Personal Project

Monday, July 25, 2016

How to setup a TURN Server for your WebRTC application ?

Get Started 
Developing a WebRTC application is easy, but solving the issue of NAT could be a difficult task. If you want to build your WebRTC environment without using any 3rd Party cloud solutions, I think you should take a look at an open source lib -  rfc5766-turn-server. Because it not only supports TURN, but also STUN. 

In this tutorial, you will learn how to set up a STUN & TURN server.

1.Download rfc5766-turn-server package
$ wget http://ftp.cn.debian.org/debian/pool/main/r/rfc5766-turn-server/rfc5766-turn-server_3.2.4.4-1_amd64.deb

2. Install
$ sudo apt-get update
$ sudo apt-get install gdebi-core
$ sudo gdebi rfc5766-turn-server_3.2.4.4-1_amd64.deb

Refer to docs in folder /usr/share/doc/rfc5766-turn-server

vim /opt/etc/turnserver.conf.default


3. Configuration
$ sudo vi /etc/turnserver.conf

// Setup IP address - listening-ip and external-ip are required to set up on EC2 of AWS.
listening-ip=172.31.4.37
external-ip=54.223.149.60

// If TURN server is used for WebRTC,please set long-term credential mechanism as shown below.
lt-cred-mech

// Add a user
user=weishihhsun:mypassword

// Setup realm
realm=mycompany.org

4. Start TURN Server
sudo turnserver -c /usr/local/etc/turnserver.conf --daemo

5. Setup TURN Server`s IP address
"iceServers": [{
   "url": "stun:stun.l.google.com:19302"
}, {
   "url": "turn:54.223.149.60",    // Your Server
   "username": "weishihhsun",  //  your Account
   "credential": "mypassword"   //  Your Password
}]

6. Open firewall`s ports
TCP 443
TCP 3478-3479
TCP 32355-65535
UDP 3478-3479

iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 3478:3479 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 32355:65535 -j ACCEPT
iptables -A INPUT -p udp -m tcp --dport 3478:3479 -j ACCEPT

Friday, July 15, 2016

How to solve a network problem ?

Have you ever had a network problem due to packet lost or some unknown issues in your routers ? How could you find out those issues may be caused by your routers or Internet Service Provider ?

The following instructions will guide you how to figure it out.

// 1. Download mtr


// 2. Execute the following command to check whether or not there is a packet lost problem in your network node.
sudo mtr -c 100 -r [target IP]


// 3. Then execute traceroute
traceroute [target IP]


You will know that the network node is shown in IP address or Domain Name.
If it is IP address, it probably could be the router; if it is the domain name, it might be your ISP`s network devices.

// 4 Download nmap
https://nmap.org/download.html


// 5. Dump router`s info and you can find out what your router is, so as to fix it.
nmap -A -T4 router IP

Ex:
EricWeis-MacBook-Air:~ EricWei$ nmap -A -T4 192.168.11.1


Starting Nmap 7.12 ( https://nmap.org ) at 2016-07-07 23:33 JST
Stats: 0:01:47 elapsed; 0 hosts completed (1 up), 1 undergoing Service Scan
Service scan Timing: About 80.00% done; ETC: 23:35 (0:00:27 remaining)
Nmap scan report for buffalo.setup (192.168.11.1)
Host is up (0.027s latency).
Not shown: 995 closed ports
PORT      STATE SERVICE VERSION
53/tcp    open  domain  (status request not implemented)
80/tcp    open  http    Buffalo AirStation http config
| http-auth:
| HTTP/1.0 401 Unauthorized
|_  Basic realm=AirStation
|_http-title: UNAUTHORIZED
2601/tcp  open  zebra   Quagga routing software
2602/tcp  open  zebra   Quagga routing software
49152/tcp open  upnp    Intel UPnP reference SDK 1.2 (Linux 2.4.20; UPnP 1.0)
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
SF-Port53-TCP:V=7.12%I=7%D=7/7%Time=577E6838%P=x86_64-apple-darwin13.4.0%r
SF:(DNSVersionBindReq,20,"\0\x1e\x02G\x81\x85\0\x01\0\0\0\0\0\0\x07version
SF:\x04bind\0\0\x10\0\x03")%r(DNSStatusRequest,E,"\0\x0c\x02H\x90\x84\0\0\
SF:0\0\0\0\0\0");
Service Info: OS: Linux; Device: WAP; CPE: cpe:/o:linux:linux_kernel:2.4.20


Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 141.69 seconds