| 知乎专栏 |
coturn 主要有两个包,分别是 coturn 和 coturn-utils,coturn-client-devel 我们用不到
[root@netkiller ~]# dnf search coturn Last metadata expiration check: 1:40:06 ago on Fri 07 Feb 2025 10:27:51 PM CST. ========================================= Name Exactly Matched: coturn ========================================= coturn.x86_64 : TURN/STUN & ICE Server ======================================== Name & Summary Matched: coturn ======================================== coturn-client-devel.x86_64 : Coturn client development headers coturn-utils.x86_64 : Coturn utils ============================================= Name Matched: coturn ============================================= coturn-client-libs.x86_64 : TURN client static library
安装 coturn 服务器
[root@netkiller ~]# dnf install coturn coturn-utils -y
查看一下包内有那些工具
[root@netkiller ~]# rpm -ql coturn | egrep "bin|etc" /etc/coturn /etc/coturn/turnserver.conf /etc/logrotate.d/coturn /etc/pki/coturn /etc/pki/coturn/private /etc/pki/coturn/public /usr/bin/turnadmin /usr/bin/turnserver /usr/share/doc/coturn/etc /usr/share/doc/coturn/etc/turnserver.conf [root@netkiller ~]# rpm -ql coturn-utils | grep bin /usr/bin/turnutils_natdiscovery /usr/bin/turnutils_oauth /usr/bin/turnutils_peer /usr/bin/turnutils_stunclient /usr/bin/turnutils_uclient
备份配置文件
cp /etc/coturn/turnserver.conf{,.original}
生成证书
openssl req -x509 -newkey rsa:2048 -keyout /etc/pki/coturn/private/turn_server_pkey.pem -out /etc/pki/coturn/public/turn_server_cert.pem -days 365 -nodes
创建用户和密码
turnadmin -a -u netkiller -p 123456 -r rtc.netkiller.cn
也可以通过配置文件 /etc/coturn/turnserver.conf 创建静态用户和密码
user=netkiller:123456 realm=rtc.netkiller.cn
开放防火墙端口
firewall-cmd --zone=public --add-port=3478/udp --permanent firewall-cmd --zone=public --add-port=5349/udp --permanent firewall-cmd --reload
/etc/coturn/turnserver.conf 配置文件
listening-ip=0.0.0.0 # 配置为0.0.0.0即可,会监听所有ip请求 listening-port=3478 # STUN服务端口为3478 tls-listening-port=5349 # STUN的 TLS 监听端口 relay-ip 配置为服务器的外网ip地址 external-ip 配置为服务器的外网ip地址
仅供参考
[root@netkiller ~]# grep -v ^# /etc/coturn/turnserver.conf | grep -v "^$" relay-ip=192.168.0.71 external-ip=139.29.154.210 user=neo:netkiller realm=netkiller.cn cert=/etc/pki/coturn/public/turn_server_cert.pem pkey=/etc/pki/coturn/private/turn_server_pkey.pem log-file=/var/log/coturn/turnserver.log simple-log cli-ip=127.0.0.1 cli-port=5766 cli-password=qwerty no-rfc5780 no-stun-backward-compatibility response-origin-only-with-rfc5780
启动服务
systemctl enable coturn systemctl start coturn
var iceServers = {
iceServers: [
{
urls: 'turn:your-external-ip-address:3478',
username: 'netkiller',
credential: '123456'
}]
};
connection = new RTCPeerConnection(iceServers);
确认端口状态
[root@netkiller ~]# lsof -i :3478 COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME turnserve 2003533 coturn 24u IPv4 25225693 0t0 TCP localhost:stun (LISTEN) turnserve 2003533 coturn 25u IPv4 25231980 0t0 TCP localhost:stun (LISTEN) turnserve 2003533 coturn 26u IPv4 25225694 0t0 TCP netkiller:stun (LISTEN) turnserve 2003533 coturn 27u IPv4 25225695 0t0 TCP netkiller:stun (LISTEN)
测试程序 turnutils_uclient
接着对使用coturn搭建的STUN/TURN服务使用turnutils_uclient程序测试其TURN服务是否正常。 直接连接服务测试服务是否正常。为保证测试使用的服务是TURN服务,在TURN服务启动时,关掉STUN服务。 在TURN服务启动时,如果是命令行,加入"--no-stun"配置;如果使用配置文件的话,加入"no-stun"选项。 使用coTurn服务启动TURN服务后,执行以下命令即可: turnutils_uclient -v -t -T -u <user> -w <password> xxx.xxx.xxx.xxx 参数说明: -v 表示给出详细提示 -t 使用TCP协议(默认使用UDP) -T TCP协议中继传输(默认是UDP) -u TURN的用户名 -w TURN服务对应用户的密码 xxx.xxx.xxx.xxx TURN服务的IP地址
[root@netkiller ~]# turnutils_uclient -v -t -T -u neo -w netkiller 127.0.0.1 0: (2003881): INFO: IPv4. Connected from: 127.0.0.1:58632 0: (2003881): INFO: IPv4. Connected to: 127.0.0.1:3478 0: (2003881): INFO: allocate sent 0: (2003881): INFO: allocate response received: 0: (2003881): INFO: allocate sent 0: (2003881): INFO: allocate response received: 0: (2003881): INFO: success 0: (2003881): INFO: IPv4. Received relay addr: 139.9.54.21:64324 0: (2003881): INFO: clnet_allocate: rtv=0 0: (2003881): INFO: refresh sent 0: (2003881): INFO: refresh response received: 0: (2003881): INFO: success 0: (2003881): INFO: IPv4. Connected from: 127.0.0.1:58642 0: (2003881): INFO: IPv4. Connected to: 127.0.0.1:3478 0: (2003881): INFO: IPv4. Connected from: 127.0.0.1:58644 0: (2003881): INFO: IPv4. Connected to: 127.0.0.1:3478 0: (2003881): INFO: allocate sent 0: (2003881): INFO: allocate response received: 0: (2003881): INFO: allocate sent 0: (2003881): INFO: allocate response received: 0: (2003881): INFO: success 0: (2003881): INFO: IPv4. Received relay addr: 139.9.54.21:60677 0: (2003881): INFO: clnet_allocate: rtv=0 0: (2003881): INFO: refresh sent 0: (2003881): INFO: refresh response received: 0: (2003881): INFO: success 0: (2003881): INFO: allocate sent 0: (2003881): INFO: allocate response received: 0: (2003881): INFO: allocate sent 0: (2003881): INFO: allocate response received: 0: (2003881): INFO: success 0: (2003881): INFO: IPv4. Received relay addr: 139.9.54.21:57197 0: (2003881): INFO: clnet_allocate: rtv=0 0: (2003881): INFO: refresh sent 0: (2003881): INFO: refresh response received: 0: (2003881): INFO: success 0: (2003881): INFO: create perm sent: 139.9.54.21:57197 0: (2003881): INFO: cp response received: 0: (2003881): INFO: success 0: (2003881): INFO: create perm sent: 139.9.54.21:60677 0: (2003881): INFO: cp response received: 0: (2003881): INFO: success 0: (2003881): INFO: tcp connect sent 0: (2003881): INFO: connection bind sent 0: (2003881): INFO: connect bind response received: 0: (2003881): INFO: success 0: (2003881): INFO: IPv4. TCP data network connected to: 127.0.0.1:3478 0: (2003881): INFO: connection bind sent 0: (2003881): INFO: connect bind response received: 0: (2003881): INFO: success 0: (2003881): INFO: IPv4. TCP data network connected to: 127.0.0.1:3478 0: (2003881): INFO: Total connect time is 0 0: (2003881): INFO: 2 connections are completed 1: (2003881): INFO: start_mclient: msz=2, tot_send_msgs=0, tot_recv_msgs=0, tot_send_bytes ~ 0, tot_recv_bytes ~ 0 2: (2003881): INFO: start_mclient: msz=2, tot_send_msgs=5, tot_recv_msgs=5, tot_send_bytes ~ 500, tot_recv_bytes ~ 500 3: (2003881): INFO: start_mclient: msz=2, tot_send_msgs=5, tot_recv_msgs=5, tot_send_bytes ~ 500, tot_recv_bytes ~ 500 3: (2003881): INFO: done, connection 0x7f009c80e010 closed. 3: (2003881): INFO: done, connection 0x7f009c82f010 closed. 3: (2003881): INFO: start_mclient: tot_send_msgs=10, tot_recv_msgs=10 3: (2003881): INFO: start_mclient: tot_send_bytes ~ 1000, tot_recv_bytes ~ 1000 3: (2003881): INFO: Total transmit time is 3 3: (2003881): INFO: Total lost packets 0 (0.000000%), total send dropped 0 (0.000000%) 3: (2003881): INFO: Average round trip delay 4.300000 ms; min = 0 ms, max = 21 ms 3: (2003881): INFO: Average jitter 8.400000 ms; min = 0 ms, max = 21 ms
[root@netkiller ~]# turnutils_stunclient -p 3478 127.0.0.1 0: (2004030): INFO: IPv4. UDP reflexive addr: 127.0.0.1:45826
[root@netkiller ~]# turnutils_natdiscovery -m 127.0.0.1 -= Mapping Behavior Discovery =- 0: (2003693): INFO: IPv4. UDP reflexive addr: 127.0.0.1:39570 0: (2003693): INFO: IPv4. Local addr: : 0.0.0.0:39570 [root@netkiller ~]# turnutils_natdiscovery -f 127.0.0.1 -= Filtering Behavior Discovery =- 0: (2003696): INFO: IPv4. UDP reflexive addr: 127.0.0.1:57186 0: (2003696): INFO: IPv4. Local addr: : 0.0.0.0:57186
[root@netkiller ~]# turnutils_peer -v 0: (2003645): INFO: Start 0: (2003645): INFO: End 0: (2003645): INFO: Start 0: (2003645): INFO: End 0: (2003645): INFO: Start 0: (2003645): INFO: End 0: (2003645): INFO: Start 0: (2003645): INFO: End
[root@netkiller ~]# journalctl -f -u coturn.service Feb 09 12:17:58 netkiller systemd[1]: Stopping coturn... Feb 09 12:17:58 netkiller systemd[1]: coturn.service: Deactivated successfully. Feb 09 12:17:58 netkiller systemd[1]: Stopped coturn. Feb 09 12:17:58 netkiller systemd[1]: Starting coturn... Feb 09 12:17:58 netkiller systemd[1]: Started coturn. Feb 09 12:29:50 netkiller systemd[1]: Stopping coturn... Feb 09 12:29:53 netkiller systemd[1]: coturn.service: Deactivated successfully. Feb 09 12:29:53 netkiller systemd[1]: Stopped coturn. Feb 09 12:29:53 netkiller systemd[1]: Starting coturn... Feb 09 12:29:53 netkiller systemd[1]: Started coturn.