WebRTC部署coturn失败解决方案

音视频文章汇总,本文介绍WebRTC一对一视频通话部署coturn到与服务器后无法连接及排查问题

购买阿里云服务器之后,部署coturn到云服务器上面,启动coturnturnserver --min-port 40000 --max-port 60000 -L 0.0.0.0 -a -u ydy:123456 -v -f -r nort.gov之后发现一直无法出现画面,coturn服务器报错closed (2nd stage), user realm < nort.gov> origin <>, local 0.0.0.0:3478, remote 113.116.130.136:53776, reason: allocation timeout

image
[root@iZwz9j7k3sf89m6rgohj3aZ etc]# turnserver --min-port 40000 --max-port 60000 -L 0.0.0.0 -a -u ydy:123456 -v -f -r nort.gov
0: log file opened: /var/log/turn_7265_2022-01-31.log
0: Listener address to use: 0.0.0.0
0: Config file found: /usr/local/etc/turnserver.conf
0:
RFC 3489/5389/5766/5780/6062/6156 STUN/TURN Server
Version Coturn-4.5.1.1 'dan Eider'
0:
Max number of open files/sockets allowed for this process: 65535
0:
Due to the open files/sockets limitation,
max supported number of TURN Sessions possible is: 32500 (approximately)
0:

==== Show him the instruments, Practical Frost: ====

0: TLS supported
0: DTLS supported
0: DTLS 1.2 supported
0: TURN/STUN ALPN supported
0: Third-party authorization (oAuth) supported
0: GCM (AEAD) supported
0: OpenSSL compile-time version: OpenSSL 1.0.2k-fips  26 Jan 2017 (0x100020bf)
0:
0: SQLite is not supported
0: Redis is not supported
0: PostgreSQL is not supported
0: MySQL is not supported
0: MongoDB is not supported
0:
0: Default Net Engine version: 3 (UDP thread per CPU core)

=====================================================

0: Domain name:
0: Default realm:  nort.gov
0: WARNING: cannot find certificate file: turn_server_cert.pem (1)
0: WARNING: cannot start TLS and DTLS listeners because certificate file is not set properly
0: WARNING: cannot find private key file: turn_server_pkey.pem (1)
0: WARNING: cannot start TLS and DTLS listeners because private key file is not set properly
0: Relay address to use: 0.0.0.0
0: pid file created: /var/run/turnserver.pid
0: IO method (main listener thread): epoll (with changelist)
0: WARNING: I cannot support STUN CHANGE_REQUEST functionality because only one IP address is provided
0: Wait for relay ports initialization...
0:   relay 0.0.0.0 initialization...
0:   relay 0.0.0.0 initialization done
0: Relay ports initialization done
0: IO method (general relay thread): epoll (with changelist)
0: turn server id=0 created
0: IPv4. SCTP listener opened on : 0.0.0.0:3478
0: IPv4. TCP listener opened on : 0.0.0.0:3478
0: IO method (general relay thread): epoll (with changelist)
0: turn server id=1 created
0: IPv4. UDP listener opened on: 0.0.0.0:3478
0: IPv4. TCP listener opened on : 0.0.0.0:3478
0: Total General servers: 2
0: IO method (auth thread): epoll (with changelist)
0: IO method (auth thread): epoll (with changelist)
0: IO method (admin thread): epoll (with changelist)
0: IPv4. CLI listener opened on : 127.0.0.1:5766
13: handle_udp_packet: New UDP endpoint: local addr 0.0.0.0:3478, remote addr 113.116.130.136:60540
13: session 000000000000000001: realm < nort.gov> user <>: incoming packet BINDING processed, success
13: session 000000000000000001: realm < nort.gov> user <>: incoming packet message processed, error 401: Unauthorized
13: IPv4. tcp or tls connected to: 113.116.130.136:63053
13: session 001000000000000001: realm < nort.gov> user <>: incoming packet message processed, error 401: Unauthorized
13: IPv4. Local relay addr: 172.24.35.30:48694
13: session 000000000000000001: new, realm=< nort.gov>, username=, lifetime=600
13: session 000000000000000001: realm < nort.gov> user : incoming packet ALLOCATE processed, success
13: IPv4. Local relay addr: 172.24.35.30:55890
13: session 001000000000000001: new, realm=< nort.gov>, username=, lifetime=600
13: session 001000000000000001: realm < nort.gov> user : incoming packet ALLOCATE processed, success
13: handle_udp_packet: New UDP endpoint: local addr 0.0.0.0:3478, remote addr 113.116.130.136:64154
13: session 001000000000000002: realm < nort.gov> user <>: incoming packet BINDING processed, success
13: session 001000000000000002: realm < nort.gov> user <>: incoming packet message processed, error 401: Unauthorized
13: IPv4. Local relay addr: 172.24.35.30:55556
13: session 001000000000000002: new, realm=< nort.gov>, username=, lifetime=600
13: session 001000000000000002: realm < nort.gov> user : incoming packet ALLOCATE processed, success
13: IPv4. tcp or tls connected to: 113.116.130.136:63055
13: session 001000000000000003: realm < nort.gov> user <>: incoming packet message processed, error 401: Unauthorized
13: session 001000000000000002: peer 0.0.0.0 lifetime updated: 300
13: session 001000000000000002: realm < nort.gov> user : incoming packet CREATE_PERMISSION processed, success
13: session 001000000000000002: peer 0.0.0.0 lifetime updated: 300
13: session 001000000000000002: realm < nort.gov> user : incoming packet CREATE_PERMISSION processed, success
13: IPv4. Local relay addr: 172.24.35.30:47745
13: session 001000000000000003: new, realm=< nort.gov>, username=, lifetime=600
13: session 001000000000000003: realm < nort.gov> user : incoming packet ALLOCATE processed, success
13: session 001000000000000003: peer 0.0.0.0 lifetime updated: 300
13: session 001000000000000003: realm < nort.gov> user : incoming packet CREATE_PERMISSION processed, success
13: session 001000000000000003: peer 0.0.0.0 lifetime updated: 300
13: session 001000000000000003: realm < nort.gov> user : incoming packet CREATE_PERMISSION processed, success
13: session 000000000000000001: peer 0.0.0.0 lifetime updated: 300
13: session 000000000000000001: realm < nort.gov> user : incoming packet CREATE_PERMISSION processed, success
13: session 001000000000000001: peer 0.0.0.0 lifetime updated: 300
13: session 001000000000000001: realm < nort.gov> user : incoming packet CREATE_PERMISSION processed, success
13: session 000000000000000001: peer 0.0.0.0 lifetime updated: 300
13: session 000000000000000001: realm < nort.gov> user : incoming packet CREATE_PERMISSION processed, success
13: session 001000000000000001: peer 0.0.0.0 lifetime updated: 300
13: session 001000000000000001: realm < nort.gov> user : incoming packet CREATE_PERMISSION processed, success
23: session 000000000000000001: realm < nort.gov> user : incoming packet BINDING processed, success
23: session 001000000000000002: realm < nort.gov> user : incoming packet BINDING processed, success
33: session 000000000000000001: realm < nort.gov> user : incoming packet BINDING processed, success
33: session 001000000000000002: realm < nort.gov> user : incoming packet BINDING processed, success
43: session 000000000000000001: realm < nort.gov> user : incoming packet BINDING processed, success
43: session 001000000000000002: realm < nort.gov> user : incoming packet BINDING processed, success
53: session 000000000000000001: realm < nort.gov> user : incoming packet BINDING processed, success
53: session 001000000000000002: realm < nort.gov> user : incoming packet BINDING processed, success
128: handle_udp_packet: New UDP endpoint: local addr 0.0.0.0:3478, remote addr 113.116.130.136:53776
128: session 000000000000000002: realm < nort.gov> user <>: incoming packet BINDING processed, success
128: handle_udp_packet: New UDP endpoint: local addr 0.0.0.0:3478, remote addr 113.116.130.136:63678
128: session 001000000000000004: realm < nort.gov> user <>: incoming packet BINDING processed, success
128: session 000000000000000002: realm < nort.gov> user <>: incoming packet message processed, error 401: Unauthorized
128: session 001000000000000004: realm < nort.gov> user <>: incoming packet message processed, error 401: Unauthorized
128: IPv4. Local relay addr: 172.24.35.30:42555
128: session 000000000000000002: new, realm=< nort.gov>, username=, lifetime=600
128: session 000000000000000002: realm < nort.gov> user : incoming packet ALLOCATE processed, success
128: IPv4. Local relay addr: 172.24.35.30:47926
128: session 001000000000000004: new, realm=< nort.gov>, username=, lifetime=600
128: session 001000000000000004: realm < nort.gov> user : incoming packet ALLOCATE processed, success
128: session 000000000000000002: refreshed, realm=< nort.gov>, username=, lifetime=0
128: session 000000000000000002: realm < nort.gov> user : incoming packet REFRESH processed, success
128: session 001000000000000004: refreshed, realm=< nort.gov>, username=, lifetime=0
128: session 001000000000000004: realm < nort.gov> user : incoming packet REFRESH processed, success
129: session 000000000000000002: usage: realm=< nort.gov>, username=, rp=4, rb=240, sp=4, sb=420
129: session 000000000000000002: closed (2nd stage), user  realm < nort.gov> origin <>, local 0.0.0.0:3478, remote 113.116.130.136:53776, reason: allocation timeout
129: session 000000000000000002: delete: realm=< nort.gov>, username=
129: session 001000000000000004: usage: realm=< nort.gov>, username=, rp=4, rb=240, sp=4, sb=420
129: session 001000000000000004: closed (2nd stage), user  realm < nort.gov> origin <>, local 0.0.0.0:3478, remote 113.116.130.136:63678, reason: allocation timeout
129: session 001000000000000004: delete: realm=< nort.gov>, username=
132: handle_udp_packet: New UDP endpoint: local addr 0.0.0.0:3478, remote addr 113.116.130.136:55090
132: session 001000000000000005: realm < nort.gov> user <>: incoming packet BINDING processed, success
132: handle_udp_packet: New UDP endpoint: local addr 0.0.0.0:3478, remote addr 113.116.130.136:59071
132: session 000000000000000003: realm < nort.gov> user <>: incoming packet BINDING processed, success
132: session 001000000000000005: realm < nort.gov> user <>: incoming packet message processed, error 401: Unauthorized
132: session 000000000000000003: realm < nort.gov> user <>: incoming packet message processed, error 401: Unauthorized
132: IPv4. Local relay addr: 172.24.35.30:46652
132: session 000000000000000003: new, realm=< nort.gov>, username=, lifetime=600
132: session 000000000000000003: realm < nort.gov> user : incoming packet ALLOCATE processed, success
132: IPv4. Local relay addr: 172.24.35.30:54933
132: session 001000000000000005: new, realm=< nort.gov>, username=, lifetime=600
132: session 001000000000000005: realm < nort.gov> user : incoming packet ALLOCATE processed, success
132: session 001000000000000005: refreshed, realm=< nort.gov>, username=, lifetime=0
132: session 001000000000000005: realm < nort.gov> user : incoming packet REFRESH processed, success
132: session 000000000000000003: refreshed, realm=< nort.gov>, username=, lifetime=0
132: session 000000000000000003: realm < nort.gov> user : incoming packet REFRESH processed, success
133: session 001000000000000005: usage: realm=< nort.gov>, username=, rp=4, rb=240, sp=4, sb=420
133: session 001000000000000005: closed (2nd stage), user  realm < nort.gov> origin <>, local 0.0.0.0:3478, remote 113.116.130.136:55090, reason: allocation timeout
133: session 001000000000000005: delete: realm=< nort.gov>, username=
133: session 000000000000000003: usage: realm=< nort.gov>, username=, rp=4, rb=240, sp=4, sb=420
133: session 000000000000000003: closed (2nd stage), user  realm < nort.gov> origin <>, local 0.0.0.0:3478, remote 113.116.130.136:59071, reason: allocation timeout
133: session 000000000000000003: delete: realm=< nort.gov>, username=
253: session 001000000000000002: peer 0.0.0.0 lifetime updated: 300
253: session 001000000000000002: realm < nort.gov> user : incoming packet CREATE_PERMISSION processed, success
253: session 001000000000000002: peer 0.0.0.0 lifetime updated: 300
253: session 001000000000000002: realm < nort.gov> user : incoming packet CREATE_PERMISSION processed, success
253: session 000000000000000001: peer 0.0.0.0 lifetime updated: 300

解决办法:是配置域名的问题reaml,之前我创建用户的时候没有配置域名
turnadmin -a -u your_name -p your_password -r your_realm
创建账号和密码,指定域名
turnadmin -a -u ydy -p 123456 -r www.8jingjing.com
若将realm的值配置为数字,也会报错如下

3: session 001000000000000001: realm < nort.gov> user <>: incoming packet message processed, error 441: Wrong credentials: the realm value is incorrect
5: handle_udp_packet: New UDP endpoint: local addr 0.0.0.0:3478, remote addr 113.116.130.136:54030
5: session 000000000000000001: realm < nort.gov> user <>: incoming packet message processed, error 441: Wrong credentials: the realm value is incorrect

配置文件复制一份到/usr/local/etc/下,cp /usr/local/etc/turnserver.conf.default /usr/local/etc/turnserver.conf配置vim /usr/local/etc/turnserver.conf

listening-port=3478 #监听端口 
listening-device=eth0 #监听的网卡
external-ip=120.25.199.109 #云主机的公网ip
user=ydy:123456 #用户名:密码
realm=www.8jingjing.com #一般与turnadmin创建用户时指定的realm一致
cli-password=123456 #这个随便填

云主机的命令行窗口启用coturn
turnserver -o -a -f -v -r www.8jingjing.com
启用coturn40000-60000端口
turnserver --min-port 40000 --max-port 60000 -L 0.0.0.0 -a -u ydy:123456 -v -f -r nort.gov
输出正常

图片.png

[root@iZwz9j7k3sf89m6rgohj3aZ ~]# turnserver --min-port 40000 --max-port 60000 -L 0.0.0.0 -a -u ydy:123456 -v -f -r nort.gov
0: log file opened: /var/log/turn_7671_2022-01-31.log
0: Listener address to use: 0.0.0.0
0: Config file found: /usr/local/etc/turnserver.conf
0:
RFC 3489/5389/5766/5780/6062/6156 STUN/TURN Server
Version Coturn-4.5.1.1 'dan Eider'
0:
Max number of open files/sockets allowed for this process: 65535
0:
Due to the open files/sockets limitation,
max supported number of TURN Sessions possible is: 32500 (approximately)
0:

==== Show him the instruments, Practical Frost: ====

0: TLS supported
0: DTLS supported
0: DTLS 1.2 supported
0: TURN/STUN ALPN supported
0: Third-party authorization (oAuth) supported
0: GCM (AEAD) supported
0: OpenSSL compile-time version: OpenSSL 1.0.2k-fips  26 Jan 2017 (0x100020bf)
0:
0: SQLite is not supported
0: Redis is not supported
0: PostgreSQL is not supported
0: MySQL is not supported
0: MongoDB is not supported
0:
0: Default Net Engine version: 3 (UDP thread per CPU core)

=====================================================

0: Domain name:
0: Default realm: nort.gov
0: WARNING: cannot find certificate file: turn_server_cert.pem (1)
0: WARNING: cannot start TLS and DTLS listeners because certificate file is not set properly
0: WARNING: cannot find private key file: turn_server_pkey.pem (1)
0: WARNING: cannot start TLS and DTLS listeners because private key file is not set properly
0: Relay address to use: 0.0.0.0
0: pid file created: /var/run/turnserver.pid
0: IO method (main listener thread): epoll (with changelist)
0: WARNING: I cannot support STUN CHANGE_REQUEST functionality because only one IP address is provided
0: Wait for relay ports initialization...
0:   relay 0.0.0.0 initialization...
0:   relay 0.0.0.0 initialization done
0: Relay ports initialization done
0: IO method (general relay thread): epoll (with changelist)
0: turn server id=0 created
0: IPv4. TCP listener opened on : 0.0.0.0:3478
0: IO method (general relay thread): epoll (with changelist)
0: turn server id=1 created
0: IPv4. TCP listener opened on : 0.0.0.0:3478
0: IPv4. UDP listener opened on: 0.0.0.0:3478
0: Total General servers: 2
0: IO method (auth thread): epoll (with changelist)
0: IO method (auth thread): epoll (with changelist)
0: IO method (admin thread): epoll (with changelist)
0: IPv4. CLI listener opened on : 127.0.0.1:5766
2: handle_udp_packet: New UDP endpoint: local addr 0.0.0.0:3478, remote addr 113.116.130.136:55995
2: session 000000000000000001: realm  user <>: incoming packet message processed, error 441: Wrong credentials: the realm value is incorrect
2: handle_udp_packet: New UDP endpoint: local addr 0.0.0.0:3478, remote addr 113.116.130.136:54747
2: session 001000000000000001: realm  user <>: incoming packet message processed, error 441: Wrong credentials: the realm value is incorrect
10: handle_udp_packet: New UDP endpoint: local addr 0.0.0.0:3478, remote addr 113.116.130.136:59008
10: session 000000000000000002: realm  user <>: incoming packet BINDING processed, success
10: session 000000000000000002: realm  user <>: incoming packet message processed, error 401: Unauthorized
10: IPv4. Local relay addr: 172.24.35.30:55755
10: session 000000000000000002: new, realm=, username=, lifetime=600
10: session 000000000000000002: realm  user : incoming packet ALLOCATE processed, success
10: handle_udp_packet: New UDP endpoint: local addr 0.0.0.0:3478, remote addr 113.116.130.136:58233
10: session 001000000000000002: realm  user <>: incoming packet BINDING processed, success
10: session 001000000000000002: realm  user <>: incoming packet message processed, error 401: Unauthorized
10: IPv4. Local relay addr: 172.24.35.30:40477
10: session 001000000000000002: new, realm=, username=, lifetime=600
10: session 001000000000000002: realm  user : incoming packet ALLOCATE processed, success
10: session 001000000000000002: peer 0.0.0.0 lifetime updated: 300
10: session 001000000000000002: realm  user : incoming packet CREATE_PERMISSION processed, success
10: session 001000000000000002: peer 0.0.0.0 lifetime updated: 300
10: session 001000000000000002: realm  user : incoming packet CREATE_PERMISSION processed, success
10: session 000000000000000002: peer 0.0.0.0 lifetime updated: 300
10: session 000000000000000002: realm  user : incoming packet CREATE_PERMISSION processed, success
10: session 000000000000000002: peer 0.0.0.0 lifetime updated: 300
10: session 000000000000000002: realm  user : incoming packet CREATE_PERMISSION processed, success
20: session 000000000000000002: realm  user : incoming packet BINDING processed, success
20: session 001000000000000002: realm  user : incoming packet BINDING processed, success
30: session 000000000000000002: realm  user : incoming packet BINDING processed, success
30: session 001000000000000002: realm  user : incoming packet BINDING processed, success
40: session 000000000000000002: realm  user : incoming packet BINDING processed, success
40: session 001000000000000002: realm  user : incoming packet BINDING processed, success
50: session 000000000000000002: realm  user : incoming packet BINDING processed, success
50: session 001000000000000002: realm  user : incoming packet BINDING processed, success

你可能感兴趣的:(WebRTC部署coturn失败解决方案)