王忘杰

KCPTun 一种基于UDP协议的TCP加速方案
2017-12-16更新修复centos7下提示service kcptun does not support c...
扫描右侧二维码阅读全文
16
2017/12

KCPTun 一种基于UDP协议的TCP加速方案

kcptun.png

2017-12-16更新
修复centos7下提示service kcptun does not support chkconfig导致不能开机启动的bug

前言

tcp加速方案有很多,比如锐速,谷歌bbr,以及很多已经放弃维护的双边TCP加速方案,这次为大家介绍的是KCPTun
项目地址 https://github.com/xtaci/kcptun

fast.png

服务器端搭建
服务器采用centos7系统

案例
我使用kcp 888端口为ssh 22端口加速

创建kcptun目录

mkdir /kcp
cd /kcp

下载kcptun

wget https://github.com/xtaci/kcptun/releases/download/v20180316/kcptun-linux-amd64-20180316.tar.gz
tar xfvz kcptun-linux-amd64-20180316.tar.gz

防火墙开放端口 注意:kcp是UDP端口

[root@baidu kcp]# firewall-cmd --zone=public --permanent --add-port=888/udp
success

[root@baidu kcp]# firewall-cmd --reload
Asuccess

[root@baidu kcp]# firewall-cmd --zone=public --list-all
public (active)
  target: default
  icmp-block-inversion: no
  interfaces: venet0
  sources:
  services: ssh dhcpv6-client
  ports: 22/tcp 80/tcp 443/tcp 888/udp
  protocols:
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

简单测试

./server_linux_amd64 -t 127.0.0.1:22 -l :888 --key mima --crypt aes-128 --mode fast2

编写启动脚本

touch /etc/init.d/kcptun
chmod +x /etc/init.d/kcptun
vi /etc/init.d/kcptun

内容如下

#!/bin/bash
# chkconfig:   2345 90 10
# description:  Redis is a persistent key-value database
BASE=$(basename $0)

# modify these in /etc/sysconfig/$BASE (/etc/sysconfig/kcptun)
KCPTUN=/kcp/server_linux_amd64

KCPTUN_PIDFILE=/var/run/$BASE.pid
KCPTUN_LOGFILE=/var/log/$BASE.log
KCPTUN_LOCKFILE=/var/lock/subsys/$BASE
KCPTUN_OPTS="-t 127.0.0.1:22 -l :888 --key mima --crypt aes-128 --mode fast2"
KCPTUN_DESC="KCPTUN"

# Source function library.
. /etc/rc.d/init.d/functions

if [ -f /etc/sysconfig/$BASE ]; then
    . /etc/sysconfig/$BASE
fi

# Check kcptun server is present
if [ ! -x $KCPTUN ]; then
    echo "$KCPTUN not present or not executable!"
    exit 1
fi

RETVAL=0
STOP_TIMEOUT=${STOP_TIMEOUT-10}

start() {

    if [ -f ${KCPTUN_LOCKFILE} ]; then

        if [ -s ${KCPTUN_PIDFILE} ]; then
            echo "$BASE might be still running, stop it first!"
            killproc -p ${KCPTUN_PIDFILE} -d ${STOP_TIMEOUT} $KCPTUN
        else
            echo "$BASE was not shut down correctly!"
        fi

        rm -f ${KCPTUN_PIDFILE} ${KCPTUN_LOCKFILE}
        sleep 2
    fi

    echo -n $"Starting $BASE: "
    $KCPTUN --log ${KCPTUN_LOGFILE} $KCPTUN_OPTS &
    RETVAL=$?

    if [ "$RETVAL" = "0" ]; then
        success
        sleep 2
        ps -A o pid,cmd | grep "$KCPTUN --log ${KCPTUN_LOGFILE} $KCPTUN_OPTS" | awk '{print $1}' | head -n 1 > ${KCPTUN_PIDFILE} 
    else
        failure
    fi
    echo

    [ $RETVAL = 0 ] && touch ${KCPTUN_LOCKFILE}
    return $RETVAL
}

stop() {
    echo -n $"Stopping $BASE: "
    killproc -p ${KCPTUN_PIDFILE} -d ${STOP_TIMEOUT} $KCPTUN
    RETVAL=$?
    echo
    [ $RETVAL = 0 ] && rm -f ${KCPTUN_PIDFILE} ${KCPTUN_LOCKFILE}
    return $RETVAL
}


case "$1" in
  start)
        start
        ;;
  stop)
        stop
        ;;
  status)
        status -p ${KCPTUN_PIDFILE} $KCPTUN
        RETVAL=$?
        ;;
  restart)
        stop
        start
        ;;
  *)
        echo $"Usage: $BASE { start | stop | restart | status }"
        RETVAL=2
        ;;
esac

exit $RETVAL

启动管理

systemctl daemon-reload
systemctl start kcptun
systemctl status kcptun
systemctl enable kcptun
chkconfig kcptun on

如果你发现无法运行kcp,请询问运营商是否禁用了kcp,解决方法,给程序改个名字

客户端

下载客户端主程序
https://github.com/xtaci/kcptun/releases

下载客户端GUI
https://github.com/dfdragon/kcptun_gclient/releases/

将gui和主程序放在同一目录,运行gui
使用管理员运行

添加 - 程序开机自启 - 启动后最小化
kcptun客户端 - 本地监听端口 - kcp服务器地址 - 端口 -通讯密钥 - 加密方式
传输模式 - 模式选择

启动

TIM截图20171108143711.png

测试结果

ssh之前连接服务器22端口,现在只需要连接127.0.0.1的3300端口即可。

连接前
TIM截图20171108135822.png

TIM截图20171108135901.png

连接后
TIM截图20171108135356.png

TIM截图20171108135729.png

ssh均有3倍左右提升

而在网页加速下提升为10倍左右

TIM截图20171108124148.png

TIM截图20171108133920.png

最后修改:2018 年 05 月 17 日 07 : 10 PM

发表评论