atyenoria
commented
4 years ago read janus doc
Closed kirillt closed 1 year ago
atyenoria
commented
4 years ago read janus doc
kirillt
commented
4 years ago I can't find any mentions of CoTURN in Janus documentation. I know what is TURN and how it is useful. What I don't understand is how it can be useful when TURN and media servers are behind the same NAT (if any present).
This answer suggests, that in such a configuration it would be possible to use a single port for multiple connections and also use DTLS and TLS transport for ICE. https://stackoverflow.com/questions/61897823/does-it-make-sense-to-deploy-turn-and-media-server-in-the-same-network
ajnozari
commented
3 years ago It’s useful if your Janus is behind a NAT (see most cloud services).
Having the coturn in the same docker image lets you run both with one contained image. All you do is forward turn ports to the same docker host, and it just works.
It also means I can use the same image on my production (no NAT) vs my dev (heavily Nat’d)
kirillt
commented
3 years ago Suppose, we have nodes A and B and there is NAT between A and B.
Option 1: A can reach B. Then putting a TURN-server at node B provides no benefit for A.
Option 2: A can't reach B. Then A can't reach B even if we put a TURN-server at node B. We should use another node C which is accessible from both A and B to put TURN-server there in this case.
ajnozari
commented
3 years ago Option 2 isn’t entirely correct.
mid you expose B to the internet on the firewall, nat won’t bother turn at that point. Then you can point B at the external domain or IP. As long as your firewall allows it, it will work as expected.
This also works in production although I do recommend using turn even in production. This method works quite well and is serving us for many users.
Hey, I hope issues here are OK to use for asking a question. The matter of TURN-servers is not completely clear to me yet, but from what I already know it seems for me that TURN-servers make sense when they are placed in another network. If a client can connect to the TURN-server deployed in the same container as Janus, why it can't connect directly to Janus then?