[Transfer to]WEBRTC Learning: Deploying Stun and turn servers

[Transfer to]WEBRTC Learning: Deploying Stun and turn servers

Http://www.cnblogs.com/lingdhox/p/4209659.html

The WEBRTC-to-peer penetration part is implemented by Libjingle.

The sequence of steps is probably this:

1. Try direct Connect.

2. Penetrate through the stun server

3. Cannot penetrate through the turn server relay.

Stun server is relatively simple. There are also many public stun servers available for testing on the web. such as stun.ideasip.com

You need to pay attention here. When I was doing Android apps. A bug has appeared on a handful of older phones:

Peerconnection Close is very slow. Probably need 50~80s.

Later repeated checks, only to find the problem in the public stun server response is relatively slow.

The solution is to build a stun server yourself.

The specific reason should be: ice detection (stun bind request) has been in progress. When the worker thread is shut down because the network is stuck, then the main thread waits. It's not very good to check. You may need to hit a lot of logs to locate the code.

When you cannot penetrate, you need to turn the server to ensure a successful video call.

The turn contains the functionality of the stun. So you just need to deploy the turn server.

Server code can be obtained from here: https://code.google.com/p/coturn/

Coturn has added some advanced features to the original turnserver. (This is the author's description, two items are the same author.) The author recommends using Coturn.

Coturn supports TCP, UDP, TLS, DTLS connections.

The Coturn supports the Linux BSD Solaris Mac OS. No support for Windows (future support)

Let's talk about installation and configuration.

1. The underlying network portion of Coturn relies on libevent. So we need to install Libevent2 First, address this http://libevent.org/

2. The installation of Coturn is simple. The Configure make make install trilogy is finished.

3. Coturn's documentation is very detailed. But more. I'm just about to explain.

More specific instructions can be seen in the source directory of Readme.turnserver Readme.turnadmin readme.turnutils

Generate six executable files in the bin directory

Turnadmin Turnutils_peer turnutils_stunclient
Turnserver Turnutils_rfc5769check turnutils_uclient

Turnserver is the server we need.

Turnadmin is used to manage accounts.

Turnutils_stunclient for testing Stun services

Turnutils_uclient is used to test the turn service. Simulating multiple UDP,TCP,TLS or DTLS types of clients

The example directory is primarily a demonstration of how to configure and use turn. Contains some test cases.

EXAMPLE/ETC is the PEM certificate and the Conf configuration file

EXAMPLE/VAR/DB is the DB Library of SQLite. The format used for the demonstration database.

The Coturn supports three configurations. command line, conf files and databases. The database supports SQLite, MySQL, PostgreSQL, MongoDB, Redis.

Examples\scripts some of the following test cases:

The loadbalance demonstrates how to load balance. Set up a master turn server and then configure several slave turn servers.

Longtermsecure demonstrating how to use long-term authentication

Longtermsecuredb is similar to Longtermsecure, but from the database configuration

Shorttermsecure demonstrates how to use short-term authentication.

Restapi demonstrates the use of web aspects.

Stun defines two kinds of authentication methods.

Long-term credential

Short-term credential

Specific reference to stun standard http://tools.ietf.org/html/rfc5389#section-15.4

But for WEBRTC. Only long-term is supported.

Http://www.ietf.org/proceedings/87/slides/slides-87-behave-10.pdf
TURN REST Server API

This PDF describes the. Turn the interaction process between the server and the client.

4. Simple to use

Turnserver-o-a-f-v--mobility-m--max-bps=100000--min-port=32355--max-port=65535--user=ling:ling1234--user=lin G2:ling1234-r Demo

-M 10 indicates the start of 10 relay threads.

When turn server is used for WEBRTC, you must use long-term credential mechanism, that is, specify-A or--lt-cred-mech

The--max-bps=100000 limits the maximum speed to 100kb/s.

Two users Ling and Ling2 were added.

You can test it directly using the Turnutils_uclient-u ling-w ling1234. Turnutils_uclient has many parameters that can be configured.

12345

webrtc::PeerConnectionInterface::IceServer turnServer;turnServer.uri = "turn:ip";turnServer.username = "ling";turnServer.password = "ling1234";servers.push_back(turnServer);

　　

This can be configured in C + + WEBRTC turn. The Web/android/ios is similar.

If you consider it from a security aspect. You can generate a key for your account so that you can log in directly via key. Without having to provide a password.

Key is generated via turnadmin, required (username, password, realm). Realm is specified by the-r parameter when you start turn server.

For example, this:

12	turnadmin -k -u ling -p ling1234 -r demo0xccba8f3a6a025a38eb4a0e795fc92705

[Transfer to]WEBRTC Learning: Deploying Stun and turn servers