STUN & TURN services

Usage and configuration

Purpose of STUN & TURN Services

STUN (Session Traversal Utilities for NAT) and TURN (Traversal Using Relays around NAT) servers play essential roles in WebRTC communication by helping manage NAT (Network Address Translation) traversal and facilitating peer-to-peer connectivity. These services ensure smooth media flow even when direct peer-to-peer connections are not possible.

  • STUN: STUN servers provide the necessary information about a client’s public IP and port, which helps establish direct peer-to-peer connections. STUN is lightweight, but it only works if both peers can establish connections directly.
  • TURN: TURN servers, on the other hand, relay media data between peers when direct connectivity is not possible, such as when one or both peers are behind symmetric NATs or firewalls. TURN is more resource-intensive, as it relays data through the server, making it essential for handling media traffic where direct connections fail.

Note: While there are several free STUN servers available, TURN functionality is generally not provided for free due to the high resource demand of relaying media traffic.

STUN & TURN Server in Browsolate

Browsolate includes the open-source Eturnal STUN/TURN server. If no alternative STUN/TURN servers are specified during setup, Browsolate will deploy an Eturnal server instance for you.

To use alternative servers, specify them as comma-separated URLs in the STUNUrls and TURNUrls parameters in the CloudFormation template or AWS Marketplace installation. This option can be particularly helpful for enterprises already using third-party WebRTC providers.

Configuring Authentication

Browsolate supports username/password authentication for TURN services as defined in RFC 8489. You can set the shared secret required for this authentication in the CloudFormation template during installation, as detailed in the WebRTCSecret parameter.

Sizing STUN/TURN Server Instances

The size and number of STUN/TURN server instances you deploy depend on your traffic volume and user network conditions:

  • Instance Type: You can specify the instance type used for STUN/TURN servers in the CloudFormation configuration (e.g., t3.large for moderate usage).
  • Instance Count: Adjust the WebRTCInstances parameter to define the number of server instances deployed. This is useful for balancing load and maintaining performance across high volumes of media traffic.

Currently, autoscaling is not supported, so it’s important to select the appropriate instance size and count to meet your expected usage.

Integrating with Third-Party Providers

If your use case requires specific password requirements or you need to integrate Browsolate with third-party WebRTC providers, we offer customization options. For more details or to discuss custom integration needs, please contact us through the Contact Page.