dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
16639
pacpac
join:2011-12-18

pacpac

Member

How to install and configure STUN server?

Hi, any recommendation/guide on how I can install and configure a STUN server on a VPS running CentOS with 2 IP4s?
mazilo
From Mazilo
Premium Member
join:2002-05-30
Lilburn, GA

mazilo

Premium Member

said by pacpac:

Hi, any recommendation/guide on how I can install and configure a STUN server on a VPS running CentOS with 2 IP4s?

I have never done this. However, looking at the STUN software package supported by OpenWRT, there is a configuration file for stund and it contains four options, i.e. primaryip, secondaryip, primaryport, and secondaryport. That said, I believe all you need is to install any STUN server software package on your system, fill in those values, and enable the service.

toro
join:2006-01-27
Scarborough, ON

toro to pacpac

Member

to pacpac
Download the server from »sourceforge.net/projects/stun/
Untar it and run make to build it
Run the server with the command
server -h ip_address_1 -a ip_address_2 -b
And you can test it with a client such as the one here: »Re: [Future9] PAP2 optimal settings? by passing ip_address_1 as argument
If you have a firewall configured, open UDP ports 3478 and 3479
BinaryTB
join:2008-08-11
Rockville, MD

BinaryTB to pacpac

Member

to pacpac
I recently installed a STUN server on my VPS, it was quite simple once I figured out which one to install. Unfortunately I'm running Debian and not CentOS on my VPS, but I hope this helps regardless.

The Debian repository includes stund and resiprocate. I didn't want to bother with downloading/installing my own, so having it all packaged, official, and ready-to-go was a big plus. I ended up choosing resiprocate over stund, I don't remember exactly why, but I *think* it was because stund was replaced by another stun server or it wasn't being actively developed, either way resiprocate was perfect for my needs.

I did an apt-get, installed it, updated the conf file with my info (2 ipv4s required! I used the 2 ipv4s assigned to my VPS, doesn't need to be different servers luckily), restarted the server, opened up the correct port in iptables (chose not to open the TURN port since I don't need that service), and voila! Everything worked perfectly (tested with with a stun client alongside other STUN servers).

I did try resiprocate with one ipv4 address and while it worked, the result didn't match the public STUN servers I tried. So caveat there, it'll return semi-correct results with ipv4 address.
pacpac
join:2011-12-18

pacpac to toro

Member

to toro
Hi, got it to work:

1) going to "cd /usr/local/stund"
2) then I start the server with "./server -h ip_address_1 -a ip_address_2 -b"

How can I make and install a script that starts the STUN on each reboot?

toro
join:2006-01-27
Scarborough, ON

toro

Member

Add this line
/usr/local/stund/server -h ip_address_1 -a ip_address_2 -b &
 
to your /etc/rc.local
pacpac
join:2011-12-18

pacpac

Member

Hi, I am runing CentOS 6.4 final 32-bits. Both these two commands work at root

1) /usr/local/stund/server -h xxx -a yyy -b &
2) /usr/local/stund/server -h xxx -a yyy -b

However, when I set the line in /etc/rc.local, the STUN server does not auto start on reboot, ideas?

toro
join:2006-01-27
Scarborough, ON

toro

Member

It's been a while since I used centos, so I am not sure.
Can you make sure /etc/rc.local has the execute flag set (i.e. chmod 755 /etc/rc.local)
pacpac
join:2011-12-18

1 edit

pacpac

Member

Done, rebooted, still no joy....

I have PIAF on one VPS and now the STUN server on a second VPS. Can I just add a second IP on my PIAF VPS (or do I need 2 additional IPs?) and run the STUN server or do I need the second VPS?

toro
join:2006-01-27
Scarborough, ON

toro

Member

Can you put something trivial in the rc.local and see if it runs ? For example something like
touch /tmp/somefile
 
Then run the script manually, see if it creates the file, delete it, reboot and check again.
About the other server, you can have the STUN on the same box as PIAF. You need two public IPs in total, the one that you already have + an additional one.
pacpac
join:2011-12-18

pacpac

Member

Thanks for clarification the number of servers..

The 'somefile' file is created both when 'touch /tmp/somefile' is in rc.local and when I do it manually. Still no joy with STUN..

toro
join:2006-01-27
Scarborough, ON

toro

Member

I wonder if the second IP address is somehow not available at the time the rc.local script is executed.
Can you add an "ifconfig > /tmp/somefile" to the rc.local script before the stun command and then check if both ip addresses show in /tmp/somefile
toro

toro to pacpac

Member

to pacpac
Perhaps you could change the stun server line to something like
/usr/local/stund/server -h ip_address_1 -a ip_address_2 -v 2>/tmp/stunlog
 
and then check the log to see if it reports any error
pacpac
join:2011-12-18

pacpac

Member

When I look at 'somefile' after 'ifconfig > /tmp/somefile' in rc.local, this file is empty.

The stunlog file shows:

STUN server version 0.97
Running with on interface xxxx:3478 with alternate xxxx:3479
Binding to interface 0x68843940
Opened port 3478 with fd 3
Binding to interface 0x68843940
Opened port 3479 with fd 4
Binding to interface 0xc843940
Opened port 3478 with fd 5
Binding to interface 0xc843940
Opened port 3479 with fd 6
*received on A1:P1
Got a request (len=20) from xxxx:15896
Received stun message: 20 bytes
Request parsed ok
BindRequest does not contain MessageIntegrity
Request is valid:
flags=0
changeIp=0
changePort=0
from = xxxx:15896
respond to = xxxx:15896
mapped = xxxx:15896
Encoding stun message:
Encoding MappedAddress: xxxx:15896
Encoding SourceAddress: xxxx:3478
Encoding ChangedAddress: xxxx:3479
Encoding XorMappedAddress: xxxx:6120
Encoding ServerName: Vovida.org 0.97

************************received on A1:P1
Got a request (len=20) from xxxx:21439
Received stun message: 20 bytes
Request parsed ok
BindRequest does not contain MessageIntegrity
Request is valid:
flags=0
changeIp=0
changePort=0
from = xxxx:21439
respond to = xxxx:21439
mapped = xxxx:21439
Encoding stun message:
Encoding MappedAddress: xxxx:21439
Encoding SourceAddress: xxxx:3478
Encoding ChangedAddress: xxxx:3479
Encoding XorMappedAddress: xxxx:3551
Encoding ServerName: Vovida.org 0.97

***

As far as I can see, no errors...
pacpac

pacpac

Member

Well, I have no idea what happened, but upon reboot STUN auto-started! Tried 3 times, and all is well. Thanks!

Can I use IP6 IPs or do I need to use IP4?

toro
join:2006-01-27
Scarborough, ON

toro

Member

You need IPv4
pacpac
join:2011-12-18

1 edit

pacpac

Member

Thanks!

I have installed STUN on my PIAF box after added a second IP. What is the correct way to configure the STUN? I connect to the box via IP 1 (set as the main IP) and IP 2 is my newly added IP. What do I set as STUN IP in the SIP phones, 1 or 2? Also, when starting the STUN server, what IP do I set first in the sequence, 1 or 2?

toro
join:2006-01-27
Scarborough, ON

toro

Member

The primary IP, used with the -h parameter is what you need to pass to the IP phones/ATAs.
It doesn't matter which one of your server's IPs is used as primary for the stun server and which one is used as secondary.
pacpac
join:2011-12-18

pacpac

Member

Great, thanks, all is working fine!