|
pacpac
Member
2014-May-29 10:27 am
How to install and configure STUN server?Hi, any recommendation/guide on how I can install and configure a STUN server on a VPS running CentOS with 2 IP4s? |
|
maziloFrom Mazilo Premium Member join:2002-05-30 Lilburn, GA |
mazilo
Premium Member
2014-May-29 11:04 am
said by pacpac:Hi, any recommendation/guide on how I can install and configure a STUN server on a VPS running CentOS with 2 IP4s? I have never done this. However, looking at the STUN software package supported by OpenWRT, there is a configuration file for stund and it contains four options, i.e. primaryip, secondaryip, primaryport, and secondaryport. That said, I believe all you need is to install any STUN server software package on your system, fill in those values, and enable the service. |
|
toro join:2006-01-27 Scarborough, ON |
to pacpac
Download the server from » sourceforge.net/projects/stun/Untar it and run make to build it Run the server with the command server -h ip_address_1 -a ip_address_2 -b And you can test it with a client such as the one here: » Re: [Future9] PAP2 optimal settings? by passing ip_address_1 as argument If you have a firewall configured, open UDP ports 3478 and 3479 |
|
|
to pacpac
I recently installed a STUN server on my VPS, it was quite simple once I figured out which one to install. Unfortunately I'm running Debian and not CentOS on my VPS, but I hope this helps regardless.
The Debian repository includes stund and resiprocate. I didn't want to bother with downloading/installing my own, so having it all packaged, official, and ready-to-go was a big plus. I ended up choosing resiprocate over stund, I don't remember exactly why, but I *think* it was because stund was replaced by another stun server or it wasn't being actively developed, either way resiprocate was perfect for my needs.
I did an apt-get, installed it, updated the conf file with my info (2 ipv4s required! I used the 2 ipv4s assigned to my VPS, doesn't need to be different servers luckily), restarted the server, opened up the correct port in iptables (chose not to open the TURN port since I don't need that service), and voila! Everything worked perfectly (tested with with a stun client alongside other STUN servers).
I did try resiprocate with one ipv4 address and while it worked, the result didn't match the public STUN servers I tried. So caveat there, it'll return semi-correct results with ipv4 address. |
|
|
to toro
Hi, got it to work:
1) going to "cd /usr/local/stund" 2) then I start the server with "./server -h ip_address_1 -a ip_address_2 -b"
How can I make and install a script that starts the STUN on each reboot? |
|
toro join:2006-01-27 Scarborough, ON |
toro
Member
2014-May-29 12:10 pm
Add this line /usr/local/stund/server -h ip_address_1 -a ip_address_2 -b &
to your /etc/rc.local |
|
|
pacpac
Member
2014-May-29 1:49 pm
Hi, I am runing CentOS 6.4 final 32-bits. Both these two commands work at root
1) /usr/local/stund/server -h xxx -a yyy -b & 2) /usr/local/stund/server -h xxx -a yyy -b
However, when I set the line in /etc/rc.local, the STUN server does not auto start on reboot, ideas? |
|
toro join:2006-01-27 Scarborough, ON |
toro
Member
2014-May-29 2:00 pm
It's been a while since I used centos, so I am not sure. Can you make sure /etc/rc.local has the execute flag set (i.e. chmod 755 /etc/rc.local) |
|
1 edit |
pacpac
Member
2014-May-29 2:29 pm
Done, rebooted, still no joy....
I have PIAF on one VPS and now the STUN server on a second VPS. Can I just add a second IP on my PIAF VPS (or do I need 2 additional IPs?) and run the STUN server or do I need the second VPS? |
|
toro join:2006-01-27 Scarborough, ON |
toro
Member
2014-May-29 3:00 pm
Can you put something trivial in the rc.local and see if it runs ? For example something like touch /tmp/somefile
Then run the script manually, see if it creates the file, delete it, reboot and check again. About the other server, you can have the STUN on the same box as PIAF. You need two public IPs in total, the one that you already have + an additional one. |
|
|
pacpac
Member
2014-May-29 3:15 pm
Thanks for clarification the number of servers..
The 'somefile' file is created both when 'touch /tmp/somefile' is in rc.local and when I do it manually. Still no joy with STUN.. |
|
toro join:2006-01-27 Scarborough, ON |
toro
Member
2014-May-29 3:18 pm
I wonder if the second IP address is somehow not available at the time the rc.local script is executed. Can you add an "ifconfig > /tmp/somefile" to the rc.local script before the stun command and then check if both ip addresses show in /tmp/somefile |
|
toro |
to pacpac
Perhaps you could change the stun server line to something like /usr/local/stund/server -h ip_address_1 -a ip_address_2 -v 2>/tmp/stunlog
and then check the log to see if it reports any error |
|
|
pacpac
Member
2014-May-29 3:33 pm
When I look at 'somefile' after 'ifconfig > /tmp/somefile' in rc.local, this file is empty.
The stunlog file shows:
STUN server version 0.97 Running with on interface xxxx:3478 with alternate xxxx:3479 Binding to interface 0x68843940 Opened port 3478 with fd 3 Binding to interface 0x68843940 Opened port 3479 with fd 4 Binding to interface 0xc843940 Opened port 3478 with fd 5 Binding to interface 0xc843940 Opened port 3479 with fd 6 *received on A1:P1 Got a request (len=20) from xxxx:15896 Received stun message: 20 bytes Request parsed ok BindRequest does not contain MessageIntegrity Request is valid: flags=0 changeIp=0 changePort=0 from = xxxx:15896 respond to = xxxx:15896 mapped = xxxx:15896 Encoding stun message: Encoding MappedAddress: xxxx:15896 Encoding SourceAddress: xxxx:3478 Encoding ChangedAddress: xxxx:3479 Encoding XorMappedAddress: xxxx:6120 Encoding ServerName: Vovida.org 0.97
************************received on A1:P1 Got a request (len=20) from xxxx:21439 Received stun message: 20 bytes Request parsed ok BindRequest does not contain MessageIntegrity Request is valid: flags=0 changeIp=0 changePort=0 from = xxxx:21439 respond to = xxxx:21439 mapped = xxxx:21439 Encoding stun message: Encoding MappedAddress: xxxx:21439 Encoding SourceAddress: xxxx:3478 Encoding ChangedAddress: xxxx:3479 Encoding XorMappedAddress: xxxx:3551 Encoding ServerName: Vovida.org 0.97
***
As far as I can see, no errors... |
|
pacpac |
pacpac
Member
2014-May-29 3:43 pm
Well, I have no idea what happened, but upon reboot STUN auto-started! Tried 3 times, and all is well. Thanks!
Can I use IP6 IPs or do I need to use IP4? |
|
toro join:2006-01-27 Scarborough, ON |
toro
Member
2014-May-29 3:57 pm
You need IPv4 |
|
|
1 edit |
pacpac
Member
2014-May-29 5:14 pm
Thanks!
I have installed STUN on my PIAF box after added a second IP. What is the correct way to configure the STUN? I connect to the box via IP 1 (set as the main IP) and IP 2 is my newly added IP. What do I set as STUN IP in the SIP phones, 1 or 2? Also, when starting the STUN server, what IP do I set first in the sequence, 1 or 2? |
|
toro join:2006-01-27 Scarborough, ON |
toro
Member
2014-May-29 7:43 pm
The primary IP, used with the -h parameter is what you need to pass to the IP phones/ATAs. It doesn't matter which one of your server's IPs is used as primary for the stun server and which one is used as secondary. |
|
|
pacpac
Member
2014-May-29 7:50 pm
Great, thanks, all is working fine! |
|