在ejabberd中启用STUN/TURN功能 [英] Enable STUN/TURN feature in ejabberd

问题描述

我已经使用以下配置安装了ejabberd_stun:

I have installed ejabberd_stun with the following configuration:

  port: 3478
  transport: udp
  use_turn: true
  auth_type: user
  auth_realm: "X.X.X.X"
  turn_ip: "same as above(my public ejabberd ip)"
  module: ejabberd_stun

事情在开发中(本地)按预期工作，但是当我们进入生产阶段时，语音呼叫似乎不起作用.

Things are working as expected in development (local) but when we move to production voice call doesn't seems to work .

似乎NAT无法正常工作.

It seems NAT is not working.

我必须配置特定于生产环境的任何东西吗?如果不是，那么可能的原因是什么?如何进行进一步的调试?任何帮助，将不胜感激.

Do I have to configure anything specific to production environments? If not then what could be the possible reason & how to proceed to debug it further? Any help would be appreciated.

推荐答案

您的auth_realm应该设置为您想要TURN实例服务的域.如果您的服务器有多个需要服务的域，则需要在其他端口上设置其他TURN实例(每个域一个).您还需要设置STUN/TURN SRV记录- https://wiki.xmpp.org/web/SRV_Records#STUN_SRV_records .

Your auth_realm should be set to the domain you want the TURN instance to serve. If your server has multiple domains that need to be served, you need to set up additional TURN instances on different ports (one for each domain). You also need to set up STUN/TURN SRV records - https://wiki.xmpp.org/web/SRV_Records#STUN_SRV_records.

此外，TURN身份验证不适用于SCRAM密码存储或LDAP Auth，因为ejabberd需要将您的用户密码发送到TURN服务器以进行身份​​验证.对于LDAP身份验证，解决方法是使用外部身份验证脚本( https://www.ejabberd.im/files/contributions/check_pass_ldap_perl.pl.txt )并启用extauth_cache.

Additionally, TURN authentication will not work with SCRAM password storage or LDAP Auth, because ejabberd needs to send your user password to the TURN server for authentication. For LDAP auth, the workaround is to use an external auth script (https://www.ejabberd.im/files/contributions/check_pass_ldap_perl.pl.txt) and enable extauth_cache.

这篇关于在ejabberd中启用STUN/TURN功能的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！