have a look at the RFC to solidify my understanding.