webrtc是google推出的基于浏览器的实时语音-视频通讯架构。其典型的应用场景为:浏览器之间端到端(p2p)实时视频对话,但由于网络环境的复杂性(比如:路由器/交换机/防火墙等),浏览器与浏览器很多时候无法建立p2p连接,只能通过公网上的中继服务器(也就是所谓的turn服务器)中转。
Relay server即为turn中继服务器,而STUN server的作用是通过收集NAT背后peer端(即:躲在路由器或交换机后的电脑)对外暴露出来的ip和端口,找到一条可穿透路由器的链路,俗称“打洞”。stun/turn服务器通常要部署在公网上,能被所有peer端访问到,coturn开源项目同时实现了stun和turn服务的功能,是webrtc应用的必备首选。
以上为抄录开场白,感谢 : https://www.cnblogs.com/yjmyzz/p/how-to-install-coturn-on-ubuntu.html
1、准备一台ubuntu服务器
本人准备的是一台ubuntu64的操作系统,具体如图:
由虚拟机安装。个人凭自己喜好,尽情玩耍。
2、安装coturn的组件依赖
hake@hake:/home# sudo su root #先切换到root
root@hake:/home# apt-get install build-essential #(可选),如果后面的./configure失败时,可先安装gcc
root@hake:/home# apt-get install openssl libssl-dev make #安装ssl
root@hake:/home# wget https://github.com/libevent/libevent/releases/download/release-2.1.10-stable/libevent-2.1.10-stable.tar.gz
#安装libevent2
root@hake:/home# tar -zxvf libevent-2.1.10-stable.tar.gz
root@hake:/home# cd libevent-2.1.10-stable
root@hake:/home# ./configure
root@hake:/home# make & make install
root@hake:/home# apt-get install sqlite libsqlite3-dev
注:coturn的用户信息等,默认是持久化保存在sqlite中。
3、下载coturn源码 并编译
root@hake:/home# wget https: //github .com /coturn/coturn/archive/4 .5.1.1. tar .gz
root@hake:/home# tar -zxvf 4.5.1.1. tar .gz
root@hake:/home# cd coturn-4.5.1.1
root@hake:/home# . /configure
root@hake:/home# make & make install
部分编译编码,验证是否成功
代码语言:javascript复制root@hake:/home/coturn-4.5.1.1# make & make install
[1] 54663
make: Nothing to be done for 'all'.
install -d /usr/local
install -d /usr/local/bin
install -d /usr/local/var/db
install -d /usr/local/man/man1
install -d /usr/local/etc
install -d /usr/local/lib
install -d /usr/local/share/examples/turnserver
install -d /usr/local/share/doc/turnserver
install -d /usr/local/share/turnserver
install -d /usr/local/include/turn
install bin/turnserver /usr/local/bin
install bin/turnadmin /usr/local/bin
install bin/turnutils_uclient /usr/local/bin
install bin/turnutils_peer /usr/local/bin
install bin/turnutils_stunclient /usr/local/bin
install bin/turnutils_oauth /usr/local/bin
install bin/turnutils_natdiscovery /usr/local/bin
install man/man1/turnserver.1 /usr/local/man/man1/
install man/man1/turnadmin.1 /usr/local/man/man1/
install man/man1/turnutils.1 /usr/local/man/man1/
install man/man1/turnutils_uclient.1 /usr/local/man/man1/
install man/man1/turnutils_stunclient.1 /usr/local/man/man1/
install man/man1/turnutils_oauth.1 /usr/local/man/man1/
install man/man1/turnutils_natdiscovery.1 /usr/local/man/man1/
install man/man1/turnutils_peer.1 /usr/local/man/man1/
install man/man1/coturn.1 /usr/local/man/man1/
install lib/libturnclient.a /usr/local/lib
install LICENSE /usr/local/share/doc/turnserver
install README.turnserver /usr/local/share/doc/turnserver
install README.turnadmin /usr/local/share/doc/turnserver
install README.turnutils /usr/local/share/doc/turnserver
install INSTALL /usr/local/share/doc/turnserver
install postinstall.txt /usr/local/share/doc/turnserver
install turndb/schema.sql /usr/local/share/doc/turnserver
install turndb/schema.sql /usr/local/share/turnserver
install turndb/schema.mongo.sh /usr/local/share/doc/turnserver
install turndb/schema.mongo.sh /usr/local/share/turnserver
install turndb/testredisdbsetup.sh /usr/local/share/turnserver
install turndb/testmongosetup.sh /usr/local/share/turnserver
install turndb/testsqldbsetup.sql /usr/local/share/turnserver
install turndb/schema.userdb.redis /usr/local/share/doc/turnserver
install turndb/schema.userdb.redis /usr/local/share/turnserver
install turndb/schema.stats.redis /usr/local/share/doc/turnserver
install turndb/schema.stats.redis /usr/local/share/turnserver
if [ -f sqlite/turndb ] ; then install sqlite/turndb /usr/local/var/db/turndb; fi
install examples/etc/turnserver.conf /usr/local/etc/turnserver.conf.default
cp -rpf examples/etc /usr/local/share/examples/turnserver
cp -rpf examples/scripts /usr/local/share/examples/turnserver
rm -rf /usr/local/share/examples/turnserver/scripts/rfc5769.sh
cp -rpf include/turn/client /usr/local/include/turn
install include/turn/ns_turn_defs.h /usr/local/include/turn
cat /usr/local/share/doc/turnserver/postinstall.txt
==================================================================
1) If your system supports automatic start-up system daemon services,
then to enable the turnserver as a system service that is automatically
started, you have to:
a) Create and edit /etc/turnserver.conf or
/usr/local/etc/turnserver.conf .
Use /usr/local/etc/turnserver.conf.default as an example.
b) For user accounts settings: set up SQLite or PostgreSQL or
MySQL or MongoDB or Redis database for user accounts.
Use /usr/local/share/turnserver/schema.sql as SQL database schema,
or use /usr/local/share/turnserver/schema.userdb.redis as Redis
database schema description and/or
/usr/local/share/turnserver/schema.stats.redis
as Redis status & statistics database schema description.
If you are using SQLite, the default database location is in
/var/db/turndb or in /usr/local/var/db/turndb or in /var/lib/turn/turndb.
c) add whatever is necessary to enable start-up daemon for the
/usr/local/bin/turnserver.
2) If you do not want the turnserver to be a system service,
then you can start/stop it "manually", using the "turnserver"
executable with appropriate options (see the documentation).
3) To create database schema, use schema in file
/usr/local/share/turnserver/schema.sql.
4) For additional information, run:
$ man turnserver
$ man turnadmin
$ man turnutils
==================================================================4、创建配置coturn
root@hake:/home# turnadmin -a -u youname-p youpassword -r hakecom
root@hake:/home# cp /usr/local/etc/turnserver.conf.default /usr/local/etc/turnserver.conf
root@hake:/home# vim /usr/local/etc/turnserver.conf
修改配置:
listening-port=3478 #监听端口 listening-device=eth0 #监听的网卡 external-ip=192.168.2.146 #公网ip(此处配置本地的ip) user=youname:youpassword #用户名:密码 realm=hakecom #一般与turnadmin创建用户时指定的realm一致 |
|---|
启动:
代码语言:javascript复制root@hake:/home/coturn-4.5.1.1# turnadmin -a -u youname-p youpassword -r hakecom
root@hake:/home/coturn-4.5.1.1# ls
AUTHORS ChangeLog examples LICENSE make-man.sh postinstall.txt README.turnutils STATUS
bin configure include LICENSE.OpenSSL man README.md rpm TODO
build docker INSTALL Makefile netarch.txt README.turnadmin sqlite turndb
build-docker.sh Dockerfile.build lib Makefile.in NOTE README.turnserver src
root@hake:/home/coturn-4.5.1.1# pwd
/home/coturn-4.5.1.1
root@hake:/home/coturn-4.5.1.1# cp /usr/local/etc/turnserver.conf.default /usr/local/etc/turnserver.conf
root@hake:/home/coturn-4.5.1.1# vim /usr/local/etc/turnserver.conf
root@hake:/home/coturn-4.5.1.1# pwd
/home/coturn-4.5.1.1
root@hake:/home/coturn-4.5.1.1# turnserver -o -a -f -v -r hakecom
0: log file opened: /var/log/turn_54723_2020-09-12.log
0: Config file found: /usr/local/etc/turnserver.conf
0:
RFC 3489/5389/5766/5780/6062/6156 STUN/TURN Server
Version Coturn-4.5.1.1 'dan Eider'
0:
Max number of open files/sockets allowed for this process: 1048576
0:
Due to the open files/sockets limitation,
max supported number of TURN Sessions possible is: 524000 (approximately)
0:
==== Show him the instruments, Practical Frost: ====
0: TLS supported
0: DTLS supported
0: DTLS 1.2 supported
0: TURN/STUN ALPN supported
0: Third-party authorization (oAuth) supported
0: GCM (AEAD) supported
0: OpenSSL compile-time version: OpenSSL 1.1.1 11 Sep 2018 (0x1010100f)
0:
0: SQLite supported, default database location is /usr/local/var/db/turndb
0: Redis is not supported
0: PostgreSQL is not supported
0: MySQL is not supported
0: MongoDB is not supported
0:
0: Default Net Engine version: 3 (UDP thread per CPU core)
=====================================================
0: Domain name:
0: Default realm: cnblogs
0: ERROR:
CONFIG ERROR: Empty cli-password, and so telnet cli interface is disabled! Please set a non empty cli-password!
0: WARNING: cannot find certificate file: turn_server_cert.pem (1)
0: WARNING: cannot start TLS and DTLS listeners because certificate file is not set properly
0: WARNING: cannot find private key file: turn_server_pkey.pem (1)
0: WARNING: cannot start TLS and DTLS listeners because private key file is not set properly
0: NO EXPLICIT LISTENER ADDRESS(ES) ARE CONFIGURED
0: ===========Discovering listener addresses: =========
0: Listener address to use: 127.0.0.1
0: Listener address to use: 192.168.2.146
0: Listener address to use: ::1
0: =====================================================
0: Total: 1 'real' addresses discovered
0: =====================================================
0: NO EXPLICIT RELAY ADDRESS(ES) ARE CONFIGURED
0: ===========Discovering relay addresses: =============
0: Relay address to use: 192.168.2.146
0: Relay address to use: ::1
0: =====================================================
0: Total: 2 relay addresses discovered
0: =====================================================5、turnserver -o -a -f -v -r hakecom
输出代码:
代码语言:javascript复制root@hake:/home/coturn-4.5.1.1# turnserver -o -a -f -v -r cnblogs
0: log file opened: /var/log/turn_54723_2020-09-12.log
0: Config file found: /usr/local/etc/turnserver.conf
0:
RFC 3489/5389/5766/5780/6062/6156 STUN/TURN Server
Version Coturn-4.5.1.1 'dan Eider'
0:
Max number of open files/sockets allowed for this process: 1048576
0:
Due to the open files/sockets limitation,
max supported number of TURN Sessions possible is: 524000 (approximately)
0:
==== Show him the instruments, Practical Frost: ====
0: TLS supported
0: DTLS supported
0: DTLS 1.2 supported
0: TURN/STUN ALPN supported
0: Third-party authorization (oAuth) supported
0: GCM (AEAD) supported
0: OpenSSL compile-time version: OpenSSL 1.1.1 11 Sep 2018 (0x1010100f)
0:
0: SQLite supported, default database location is /usr/local/var/db/turndb
0: Redis is not supported
0: PostgreSQL is not supported
0: MySQL is not supported
0: MongoDB is not supported
0:
0: Default Net Engine version: 3 (UDP thread per CPU core)
=====================================================
0: Domain name:
0: Default realm: cnblogs
0: ERROR:
CONFIG ERROR: Empty cli-password, and so telnet cli interface is disabled! Please set a non empty cli-password!
0: WARNING: cannot find certificate file: turn_server_cert.pem (1)
0: WARNING: cannot start TLS and DTLS listeners because certificate file is not set properly
0: WARNING: cannot find private key file: turn_server_pkey.pem (1)
0: WARNING: cannot start TLS and DTLS listeners because private key file is not set properly
0: NO EXPLICIT LISTENER ADDRESS(ES) ARE CONFIGURED
0: ===========Discovering listener addresses: =========
0: Listener address to use: 127.0.0.1
0: Listener address to use: 192.168.2.146
0: Listener address to use: ::1
0: =====================================================
0: Total: 1 'real' addresses discovered
0: =====================================================
0: NO EXPLICIT RELAY ADDRESS(ES) ARE CONFIGURED
0: ===========Discovering relay addresses: =============
0: Relay address to use: 192.168.2.146
0: Relay address to use: ::1
0: =====================================================
0: Total: 2 relay addresses discovered
0: =====================================================webrtc-samples官网还提供了一个检测ice穿透的在线工具:https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/
验证结果:
使用火狐浏览器就没有问题,但是用google虽然done,但是报701错误?360浏览器也报这个错??
Note: errors from onicecandidateerror above are not neccessarily fatal. For example an IPv6 DNS lookup may fail but relay candidates can still be gathered via IPv4.
The server stun:192.168.XXX.XX:3478 returned an error with code=701:
STUN server address is incompatible.
转中文:报错信息: 注意:上述onicecandidateerror错误不一定是致命的。 例如,IPv6 DNS查找可能会失败,但仍可以通过IPv4收集中继候选者。 服务器stun:192.168.XXX.XX:3478返回了错误,代码为701:
火狐浏览器结果:
特别感谢:
https://www.cnblogs.com/yjmyzz/p/how-to-install-coturn-on-ubuntu.html
https://blog.csdn.net/m0_46453807/article/details/107221462
