Using reTurn Server

From reSIProcate
Jump to: navigation, search

reTurn Server After resip 1.8[edit]

In resiprocate release 1.8 a configuration file was added to the reTurn server: reTurnServer.config

TurnPort = 3478
TlsTurnPort = 5349
AltStunPort = 0
TurnAddress = 0.0.0.0
AltStunAddress = 0.0.0.0
AuthenticationMode = 2
AuthenticationRealm = reTurn
NonceLifetime = 3600
AllocationPortRangeMin = 49152
AllocationPortRangeMax = 65535
DefaultAllocationLifetime = 600
MaxAllocationLifetime = 3600
MaxAllocationsPerUser = 0
TlsServerCertificateFilename = server.pem
TlsTempDhFilename = dh512.pem
# leave blank if key is not encrypted
#TlsPrivateKeyPassword = 
# Logging Type: syslog|cerr|cout|file
LoggingType = cout
# Logging level: NONE|CRIT|ERR|WARNING|INFO|DEBUG|STACK
LoggingLevel = DEBUG
LogFilename = reTurnServer.log
LogFileMaxLines = 50000
# It is highly recommended that these values are NOT left at their
# default setting
LongTermAuthUsername = test
#LongTermAuthPassword = 1234
# Must be true or false, default = false, not supported on Windows
Daemonize = false
# On UNIX it is normal to create a PID file
# if unspecified, no attempt will be made to create a PID file
#PidFile = /var/run/reTurnServer/reTurnServer.pid 


reTurn Server Prior to resip 1.8[edit]

Command line options[edit]

Usage: reTurnServer <address> <turnPort> <turnTlsPort> <altAddress> <altPort>

  • address: local IP address of this machine - for STUN bind responses to contain correct information you must specify a particular IP address here, instead of using 0.0.0.0
  • turnPort: specify the port to listen on for stun/turn messages over UDP/TCP
  • turnTlsPort: specify the port to listen on for stun/turn messages over TLS
  • altAddress: an alternative local IP address - used for RFC3489 backwards compatibility support for BIND requests (specify as 0.0.0.0 and altPort as 0 to disable RFC3489 backwards compatibility support)
  • altPort: an alternative local UDP port - used for RFC3489 backwards compatibility support for BIND requests (specify as 0 to disable RFC3489 backwards compatibility support)
IPv4 sample:
reTurnServer 192.168.1.10 3478 5349 192.168.1.11 3479
IPv6 sample:
reTurnServer 3ffe:501:8:0:260:97ee:fe40:efac 3478 5349 0::0 0


Hardcoded Settings[edit]

The following settings are currently hardcoded and can be changed by modifying the code in ReTurnConfig.cxx and recompiling. The configuration framework needs to be added in order to make these settings configurable at startup time.

  • Logging Level: Info
  • SSL server certicate (from working directory): "server.pem"
  • SSL temporary Diffie-Hellman parameters file (from working directory): "dh512.pem"
  • SSL server certificate password: "test"
  • Default Turn Permission inactivity seconds: 300 (5 minutes)
  • Authentication Mode: RequestHandler::LongTermPassword
  • Authentication Realm: "test"
  • Authentication Username: "test"
  • Authentication Password: "1234"
  • Default Nonce Lifetime: 3600 (1 hour)
  • Default Allocation Lifetime: 600 (10 minutes)
  • Default Max Allocation Lifetime: 3600 (1 hour)
see ReTurnConfig.hxx for a complete list.