introduce

coturn

When we were developing WebRTC, we were not in the same LOCAL area network, so we needed to use TURN and STUN services for P2P penetration of the firewall. At this time, we could establish TURN and STUN services through coturn, an open source library.

Coturn fully implements STUN/TURN/ICE protocol and supports P2P firewall penetration. It is mainly used for point-to-point video and audio calls such as weBRTC. Coturn supports TCP, UDP, TLS, and DTLS connections. Supports Linux BSD Solaris MAC OS, but does not support Windows. Coturn adds some advanced features to the original RFC5766-turn-server. The author is the same, more recommended to use coturn.

download

The installation

To install the Coturn package in Debian, Ubuntu, or Mint, download, build, and install the latest stable Libevent library before installing and configuring the TURN server:

$$tar XVFZ wget HTTP: / / https://github.com/downloads/libevent/libevent/libevent-2.0.21-stable.tar.gz Libevent - 2.0.21 - stable. Tar. Gz $cdLibevent -2.0.21-stable $./configure $make $make installCopy the code

Decompress and install the downloaded Coturn installation

$ tar xvfz turnserver-<... >.tar.gz $ ./configure $ make $ make installCopy the code

configuration

# Create user using the turnadmin command
# -u User name
# -r group, module
# - p code
$ sudo turnadmin -a -u qiuqfang -r root -p qiuqfang

# add/usr/local/etc/turnserver. Conf configuration
# in /usr/local/etc there is a turnserver.conf.default
# At this point, we need to copy the turnserver.conf.default file and change the file name to turnserver.conf
$ sudo cp turnserver.conf.default turnserver.conf
# Enter turnServer. conf to modify the configuration
$ sudo vim turnserver.conf
Copy the code
**.**.** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** ** User =qiuqfang:qiuqfang (user name: /usr/local/etc/turn_server_cert.pem pkey=/usr/local/etc/turn_server_pkey.pem Cli-password =qwerty (default enabled)Copy the code
Generate the private key and certificate required for encrypted transmission
$ sudo openssl req -x509 -newkey rsa:2048 -keyout \
/usr/local/etc/turn_server_pkey.pem -out /usr/local/etc/turn_server_cert.pem -days 99999 -nodes
Copy the code

Start and test the service

$ sudo turnserver -o -a -f -u qiuqfang:qiufang -r <realm-name>
Copy the code

Trickle ICETest site