TURN Server
WebRTC is the standard protocol all devices use to stream media in real-time through a shared network connection. But security measures like firewalls or private IP addresses can prevent devices from forming the connection they need to communicate with one another. When this happens, a TURN server sidesteps the problem and allows devices to connect with WebRTC for standard web conferencing and live streaming.
What Is a TURN Server?
A TURN server is one of two cloud-based systems that allow different devices to find and communicate with each other using WebRTC. Before APIs can use the WebRTC protocol to share data, they need to form a secure connection using either a STUN or TURN server.
The acronym "TURN" describes the method of transmission the server uses to share data between two devices. Devices often use a TURN server as an alternative way to connect when they cannot use the STUN protocol.
TURN vs. STUN
TURN and STUN servers are the two types of WebRTC servers. Each acronym refers to the transmission method the server uses to share data. And both of them are necessary for successful peer-to-peer connections.
STUN stands for Session Traversal Utilities for NAT. This type of server initiates a connection between devices by allowing each device to ask for the other's identifying information. And each device's router uses its own network address translation (NAT) process to share its IP address.
TURN stands for Traversal Using Relays around NAT. It's an alternative server that devices can access as an alternative when the STUN server can't initiate the connection. The TURN server works around security measures that hide IP addresses and stop the STUN server from creating a connection.
How Does a TURN Server Work?
A TURN server acts as an intermediary that relays packets of media data from one device to another. By using these relays, the TURN server can work around firewalls and other security measures that prevent devices from making a direct connection.
The best way to understand how a TURN server works in practice is by first looking at how STUN servers connect devices. The STUN server works much like a phone operator. It introduces different devices to each other by using each device's public IP address as its name. Once the introduction has been made, the devices can connect directly to each other and begin sharing data without further assistance from the server.
But if a device has a hidden or private IP address, then the STUN server won't be able to identify it properly or introduce it to other devices. And without the introduction, the devices won't know how to get in touch with each other to send data. When this happens, devices can turn to the TURN server rather than trying to form a direct connection with each other.
The TURN server receives packages of data from one device, then re-packages and sends it to another device. Rather than acting as an operator like its STUN counterpart, a TURN server acts more like a mail delivery service. One device sends the TURN server a message. Then the server sends the message to another device. This allows devices to communicate with each other without compromising the security measures they may have in place.
How To Set Up a TURN Server
The exact process of setting up a TURN server will vary depending on the resources you use. It's possible to build a server from the ground up by buying and configuring the hardware and developing the necessary code. But the easiest and most common way to set up a TURN server is by using an open-source option like Coturn.
Download the Coturn Server
The first step in setting up a TURN server is to download and install Coturn, which is available via GitHub.
Coturn's open-source package includes a STUN/TURN server, offers dual capabilities, and is easy to set up, which means it's one of the most common setup methods. And all it requires for successful implementation is a Linux-based operating system with a public IP address. Then, you'll need to configure the server to establish an external IP address. This will allow devices to identify and connect to the server.
Configure the Server
Before you make any changes to the initial configuration, it's a good idea to save a copy of the original that you can go back to if any modifications don't work out. Then, you can create the IP address and create commands that inform the server which devices to listen to and which to send messages to.
The first device to identify is the TURN service. In a basic, one-way communication like a livestream, the TURN service will send messages to the server. The second device is the TURN client, which receives packages of data — in this case, the livestream. You'll also need to identify ports on the server that will be dedicated to each form of communication.
And for effective peer-to-peer communication, the TURN server will need to listen and relay data to all devices that connect to it. This requires additional configuration to add logging and verbose language, which allows the server to facilitate two-way communication between devices.
Save the Configuration and Run a Connection Test
After you've configured the server, be sure to save the code in the file. Then, run a test to ensure that it provides a secure connection without interruptions or other issues. The simplest way to do this is by using a tool like trickle ICE, a web-based testing application offered by WebRTC.
Frequently Asked Questions
What does a TURN server do?
A TURN server acts as a translator for devices sharing data with the WebRTC protocol. It creates encrypted packages of data the computers, phones, and other devices can send to each other in real time without sharing their IP addresses.
Should you use a STUN or TURN server?
Both. STUN and TURN servers are equally important for successful peer-to-peer data sharing. But if you can only use one server due to cost or other setup restraints, then you should opt for a TURN server.
STUN servers initiate a direct connection between devices, which means they often have less lag and provide a better experience for the end user. This also makes a STUN server preferable to the TURN server. But when security measures block STUN servers from connecting devices, a TURN server is the only option.
Even without a STUN server in place, the TURN server still allows devices to communicate with one another. Rather than communicating directly with each other, devices send messages directly to the server. The server then acts as a messenger to the other device. And even though connecting through a TURN server means each device will experience a slight delay, it’s still better than no connection at all.
Is running a TURN server free?
No, a TURN server is never completely free. However, the cost can vary depending on factors like server setup, hosting fees, and bandwidth use.
Open-source options like the Coturn server or OpenRelay mean that someone with coding experience can set up their own TURN server for free. However, the server’s bandwidth requirement will vary depending on the number of users once it is running. And the more users that have access to the server, the higher its bandwidth use and the more expensive its hosting fees will be.