Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
docker_notes:turnserver [2024-03-29 Fri wk13 11:37] baumkpdocker_notes:turnserver [2024-09-28 Sat wk39 18:32] (current) – [resources] baumkp
Line 1: Line 1:
 {{tag>linux docker turnserver}} {{tag>linux docker turnserver}}
 ======turn server======= ======turn server=======
 +From wikipedia; [[https://en.wikipedia.org/wiki/Traversal_Using_Relays_around_NAT|Traversal Using Relays around NAT (TURN)]] is a protocol that assists in traversal of network address translators (NAT) or firewalls for multimedia applications. It may be used with the Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). It is most useful for clients on networks masqueraded by symmetric NAT devices. TURN does not aid in running servers on well known ports in the private network through a NAT; it supports the connection of a user behind a NAT to only a single peer, as in telephony, for example.
  
-<- docker_notes:docker-nextcloud|Back ^ docker_notes:index|Start page ^ docker_notes:docker-homepage|Next ->+So a turn server is needed to allow end to end communication where public IP communication end points are obfuscated, such as where local IP address are behind NAT.  To primary purpose of NAT is to increase the effective usability of IPv4 which has limited available public addresses by using a designated ranges of local IPv4 addresses that that do not have direct public addressability.  The local addresses can only be publicly accessed via a local router that performs NAT, subject to firewall rules.  It is claimed that the obfuscation of the local IP addresses provide additional security.  This was not the primary purpose of NAT and is at best a secondary benefit.  I believe that NAT provides minimal security benefits. The key security is the firewall setup which does not allow unsolicited access to the local area network address space.   Interestingly IPv6 is not limited by address space available and hence does not require NAT for this reason. If NAT is not used with IPv6 LAN then the local address area is directly accessible from the public network, subject to the router and firewall setup. In this case a TURN server would not be required. NAT can still be used with IPv6 if wanted, in which case the TURN server would be required. 
 + 
 +====resources==== 
 +  *Nextcloud HowTo: [[https://help.nextcloud.com/t/howto-setup-nextcloud-talk-with-turn-server/30794|Setup Nextcloud Talk with TURN server]] 
 +  *[[https://gabrieltanner.org/blog/turn-server/|How to set up and configure your own TURN server using Coturn]] 
 +  *[[https://www.metered.ca/blog/running-coturn-in-docker-a-step-by-step-guide/|CoTURN in Docker: A Step-by-Step Guide]] 
 +  *[[https://hub.docker.com/r/coturn/coturn|Coturn TURN server Docker image]] 
 +  *[[https://github.com/coturn|Github coturn]] 
 +  *[[https://github.com/coturn/coturn/wiki/CoturnConfig|CoturnConfig Wiki]] - Claims will be supersede and points to github page, circulous.... 
 +  *[[https://quay.io/repository/coturn/coturn|quay.io coturn]] 
 +  *[[https://dev.to/alakkadshaw/what-is-a-turn-server-3ome|What is a TURN Server?]] 
 +  *[[https://docs.bigbluebutton.org/administration/turn-server/|BBB 2.6 now includes coturn for TURN server]] 
 +  *[[https://github.com/m1rkwood/coturn-docker/blob/main/docker-compose.yml|    coturn-docker 
 + 
 +/docker-compose.yml]] 
 + 
 + 
 +<- docker_notes:docker-matrix|Back ^ docker_notes:index|Start page ^ docker_notes:docker-homepage|Next ->