Open Relay: Free WebRTC TURN Server
Metered Video
Enterprise grade WebRTC video calling and live streaming APIs.
Dead Simple Chat
In-App Chat for Website, App, Virtual Event or Live Stream,
What is a TURN Server?โ
WebRTC TURN Server is required to relay the traffic between the peers when direct connection cannot be established among them.
WebRTC protocol establishes a direct connection between the peers, but the sometimes a direct connection cannot be established for this a TURN Server is required to relay the traffic between the peers.
As peers cannot directly connect to each other the TURN Server acts as an intermediary among the peers and forwards the traffic from one peer to another.
All the traffic (video/audio + data) that passes through the TURN server is already end-to-end encrypted by the peers and the TURN Server cannot decode/read the encrypted packet, it just relays the packet to other peers.
Overviewโ
Open Relay is a free TURN server provided by Metered Video that you can use in your WebRTC applications. The Open Relay TURN server is highly available, reliable and offers both STUN and TURN Capabilities.
The Open Relay runs on port 80 and 443 to bypass corporate firewalls, many corporate/enterprise firewall only allow port 80 or 443, it also supports turns + SSL for maximum compatibility.
- โ Runs on port 80 and 443
- โ Tested to bypass most firewall rules
- โ Enterprise grade reliability (99.999% uptime)
- โ Support TURNS + SSL to allow connections through deep packet inspection firewalls.
- โ Support STUN
- โ Supports both TCP and UDP
- โ Dynamic routing to the nearest server
- โ Production Ready
โจ How to useโ
You can use the Open Relay TURN Server in your Javascript Code.
Here is a sample Javascript Code with recommended configuration to allow through most firewalls:
var myPeerConnection = new RTCPeerConnection({
iceServers: [
{
urls: "stun:openrelay.metered.ca:80",
},
{
urls: "turn:openrelay.metered.ca:80",
username: "openrelayproject",
credential: "openrelayproject",
},
{
urls: "turn:openrelay.metered.ca:443",
username: "openrelayproject",
credential: "openrelayproject",
},
{
urls: "turn:openrelay.metered.ca:443?transport=tcp",
username: "openrelayproject",
credential: "openrelayproject",
},
],
});
"stun:openrelay.metered.ca:80"Open Relay operates in both TURN and STUN mode, so we added a STUN URL to check if it is possible to route connections without the TURN server."turn:openrelay.metered.ca:80"adding url to connect to TURN server on port 80"turn:openrelay.metered.ca:443"if the firewall rule is very strict and allows access to only port 443, then adding url to connect to TURN server on port 443"turn:openrelay.metered.ca:443?transport=tcp"adding the query parameter to?transport=tcpto connect via TCP if UDP connections are blocked by the firewall.
๐ TURN and STUN URLsโ
Here is the list of turn and stun URLs that you can use to connect to the Open Relay TURN/STUN servers.
| URL | Description |
|---|---|
stun:openrelay.metered.ca:80 | STUN Server URL |
turn:openrelay.metered.ca:80 | TURN Server URL port 80 |
turn:openrelay.metered.ca:443 | TURN Server URL port 443 |
turn:openrelay.metered.ca:80?transport=tcp | TURN Server URL port 80 TCP mode |
turn:openrelay.metered.ca:443?transport=tcp | TURN Server URL port 443 TCP mode |
turns:openrelay.metered.ca:443 | TURNS Server URL (SSL Certificate) |
turn:staticauth.openrelay.metered.ca:80 | TURN Server URL port 80 (uses static auth) |
turn:staticauth.openrelay.metered.ca:443 | TURN Server URL port 443 (uses static auth) |
turn:staticauth.openrelay.metered.ca:80?transport=tcp | TURN Server URL port 80 TCP mode (uses static auth) |
turn:staticauth.openrelay.metered.ca:443?transport=tcp | TURN Server URL port 443 TCP mode (uses static auth) |
turns:staticauth.openrelay.metered.ca:443 | TURNS Server URL (SSL Certificate) (uses static auth) |
๐ Credentialsโ
You can connect to the Open Relay TURN server using the following credentials, credentials are only needed for turn server connection:
username: openrelayproject
credential/password: openrelayproject
๐ Static Authโ
Services like Nextcloud Talk or Matrix+Synapse+Riot uses static auth instead of username and password authentication for the TURN Server.
To use the TURN Server with those services use the static auth url which is staticauth.openrelay.metered.ca
secret: openrelayprojectsecret
๐ธ STUN Server Usageโ
To use just the STUN server, you can only add the stun url
var myPeerConnection = new RTCPeerConnection({
iceServers: [
{
urls: "stun:openrelay.metered.ca:80",
},
],
});
๐ธ TURN Server Usage with UDPโ
The TURN server runs on port 80 and 443. It is recommended to add URL to connect on both ports for maximum compatibility.
var myPeerConnection = new RTCPeerConnection({
iceServers: [
{
urls: "turn:openrelay.metered.ca:80",
username: "openrelayproject",
credential: "openrelayproject",
},
{
urls: "turn:openrelay.metered.ca:443",
username: "openrelayproject",
credential: "openrelayproject",
},
],
});
๐ธ TURN Server Usage with TCPโ
Adding the query parameter ?transport=tcp allows the TURN server to connect over TCP. Some corporate firewalls block UDP connections, this allows the TURN server to connect over TCP.
var myPeerConnection = new RTCPeerConnection({
iceServers: [
{
urls: "turn:openrelay.metered.ca:443?transport=tcp",
username: "openrelayproject",
credential: "openrelayproject",
},
],
});
TURN Server for Nextcloud Talkโ
Open Relay Project also works with Nextcloud talk, follow the instructions below to learn how to configure Nextcloud talk to work with Open Relay.
Nextcloud talk require the auth-secret-authentication so we have to use the Open Relay Project's TURN Server with auth-secret-authentication.
Use the turn server url staticauth.openrelay.metered.ca with Nextcloud talk and turn secret: openrelayprojectsecret.
- Go to
Nextcloud-> Settings -> Talkand under TURN Servers press the + button - Then select
turn:only - Under turnserver:port enter
staticauth.openrelay.metered.ca:80 - Under secret enter
openrelayprojectsecret
Add another entry for port 443
- Select
turn:only - Under turnserver:port enter
staticauth.openrelay.metered.ca:443 - Under secret enter
openrelayprojectsecret
๐งฐ Testing the TURN Serverโ
You can test the TURN Server using:
- Trickle ICE
- ICE Test
- Using JavaScript
Trickle ICEโ
Go to the Trickle ICE website at https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/ and enter the TURN Server credentials.
caution
Don't forget to turn: or stun: prefix and add port to the url. e.g: turn:openrelay.metered.ca:80, turn:openrelay.metered.ca:443, stun:openrelay.metered.ca:80
(don't forget to add turn: or stun: and :80 or :443 ).
ICE Testโ
Go to ICE Test website at https://icetest.info/ and enter the turn server URL and credentials to test.
๐ก๏ธSecurityโ
All the WebRTC traffic is end-to-end encrypted using DTLS-SRTP and the TURN server just relays the traffic. The TURN server only parse the UDP layer of WebRTC packet for routing purposes, and do not (and cannot) touch the DTLS encryption.
All the application layer data, include video and datachannel is encrypted using DTLS+SRTP and the TURN server cannot decrypt that data and it only relays the encrypted data among the peers.
You can read more about it here: https://webrtc-security.github.io/
To read more about the TURN proposed standard refer to RFC 5766
โน๏ธ Contactโ
If you have any questions, comments or suggestions you can email us at contact[at]openrelayproject.org
๐ Powered by Metered Videoโ
Metered Video provides enterprise grade WebRTC video calling apis that you can use to create video conferencing applications that can scale upto thousands of simultaneous online users, with live streaming and recording capabilities.
Terms and Conditionsโ
By using Open Relay Project Website or TURN server, you agree to our terms and conditions.