search

fredliang44 / derper-docker

tailscale‘s selfhosted derp-server docker image
https://tailscale.com/kb/1118/custom-derp-servers/
GNU General Public License v3.0
300 stars 75 forks source link

Stun server seems not working? #21

Closed yqs112358 closed 1 week ago

yqs112358 commented 1 week ago

After the deployment of derper docker container, I noticed that the built-in stun server seems to be not working. It looks like the stun server only listens to IPv6 [::]:55555, and no reponse is given when I use stun clients to request MY-DOMAIN.com:55555 both in IPv4 and v6.

The firewall rules are ok. The derper server itself works well. Only the stun server is confusing.

logs:

headscale-derper  | 2024/11/05 14:24:02 no config path specified; using /var/lib/derper/derper.key
headscale-derper  | 2024/11/05 14:24:02 derper: serving on :55557 with TLS
headscale-derper  | 2024/11/05 14:24:02 STUN server listening on [::]:55555

docker-compose.yaml:

derper:
    container-name: headscale-derper
    image: fredliang/derper:latest
    restart: unless-stopped
    ports:
      - 55555:55555
      - 55555:55555/udp
      - 55557:55557
    environment:
      DERP_DOMAIN: "MY-DOMAIN.com"
      DERP_CERT_MODE: "manual"
      DERP_CERT_DIR: "/certs"
      DERP_ADDR: ":55557"
      DERP_STUN: "true"
      DERP_STUN_PORT: "55555"
      DERP_HTTP_PORT: "-1"
      DERP_VERIFY_CLIENTS: "true"
    volumes:
      - "./certs:/certs"
      - "/var/run/tailscale/tailscaled.sock:/var/run/tailscale/tailscaled.sock"
yqs112358 commented 1 week ago

My fault 🤣 Finally tested with stunc and no problem