coturn icon indicating copy to clipboard operation
coturn copied to clipboard
verified publisher icon coturn

can't access STUN/TURN server from webrtc

Open mittster opened this issue 6 years ago • 3 comments

I am following the official coturn docs and trying to setup a coturn server to handle STUN and TURN requests. I am testing if my server runs correctly by using this little JS script:

function checkTURNServer(turnConfig, timeout){ 

  return new Promise(function(resolve, reject){

    setTimeout(function(){
        if(promiseResolved) return;
        resolve(false);
        promiseResolved = true;
    }, timeout || 5000);

    var promiseResolved = false
      , myPeerConnection = window.RTCPeerConnection || window.mozRTCPeerConnection || window.webkitRTCPeerConnection   //compatibility for firefox and chrome
      , pc = new myPeerConnection({iceServers:[turnConfig]})
      , noop = function(){};
    pc.createDataChannel("");    //create a bogus data channel
    pc.createOffer(function(sdp){
      if(sdp.sdp.indexOf('typ relay') > -1){ // sometimes sdp contains the ice candidates...
        promiseResolved = true;
        resolve(true);
      }
      pc.setLocalDescription(sdp, noop, noop);
    }, noop);    // create offer and set local description
    pc.onicecandidate = function(ice){  //listen for candidate events
      if(promiseResolved || !ice || !ice.candidate || !ice.candidate.candidate || !(ice.candidate.candidate.indexOf('typ relay')>-1))  return;
      promiseResolved = true;
      resolve(true);
    };
  });   
}

and running it with my credentials:

checkTURNServer({"url":"turn:IP1:3478",'username': 'bayaz',"credential":"magi"}).then(function(bool){
    console.log('is TURN server active? ', bool? 'yes':'no');
}).catch(console.error.bind(console));

Where the user was created with;

turnadmin -A -u bayaz -p magi

This are uncommented lines in configuration file:

listening-port=3478
tls-listening-port=5349
listening-ip=IP1
listening-ip=IP2	
verbose	
lt-cred-mech
realm=mydomain.com
cert=/etc/letsencrypt/live/mydomain.com/cert.pem
pkey=/etc/letsencrypt/live/mydomain.com/privkey.pem

This is the output of running turnserver -c path/to/file.conf

0: log file opened: /var/tmp/turn_10200_2019-05-17.log
0: Listener address to use: IP1
0: Listener address to use: IP2
0: 
RFC 3489/5389/5766/5780/6062/6156 STUN/TURN Server
Version Coturn-4.5.0.8 'dan Eider'
0: 
Max number of open files/sockets allowed for this process: 4096
0: 
Due to the open files/sockets limitation,
max supported number of TURN Sessions possible is: 2000 (approximately)
0: 

==== Show him the instruments, Practical Frost: ====

0: TLS supported
0: DTLS supported
0: DTLS 1.2 supported
0: TURN/STUN ALPN supported
0: Third-party authorization (oAuth) supported
0: GCM (AEAD) supported
0: OpenSSL compile-time version: OpenSSL 1.0.2k-fips  26 Jan 2017 (0x100020bf)
0: 
0: SQLite supported, default database location is /usr/local/var/db/turndb
0: Redis is not supported
0: PostgreSQL is not supported
0: MySQL is not supported
0: MongoDB is not supported
0: 
0: Default Net Engine version: 3 (UDP thread per CPU core)

=====================================================

0: Domain name: 
0: Default realm: mydomain.com
0: SSL23: Certificate file found: /etc/letsencrypt/live/mydomain.com/cert.pem
0: SSL23: Private key file found: /etc/letsencrypt/live/mydomain.com/privkey.pem
0: TLS1.0: Certificate file found: /etc/letsencrypt/live/mydomain.com/cert.pem
0: TLS1.0: Private key file found: /etc/letsencrypt/live/mydomain.com/privkey.pem
0: TLS1.1: Certificate file found: /etc/letsencrypt/live/mydomain.com/cert.pem
0: TLS1.1: Private key file found: /etc/letsencrypt/live/mydomain.com/privkey.pem
0: TLS1.2: Certificate file found: /etc/letsencrypt/live/mydomain.com/cert.pem
0: TLS1.2: Private key file found: /etc/letsencrypt/live/mydomain.com/privkey.pem
0: TLS cipher suite: DEFAULT
0: DTLS: Certificate file found: /etc/letsencrypt/live/mydomain.com/cert.pem
0: DTLS: Private key file found: /etc/letsencrypt/live/mydomain.com/privkey.pem
0: DTLS1.2: Certificate file found: /etc/letsencrypt/live/mydomain.com/cert.pem
0: DTLS1.2: Private key file found: /etc/letsencrypt/live/mydomain.com/privkey.pem
0: DTLS cipher suite: DEFAULT
0: Relay address to use: IP1
0: Relay address to use: IP2
Cannot create pid file: /var/run/turnserver.pid: Permission denied
0: Cannot create pid file: /var/run/turnserver.pid
0: pid file created: /var/tmp/turnserver.pid
0: IO method (main listener thread): epoll (with changelist)
0: Wait for relay ports initialization...
0:   relay IP1 initialization...
0:   relay IP1 initialization done
0:   relay IP2 initialization...
0:   relay IP2 initialization done
0: Relay ports initialization done
0: IO method (general relay thread): epoll (with changelist)
0: turn server id=1 created
0: IPv4. TLS/SCTP listener opened on : IP1:3478
0: IPv4. TLS/TCP listener opened on : IP1:3478
0: IPv4. TLS/SCTP listener opened on : IP1:3479
0: IPv4. TLS/TCP listener opened on : IP1:3479
0: IPv4. TLS/SCTP listener opened on : IP1:5349
0: IPv4. TLS/TCP listener opened on : IP1:5349
0: IPv4. TLS/SCTP listener opened on : IP1:5350
0: IPv4. TLS/TCP listener opened on : IP1:5350
0: IPv4. TLS/SCTP listener opened on : IP2:3478
0: IPv4. TLS/TCP listener opened on : IP2:3478
0: IPv4. TLS/SCTP listener opened on : IP2:3479
0: IPv4. TLS/TCP listener opened on : IP2:3479
0: IPv4. TLS/SCTP listener opened on : IP2:5349
0: IPv4. TLS/TCP listener opened on : IP2:5349
0: IPv4. TLS/SCTP listener opened on : IP2:5350
0: IPv4. TLS/TCP listener opened on : IP2:5350
0: IO method (general relay thread): epoll (with changelist)
0: turn server id=0 created
0: IPv4. TLS/TCP listener opened on : IP1:3478
0: IPv4. TLS/TCP listener opened on : IP1:3479
0: IPv4. TLS/TCP listener opened on : IP1:5349
0: IPv4. TLS/TCP listener opened on : IP1:5350
0: IPv4. TLS/TCP listener opened on : IP2:3478
0: IPv4. TLS/TCP listener opened on : IP2:3479
0: IPv4. TLS/TCP listener opened on : IP2:5349
0: IPv4. TLS/TCP listener opened on : IP2:5350
0: IPv4. DTLS/UDP listener opened on: IP1:3478
0: IPv4. DTLS/UDP listener opened on: IP1:3479
0: IPv4. DTLS/UDP listener opened on: IP1:5349
0: IPv4. DTLS/UDP listener opened on: IP1:5350
0: IPv4. DTLS/UDP listener opened on: IP2:3478
0: IPv4. DTLS/UDP listener opened on: IP2:3479
0: IPv4. DTLS/UDP listener opened on: IP2:5349
0: IPv4. DTLS/UDP listener opened on: IP2:5350
0: Total General servers: 2
0: IO method (admin thread): epoll (with changelist)
0: IO method (auth thread): epoll (with changelist)
0: IO method (auth thread): epoll (with changelist)
0: IPv4. CLI listener opened on : 127.0.0.1:5766
0: SQLite DB connection success: /usr/local/var/db/turndb

When I test my turn server, I get my custom error message "is TURN server active? no" in the console, which indicated that I got no response from the server.

I already spent a few days trying to figure this out, but I had no luck. What am I missing here? Another thing that I didn't fully resolve is that mysql is not supported, even though I yum installed mysql-devel and mysqlserver. Why is that? In the INSTALL file it says that shared library should be set (LD_LIBRARY_PATH), but I am not sure what do to with it. I am on Centos 7.

mittster avatar May 17 '19 13:05 mittster

Same issue

Prashanth004 avatar Jul 04 '19 16:07 Prashanth004

@misi: Can you look?

Neustradamus avatar Jun 25 '20 04:06 Neustradamus

Hi @mittster and @Prashanth004 Do you still have an issue? I suggest to test your server with https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/ or turnutils_uclient first (to make sure your coturn is properly configured and accessible)

On the other hand, you can test your simple test app with publicly availabe turn servers (to make sure your JS app does not have bugs)

eakraly avatar Aug 23 '22 01:08 eakraly