[libnice] [nice] recommended OSS STUN/TURN server

Klaus Kranz klaus.kranz at access-company.com
Mon Nov 17 07:47:45 PST 2014 

Unfortunately the test on the public network failed.

Wireshark showed ICMP destination unreachable ( port unreachable ) right
after  the binding request to the gathered relay port.

>From timestamps there seems to be 8sec from the initial allocate
XOR-RELAYED-ADDRESS response to this binding request, so maybe too long
 and the TURN server already closed the port ?

The test topology is as below.

STUN/TURN is same package just on different machines ( STUN+TURN) enabled.

If the server on 10.. is configured in libnice  STUN is possible and we can
connect.

If the server on 109.. is configured in libnice  only TURN is possible but
we can connect.













-----Original Message-----
From: Klaus Kranz [mailto:klaus.kranz at access-company.com]
Sent: Montag, 17. November 2014 12:08
To: 'Olivier Crête'; 'nice at lists.freedesktop.org'
Subject: RE: [libnice] [nice] recommended OSS STUN/TURN server



I've been using nice_agent_set_relay_info(.... , NICE_RELAY_TYPE_TURN_UDP)
in previous tests, that failed to connect.

Now I changed experimentally to NICE_RELAY_TYPE_TURN_TCP and bingo the
peers can connect now by STUN method.

Test on public IP address will show finally if it can connect as well when
only TURN is possible.

Need to wait for our sysadmins, so this test might be conducted today
afternoon. Xing fingers.



But I frankly speaking I don't understand that behavior at all.



I wonder if I am the only candidate on earth experiencing those problems.

Rgds

Klaus



-----Original Message-----

From: Klaus Kranz [mailto:klaus.kranz at access-company.com
<klaus.kranz at access-company.com>]

Sent: Montag, 17. November 2014 11:10

To: 'Olivier Crête'; 'nice at lists.freedesktop.org'

Subject: RE: [libnice] [nice] recommended OSS STUN/TURN server



Dear Olivier,

I commented the line on the other peer and it turns out that now listing
the relay candidate on both sides, prevents them to finally connect using
STUN.

This is what I observed last week using the other turnserver.

So back to zero.

Rgds

Klaus





-----Original Message-----

From: Klaus Kranz [mailto:klaus.kranz at access-company.com
<klaus.kranz at access-company.com>]

Sent: Montag, 17. November 2014 10:38

To: 'Olivier Crête'; 'nice at lists.freedesktop.org'

Subject: RE: [libnice] [nice] recommended OSS STUN/TURN server



Dear Olivier,

I've now tried with the rfc5466-turn-server running with  --no-auth for
simplicity gives same results ( no relay candidate ).

However libnice debug showed that I have to use --fingerprint on the server
side.

But this was not enough. I still got "STUN auth error: No message integrity
attribute!" from stunagent.c  stun_agent_validate().

After commenting the line return STUN_VALIDATION_UNAUTHORIZED  it succeeds.

Nice agent compatibility is set to RFC5245 Wireshark doesn't show such a
status code. Only one is "role conflict"

Test conducted in house on 10...  with Peer clients behind 2 routers
192.... , so STUN able.

Now I need to run the server on the public to see if the relay works. (
I'll keep you posted ).



Rgds

Klaus



-----Original Message-----

From: Olivier Crête [mailto:olivier.crete at collabora.com
<olivier.crete at collabora.com>]

Sent: Freitag, 14. November 2014 17:33

To: Klaus Kranz; nice at lists.freedesktop.org

Subject: Re: [libnice] [nice] recommended OSS STUN/TURN server



Hi,



I've never tried coTurn, you may want to look at the libnice log produce
with G_MESSAGES_DEBUG=all NICE_DEBUG=all, if you can't make any sense from
them, please post them here.



Olivier



On 11/14/2014 10:22 AM, Klaus Kranz wrote:

> Dear Olivier,

> thanks a lot. I've followed the rfc5466-turn-server  which leads to
coTurn.

> So I tried coTurn. It worked out-of-the-box for STUN but libnice

> didn't gather relay candidates.

> I could see that the TURN ALLOCATIONS went ok, but...

>

> Do you have any idea what can go wrong ?

> Rgds

> Klaus

>

>

> -----Original Message-----

> From: nice [mailto:nice-bounces at lists.freedesktop.org
<nice-bounces at lists.freedesktop.org>] On Behalf Of

> Olivier Crête

> Sent: Donnerstag, 13. November 2014 17:59

> To: nice at lists.freedesktop.org

> Subject: Re: [libnice] [nice] recommended OSS STUN/TURN server

>

> Hi,

>

> There are 2 good open source turn servers, turnserver.org and

> rfc5466-turn-server.

>

> On 13/11/14 03:13 AM, Klaus Kranz wrote:

>> Dear all,

>>

>> does somebody have a recommendation for an open source STUN/TURN

>> server, confirming a well functioning behaviour.

>>

>> Thanks in advance.

>>

>> Rgds

>>

>> Klaus

>>

>>

>> .

>>

>>

>> _______________________________________________

>> nice mailing list

>> nice at lists.freedesktop.org

>> http://lists.freedesktop.org/mailman/listinfo/nice

>>

>

> --

> Olivier Crête

> olivier.crete at collabora.com

> _______________________________________________

> nice mailing list

> nice at lists.freedesktop.org

> http://lists.freedesktop.org/mailman/listinfo/nice

>



--

Olivier Crête

olivier.crete at collabora.com

-- 
.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/nice/attachments/20141117/1e8b2bdc/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 17243 bytes
Desc: not available
URL: <http://lists.freedesktop.org/archives/nice/attachments/20141117/1e8b2bdc/attachment-0001.png>

More information about the nice mailing list