安装版本:turnserver-3.2.3.95.tar.gz 系统环境:AWS ec2
一、下载必要库
| sudo yum install -y make auomake gcc cc gcc-c++ wget sudo yum install -y openssl-devel libevent libevent-devel mysql-devel mysql-server wget https://github.com/libevent/libevent/releases/download/release-2.1.8-stable/libevent-2.1.8-stable.tar.gz tar xvfz libevent-2.1.8-stable.tar.gz cd libevent-2.1.8-stable && ./configure make && make install |
二、下载turnserver-3.2.3.95.tar.gz并安装
| wget http://turnserver.open-sys.org/downloads/v3.2.3.95/turnserver-3.2.3.95.tar.gz tar -xvzf turnserver-3.2.3.95.tar.gz cd turnserver-3.2.3.95 ./configure make && make install (若安装出错,用root权限,sudo su) |
三、创建配置文件 :
| sudo cp /usr/local/etc/turnserver.conf.default /etc/turnserver.conf sudo cp /usr/local/etc/turnuserdb.conf.default /etc/turnuserdb.conf |
四、编辑配置文件turnserver.conf:(只需修改下面几项)
| external-ip=54.95.37.26/172.31.43.68 (前者为服务器公网ip,后者为内网IP) fingerprint (开启指纹) lt-cred-mech (开启长期验证机制) user=testuser:123456 (设置一个测试用户名及密码) |
(ps: 获取外网地址:curl https://www.taobao.com/help/getip.php
获取内网地址:ifconfig)
五、亚马逊服务器控制后台开启相关端口及协议:
3478(tcp 、udp),5349(tcp、udp),49152-65535(udp)
六、开启turnserver:
| turnserver -v -r foo.org -c /etc/turnserver.conf |
(注意:其中 -r xxxx参数必须要带,xxxx自己定义)
七、测试(三种方式):
1.官网测试: https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/
add server之后,点击gather candidates ,若出现下方结果,则测试成功。
2.turnserver自带的客户端测试工具:
一个终端输入命令行:
| turnutils_uclient -v -u testuser -w 123456 54.249.95.226(外网ip) |
运行turnserver的终端出现以下类似结果,则显示测试成功。
| 830: handle_udp_packet: New UDP endpoint: local addr 172.31.33.19:3478, remote addr 54.249.95.226:37748 830: session 003000000000000001: user <>: incoming packet message processed, error 401: Unauthorised 830: IPv4. Local relay addr: 172.31.33.19:55550 830: IPv4. Local reserved relay addr: 172.31.33.19:55551 830: session 003000000000000001: new, username=<testuser>, lifetime=800 830: session 003000000000000001: user <testuser>: incoming packet ALLOCATE processed, success 830: session 003000000000000001: refreshed, username=<testuser>, lifetime=600 830: session 003000000000000001: user <testuser>: incoming packet REFRESH processed, success 830: handle_udp_packet: New UDP endpoint: local addr 172.31.33.19:3478, remote addr 54.249.95.226:33309 830: session 003000000000000002: user <>: incoming packet message processed, error 401: Unauthorised |
3. 运行js测试代码:
参考网址:https://stackoverflow.com/questions/34030188/easy-way-to-test-turn-server
Chrome中的测试成功结果:
八、完成以上测试,说明turnserver已经正常运行,但是要想在signal服务中使用它,还需要修改相关配置:
编辑配置文件turnserver.conf:(只需启用和修改下面几项)
| external-ip=54.249.95.226/172.31.43.68 (前者为服务器公网ip,后者为内网IP) fingerprint (开启指纹) lt-cred-mech (开启长期验证机制) use-auth-secret (开启secret形式授权 ) static-auth-secret=12345(# 设置secret,这个和signal服务配置文件里的turnserver的secret要一致,最好复杂点,注意最后别留空格) |
signal 服务器配置文件中的相关配置:
| turn: # TURN server configuration secret: 12345 # TURN server secret uris: - stun:54.249.95.226:3478 - stun:54.249.95.226:5349 # 5349是tls的,相当于443 - turn:54.249.95.226:3478?transport=udp - turn:54.249.95.226:5349?transport=udp |
九、测试两个用户聊天,成功结果:
| 236: handle_udp_packet: New UDP endpoint: local addr 172.31.33.19:5349, remote addr 223.104.63.195:62017 236: session 001000000000000006: user <>: incoming packet BINDING processed, success 236: handle_udp_packet: New UDP endpoint: local addr 172.31.33.19:3478, remote addr 223.104.63.195:62384 236: session 001000000000000007: user <>: incoming packet BINDING processed, success 236: session 001000000000000006: user <>: incoming packet message processed, error 401: Unauthorised 236: session 001000000000000007: user <>: incoming packet message processed, error 401: Unauthorised 236: IPv4. Local relay addr: 172.31.33.19:50740 236: session 001000000000000006: new, username=<1546160875:233093636>, lifetime=600 236: session 001000000000000006: user <1546160875:233093636>: incoming packet ALLOCATE processed, success 236: IPv4. Local relay addr: 172.31.33.19:64076 236: session 001000000000000007: new, username=<1546160875:233093636>, lifetime=600 236: session 001000000000000007: user <1546160875:233093636>: incoming packet ALLOCATE processed, success 237: handle_udp_packet: New UDP endpoint: local addr 172.31.33.19:3478, remote addr 218.17.158.166:44069 237: session 003000000000000007: user <>: incoming packet BINDING processed, success 237: handle_udp_packet: New UDP endpoint: local addr 172.31.33.19:5349, remote addr 218.17.158.166:15323 237: session 002000000000000008: user <>: incoming packet BINDING processed, success 237: session 003000000000000007: user <>: incoming packet message processed, error 401: Unauthorised 237: session 002000000000000008: user <>: incoming packet message processed, error 401: Unauthorised 237: IPv4. Local relay addr: 172.31.33.19:50703 237: session 002000000000000008: new, username=<1546160875:908806305>, lifetime=600 237: session 002000000000000008: user <1546160875:908806305>: incoming packet ALLOCATE processed, success 237: IPv4. Local relay addr: 172.31.33.19:54412 237: session 003000000000000007: new, username=<1546160875:908806305>, lifetime=600 237: session 003000000000000007: user <1546160875:908806305>: incoming packet ALLOCATE processed, success 237: session 001000000000000006: user <1546160875:233093636>: incoming packet CREATE_PERMISSION processed, success 237: session 001000000000000007: user <1546160875:233093636>: incoming packet CREATE_PERMISSION processed, success 238: session 001000000000000006: user <1546160875:233093636>: incoming packet CREATE_PERMISSION processed, success 238: session 001000000000000007: user <1546160875:233093636>: incoming packet CREATE_PERMISSION processed, success 238: session 002000000000000008: user <1546160875:908806305>: incoming packet CREATE_PERMISSION processed, success 238: session 003000000000000007: user <1546160875:908806305>: incoming packet CREATE_PERMISSION processed, success 。。。。。。 |
十、以守护进程运行turnserver:
| turnserver -v -r foo.org -c /etc/turnserver.conf -o |