How to set up ejabberd video & voice calling

Last time, I described how to set up ejabberd real time IM server and migrate your office to XMPP chat. In this tutorial I will explain how to configure ejabberd video & voice calling.

I assume the ejabberd 20.03 configuration from that previous tutorial as a start. It turns out, if you try ejabberd video & voice calling within your local network, it just works. If your office is on the same LAN or Wi-Fi, everyone will be able to voice or video call each other. Follow the setup from my previous tutorial. To achieve the best result, everyone should use the same chat app (“client”) on their phones or computers.

But that’s not good enough. You want your office staff to communicate no matter the location. You could use an office VPN. But all devices connected to it should appear as if on the same local network. That’s a significant overhead, especially for smartphones.

Lucky for us, ProcessOne just released ejabberd 20.04. This new version has a built-in STUN/TURN server. It simplifies service discoverability between clients. This helps chat apps setup a direct link between each other no matter the network they are on. And makes ejabberd video & voice calling possible.

» Don’t want to configure ejabberd video & voice calling yourself?
ProcessOne experts will make your business instantly connected. Contact us »

ejabberd video & voice calling

Updating ejabberd

First, we need to update our current ejabberd instance to version 20.04 or newer. Be sure to make a backup. Please read the upgrade procedure docs to check the migration notes. Once ready, proceed with the update:

wget https://www.process-one.net/downloads/downloads-action.php?file=/20.04/ejabberd_20.04-0_amd64.deb -O ejabberd_20.04.deb
apt install ./ejabberd_20.04.deb
/etc/init.d/ejabberd start

Configuring STUN/TURN for ejabberd video & voice calling

Now, we need to edit ejabberd.yml configuration file to enable STUN/TURN discovery using mod_stun_disco. Add the following somewhere at the bottom of the modules section:

modules:
  ...
  mod_stun_disco:
    credentials_lifetime: 12h
    services:
        -
          host: 0.0.0.0
          port: 3478
          type: stun
          transport: udp
          restricted: false
        -
          host: 0.0.0.0
          port: 3478
          type: turn
          transport: udp
          restricted: true
        -
          host: example.com
          port: 5349
          type: stuns
          transport: tcp
          restricted: false
        -
          host: example.com
          port: 5349
          type: turns
          transport: tcp
          restricted: true

Substitute 0.0.0.0 with the IP address of your ejabberd server, and example.com with your ejabberd domain. Also, make sure your server & firewall allows connections on ports 3478, 5349.

Finally, we have to actually listen for STUN/TURN traffic. We need to add new listeners in the listen section at the top of that configuration file:

listen:
  ...
  -
    port: 3478
    transport: udp
    module: ejabberd_stun
    use_turn: true
    turn_min_port: 49152
    turn_max_port: 65535
    ## The server's public IPv4 address:
    turn_ip: 0.0.0.0
  -
    port: 5349
    transport: tcp
    module: ejabberd_stun
    use_turn: true
    tls: true
    turn_min_port: 49152
    turn_max_port: 65535
    ip: 0.0.0.0
    turn_ip: 0.0.0.0

Substitute 0.0.0.0 with the IP address of your ejabberd server. Make sure that server & firewall allows connections in the range of ports from 49152 to 65535.

Configuring ejabberd STUN/TURN domain records (DNS)

There are a few extra steps to make it easier for clients to discover the STUN/TURN services. Create a list of SRV records under your main ejabberd domain:

_stun._udp   IN SRV  0 0 3478 example.com.
_stun._tcp   IN SRV  0 0 3478 example.com.
_stuns._tcp  IN SRV  0 0 5349 example.com.

_turn._udp   IN SRV  0 0 3478 example.com.
_turn._tcp   IN SRV  0 0 3478 example.com.
_turns._tcp  IN SRV  0 0 5349 example.com.

Different domain providers have different names in the forms to set up such records. The above listings are usually split this way:

  • service: stun
  • protocol: udp or tcp
  • priority: 0
  • weight: 0
  • port: 3478 or 5349
  • target: example.com

Testing ejabberd video & voice calling

In this tutorial I have tested ejabberd video & voice calling using two Android devices. Both were running Conversations. One device was on my local Wi-Fi while the other was on LTE. Both ejabberd video & voice calls were established quickly and the quality was between good and excellent.

Sometimes you may experience long delays while establishing calls. In that case try adjusting the shaper settings in ejabberd configuration as follows:

shaper:
  normal:
    rate: 3000
    burst_size: 20000
  fast: 100000

What’s next?

ejabberd server has a lot more to offer. We could experiment with BOSH or WebSocket connections that are useful for web applications. We could try and set up an MQTT broker. Let me know in the comments what kind of tutorials you want the most. For now, let’s tweak your ejabberd server to get 100% in the XMPP compliance test.

In this ejabberd tutorial series:

» Do you need a more specific solution?
ProcessOne experts are ready to help. Contact us »


Let us know what you think 💬


2 thoughts on “How to set up ejabberd video & voice calling

  1. It’s just great that ejabberd now supports audio and video calls. Thanks for this tutorial. Personally I lilke to see another one about how to set up BOSH.

  2. Does this setting not support passwords hashed in SCRAM?
    Does this setting only support plaintext passwords story?

Leave a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.