Do I need a STUN server if I have p2p: { enabled: false } in /etc/jitsi/meet/*-config.js ? Security aspects?

The title more or less says it. I have the turn STUN server running and am experiencing strange network traffic. Not understanding STUN, I was thinking perhaps that server is being used by others than my users. So:

  1. Do I need STUN at all when I have disabled p2p / peer-to-peer connections anyway?

  2. When the turn STUN server is running, can I limit its use to users of my Jitsi Meet server?

I suppose if I do not need it (reply[1]==false) the second question becomes less relevant. However, if someone could answer that it would also be good for completeness and when I need it in the future.

If you are talking about coturn, it is not only a STUN server, it is also a TURNS server which is used when a client cannot connect to JVB directly.

OK, thanks for the clarification. So, does that mean I need it? Can I find out if anyone used it in the past days for my JM meetings?

Also, if you have a hint for question 2 please let me know.

The TURNS service has a secret key which is shared only with your meeting participants.

OK, thanks. Can you confirm that I do not need the STUN functionality when disabling P2P? That was not 100% clear to me.

Can coturn be configured to disable STUN and just leave the TURNS functionality? Perhaps even block the STUN incoming TCP/UDP port if TURNS uses a different one?

Which ports do they use by default?

You can stop your STUN service but JVB needs a STUN service which is by default. So stopping your own coturn doesn’t affect your system.


Thanks. What is STUN used for without P2P please?

Do STUN and TURNS functionalities use the same port TCP/5349?