Establishing peer connections is one of the most challenging aspects of implementing WebRTC-based applications. This process includes configuring STUN (Session Traversal Utilities for NAT) and TURN (Traversal Using Relays around NAT) servers, often known as ICE servers, which are vital for overcoming network restrictions and ensuring reliable connections.
In a previous post, Mastering STUN & TURN Servers: A Guide to Proper Integration for WebRTC Applications, we explored various approaches to effectively implementing these critical servers. We discussed the fundamental differences between STUN and TURN, their roles in facilitating peer-to-peer connections, and best practices for integrating them into your application.
Today, we’ll dive deeper into one of these methods by examining managed STUN/TURN service providers. We’ll analyze their pricing models, evaluate their features, and guide you on how to seamlessly integrate these solutions with your backend services to build a scalable and dependable WebRTC application.
Picking A Managed TURN Service Using ICEPerf
Selecting the right managed STUN/TURN service provider is crucial for optimal WebRTC performance. This decision involves considering factors such as network quality, geographic coverage, and your project’s specific requirements.
To simplify this complex process, the innovative team at Nimble Ape has developed a handy tool called ICEPerf, which conducts comprehensive tests across various providers. It generates critical metrics including:
- Latency
- Throughput
- Candidate acquisition time
By leveraging ICEPerf, you can make data-driven decisions based on empirical evidence, ensuring you choose the most suitable provider for your specific use case
Overview of the STUN/TURN Integration
No matter which service provider you choose, the optimal way to integrate a managed STUN/TURN service is by implementing a custom backend. This server-side service provides your WebRTC clients with URLs and credentials for ICE servers. The backend’s primary role is to securely store STUN/TURN provider credentials and manage authentication for the WebRTC clients.
The interaction between WebRTC clients, the backend service and STUN/TURN service provider is depicted below:
Depiction of the interaction between WebRTC clients, backend service and STUN/TURN service provider
Here’s How it Works:
- WebRTC clients send a request to the backend service for ICE server URLs and credentials.
- The backend service retrieves this information using the STUN/TURN provider credentials.
- The provider responds with a set of ICE server URLs and temporary credentials.
- WebRTC clients then use these URLs and credentials to initiate the ICE candidate exchange and establish a peer connection.
You can build the backend service in the way that best suits your application. For example, your backend could be a REST API that exposes an /ice/turn endpoint. This endpoint retrieves temporary credentials from the provider—using the method specified by the provider—and returns them in JSON format.
Assuming that your WebRTC application is a web application that establishes calls by creating peer connections using the RTCPeerConnection interface, here’s how you add ICE servers to it:
// a function that retrieves ICE servers from the backend service
async function getIceServers() {
try {
const response = await fetch('/ice/turn');
if (!response.ok) {
throw new Error('Failed to fetch ICE servers');
}
const data = await response.json();
// Assuming the response includes an iceServers property
return data.iceServers;
} catch (error) {
console.error('Error fetching ICE servers:', error);
return []; // Fallback to an empty list of ICE servers
}
}
// a function that creates the peer connection
async function createPeerConnection() {
const iceServers = await getIceServers();
const config = {
iceServers: iceServers,
};
const peerConnection = new RTCPeerConnection(config);
// ... the rest of your application logic for establishing calls
return peerConnection;
}
// Usage
(async () => {
const peerConnection = await createPeerConnection();
console.log('PeerConnection created:', peerConnection);
})();Now, let’s take a look at some of the available providers and their current pricing (subject to change.)
Twilio
Twilio’s Network Traversal Service is the most well-known provider of the list.
STUN servers are free of charge, while TURN services cost $0.400/GB of relayed data for servers in the US and Germany, $0.600/GB for servers in Singapore, India, and Japan, and $0.800/GB for servers in Australia and Brazil.
To get started with Twilio’s Network Traversal Service, follow these steps:
- Sign up for a Twilio account. Take note of your Account SID and Auth Token.
- From your backend service, use one of the server side Twilio SDKs (or make a request to their REST API) to retrieve a Network Traversal Service Token.
- Once you have the token, pass it to your WebRTC client.
- In your WebRTC clients, include the ice_servers property when setting up the RTCPeerConnection object (or the appropriate object from the WebRTC client framework/library you’re using).
Cloudflare
Cloudflare’s TURN Service is free when using their Cloudflare Calls service. Otherwise it costs $0.05/GB of relayed content to WebRTC clients.
To get started with Cloudflare’s TURN Service, follow these steps:
- Sign up for a Cloudflare account.
- Create a TURN key using the Dashboard or API.
- From your backend service, use this key and an API token to generate short-lived credentials for each TURN user. Then send these credentials to your clients.
- In your WebRTC clients, include the iceServers property from the credentials when setting up the RTCPeerConnection object (or the appropriate object from the WebRTC client framework/library you’re using).
Xirsys
Xirsys is the longest running of the providers listed here. It provides both short-lived and static permanent credentials.
It offers a free developer account with unlimited STUN requests, and 500GB of capped bandwidth for a single-region TURN server. Production plans start at $33/month with multiple tiers that allows you to scale bandwidth, and access multiple support channels.
To get started with Xirsys, follow these steps:
- Sign up for a Xirsys account.
- Create a channel for your application and/or environment.
- From your backend service, use the ident and secret values to generate a temporary set of credentials. Then, pass these credentials to your clients.
- In your WebRTC clients, use such credentials when setting up the RTCPeerConnection object (or the appropriate object from the WebRTC client framework/library you’re using).
Metered
Metered is one of the newer WebRTC Turn Server Service providers.
It offers a free plan with capped 500MB of bandwidth for relayed media. Production plans start at $99/month.
To get started with Metered, follow these steps:
- Sign up for a Metered TURN server account.
- Retrieve Metered Domain and Secret Key from the Metered Dashboard.
- From your backend service, use such values to create expiring TURN credentials. Then, pass these credentials to your clients.
- In your WebRTC client, use the created credentials when setting up the RTCPeerConnection object (or the appropriate object from the WebRTC client framework/library you’re using).
Leveraging ICE, STUN, and TURN for Optimal WebRTC Performance
Managing ICE servers with STUN and TURN protocols is essential for creating reliable WebRTC connections across diverse network environments. Managed service providers offer scalable solutions that simplify the complexity of network traversal, allowing developers to focus on building robust communication applications. By carefully selecting and implementing the right STUN/TURN service, you can ensure seamless peer-to-peer connectivity that works effectively across different network configurations.
Still struggling? Our team of experts can help. Contact us today to explore how we can optimize your WebRTC connections and elevate your application’s performance. Let’s make it live!
