1

There are two very similar questions here, but both haven't been answered:

rfc5766-turn-server as TURN and STUN for webrtc application question 1. says "with rfc5766-turn-server is enough to act as a TURN and also STUN server or do I also need to run a stun server".

missing relay candidates from TURN server speak about missing relay candidates, the effect I am seeing when making only a turn request.

We have coturn configured with turns and use-auth-secret and use https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/ for testing.

  • When I make a stun request stun:hostname:5349 without password I see the srflx candidate (my external IP).
  • When I make a turn request turns:hostname:5349[username:password] I see the relay candidate (the TURN server's public address).

This looks good, but do I need to make 2 requests to the same server? Shouldn't turn include stun and give me srflx and relay candidates?

  • Can I configure coturn to return both in a single request?
  • Or will the client have to make both requests? Is so, will all browsers do this correctly when using WebRTC?
Oliver Hausler
  • 4,900
  • 4
  • 35
  • 70

1 Answers1

3

If you have TURN/UDP configured in the client, configuring the same server as a STUN server isn't necessary.

TURN over UDP will return a srflx candidate automatically, you should be able to see that on the trickle-ice test page. If you look at the packets exchanged in Wireshark you'll see both * a STUN binding request and the binding response containing the public ip as seen by the server in the xor-mapped-address field as well as * a STUN (TURN) allocate request whose response also contains a xor-mapped-address

TURN over TLS or TURN over TCP won't do that since that would not work with udp hole punching.

Philipp Hancke
  • 15,855
  • 2
  • 23
  • 31