Coturn set up stun / turn server

Time:2022-5-26

Coturn set up stun / turn server

Share experience summary, welcome to join

brief introduction

Stun, first defined in rfc3489, is a complete NAT penetration solution. Its full English name is simple traversal of UDP through NATs, that is, simply penetrating NAT with UDP.

Stun (simple traversal of user datagram protocol through network address translators), which simply penetrates NAT with UDP, is a lightweight protocol and a complete NAT penetration solution based on UDP. It allows applications to discover NAT and firewall and other types between them and the public Internet. It also allows applications to determine the public IP address and port number assigned to them by Nat. Stun is a client / server protocol and a request / response protocol. The default port number is3478

Turn is first defined in rfc5766. Its full English name is traversal using relays around NAT: relay extensions to session traversal utilities for NAT, that is, the extension of using relays to penetrate NAT: stun. In short, turn and sturn have something in common to achieve NAT penetration by modifying the private network address in the application layer. The similarities and differences are that turn achieves penetration through the “middleman” mode of communication between the two parties.

Stun protocol is renamed session traversal utilities for NAT in rfc5389, that is, NAT session penetration utility. Here, NAT session penetration utility is positioned as a protocol for other protocols to solve NAT penetration problems. It can be used for terminal equipment to check the IP address and port number assigned to the terminal by Nat. At the same time, it is also used to check the connectivity between two terminals, such as a keep alive protocol to maintain NAT binding entries. Stun can be used for a variety of NAT types without requiring them to provide special behavior.

Stun itself is no longer a complete NAT penetration solution, but a tool in NAT penetration solution. This is the most important change compared with rfc3489 / stun version.

Ice is different from stun and turn. Ice is not a protocol, but a framework, which integrates stun and turn.

Coturn build

Link:https://github.com/coturn/coturn

After the code is pulled, install the required dependent packages first

sudo apt-get install libssl-dev  
sudo apt-get install libevent-dev  
sudo apt-get install libpq-dev  
sudo apt-get install mysql-client  
sudo apt-get install libmysqlclient-dev  
sudo apt-get install libhiredis-dev  
sudo apt-get install gcc
sudo apt-get install pkg-config

Compile coturn

source ./configure
make -j 8
sudo make install

Screenshot of installation

Coturn set up stun / turn server

Insert picture description here

Edit the configuration file after installation

Path: / usr / local / etc / turnserver conf.default

Required configuration items. Other items can be viewed by Baidu

Listening port = 3478 # specifies the port on which to listen
External IP = 39.121.185.185 # specify the public IP address of the virtual machine
User = aaaaaa: bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
realm=stun. xxx. Cn # domain name, which must be set
cli-password=123456

Open port 3478

Turnserver startup

Path: CD / usr / local / bin

turnserver -c ../etc/turnserver.conf

Online tools for detecting ice penetration

Link:https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/

The test found that Firefox is normal and Google browser is abnormal

Coturn set up stun / turn server

Insert picture description here
Coturn set up stun / turn server

Insert picture description here
Coturn set up stun / turn server

Insert picture description here
Coturn set up stun / turn server

Insert picture description here
Android end use
PeerConnection.IceServer iceServer = new PeerConnection.IceServer("turn:172.21.0.147:3478", "taxiao", "123456");
iceServers.add(iceServer);
PeerConnection.RTCConfiguration configuration = new PeerConnection.RTCConfiguration(iceServers);
Wechat official account (He Xiao), follow and forward, thank you

Recommended Today

C + + : file operation

File operation is an indispensable part of program development. Any software that needs data storage needs file operation. File operations include opening, reading and writing files. (1) Stream class library in C + + C + + language defines special class libraries for standard input and output of different types of data. The class libraries […]