EasyTier 私有中继服务器搭建教程
适用于云服务器搭建 EasyTier 私有中继节点
一、服务器配置要求
| 项目 | 值 |
|---|---|
| 操作系统 | Ubuntu 24.04 LTS |
| 网络 | 公网 IPv4 + IPv6 |
| 端口 | 11010 (TCP/UDP), 11011 (WG/WS), 11012 (WSS) |
| 虚拟 IP | 无 (仅作为中继) |
二、安装 EasyTier
bash
# 创建目录
sudo mkdir -p /opt/easytier/{bin,config,logs}
# 下载最新版本
cd /tmp
wget https://github.com/EasyTier/EasyTier/releases/latest/download/easytier-linux-x86_64.zip
# 解压并安装
sudo unzip -o easytier-linux-x86_64.zip -d /opt/easytier/bin/
sudo chmod +x /opt/easytier/bin/easytier-*
# 清理
rm easytier-linux-x86_64.zip
# 验证版本
/opt/easytier/bin/easytier-core --version三、配置私有中继
bash
sudo tee /opt/easytier/config/relay.conf << 'EOF'
# ========== 节点标识 ==========
instance_name = "my-relay"
hostname = "relay-server"
dhcp = true
enable_ipv6 = true
# ========== 网络标识 ==========
[network_identity]
network_name = "my-network" # 替换为你的网络名
network_secret = "your-secret" # 替换为你的密码
# ========== 地址配置 ==========
# 中继节点不分配虚拟 IP,为空
ipv4 = ""
# ========== 监听器配置 ==========
listeners = [
"tcp://你的域名:11010", # 域名 TCP
"udp://你的域名:11010", # 域名 UDP
"wg://你的域名:11011", # 域名 WireGuard
"ws://你的域名:11011/", # 域名 WebSocket
"wss://你的域名:11012/", # 域名 加密WebSocket
"tcp://[::]:11010", # IPv6 TCP
"udp://[::]:11010", # IPv6 UDP
"wg://[::]:11011", # IPv6 WireGuard
"ws://[::]:11011/", # IPv6 WebSocket
"wss://[::]:11012/", # IPv6 加密WebSocket
"tcp://0.0.0.0:11010", # IPv4 TCP
"udp://0.0.0.0:11010", # IPv4 UDP
"wg://0.0.0.0:11011", # IPv4 WireGuard
"ws://0.0.0.0:11011/", # IPv4 WebSocket
"wss://0.0.0.0:11012/", # IPv4 加密WebSocket
]
# ========== 映射监听器 ==========
mapped-listeners = [
"tcp://你的域名:11010",
"udp://你的域名:11010",
"wg://你的域名:11011",
]
# ========== RPC 管理门户 ==========
rpc_portal = "0.0.0.0:15888"
rpc_portal_whitelist = "*"
# ========== 核心配置 ==========
[flags]
default_protocol = "udp"
enable_encryption = true
enable_ipv6 = true
mtu = 1360
latency_first = true
# 网络模式
enable_exit_node = false
no_tun = false # 创建TUN设备(作为中继需开启)
disable_p2p = false
p2p_only = false
# 中继配置
relay_network_whitelist = "my-network" # 替换为你的网络名
disable_udp_hole_punching = false
disable_tcp_hole_punching = false
private_mode = true
# 流量控制
foreign_network_whitelist = "*"
foreign_relay_bps_limit = 100000000000
# 性能优化
multi_thread = true
multi_thread_count = 4
compression = "zstd"
# ========== 魔法DNS配置 ==========
accept_dns = true
tld_dns_zone = "你的内网域名" # 例如: home.local
# ========== STUN服务器 ==========
stun_servers = ["stun.l.google.com:19302", "stun.cloudflare.com:3478"]
# ========== 日志配置 ==========
[file_logger]
level = "trace"
file = "easytier"
dir = "/opt/easytier/logs/"
console_log_level = "debug"
file_log_level = "debug"
file_log_dir = "/opt/easytier/logs"
file_log_size = 100
file_log_count = 10
EOF
sudo chmod 600 /opt/easytier/config/relay.conf四、创建 Systemd 服务
bash
# 创建实例目录
sudo mkdir -p /etc/systemd/system
# 使用 @ 实例格式的服务(easytier@<实例名>)
sudo tee /etc/systemd/system/easytier@.service << 'EOF'
[Unit]
Description=EasyTier %i
After=network.target
[Service]
Type=simple
WorkingDirectory=/opt/easytier
ExecStart=/opt/easytier/bin/easytier-core -c /opt/easytier/config/%i.conf
Restart=always
RestartSec=1
StandardOutput=journal
StandardError=journal
[Install]
WantedBy=multi-user.target
EOF
# 启动服务(实例名为 relay)
sudo systemctl daemon-reload
sudo systemctl enable --now easytier@relay
# 查看日志
journalctl -u easytier@relay -f -n 50 --no-pager五、防火墙配置
云服务器安全组
入站规则添加:
| 协议 | 端口 | 来源 | 说明 |
|---|---|---|---|
| TCP | 11010 | 0.0.0.0/0 | EasyTier 中继 TCP |
| UDP | 11010 | 0.0.0.0/0 | EasyTier 中继 UDP |
| TCP | 11011 | 0.0.0.0/0 | WireGuard/WebSocket |
| TCP | 11012 | 0.0.0.0/0 | 加密 WebSocket |
| TCP | 11010 | ::/0 | EasyTier IPv6 |
| UDP | 11010 | ::/0 | EasyTier IPv6 |
服务器防火墙
bash
# 开放端口
sudo ufw allow 11010/tcp
sudo ufw allow 11010/udp
sudo ufw allow 11011/tcp
sudo ufw allow 11012/tcp
# 启用防火墙
sudo ufw enable
# 查看状态
sudo ufw status六、验证
bash
# 检查服务状态
sudo systemctl status easytier@relay
# 检查端口监听
sudo lsof -i :11010
# 查看日志
journalctl -u easytier@relay -f --no-pager七、常用命令
bash
# 启动服务
sudo systemctl start easytier@relay
# 停止服务
sudo systemctl stop easytier@relay
# 重启服务
sudo systemctl restart easytier@relay
# 查看日志
journalctl -u easytier@relay -f -n 50 --no-pager
# 查看实时日志
journalctl -u easytier@relay -f --no-pager