search

swallowcc / rfc5766-turn-server

Automatically exported from code.google.com/p/rfc5766-turn-server
0 stars 0 forks source link

in RFC 6062 TCP relay endpoints, the connecting address is different from the relay endpoint #52

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
When we connect from relay endpoint, we are using a random port different from 
the relay endpoint.

Original issue reported on code.google.com by mom040...@gmail.com on 27 Aug 2013 at 1:36

GoogleCodeExporter commented 9 years ago 
Fixed in SVN, will be fixed in 2.6.2.1 release.

Original comment by mom040...@gmail.com on 27 Aug 2013 at 1:38

GoogleCodeExporter commented 9 years ago 
I actually discovered that, as written, RFC 6062 cannot be 100% correctly 
supported on any modern "official" Linuxes prior to kernel 3.9.

The problem is that pre-3.9 Linuxes do not support SO_REUSEPORT option, see 
explanations here:

https://lwn.net/Articles/542629/
http://stackoverflow.com/questions/14388706/socket-options-so-reuseaddr-and-so-r
euseport-how-do-they-differ-do-they-mean-t

In section 5.2 of RFC 6062: http://tools.ietf.org/html/rfc6062#page-9

they require that all TCP connections initiated from the relay endpoint must 
have the same local address as the relay endpoint. Considering that we already 
have a relay endpoint socket listening on that address, this is simply 
impossible with "normal" socket API in Linux. We cannot start a new remote 
connection with a new client socket when we have a local server socket on the 
same local address.

For this sort of functionality, we need SO_REUSEPORT option support. This 
option is correctly supported currently only on the following OSes:

1) BSD (FreeBSD, PC-BSD, etc).
2) Mac OS X
3) Latest Linux kernels 3.9+

This TURN server, starting with version 2.6.2.1, will correctly support RFC 
6062 for those platforms. For others, we do not support the requirement in the 
section 5.2.

The turnserver.sourceforge.net supports the 5.2 requirement, but it pays a big 
price for that: it imposes a limitation that if we have a connection initiated, 
then we cannot have other TCP connections for the session - neither incoming 
nor outgoing. But RFC 6062 does not impose any limitation on the number of 
session connections.

Original comment by mom040...@gmail.com on 2 Sep 2013 at 10:16

GoogleCodeExporter commented 9 years ago 
Fixed in 2.6.2.1

Original comment by mom040...@gmail.com on 3 Sep 2013 at 7:12

GoogleCodeExporter commented 9 years ago 
I fixed the problem for pre-3.9 Linux kernel, too.

Original comment by mom040...@gmail.com on 7 Sep 2013 at 4:33

GoogleCodeExporter commented 9 years ago 
The full fix is available in SVN and will be part of 2.6.2.2 and later builds.

Original comment by mom040...@gmail.com on 7 Sep 2013 at 4:34