- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Team,
As I noticed, application (client side) is not interacting and not dealing with STUN/TURN server directly. webrtc_agent is interacting with STUN/TURN server in the framework. So, I think that we no need to assign public IP address to STUN/TURN server. Can I deploy STUN/TURN server in Demilitarized Zone(DMZ) area with respect to Intel CS for WebRTC? Do I need to must assign public IP address to STUN/TURN server?
Thank you.
Best Regards,
Chandramouli.
- Tags:
- HTML5
- JavaScript*
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, Chandramouli
MCU server only support STUN server, clients can support both STUN and TURN server. We don't restrict where STUN/TURN server put, but it should have public IP to act for NAT traversal capability.
Link Copied
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Team,
I tried giving the private IP address of STUN/TURN server in webrtc_agent/agent.toml file and working fine. Is it the correct approach to hide the STUN/TURN server from the public?
Thank you.
Best Regards,
Chandramouli.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In Intel CS for WebRTC, STUN/TURN server is supposed to help clients to build the peerconnection, not for the server(webrtc-agent).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Xiande,
Thank you for your reply. Do you mean, If we use MCU/SFU, we no need to use/depend on STUN/TURN server? Please clarify. For your information, we deployed our MCU server in AWS.
Thank you.
Best Regards,
Chandramouli.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Xiande,
I tried MCU with out using STUN/TURN server and didn't work. So, we need STUN/TURN server to work with MCU. But, my question is STUN/TURN server requires public IP address or not? If not required, I will put STUN/TURN server in Demilitarized Zone(DMZ).
Any update would be appreciated. Thank you.
Best Regards,
Chandramouli.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It depends on where your client devices locate, If clients outside needs to access to conference behind DMZ, then your STUN/TURN server needs to be deployed in DMZ.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Xiande,
Thanks for your reply. I believe that there is some communication gap in explaining my query. Obviously, end users (clients) may or may not behind the NAT and can assume that end users (client) connects from outside of the network. I am just simply following the "Security Recommendations" in official Conference server documentation. Please find my below queries:
1) According to the diagram in the documentation, where I can put our STUN/TURN server? Do you want me to deploy along with RabbitMQ, MongoDB servers OR along with Manager and worker servers?
2) If you want me to deploy STUN/TURN server along with Manager and worker servers, Do I need to must assign the public IP address to STUN/TURN server? Because, As I explained in my first post, I had given private IP address of the STUN/TURN server in webrtc_agent/agent.toml file and worked successfully. Please clarify.
Thank you.
Best Regards,
Chandramouli.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, Chandramouli
MCU server only support STUN server, clients can support both STUN and TURN server. We don't restrict where STUN/TURN server put, but it should have public IP to act for NAT traversal capability.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Lei Zhai,
Thank you for your reply and information.
Best Regards,
Chandramouli.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page