From 2f0cb13ecbf4a6593c2fa23508dd12f526c3db32 Mon Sep 17 00:00:00 2001
From: hailin <hailin.zhao@gdzx.xyz>
Date: Sat, 28 Feb 2026 11:37:21 -0800
Subject: [PATCH] fix: enable built-in TURN server for NAT traversal

Subscriber transport was timing out on DTLS handshake for clients
behind complex NAT (VPN/symmetric NAT). Enable LiveKit's built-in
TURN server on UDP port 3478.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 deploy/docker/docker-compose.yml | 1 +
 deploy/docker/livekit.yaml       | 5 +++++
 2 files changed, 6 insertions(+)

diff --git a/deploy/docker/docker-compose.yml b/deploy/docker/docker-compose.yml
index a946020..240ea18 100644
--- a/deploy/docker/docker-compose.yml
+++ b/deploy/docker/docker-compose.yml
@@ -320,6 +320,7 @@ services:
     ports:
       - "17880:7880"
       - "17881:7881"
+      - "3478:3478/udp"
       - "50000-50200:50000-50200/udp"
     volumes:
       - ./livekit.yaml:/etc/livekit.yaml:ro
diff --git a/deploy/docker/livekit.yaml b/deploy/docker/livekit.yaml
index 8ff7986..d1e9384 100644
--- a/deploy/docker/livekit.yaml
+++ b/deploy/docker/livekit.yaml
@@ -5,6 +5,11 @@ rtc:
   tcp_port: 7881
   use_external_ip: true
 
+turn:
+  enabled: true
+  udp_port: 3478
+  tls_port: 0
+
 keys:
   devkey: devsecret