Set up a TURN server on AWS in 15 minutes
In this article I want to show you how to create TURN server and use it in peer.js framework.
Why TURN server?
TURN server is found to be most useful in creating peer to peer video chat, where it is used to relay data traffic between the two peers for frameworks based on WebRTC . More about WebRTC you can find it here.
Commonly used free STUN servers will try to resolve IP public addresses of chat participants .Unfortunately, in most cases, where one of the peers is behind NAT, STUN server fail and we left with only one option, and it is to create a TURN server which will relay all traffic between the peers. From my experience, STUN mostly fail to resolve IP of participants which use cellular connection.
We will use COTURN, which is the a popular open source platform for TURN server. It is written in C++ and running on Ubuntu Linux.
Here’s 7 simple steps to create TURN server in 15 minutes.
Step 1
Create AWS EC2 Ubuntu server using free quota (see pricing for details). You can find here a simple tutorial how to create an ec2 instance.
Step 2
In the AWS console, add a new security group in Network & Security > Security Groups.
You need to add this security group to the default one, in order to receive inbound traffic to relay it later on.(inbound port for UDP and TCP packets). Security groups are added to the ec2 instance.
3478 : UDP
3478 : TCP
49152–65535 : UDP
Step 3
Once Linux instance is started, install Ubuntu updates and Coturn:
Log on you your new ec2 server you will need a shell. From AWS console get a “key pair file, go to the directory where you’ve downloaded the keypairfile ([..].pem), type in cmd or powershell:
ssh -i keypairfile.pem your_server_name@your_server_ip
where your_server_ip is the Public IPv4 address (external IP) of your ec2 server, your_server_name is the name you gave to ec2 instance and keypairfile.pem is the keypair secret file you downloaded from ec2.
Run the following commands in the shell to your server.
sudo apt-get -y update
sudo apt-get install coturnStep 4
On your server edit the first configuration file: /etc/default/coturn in order to run server as service:
sudo vi /etc/default/coturnTURNSERVER_ENABLED=1
Step 5
Edit second configuration file, located at /etc/turnserver.conf
# ec2 internal IP is the listening IP:
listening-ip=xxx.xx.xx.xx
external-ip=xx.xx.xxx.xxx# IP here is ec2 internal IP
relay-ip=xxx.xx.xx.xx# For an IP under NAT like amazon: internal_ip/external_ip
external-ip=xx.xx.xxx.xxx/xxx.xx.xx.xx# using static authentication
lt-cred-mech# define realm
realm=myrealm# define user and password (usr:pass)
user=myuser:mypassword
Step 6
Run the server
turnserverTo check if your Coturn is running, see the service list by running service --status-all in your console/powershell. Logs are at /var/log/turn[...] .
Step 7
Test your server on Trickle ICE. Trickle ICE is an open source project which test your turn server availability.
Add your server to “Ice servers” , select Gather candidates and look for candidates with component type [...]relay.
That’s it!
Example
Peer.js is one of the most popular frameworks for peer to peer connectivity. To use your TURN server in Peer.js follow the following steps.
Create a new Peer object with the following line, where external_ip is the external IP you’ve defined in the TURN server:
let peer = new Peer({
config: {
iceServers: [
{ urls: 'stun:stun.l.google.com:19302' },
{urls: 'turn:external_ip:3478?transport=tcp', credential: 'mypassword', username: 'myusername'}
]
}
});References:
