On Sun, 2017-01-29 16:04, Ed - 0x1b, Inc. wrote: > On Sun, Jan 29, 2017 at 8:53 AM, Niklaus Hofer <[email protected]> wrote: > > I've recently setup a STUN / TURN server to complement my XMPP server. I > > would like to hand out short-term STUN credentials to users by the means > > described in XEP-0215 "3.3 Requesting Credentials". > > OT a bit, out of curiosity which STUN/TURN server did you use - how > was the deployment? have any troubles with the firewall? > Thanks v.much, asking because I may be doing this same thing this spring - Ed
I didn't have too much trouble in the sense of it not working. I was however surprised by how sparsely this topic is documented. I did not find any good tutorials or even just introductions to the topic at all. When it gets to integrating STUN with any particular XMPP server it gets even worse. I deployed it to a server on an Open Stack cloud. This means that the server itself is behind a 1:1 NAT. It has it's own public IP address, but it can't bind that address directly to its interface, instead it binds a local IP. It turns out that coturn [0] has support for exactly that feature (promoting a different public IP than the server process binds to and then mapping those two). Also coturn's default configuration file is very well commented. I ended up not setting a password for STUN and publishing the TURN credentials to all interested users because I wasn't sure about 0215. The last challenge to overcome was testing. I used the Stun client from [1] but that seems to only test RFC 3489. I also used the online WebRTC tester from [2]. Both tests were successful. However, I was not able to find a simple testing program to test the specific part of TURN that requires credentials. I would be greatful for some tips on testing STUN / TURN. [0] https://github.com/coturn/coturn [1] https://sourceforge.net/projects/stun/ [2] https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/ -- Niklaus 'vimja' Hofer [email protected] xmpp: [email protected]
