I have just setup a coturn server, it works perfectly fine when using the ip or teh domain without loadbalancer, it was tested using this online tool :
https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/
The problem is when i use a network loadbalancer, rerouting tcp_udp works on port 80, but when trying to use tls for port 443, it doesn't work.
I configured the Network load balancer to route tls traffic for port 443 to the target group under port 443 also. I'm using letsencrypt certificate for domain.com and *.domain.com from letsencrypt in my network load balancer. Same certificates are added in the config file the turnserver.conf.
And this is my config :
external-ip=1.2.3.4
listening-port=80
min-port=10000
max-port=20000
log-file=/var/log/turnserver.log
verbose
tls-listening-port=443
lt-cred-mech
server-name=domain.com realm=domain.com
user=tester:12345678
total-quota=100
stale-nonce=600
cert=/opt/coturn/fullchain.pem
pkey=/opt/coturn/privkey.pem
cipher-list="ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS"
log-file=/var/log/coturn.log
# Specify the process user and group
proc-user=turnserver
proc-group=turnserver
And this is what i get from the log :
3170: IPv4. tcp or tls connected to: 9.8.7.6:34274
3170: session 001000000000003730: TCP socket closed remotely 9.8.7.6:34274
3170: session 001000000000003730: closed (2nd stage), user <> realm <domain.com> origin <>, local 0.0.0.0:443, remote 9.8.7.6:34274, reason: TCP connection closed by client (callback)
And btw, I always get 701 error from the online tool.
Thank you,
Do not use a load balancer with STUN/TURN servers. You can make the server larger or implement your own "load balancer" by rotating the server IP in your client application.
You appear not to understand the fundemantals of what is a load balancer and how STUN/TURN work, especially over HTTPS. TURN is not using HTTP/HTTPS, only ports 80 and 443. This is to bypass firewalls which typically have these ports open.