Webrtc is a browser-based real-time voice-video communication architecture launched by Google. The typical application scenario is: end-to-end (p2p) real-time video conversation between browsers, but due to the complexity of the network environment (such as routers/switches/firewalls, etc.), the browser and the browser cannot establish a p2p connection in many cases , Can only be transferred through the relay server on the public network (the so-called turn server). The sample picture is as follows:
The Relay server in the above figure is the turn relay server, and the function of the STUN server is to find a penetrable ip and port by collecting the ip and port exposed by the peer behind the NAT (ie: the computer behind the router or switch) The link of the router is commonly known as "hole punching". The stun/turn server is usually deployed on the public network and can be accessed by all peers. The coturn open source project implements the functions of stun and turn services at the same time, and is the indispensable first choice for webrtc applications.
The following describes the construction process of coturn:
1. Get a cloud host with public IP
The Tianyi Cloud server I use here, I haven't used other cloud servers, but they should all be the same. I am using ubuntu16.04 here
Second, install the dependent components of coturn
Since there is nothing in the new environment, the following components must be installed first:
apt-get install build-essential #(可选),如果后面的./configure失败时,可先安装gcc
apt-get install openssl libssl-dev make
wget https://github.com/libevent/libevent/releases/download/release-2.1.10-stable/libevent-2.1.10-stable.tar.gz
tar -zxvf libevent-2.1.10-stable.tar.gz
cd libevent-2.1.10-stable
./configure
make & make install
apt-get install sqlite libsqlite3-dev
cd ~/
Note: The user information of coturn is persisted in sqlite by default. If you want to save it in mysql, the above sqlite installation options need to be changed to mysql-related dependencies.
Three, download the source code of coturn and compile
wget https://github.com/coturn/coturn/archive/4.5.1.1.tar.gz
tar -zxvf 4.5.1.1.tar.gz
cd coturn-4.5.1.1
./configure
make & make install
Fourth, create a user and configure coturn
turnadmin -a -u your_name -p your_password -r your_realmHere, you need to replace your_name with your own name, your_password with your own password, and your_realm with your own domain name. You can write all the three to be replaced by the way, just remember it yourself
cp /usr/local/etc/turnserver.conf.default /usr/local/etc/turnserver.confThe above command will copy the configuration mode file to /usr/local/etc/
vim /usr/local/etc/turnserver.confUse vim to open the configuration file, there is no vim in the new environment, you need to install vim first
Modify the following key items:
listening-port=3478 #监听端口
listening-device=eth0 #监听的网卡
external-ip=xxx.xxx.xxx.xxx #云主机的公网ip
user=your_name:your_password #用户名:密码
realm=your_realm #一般与turnadmin创建用户时指定的realm一致
cli-password=123456 #这个随便填
Five, add security group rules
The cloud host does not open the ports we need by default. Here we open all the ports we need. Log in to the control center of the purchased cloud host and find the page for modifying the security group rules.
3478:udp/tcp
443:tcp
8088: tcp
8089:tcp
8090: tcp
40000-60000:udp
You can use the nc command to detect whether the port to be used is open, such as detecting port 3478
Take the server IP: 129.204.197.213 as an example
Simple detection principle: the server uses nc -l 3478 to monitor port 3478, and then find a linux machine and use the nc command to connect, the specific operation
For example: test whether TCP of 3478 is open
server:
nc -l 3478Client:
nc -v 129.204.197.213 3478Prompt when the connection is successful
Connection to129.204.197.2133478port [tcp/*] succeeded!
Six, enable coturn and verify
Back to the command line window of our cloud host
turnserver -o -a -f -v -r your_realm
The official website of webrtc-samples also provides an online tool for detecting ice penetration: https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/
Refer to the figure below, set the stun and turn addresses, and then click on the bottom "Gather candidates" (collect candidate links)
If you see the last reply line, the ip in the address is the same as the public network ip of the turn server, indicating that the relay is successful.
Content reference from:
https://www.cnblogs.com/yjmyzz/p/how-to-install-coturn-on-ubuntu.html
https://www.jianshu.com/p/707e8a4e812a