Thanks for sharing your configuration, great! After reviewing the coturn configuration I ask myself some questions about your setup:
coturn recommends two public IPs. There is a listening-ip=0.0.0.0 option in your /etc/turnserver.conf file. Did you configure your coturn host with multiple IPs and if so do all IPs point/resolve to the same DNS name? Or do you run multiple coturn stun/turn servers with different IPs and DNS names like coturn1.domain.tld, coturn2.domain.tld etc.?
there is no tls-listening-port=443 setting in your /etc/turnserver.conf, but you set cert and pkey in your /etc/turnserver.conf and in prosody_config.j2 you set turns with port = "443", transport = "tcp". Could you explain please?
Did you set SRV records for stun/turn in your DNS?
Is port 443 configured to tcp only or tcp and udp and is port 443 the only open incoming port for coturn on your firewall or do ports 10000-20000/udp have to be open too?
Hi Jens-Christian!
Thanks for sharing your configuration, great! After reviewing the coturn configuration I ask myself some questions about your setup:
coturn recommends two public IPs. There is a
listening-ip=0.0.0.0
option in your/etc/turnserver.conf
file. Did you configure your coturn host with multiple IPs and if so do all IPs point/resolve to the same DNS name? Or do you run multiple coturn stun/turn servers with different IPs and DNS names like coturn1.domain.tld, coturn2.domain.tld etc.?there is no
tls-listening-port=443
setting in your/etc/turnserver.conf
, but you setcert
andpkey
in your /etc/turnserver.conf and inprosody_config.j2
you set turns withport = "443", transport = "tcp"
. Could you explain please?Did you set SRV records for stun/turn in your DNS?
On videobridge side, it's just setting
org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES
in
sip-communicator.properties
, right?Is port 443 configured to tcp only or tcp and udp and is port 443 the only open incoming port for coturn on your firewall or do ports 10000-20000/udp have to be open too?
Cheers!