Please wait while we enable your Account

Contacting Amazon Web Services

Deploying Cloud Servers, Storage, Transcoding & Database Servers

Deploying Global CDN

Deploying Firewall & Enabling Security Measures

Deploying the CMS & Admin Module

Deploying Website, Mobile & TV Apps framework

Creating your FTP account

Finishing up all the modules

Preparing for launch

Setup your own CoTurn Server using EC2 26 February 2021

NAT (Network Address Translation) traversal servers in WebRTC are the reason that media gets properly connected and those servers are STUN and TURN.

What is Turn Server?

Traversal Using Relays around NAT is a protocol that assists in traversal of network address translators or firewalls for multimedia applications.

It may be used with the Transmission Control Protocol and User Datagram Protocol. It is most useful for clients on networks masqueraded by symmetric NAT devices.

When Turn Server is needed?

On a typical webRTC app, about 20% of connections require a TURN server. It may work fine for you, but try accessing your webRTC service from a cell phone connection (which will usually require TURN), and you’ll see that not all connections are equal when it comes to p2p.

For peer-to-peer, you will need to install and run a TURN server.

But the question is why?

Because some firewalls block certain types of traffic. Many just block UDP but some may even block TCP.

Turn server Hardware

It is not mandatory that we should have a higher configuration or something. You can make the setup even with basic configurations like using a free tier instance which is available in the AWS for EC2 i.e. t2.micro.

If you wish to test whether your browser supports this webRTC then you can test it out here.

Link: https://test.webrtc.org/

All right Now let’s start to implement it from the EC2 instance,

Step 1:

Here you can just grab whatever is available in the free tier for the EC2 instance.

Step 2: EC2 Instance security group settings

The only changes while launching an instance is in the security groups, I have given the details of the security groups port then we need to

UDP → 32355-65535, 3478-3479

TCP → 32355-65535, 3478-3479

Step 3: Install coturn

Coturn is an OpenSource Implementation of TURN and STUN Servers.

Code is as follows,

sudo apt-get -y update

sudo apt-get install coturn

Step 4: Stop the Coturn Server & make the changes

Before we do any changes we need to stop the coturn server first.

Then we need to uncomment the TURNSERVER_ENABLED=1 and move the following location,

Code is as follows,

sudo systemctl stop coturn / sudo systemctl stop coturn.services

sudo vi /etc/default/coturn

Now uncomment and it should look like the following,

Step 5: Make changes in the turnserver.conf file / coturn setting file

Move to that location or else open the file from the following location,

Code is as follows,

cd /etc/

Then you need to open either using a vim editor / nano editor / vi editor in super user mode

Code is as follows,

sudo nano turnserver.conf

Remove the comments from the following lines, and add any necessary information.

Now you need to update your own public IP of the EC2 instance which you have configured.

Here also you need to configure the same give the EC2 instance Public ip, i.e. listening ip and relay ip should be the same, but in this example it’s different since I restarted my EC2 instance.

Here there is an update given by the official creator since it is 2021, they gave an update it seems

Here you can see that the “no-loopback-peers” option has been replaced by “allow-loopback-peers”.

It is up to you to comment that or uncomment but I highly recommend you all to comment that line.

Once you have done all these properly then you’re good to go.

Step 6: start the coturn server

Since we have stopped our server in step 4 we need to start it up,

Code is as follows,

sudo systemctl start coturn / sudo systemctl start coturn.services

Then you need to verify it using the following code,

sudo systemctl status coturn / sudo systemctl status coturn.services

Once you hit enter you should see the out and it should show you the output as “ active (running) “.

You can check and verify this in the following website,

Link: https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/

Here you can see the currently working Stun Server i.e. the free public server which is hosted by our Uncle Google. Well, there will be an option to change the details in the ICE Server. You need to first

Reset to defaults
Select and remove the details in the ICE Servers
Then enter the turn server details

turn:< PUBLIC IP / EC2 Public Instance IP / Domain Name>:3478?transport=tcp

4. Then given the username as “ <USERNAME> ” and password as “ <PASSWORD> “

5. Then hit “add Server” select “Get Candidates”

You should always see the “Priority” column should give a result “Done” or if it is not configured properly you will end up with an output “Unreachable”.

But if you need to update your own uname, password or you need to update your own certificate and key with domain all can be done just proceed to scroll and look further options and you will find the following details below,

user

cert

pkey

server-name

I will let you guys do the changes on this.

Once you have done all the changes you to add the details in the following way to your code,

Don't forget to share this post!

Narendiran Krishnan

AI blogger. Inspiring & working towards a better future through technology & Artificial Intelligence with Hands-on experience in Cloud stacks like --> Azure, AWS, IBM, Open Stack and worked with Terraform for automation of Cloud Infrastructure as a service. Deep Reinforcement Learning (Unity, did TensorFlow code migration), Synthetic Data (Unity), and RASA Chatbot... Join me in the quest.