ZxChat with a TURN server/Annex: Installing a TURN server on Ubuntu 14.04

From ZeXtras Suite Wiki

Jump to: navigation, search
Language: English  • español • português

DISCLAIMER

  • This guide refers to products not developed nor supported by ZeXtras and is intended as a practical example of implementation. Please use this as a guideline and refer to your OS and TURN server's online resources when setting up a production environment.
  • A TURN server requires a relevant amount of bandwidth depending on the number of videocalls being handled at the same time.

TURN on Ubuntu 14.04 with reTurn

reTurn is a highly efficient C++ open-source STUN/TURN server and client library. It is an implementation of the latest STUN/TURN RFCs: RFC5389 (STUN), and RFC5766 (TURN). It's our platform of choice for internal testing during the development of ZeXtras Chat and for our production environment.

This guide will only focus on the TURN component, as STUN is natively implemented in ZeXtras Suite.

Package information and dependencies

reTurn can be found in Ubuntu's standard "universe" repository within the "resiprocate-turn-server" package:

root@ubuntu:~# apt-cache showpkg resiprocate-turn-server

Package: resiprocate-turn-server

Versions: 

1:1.9.7-4~ubuntu14.04.1 (/var/lib/apt/lists/us.archive.ubuntu.com_ubuntu_dists_trusty-updates_universe_binary-amd64_Packages)

 Description Language: 
                File: /var/lib/apt/lists/us.archive.ubuntu.com_ubuntu_dists_trusty_universe_binary-amd64_Packages

                 MD5: 33f4212bea07cb997ac3ab4d3b97e3f7
 Description Language: en
                File: /var/lib/apt/lists/us.archive.ubuntu.com_ubuntu_dists_trusty_universe_i18n_Translation-en
                 MD5: 33f4212bea07cb997ac3ab4d3b97e3f7

1.9.6-1 (/var/lib/apt/lists/us.archive.ubuntu.com_ubuntu_dists_trusty_universe_binary-amd64_Packages)

 Description Language: 
                File: /var/lib/apt/lists/us.archive.ubuntu.com_ubuntu_dists_trusty_universe_binary-amd64_Packages

                 MD5: 33f4212bea07cb997ac3ab4d3b97e3f7
 Description Language: en
                File: /var/lib/apt/lists/us.archive.ubuntu.com_ubuntu_dists_trusty_universe_i18n_Translation-en
                 MD5: 33f4212bea07cb997ac3ab4d3b97e3f7


Reverse Depends: 
 resiprocate-turn-server:i386,resiprocate-turn-server
 resiprocate-turn-server:i386,resiprocate-turn-server
 sipml5-web-phone,resiprocate-turn-server
 jscommunicator-web-phone,resiprocate-turn-server
 drupal7-mod-drucall,resiprocate-turn-server
Dependencies: 
1:1.9.7-4~ubuntu14.04.1 - libresiprocate-1.9 (5 1:1.9.7-4~ubuntu14.04.1) libc6 (2 2.14) libgcc1 (2 1:4.1.1) libssl1.0.0 (2 1.0.1) libstdc++6 (2 4.6) adduser (0 (null)) sip-router (0 (null)) xmpp-server (0 (null)) jscommunicator-web-phone (0 (null)) openssl (0 (null)) resiprocate-turn-server:i386 (0 (null)) 
1.9.6-1 - libresiprocate-1.9 (5 1.9.6-1) libc6 (2 2.14) libgcc1 (2 1:4.1.1) libssl1.0.0 (2 1.0.1) libstdc++6 (2 4.6) adduser (0 (null)) sip-router (0 (null)) xmpp-server (0 (null)) jscommunicator-web-phone (0 (null)) openssl (0 (null)) resiprocate-turn-server:i386 (0 (null)) 

Provides: 

1:1.9.7-4~ubuntu14.04.1 - turn-server stun-server 

1.9.6-1 - turn-server stun-server 

Reverse Provides: 

as of Feb. 22nd 2016

Installation and setup

Package installation

As root, simply install the "resiprocate-turn-server" using apt-get:

 root@ubuntu:~# apt-get install resiprocate-turn-server

After the installation, make sure that the server is up by running:

root@ubuntu:~# netstat -npl |grep -i turn

The expeted output is something like:

tcp        0      0 0.0.0.0:3478            0.0.0.0:*               LISTEN      4320/reTurnServer
tcp6       0      0 :::3478                 :::*                    LISTEN      4320/reTurnServer
udp        0      0 0.0.0.0:3478            0.0.0.0:*                           4320/reTurnServer
udp6       0      0 :::3478                 :::*                                4320/reTurnServer

Configuration

The main configuration file is /etc/reTurn/reTurnServer.config, and the only strictly required edit to that is the TurnAddress setting which must be set to the IP address of the server. If you wish to set up SSL/TLS check out the # SSL/TLS Certificate Settings section of the file, while network settings can be found in the # Transport Settings one.

Set up a TURN server user

By default, reTurn uses the /etc/reTurn/users.txt file as its user database.

As described in the # Authentication settings section of the config file, the files uses the following format:

login:password:realm:state

furthermore, password hashes are stored by default (UserDatabaseHashedPasswords setting).

ZeXtras Chat authenticates with a single user, specified in the zimlet's comfiguration. I strongly suggest to generate a strong random password using apg:

root@ubuntu:~# apg -M SNCL -m32 -x32 -n1
tixcowdEmEiguc5OxApnalbOmCogfok(

To create a hashed password, you can use the md5sum utility

     echo -n user:realm:password | md5sum

e.g:

root@ubuntu:~# echo -n "zextraschat:reTurn:tixcowdEmEiguc5OxApnalbOmCogfok(" | md5sum
9dc1355c06c65b0b7abaa829a80f8e6c - 

After generating a strong password, add the relevant line to the aforementioned users.txt file, e.g.:

user - zextraschat

hashed pass - 9dc1355c06c65b0b7abaa829a80f8e6c

realm - reTurn (the default realm, can be changed in the config file)

state - authorized

zextraschat:9dc1355c06c65b0b7abaa829a80f8e6c:reTurn:authorized

Once the server is running and the user is set up, you can proceed to configure the ZeXtras Chat Zimlet to use your new TURN server.

Logging

reTurn's default logfile is located in /var/log/reTurnServer/reTurnServer.log, and the logging settings can be changed in the #Logging Settings section of the config file.

Personal tools