Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision
Previous revision
docker_notes:turnserver [2024-03-30 Sat wk13 11:49] – [turn server] baumkpdocker_notes:turnserver [2024-09-28 Sat wk39 18:32] (current) – [resources] baumkp
Line 5: Line 5:
 So a turn server is needed to allow end to end communication where public IP communication end points are obfuscated, such as where local IP address are behind NAT.  To primary purpose of NAT is to increase the effective usability of IPv4 which has limited available public addresses by using a designated ranges of local IPv4 addresses that that do not have direct public addressability.  The local addresses can only be publicly accessed via a local router that performs NAT, subject to firewall rules.  It is claimed that the obfuscation of the local IP addresses provide additional security.  This was not the primary purpose of NAT and is at best a secondary benefit.  I believe that NAT provides minimal security benefits. The key security is the firewall setup which does not allow unsolicited access to the local area network address space.   Interestingly IPv6 is not limited by address space available and hence does not require NAT for this reason. If NAT is not used with IPv6 LAN then the local address area is directly accessible from the public network, subject to the router and firewall setup. In this case a TURN server would not be required. NAT can still be used with IPv6 if wanted, in which case the TURN server would be required. So a turn server is needed to allow end to end communication where public IP communication end points are obfuscated, such as where local IP address are behind NAT.  To primary purpose of NAT is to increase the effective usability of IPv4 which has limited available public addresses by using a designated ranges of local IPv4 addresses that that do not have direct public addressability.  The local addresses can only be publicly accessed via a local router that performs NAT, subject to firewall rules.  It is claimed that the obfuscation of the local IP addresses provide additional security.  This was not the primary purpose of NAT and is at best a secondary benefit.  I believe that NAT provides minimal security benefits. The key security is the firewall setup which does not allow unsolicited access to the local area network address space.   Interestingly IPv6 is not limited by address space available and hence does not require NAT for this reason. If NAT is not used with IPv6 LAN then the local address area is directly accessible from the public network, subject to the router and firewall setup. In this case a TURN server would not be required. NAT can still be used with IPv6 if wanted, in which case the TURN server would be required.
  
 +====resources====
 +  *Nextcloud HowTo: [[https://help.nextcloud.com/t/howto-setup-nextcloud-talk-with-turn-server/30794|Setup Nextcloud Talk with TURN server]]
 +  *[[https://gabrieltanner.org/blog/turn-server/|How to set up and configure your own TURN server using Coturn]]
 +  *[[https://www.metered.ca/blog/running-coturn-in-docker-a-step-by-step-guide/|CoTURN in Docker: A Step-by-Step Guide]]
 +  *[[https://hub.docker.com/r/coturn/coturn|Coturn TURN server Docker image]]
 +  *[[https://github.com/coturn|Github coturn]]
 +  *[[https://github.com/coturn/coturn/wiki/CoturnConfig|CoturnConfig Wiki]] - Claims will be supersede and points to github page, circulous....
 +  *[[https://quay.io/repository/coturn/coturn|quay.io coturn]]
 +  *[[https://dev.to/alakkadshaw/what-is-a-turn-server-3ome|What is a TURN Server?]]
 +  *[[https://docs.bigbluebutton.org/administration/turn-server/|BBB 2.6 now includes coturn for TURN server]]
 +  *[[https://github.com/m1rkwood/coturn-docker/blob/main/docker-compose.yml|    coturn-docker
  
-<- docker_notes:docker-nextcloud|Back ^ docker_notes:index|Start page ^ docker_notes:docker-homepage|Next ->+/docker-compose.yml]] 
 + 
 + 
 +<- docker_notes:docker-matrix|Back ^ docker_notes:index|Start page ^ docker_notes:docker-homepage|Next ->