webrtccoturn

WebRTC: CoTurn can't relay streams


We setup CoTurn on a cloud VM. Then we test it with our WebRTC demo website. We find that it can't relay streams, which means the two sides of the WebRTC demo can't connect to each other when they are in different subnet.

The following things has been done according to the investigation:

  1. We are using CoTurn 4.5.1.1 on Ubuntu 20.04. CoTurn is installed by apt-get.
  2. The realm is set in turnserver.conf and the account which created by turnadmin is bound with the realm.
  3. Inbound UDP ports 1 ~ 65535 are opened in cloud VM. We use netcat to listen to udp:50000 in the VM and send some data on the PC at home, the data can be received.
  4. The WebRTC demo website works when both of the sides reside in the same subnet.

This is the turnserver.conf:

listening-device=eth0
listening-port=3478
tls-listening-port=5349
listening-ip=172.16.9.209
relay-ip=172.16.9.209
external-ip=8.136.83.163
server-name=turn.locationbackbone.top
realm=turn.locationbackbone.top
log-file=/var/log/turn.log
cert=/etc/turn_server_cert.pem
pkey=/etc/turn_server_pkey.pem
fingerprint
lt-cred-mech
user=Jim:Jim
verbose

This is the setup of the WebRTC demo:

const peerConnection = new RTCPeerConnection({
    iceServers: [{
      urls: 'turn:turn.locationbackbone.top:3478',
      username: 'Jim',
      credential: 'Jim'
    }]
  });

This is the log from CoTurn:

18: handle_udp_packet: New UDP endpoint: local addr 172.16.9.209:3478, remote addr 58.39.2.24:22246
18: session 000000000000000001: realm <turn.locationbackbone.top> user <>: incoming packet BINDING processed, success
18: session 000000000000000001: realm <turn.locationbackbone.top> user <>: incoming packet message processed, error 401: Unauthorized
18: handle_udp_packet: New UDP endpoint: local addr 172.16.9.209:3478, remote addr 58.39.2.24:22247
18: session 000000000000000002: realm <turn.locationbackbone.top> user <>: incoming packet BINDING processed, success
18: session 000000000000000002: realm <turn.locationbackbone.top> user <>: incoming packet message processed, error 401: Unauthorized
18: IPv4. Local relay addr: 172.16.9.209:58189
18: session 000000000000000002: new, realm=<turn.locationbackbone.top>, username=<Jim>, lifetime=600
18: session 000000000000000002: realm <turn.locationbackbone.top> user <Jim>: incoming packet ALLOCATE processed, success
18: IPv4. Local relay addr: 172.16.9.209:53152
18: session 000000000000000001: new, realm=<turn.locationbackbone.top>, username=<Jim>, lifetime=600
18: session 000000000000000001: realm <turn.locationbackbone.top> user <Jim>: incoming packet ALLOCATE processed, success
19: session 000000000000000001: refreshed, realm=<turn.locationbackbone.top>, username=<Jim>, lifetime=0
19: session 000000000000000001: realm <turn.locationbackbone.top> user <Jim>: incoming packet REFRESH processed, success
19: handle_udp_packet: New UDP endpoint: local addr 172.16.9.209:3478, remote addr 182.139.173.74:49318
19: session 000000000000000003: realm <turn.locationbackbone.top> user <>: incoming packet BINDING processed, success
19: session 000000000000000003: realm <turn.locationbackbone.top> user <>: incoming packet message processed, error 401: Unauthorized
19: IPv4. Local relay addr: 172.16.9.209:64834
19: session 000000000000000003: new, realm=<turn.locationbackbone.top>, username=<Jim>, lifetime=600
19: session 000000000000000003: realm <turn.locationbackbone.top> user <Jim>: incoming packet ALLOCATE processed, success
19: session 000000000000000002: peer 182.139.173.74 lifetime updated: 300
19: session 000000000000000002: realm <turn.locationbackbone.top> user <Jim>: incoming packet CREATE_PERMISSION processed, success
19: session 000000000000000002: peer 172.16.9.209 lifetime updated: 300
19: session 000000000000000002: realm <turn.locationbackbone.top> user <Jim>: incoming packet CREATE_PERMISSION processed, success
20: session 000000000000000001: usage: realm=<turn.locationbackbone.top>, username=<Jim>, rp=4, rb=272, sp=4, sb=436
20: session 000000000000000001: closed (2nd stage), user <Jim> realm <turn.locationbackbone.top> origin <>, local 172.16.9.209:3478, remote 58.39.2.24:22246, reason: allocation timeout
20: session 000000000000000001: delete: realm=<turn.locationbackbone.top>, username=<Jim>

This is the 'ICE candidate grid' from chrome://webrtc-internals:

RTCIceCandidatePair_pNDACBB9_Rh5SDnOq   in-progress wifi        udp 0x27c1eff04fe3e00   0 / 0   31 / 0  0 / 0       11:21:10 AM
RTCIceCandidate_pNDACBB9    local-candidate 8.136.83.163    58189   relay(udp)  0x27c1eff                   
RTCIceCandidate_Rh5SDnOq    remote-candidate    8.136.83.163    64834   relay   0x27f1eff           

We use tshark to capture the traffic of the server.

58.39.2.24      172.16.9.209    25230   3478    STUN    Binding Request
58.39.2.24      172.16.9.209    25231   3478    STUN    Binding Request
172.16.9.209    58.39.2.24      3478    25230   STUN    Binding Success Response XOR-MAPPED-ADDRESS: 58.39.2.24:25230 MAPPED-ADDRESS: 58.39.2.24:25230 RESPONSE-ORIGIN: 8.136.83.163:3478
172.16.9.209    58.39.2.24      3478    25231   STUN    Binding Success Response XOR-MAPPED-ADDRESS: 58.39.2.24:25231 MAPPED-ADDRESS: 58.39.2.24:25231 RESPONSE-ORIGIN: 8.136.83.163:3478
58.39.2.24      172.16.9.209    25231   3478    STUN    Allocate Request UDP
172.16.9.209    58.39.2.24      3478    25231   STUN    Allocate Error Response error-code: 401 (Unauthorized) Unauthorized with nonce realm: turn.locationbackbone.top
58.39.2.24      172.16.9.209    25230   3478    STUN    Allocate Request UDP
172.16.9.209    58.39.2.24      3478    25230   STUN    Allocate Error Response error-code: 401 (Unauthorized) Unauthorized with nonce realm: turn.locationbackbone.top
58.39.2.24      172.16.9.209    25231   3478    STUN    Allocate Request UDP user: Jim realm: turn.locationbackbone.top with nonce
172.16.9.209    58.39.2.24      3478    25231   STUN    Allocate Success Response XOR-RELAYED-ADDRESS: 8.136.83.163:63533 XOR-MAPPED-ADDRESS: 58.39.2.24:25231 lifetime: 600
58.39.2.24      172.16.9.209    25230   3478    STUN    Allocate Request UDP user: Jim realm: turn.locationbackbone.top with nonce
172.16.9.209    58.39.2.24      3478    25230   STUN    Allocate Success Response XOR-RELAYED-ADDRESS: 8.136.83.163:55677 XOR-MAPPED-ADDRESS: 58.39.2.24:25230 lifetime: 600
222.211.167.109 172.16.9.209    55666   3478    STUN    Binding Request
172.16.9.209    222.211.167.109 3478    55666   STUN    Binding Success Response XOR-MAPPED-ADDRESS: 222.211.167.109:55666 MAPPED-ADDRESS: 222.211.167.109:55666 RESPONSE-ORIGIN: 8.136.83.163:3478
58.39.2.24      172.16.9.209    25231   3478    STUN    Refresh Request lifetime: 0 user: Jim realm: turn.locationbackbone.top with nonce
172.16.9.209    58.39.2.24      3478    25231   STUN    Refresh Success Response lifetime: 0
58.39.2.24      172.16.9.209    25230   3478    STUN    CreatePermission Request XOR-PEER-ADDRESS: 192.168.1.128:55666 user: Jim realm: turn.locationbackbone.top with nonce
172.16.9.209    58.39.2.24      3478    25230   STUN    CreatePermission Success Response
222.211.167.109 172.16.9.209    55666   3478    STUN    Allocate Request UDP
172.16.9.209    222.211.167.109 3478    55666   STUN    Allocate Error Response error-code: 401 (Unauthorized) Unauthorized with nonce realm: turn.locationbackbone.top
58.39.2.24      172.16.9.209    25230   3478    STUN    CreatePermission Request XOR-PEER-ADDRESS: 222.211.167.109:55666 user: Jim realm: turn.locationbackbone.top with nonce
172.16.9.209    58.39.2.24      3478    25230   STUN    CreatePermission Success Response
222.211.167.109 172.16.9.209    55666   3478    STUN    Allocate Request UDP user: Jim realm: turn.locationbackbone.top with nonce
172.16.9.209    222.211.167.109 3478    55666   STUN    Allocate Success Response XOR-RELAYED-ADDRESS: 8.136.83.163:64761 XOR-MAPPED-ADDRESS: 222.211.167.109:55666 lifetime: 600
58.39.2.24      172.16.9.209    25230   3478    STUN    CreatePermission Request XOR-PEER-ADDRESS: 8.136.83.163:64761 user: Jim realm: turn.locationbackbone.top with nonce
172.16.9.209    58.39.2.24      3478    25230   STUN    CreatePermission Success Response
58.39.2.24      172.16.9.209    25230   64761   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 192.168.1.128:55666
172.16.9.209    192.168.1.128   55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 222.211.167.109:55666
172.16.9.209    222.211.167.109 55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 8.136.83.163:64761
58.39.2.24      172.16.9.209    25230   64761   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 192.168.1.128:55666
172.16.9.209    192.168.1.128   55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 222.211.167.109:55666
172.16.9.209    222.211.167.109 55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 8.136.83.163:64761
58.39.2.24      172.16.9.209    25230   64761   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 192.168.1.128:55666
172.16.9.209    192.168.1.128   55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 222.211.167.109:55666
172.16.9.209    222.211.167.109 55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 8.136.83.163:64761
58.39.2.24      172.16.9.209    25230   64761   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 192.168.1.128:55666
172.16.9.209    192.168.1.128   55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 222.211.167.109:55666
172.16.9.209    222.211.167.109 55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 8.136.83.163:64761
58.39.2.24      172.16.9.209    25230   64761   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 192.168.1.128:55666
172.16.9.209    192.168.1.128   55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 222.211.167.109:55666
172.16.9.209    222.211.167.109 55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 8.136.83.163:64761
58.39.2.24      172.16.9.209    25230   64761   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 192.168.1.128:55666
172.16.9.209    192.168.1.128   55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 222.211.167.109:55666
172.16.9.209    222.211.167.109 55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 8.136.83.163:64761
58.39.2.24      172.16.9.209    25230   64761   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 192.168.1.128:55666
172.16.9.209    192.168.1.128   55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 222.211.167.109:55666
172.16.9.209    222.211.167.109 55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 8.136.83.163:64761
58.39.2.24      172.16.9.209    25230   64761   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 192.168.1.128:55666
172.16.9.209    192.168.1.128   55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 222.211.167.109:55666
172.16.9.209    222.211.167.109 55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 8.136.83.163:64761
58.39.2.24      172.16.9.209    25230   64761   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 192.168.1.128:55666
172.16.9.209    192.168.1.128   55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 222.211.167.109:55666
172.16.9.209    222.211.167.109 55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 8.136.83.163:64761
58.39.2.24      172.16.9.209    25230   64761   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 192.168.1.128:55666
172.16.9.209    192.168.1.128   55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 222.211.167.109:55666
172.16.9.209    222.211.167.109 55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 8.136.83.163:64761
58.39.2.24      172.16.9.209    25230   64761   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 192.168.1.128:55666
172.16.9.209    192.168.1.128   55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 222.211.167.109:55666
172.16.9.209    222.211.167.109 55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 8.136.83.163:64761
58.39.2.24      172.16.9.209    25230   64761   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 192.168.1.128:55666
172.16.9.209    192.168.1.128   55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 222.211.167.109:55666
172.16.9.209    222.211.167.109 55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 8.136.83.163:64761
58.39.2.24      172.16.9.209    25230   64761   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 192.168.1.128:55666
172.16.9.209    192.168.1.128   55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 222.211.167.109:55666
172.16.9.209    222.211.167.109 55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 8.136.83.163:64761
58.39.2.24      172.16.9.209    25230   64761   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 192.168.1.128:55666
172.16.9.209    192.168.1.128   55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 222.211.167.109:55666
172.16.9.209    222.211.167.109 55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 8.136.83.163:64761
58.39.2.24      172.16.9.209    25230   64761   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 192.168.1.128:55666
172.16.9.209    192.168.1.128   55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 222.211.167.109:55666
172.16.9.209    222.211.167.109 55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 8.136.83.163:64761
58.39.2.24      172.16.9.209    25230   64761   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 192.168.1.128:55666
172.16.9.209    192.168.1.128   55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 222.211.167.109:55666
172.16.9.209    222.211.167.109 55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 8.136.83.163:64761
58.39.2.24      172.16.9.209    25230   64761   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 192.168.1.128:55666
172.16.9.209    192.168.1.128   55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 222.211.167.109:55666
172.16.9.209    222.211.167.109 55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 8.136.83.163:64761
58.39.2.24      172.16.9.209    25230   64761   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 192.168.1.128:55666
172.16.9.209    192.168.1.128   55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 222.211.167.109:55666
172.16.9.209    222.211.167.109 55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 8.136.83.163:64761
58.39.2.24      172.16.9.209    25230   64761   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 192.168.1.128:55666
172.16.9.209    192.168.1.128   55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 222.211.167.109:55666
172.16.9.209    222.211.167.109 55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 8.136.83.163:64761
58.39.2.24      172.16.9.209    25230   64761   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 192.168.1.128:55666
172.16.9.209    192.168.1.128   55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 222.211.167.109:55666
172.16.9.209    222.211.167.109 55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 8.136.83.163:64761
58.39.2.24      172.16.9.209    25230   3478    STUN    Binding Request
172.16.9.209    58.39.2.24      3478    25230   STUN    Binding Success Response XOR-MAPPED-ADDRESS: 58.39.2.24:25230 MAPPED-ADDRESS: 58.39.2.24:25230 RESPONSE-ORIGIN: 8.136.83.163:3478
58.39.2.24      172.16.9.209    25230   64761   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 192.168.1.128:55666
172.16.9.209    192.168.1.128   55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 222.211.167.109:55666
172.16.9.209    222.211.167.109 55677   55666   STUN    Binding Request user: l3iy:poWX
58.39.2.24      172.16.9.209    25230   3478    STUN    Send Indication XOR-PEER-ADDRESS: 8.136.83.163:64761
58.39.2.24      172.16.9.209    25230   3478    STUN    Refresh Request lifetime: 0 user: Jim realm: turn.locationbackbone.top with nonce
172.16.9.209    58.39.2.24      3478    25230   STUN    Refresh Success Response lifetime: 0
222.211.167.109 172.16.9.209    55666   3478    STUN    Refresh Request lifetime: 0 user: Jim realm: turn.locationbackbone.top with nonce
172.16.9.209    222.211.167.109 3478    55666   STUN    Refresh Success Response lifetime: 0

We notice that the callee can only receive the following message: coturn:3478 -> callee STUN, since port 3478 is the only port to which the callee has ever sent packets. The packets sent by the other ports of the coturn server are lost. We suspect the NAT is a type of port restricted cone or even symmetrical.

How can we enable the relay?


Solution

  • There are 2 clients (A from 58.39.2.24:25230 and B from 222.211.167.109:55666). Both successfully get an allocation (8.136.83.163:55677 & 8.136.83.163:64761, respectively).

    Client A then creates 3 permissions, one for 192.168.1.128:55666 (private, probably unusable), one for 222.211.167.109:55666 (direct), and one for 8.136.83.163:64761 (relay)).

    Then client A starts sending STUN binding requests towards the 3 targets. The ones destined to 222.211.167.109:55666 never get an answer, so it must be unreachable from coturn.

    Client B should create a Permission for 8.136.83.163:55677, so that coturn will allow the STUN Binding Requests from A to be delivered, achieving a relay-to-relay connection: A <--> coturn <--> coturn <--> B.