Skip to content

Using reTurn Server

Jump to bottom
Scott Godin edited this page Jan 29, 2021 · 1 revision

Table of Contents

reTurn Server After resip 1.8

In resiprocate release 1.8 a configuration file was added to the reTurn server: reTurnServer.config 

 TurnPort = 3478
 TlsTurnPort = 5349
 AltStunPort = 0
 TurnAddress = 0.0.0.0
 AltStunAddress = 0.0.0.0
 AuthenticationMode = 2
 AuthenticationRealm = reTurn
 NonceLifetime = 3600
 AllocationPortRangeMin = 49152
 AllocationPortRangeMax = 65535
 DefaultAllocationLifetime = 600
 MaxAllocationLifetime = 3600
 MaxAllocationsPerUser = 0
 TlsServerCertificateFilename = server.pem
 TlsTempDhFilename = dh512.pem
 # leave blank if key is not encrypted
 #TlsPrivateKeyPassword = 
 # Logging Type: syslog|cerr|cout|file
 LoggingType = cout
 # Logging level: NONE|CRIT|ERR|WARNING|INFO|DEBUG|STACK
 LoggingLevel = DEBUG
 LogFilename = reTurnServer.log
 LogFileMaxLines = 50000
 # It is highly recommended that these values are NOT left at their
 # default setting
 LongTermAuthUsername = test
 #LongTermAuthPassword = 1234
 # Must be true or false, default = false, not supported on Windows
 Daemonize = false
 # On UNIX it is normal to create a PID file
 # if unspecified, no attempt will be made to create a PID file
 #PidFile = /var/run/reTurnServer/reTurnServer.pid

reTurn Server Prior to resip 1.8

Command line options

Usage: reTurnServer <address></address> <turnport></turnport> <turntlsport></turntlsport> <altaddress></altaddress> <altport></altport>

  • address: local IP address of this machine - for STUN bind responses to contain correct information you must specify a particular IP address here, instead of using 0.0.0.0
  • turnPort: specify the port to listen on for stun/turn messages over UDP/TCP
  • turnTlsPort: specify the port to listen on for stun/turn messages over TLS
  • altAddress: an alternative local IP address - used for RFC3489 backwards compatibility support for BIND requests (specify as 0.0.0.0 and altPort as 0 to disable RFC3489 backwards compatibility support)
  • altPort: an alternative local UDP port - used for RFC3489 backwards compatibility support for BIND requests (specify as 0 to disable RFC3489 backwards compatibility support)
 IPv4 sample:
 reTurnServer 192.168.1.10 3478 5349 192.168.1.11 3479

 IPv6 sample:
 reTurnServer 3ffe:501:8:0:260:97ee:fe40:efac 3478 5349 0::0 0

Hardcoded Settings

The following settings are currently hardcoded and can be changed by modifying the code in ReTurnConfig.cxx and recompiling. The configuration framework needs to be added in order to make these settings configurable at startup time.

  • Logging Level: Info
  • SSL server certicate (from working directory): "server.pem"
  • SSL temporary Diffie-Hellman parameters file (from working directory): "dh512.pem"
  • SSL server certificate password: "test"
  • Default Turn Permission inactivity seconds: 300 (5 minutes)
  • Authentication Mode: RequestHandler::LongTermPassword
  • Authentication Realm: "test"
  • Authentication Username: "test"
  • Authentication Password: "1234"
  • Default Nonce Lifetime: 3600 (1 hour)
  • Default Allocation Lifetime: 600 (10 minutes)
  • Default Max Allocation Lifetime: 3600 (1 hour)
 see ReTurnConfig.hxx for a complete list.
Clone this wiki locally