STUN,首先在RFC3489中定义,作为一个完整的NAT穿透解决方案,英文全称是Simple Traversal of UDP Through NATs,即简单的用UDP穿透NAT。
TURN,首先在RFC5766中定义,英文全称是Traversal Using Relays around NAT:Relay Extensions to Session Traversal Utilities for NAT,即使用中继穿透NAT:STUN的扩展
简单的说,TURN与STURN的共同点都是通过修改应用层中的私网地址达到NAT穿透的效果,异同点是TURN是通过两方通讯的“中间人”方式实现穿透。
ICE的全称Interactive Connectivity Establishment(互动式连接建立),由IETF的MMUSIC工作组开发出来的,它所提供的是一种框架,使各种NAT穿透技术可以实现统一。
STUN和TURN服务器和ICE可以参考阅读: P2P技术详解(三):P2P技术之STUN、TURN、ICE详解
本文介绍如何通过DOCKER搭建STUN和TURN服务器,步骤如下
1:创建Dockerfile,内容如下:
FROM ubuntu:14.04
MAINTAINER Patxi Gortázar <patxi.gortazar@gmail.com>
RUN apt-get update &&apt-get install -y \
curl \
libevent-core-2.0-5 \
libevent-extra-2.0-5 \
libevent-openssl-2.0-5 \
libevent-pthreads-2.0-5 \
libhiredis0.10 \
libmysqlclient18 \
libpq5 \
telnet \
wget
RUN wget http://turnserver.open-sys.org/downloads/v4.4.2.2/turnserver-4.4.2.2-debian-wheezy-ubuntu-mint-x86-64bits.tar.gz \
&&tar xzf turnserver-4.4.2.2-debian-wheezy-ubuntu-mint-x86-64bits.tar.gz \
&&dpkg -i coturn_4.4.2.2-1_amd64.deb
COPY ./turnserver.sh /turnserver.sh
ENV TURN_USERNAME test
ENV TURN_PASSWORD test
ENV REALM kurento.org
ENV NAT true
EXPOSE 3478 3478/udp
ENTRYPOINT ["/turnserver.sh"]
2:创建turnserver.sh,内容如下
#!/bin/bash
set-e
if[$NAT="true"-a-z"$EXTERNAL_IP"]then
#Try to get public IP
PUBLIC_IP=$(curl http://169.254.169.254/latest/meta-data/public-ipv4)||echo"No public ip found on http://169.254.169.254/latest/meta-data/public-ipv4"
if[-z"$PUBLIC_IP"]then
PUBLIC_IP=$(curl http://icanhazip.com)||exit1
fi
#Try to get private IP
PRIVATE_IP=$(ifconfig|awk'/inet addr/{print substr($2,6)}'|grep -v 127.0.0.1)||exit1
exportEXTERNAL_IP="$PUBLIC_IP/$PRIVATE_IP"
echo"Starting turn server with external IP:$EXTERNAL_IP"
fi
echo'min-port=49152'>/etc/turnserver.conf
echo'max-port=65535'>>/etc/turnserver.conf
echo'fingerprint'>>/etc/turnserver.conf
echo'lt-cred-mech'>>/etc/turnserver.conf
echo"realm=$REALM">>/etc/turnserver.conf
echo'log-file stdout'>>/etc/turnserver.conf
echo"user=$TURN_USERNAME:$TURN_PASSWORD">>/etc/turnserver.conf
[$NAT="true"]&&echo"external-ip=$EXTERNAL_IP">>/etc/turnserver.conf
exec/usr/bin/turnserver"$@"
3:使用docker build 创建镜像,执行结果如下
[root@www]# docker build -t teststurn_1 .
Sending build context to Docker daemon 4.096kB
Step 1/11 : FROM ubuntu:14.04
--->6e4f1fe62ff1
Step 2/11 : MAINTAINER Patxi Gortázar <patxi.gortazar@gmail.com>
--->Using cache
--->4460f9f84053
Step 3/11 : RUN apt-get update &&apt-get install -y curl libevent-core-2.0-5 libevent-extra-2.0-5 libevent-openssl-2.0-5 libevent-pthreads-2.0-5 libhiredis0.10 libmysqlclient18 libpq5 telnet wget
--->Using cache
--->05ed9ced48a5
Step 4/11 : RUN wget http://turnserver.open-sys.org/downloads/v4.4.2.2/turnserver-4.4.2.2-debian-wheezy-ubuntu-mint-x86-64bits.tar.gz &&tar xzf turnserver-4.4.2.2-debian-wheezy-ubuntu-mint-x86-64bits.tar.gz &&dpkg -i coturn_4.4.2.2-1_amd64.deb
--->Using cache
--->d82ed28fdac9
Step 5/11 : COPY ./turnserver.sh /turnserver.sh
--->Using cache
--->1d37a488282c
Step 6/11 : ENV TURN_USERNAME test
--->Running in bfd88f08db42
Removing intermediate container bfd88f08db42
--->cf8af0504b95
Step 7/11 : ENV TURN_PASSWORD test
--->Running in b8ef33b7c213
Removing intermediate container b8ef33b7c213
--->32a832f23169
Step 8/11 : ENV REALM kurento.org
--->Running in bbe129edf5b3
Removing intermediate container bbe129edf5b3
--->21fdfe34689b
Step 9/11 : ENV NAT true
--->Running in 5bdfe8555d5e
Removing intermediate container 5bdfe8555d5e
--->dc7fc896841c
Step 10/11 : EXPOSE 3478 3478/udp
--->Running in 67aaa1966f68
Removing intermediate container 67aaa1966f68
--->a12646ed45ff
Step 11/11 : ENTRYPOINT ["/turnserver.sh"]
--->Running in b8fc2ff09265
Removing intermediate container b8fc2ff09265
--->f5e5acad0f81
Successfully built f5e5acad0f81
Successfully tagged teststurn_1:latest
执行完后可以看到自己创建的镜像名称为teststurn_1
4:启动docker的镜像,并开启端口3478
docker run -d -p 3478:3478 -p 3478:3478/udp teststurn_1
启动后需要等待一两分钟才能测试顺畅
5:测试服务器效果
打开 https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/ 并输入自己的本机IP和端口,分别测试两种协议服务是否生效
不一定是Mn炸的,先抛开别的不说,MC玩家在证据不确凿的情况下因为炸服事件恨上Mn玩家,并贸然炸Mn房间是不明智的。谁也不能说明到底是谁炸的。只能说各占一半的可能。但Mn抄了就是抄了,你们好好承认Mn是盗版游戏,MC玩家对你们意见也不会这么大,炸服事件之前,MC玩家讨厌你们的原因就是许多Mn玩家不承认Mn抄袭还满口胡言乱语。至于这件事,炒作的可能性大,因为很容易看出有人想要挑起骂战
欢迎分享,转载请注明来源:夏雨云
评论列表(0条)