coturn mysql_Coturn / turnserver：错误437：不匹配的分配：错误的事务ID(WebRTC)

我有这样的结构：Web服务器：Apache。它在一个LAN中。它是在一个电脑(Windows 7)，它具有公共静态IP。 PC在网络中。信号服务器：在同一台电脑上的虚拟机(VirtualBox Centos 6)中。STUN / TURN服务器：Coturn“4.5.0.4”。在同一台电脑上的虚拟机(VirtualBox Centos 6)中。客户端A：笔记本电脑，Vista。我使用三星移动和US

有机社会

2664人浏览 · 2021-02-06 16:29:50

有机社会 · 2021-02-06 16:29:50 发布

我有这样的结构：

Web服务器：Apache。它在一个LAN中。它是在一个电脑(Windows 7)，它具有公共静态IP。 PC在网络中。

信号服务器：在同一台电脑上的虚拟机(VirtualBox Centos 6)中。

STUN / TURN服务器：Coturn“4.5.0.4”。在同一台电脑上的虚拟机(VirtualBox Centos 6)中。

客户端A：笔记本电脑，Vista。我使用三星移动和USB共享(外部)互联网。移动使用“移动数据”连接到互联网。

客户端B：笔记本电脑，Windows 8(或Windows 10)。我使用三星平板电脑和USB共享(外部)互联网。平板电脑使用“移动数据”连接到互联网。

我运行一个coturn / turnserver像这样：

sudo turnserver -X xxx.xx.xxx.xx (this is my static external ip)我已经创建了端口：

3479 -> 3478 for TCP

3479 -> 3478 for UTP

5348 -> 5349 for TCP

5348 -> 5349 for UTP我使用coturn的默认配置文件进行以下更改：

verbose

fingerprint

lt-cred-mech

realm=mycompany.org

cert=server.crt

pkey=server.key

pkey-pwd=.... (it has been omitted)

log-file=/var/tmp/turnserver.log

simple-log我创建了文件server.crt和server.key，我知道他们是正确的，因为我可以使用Web管理工具，需要他们使用https运行

我创建了管理员用户。我使用以下方法为用户“test4”创建了一个密钥：

sudo turnadmin -k -u test4 -r mycompany.org -p test我用它来创造他：

sudo turnadmin -a -b "/var/db/turndb" -u test4 -r mycompamy.org -p ......在客户端：

var STUN = {

urls: "stun:xxx.xx.xxx.xx:3479" //port forward

};

var TURN = {

urls: [

"turn:xxx.xx.xxx.xx:3479?transport=udp",

"turn:xxx.xx.xxx.xx:3479?transport=tcp",

"turn:xxx.xx.xxx.xx:3479"

username : "test4",

credential : "......................", (it's the key. it has been omitted)

};我从coturn / turnserver获得的消息如下所示：

242: handle_udp_packet: New UDP endpoint: local addr 10.0.2.15:3478, remote addr 10.0.2.2:60113

242: session 000000000000000002: realm user <>: incoming packet BINDING processed, success

242: handle_udp_packet: New UDP endpoint: local addr 10.0.2.15:3478, remote addr 10.0.2.2:60075

242: session 000000000000000003: realm user <>: incoming packet BINDING processed, success

242: session 000000000000000003: realm user <>: incoming packet message processed, error 401: Unauthorized

242: session 000000000000000002: realm user <>: incoming packet message processed, error 401: Unauthorized

242: session 000000000000000003: realm user <>: incoming packet message processed, error 401: Unauthorized

242: session 000000000000000002: realm user <>: incoming packet BINDING processed, success

242: session 000000000000000003: realm user <>: incoming packet BINDING processed, success

242: session 000000000000000003: realm user <>: incoming packet message processed, error 401: Unauthorized

242: session 000000000000000002: realm user <>: incoming packet message processed, error 401: Unauthorized

243: session 000000000000000003: realm user <>: incoming packet message processed, error 401: Unauthorized

243: session 000000000000000002: realm user <>: incoming packet message processed, error 401: Unauthorized

243: IPv4. Local relay addr: 10.0.2.15:55037

243: session 000000000000000003: new, realm=, username=, lifetime=600

243: session 000000000000000003: realm user : incoming packet ALLOCATE processed, success

243: IPv4. Local relay addr: 10.0.2.15:52683

243: session 000000000000000002: new, realm=, username=, lifetime=600

243: session 000000000000000002: realm user : incoming packet ALLOCATE processed, success

243: session 000000000000000003: realm user : incoming packet ALLOCATE processed, success

243: session 000000000000000002: realm user : incoming packet ALLOCATE processed, success

243: session 000000000000000003: realm user : incoming packet message processed, error 437: Mismatched allocation: wrong transaction ID

243: session 000000000000000002: realm user : incoming packet message processed, error 437: Mismatched allocation: wrong transaction ID

244: session 000000000000000002: refreshed, realm=, username=, lifetime=0

244: session 000000000000000002: realm user : incoming packet REFRESH processed, success

244: session 000000000000000003: refreshed, realm=, username=, lifetime=0

244: session 000000000000000003: realm user : incoming packet REFRESH processed, success

245: session 000000000000000002: closed (2nd stage), user realm origin <>, local 10.0.2.15:3478, remote 10.0.2.2:60113, reason: allocation timeout

245: session 000000000000000002: delete: realm=, username=

245: session 000000000000000003: closed (2nd stage), user realm origin <>, local 10.0.2.15:3478, remote 10.0.2.2:60075, reason: allocation timeout

245: session 000000000000000003: delete: realm=, username=我在这里错过了什么？为什么在控制台中会出现“ICE失败”？

我读了https://tools.ietf.org/id/draft-ietf-behave-turn-08.html

关于

"error 437: Mismatched allocation: wrong transaction ID"它说

437 (Allocation Mismatch): This indicates that the client has picked a

5-tuple which the server sees as already in use or which was recently

in use. One way this could happen is if an intervening NAT assigned a

mapped transport address that was recently used by another allocation.

The client SHOULD pick another client transport address and retry the

Allocate request (using a different transaction id). The client SHOULD

try three different client transport addresses before giving up on

this server. Once the client gives up on the server, it SHOULD NOT try

to create another allocation on the server for 2 minutes.

这是什么意思？

UPDATE

现在，当客户端A使用Chrome“49.02623.112米”(我无法更新它，因为在Vista上)和客户端B“50.0.2661.75米”coturn服务器工作正常几秒钟。我这样运行服务器(我不确定这是否有帮助，XXX.XX.XXX.XX是服务器虚拟机所在PC的公共静态IP，192.168.2.190是内部IP)：

sudo turnserver -X XXX.XX.XXX.XX/192.168.2.190这些是日志消息：

0: log file opened: /var/log/turn_3205_2016-04-15.log

RFC 3489/5389/5766/5780/6062/6156 STUN/TURN Server

Version Coturn-4.5.0.4 'dan Eider'

Max number of open files/sockets allowed for this process: 4096

Due to the open files/sockets limitation,

max supported number of TURN Sessions possible is: 2000 (approximately)

==== Show him the instruments, Practical Frost: ====

0: TLS supported

0: DTLS supported

0: DTLS 1.2 is not supported

0: TURN/STUN ALPN is not supported

0: Third-party authorization (oAuth) supported

0: GCM (AEAD) supported

0: OpenSSL compile-time version: OpenSSL 1.0.1e-fips 11 Feb 2013

0: SQLite supported, default database location is /var/db/turndb

0: Redis supported

0: PostgreSQL supported

0: MySQL supported

0: MongoDB is not supported

0: Default Net Engine version: 3 (UDP thread per CPU core)

=====================================================

0: Config file found: /etc/turnserver/turnserver.conf

0: log file opened: /var/tmp/turnserver.log

0: Config file found: /etc/turnserver/turnserver.conf

0: Domain name:

0: Default realm: mycompany.org

0: Config file found: /etc/turnserver/server.crt

0: Config file found: /etc/turnserver/server.key

0: SSL23: Certificate file found: /etc/turnserver/server.crt

0: SSL23: Private key file found: /etc/turnserver/server.key

0: TLS1.0: Certificate file found: /etc/turnserver/server.crt

0: TLS1.0: Private key file found: /etc/turnserver/server.key

0: TLS1.1: Certificate file found: /etc/turnserver/server.crt

0: TLS1.1: Private key file found: /etc/turnserver/server.key

0: TLS1.2: Certificate file found: /etc/turnserver/server.crt

0: TLS1.2: Private key file found: /etc/turnserver/server.key

0: TLS cipher suite: DEFAULT

0: DTLS: Certificate file found: /etc/turnserver/server.crt

0: DTLS: Private key file found: /etc/turnserver/server.key

0: DTLS cipher suite: DEFAULT

0: NO EXPLICIT LISTENER ADDRESS(ES) ARE CONFIGURED

0: ===========Discovering listener addresses: =========

0: Listener address to use: 127.0.0.1

0: Listener address to use: 10.0.2.15

0: Listener address to use: ::1

0: =====================================================

0: Total: 1 'real' addresses discovered

0: =====================================================

0: NO EXPLICIT RELAY ADDRESS(ES) ARE CONFIGURED

0: ===========Discovering relay addresses: =============

0: Relay address to use: 10.0.2.15

0: Relay address to use: ::1

0: =====================================================

0: Total: 2 relay addresses discovered

0: =====================================================

0: pid file created: /var/run/turnserver.pid

0: IO method (main listener thread): epoll (with changelist)

0: Wait for relay ports initialization...

0: relay 10.0.2.15 initialization...

0: relay 10.0.2.15 initialization done

0: relay ::1 initialization...

0: relay ::1 initialization done

0: Relay ports initialization done

0: IO method (general relay thread): epoll (with changelist)

0: turn server id=1 created

0: Cannot create TLS listener

0: IO method (general relay thread): epoll (with changelist)

0: turn server id=0 created

0: Cannot create TLS listener

0: IPv4. DTLS/UDP listener opened on: 127.0.0.1:3478

0: IPv4. DTLS/UDP listener opened on: 127.0.0.1:3479

0: IPv4. DTLS/UDP listener opened on: 127.0.0.1:5349

0: IPv4. DTLS/UDP listener opened on: 127.0.0.1:5350

0: IPv4. DTLS/UDP listener opened on: 10.0.2.15:3478

0: IPv4. DTLS/UDP listener opened on: 10.0.2.15:3479

0: IPv4. DTLS/UDP listener opened on: 10.0.2.15:5349

0: IPv4. DTLS/UDP listener opened on: 10.0.2.15:5350

0: IPv6. DTLS/UDP listener opened on: ::1:3478

0: IPv6. DTLS/UDP listener opened on: ::1:3479

0: IPv6. DTLS/UDP listener opened on: ::1:5349

0: IPv6. DTLS/UDP listener opened on: ::1:5350

0: Total General servers: 2

0: IO method (admin thread): epoll (with changelist)

0: ERROR: Cannot create CLI listener

0: IO method (auth thread): epoll (with changelist)

0: SQLite DB connection success: /var/db/turndb

1275: handle_udp_packet: New UDP endpoint: local addr 10.0.2.15:3478, remote addr 10.0.2.2:30637

1275: session 000000000000000001: realm user <>: incoming packet BINDING processed, success

1275: handle_udp_packet: New UDP endpoint: local addr 10.0.2.15:3478, remote addr 10.0.2.2:30638

1275: session 001000000000000001: realm user <>: incoming packet BINDING processed, success

1275: session 000000000000000001: realm user <>: incoming packet message processed, error 401: Unauthorized

1275: session 001000000000000001: realm user <>: incoming packet message processed, error 401: Unauthorized

1275: session 000000000000000001: realm user <>: incoming packet BINDING processed, success

1275: session 001000000000000001: realm user <>: incoming packet BINDING processed, success

1275: session 000000000000000001: realm user <>: incoming packet message processed, error 401: Unauthorized

1275: session 001000000000000001: realm user <>: incoming packet message processed, error 401: Unauthorized

1275: IPv4. Local relay addr: 10.0.2.15:52828

1275: session 001000000000000001: new, realm=, username=, lifetime=600

1275: session 001000000000000001: realm user : incoming packet ALLOCATE processed, success

1275: IPv4. Local relay addr: 10.0.2.15:57360

1275: session 000000000000000001: new, realm=, username=, lifetime=600

1275: session 000000000000000001: realm user : incoming packet ALLOCATE processed, success

1275: session 001000000000000001: realm user : incoming packet ALLOCATE processed, success

1276: session 001000000000000001: realm user : incoming packet message processed, error 437: Mismatched allocation: wrong transaction ID

1276: session 000000000000000001: realm user : incoming packet message processed, error 437: Mismatched allocation: wrong transaction ID

1276: session 001000000000000001: realm user : incoming packet message processed, error 437: Mismatched allocation: wrong transaction ID

1277: session 000000000000000001: realm user : incoming packet message processed, error 437: Mismatched allocation: wrong transaction ID

1277: session 001000000000000001: realm user : incoming packet message processed, error 437: Mismatched allocation: wrong transaction ID

1278: session 000000000000000001: realm user : incoming packet message processed, error 437: Mismatched allocation: wrong transaction ID

1278: session 001000000000000001: realm user : incoming packet message processed, error 437: Mismatched allocation: wrong transaction ID

1280: session 001000000000000001: refreshed, realm=, username=, lifetime=0

1280: session 001000000000000001: realm user : incoming packet REFRESH processed, success

1280: session 000000000000000001: peer XXX.XX.XX.XX lifetime updated: 300