eturnal STUN/TURN Server
eturnal is a modern, straightforward STUN/TURN server with full IPv6 support. For TURN authentication, the mechanism described in the REST API for Access to TURN Services specification is implemented.
Installing the Linux/x64 Binaries
The following two commands give you a STUN/TURN server listening on port 3478 (UDP/TCP) and port 5349 (TLS) using the specified shared secret for TURN authentication (no root privileges required):
$ curl https://eturnal.net/download/eturnal-0.6.0-linux-x64.tar.gz | tar -C /tmp -xzf - $ ETURNAL_SECRET='crypt1c' /tmp/eturnal/bin/eturnal foreground
To stop the server, press
<Ctrl>+C. To remove it, run
rm -rf /tmp/eturnal.
You'll need root privileges for the following commands. Therefore, call
sudo -i, first.
Create user. This step is of course only required if you're installing eturnal for the first time:
# useradd -r -m -d /opt/eturnal eturnal
Otherwise, create a backup of the old installation, first:
# mv /opt/eturnal /opt/eturnal-$(date '+%F')
Download and extract binary release:
# curl https://eturnal.net/download/eturnal-0.6.0-linux-x64.tar.gz | tar -C /opt -xzf -
Configure the shared secret, your server's IP address(es), and optionally other settings:
# vi /opt/eturnal/etc/eturnal.yml
Start the systemd service:
# cp /opt/eturnal/etc/systemd/system/eturnal.service /etc/systemd/system/ # systemctl daemon-reload # systemctl enable eturnal # systemctl start eturnal
Note: If you'd like to use a different user and/or installation prefix, you must edit the
Building From Source
- Erlang/OTP (21.0 or newer).
- LibYAML (0.1.4 or newer).
- OpenSSL (1.0.0 or newer).
- GCC (other C compilers might work as well).
Note that you need the development headers of the libraries as well. Linux
distributions often put those into separate
*-devel packages. For
example, on DEB-based distributions you'd typically install
libssl-dev, on RPM-based distributions you'll probably need
Note: If you build directly from the Git repository rather than using the official source tarball, you must download rebar3 and make it executable (
chmod +x rebar3), first.
$ curl https://eturnal.net/download/eturnal-0.6.0.tar.gz | tar -C /tmp -xzf - $ cd /tmp/eturnal-0.6.0 $ ./rebar3 as prod tar
This generates the archive file
The default installation prefix is set to
/opt/eturnal, and it's assumed the
server will be executed by a user named
eturnal. To change these defaults,
build.config file and re-run
./rebar3 as prod tar.
The following command gives you a STUN/TURN server listening on port 3478 (UDP/TCP) and port 5349 (TLS) using the specified shared secret for TURN authentication:
$ ETURNAL_SECRET='crypt1c' ./rebar3 shell
To stop the server, press
The generated archive file holds the contents of the installation prefix.
Therefore, you'd follow the binary installation
instructions above, but adapt step 2 to extract the
archive into the
# cd /opt/eturnal # tar -xzf /tmp/eturnal-0.6.0/_build/prod/rel/eturnal/eturnal-0.6.0.tar.gz
The eturnal server is configured by editing the
file. This file uses the (indentation-sensitive!) YAML format. A commented
example configuration with sane default settings is shipped with the
eturnal server. However, for TURN relaying to work, you'll have to specify the
secret, and probably also the
option, which should be set to the server's external IPv4 address.
/opt/eturnal/etc/eturnal.ymlfile can be copied to
/etc/eturnal.yml, in which case the original copy in
/optwill be ignored. That way, the configuration won't be overwritten during upgrades.
On Linux systems, the eturnal server is usually controlled by systemd:
# systemctl start eturnal # systemctl restart eturnal # systemctl reload eturnal # systemctl stop eturnal
For non-systemd platforms, an example init script is shipped in the
For controlling eturnal, the
eturnalctl command can be used; see:
# eturnalctl help
If eturnal was started by systemd, log files are written into the
/var/log/eturnal directory by default. To use an external log rotation
utility, remove the
log_rotate_* options from your
file and run
systemctl reload eturnal. eturnal will detect external rotation
automatically, so there's no need to send a
HUP signal after log rotation.
Please use our issue tracker for bug reports and feature requests. Feel free to (ab)use it for usage questions as well.