原理和NAT类似将公网vps中开一个端口映射到内网1中service的ip和端口,只不过增加了frp client负责将流量pipe到service和frp server。
这里frp server和frp client都以linux系统部署为例
vps部署frp server
# install frp
wget https://github.com/fatedier/frp/releases/download/v0.32.1/frp_0.32.1_linux_amd64.tar.gz
tar -zxvf frp_0.32.1_linux_amd64.tar.gz
sudo mv frp_0.32.1_linux_amd64 /usr/local/frp
# config frps
sudo vim /usr/local/frp/frps.ini
# frp server配置文件内容,token为认证使用
[common]
bind_port = 7000
token = xxxxx
# 配置frp server为linux service
sudo vim /etc/systemd/system/frps.service
# frps service
[Unit]
Description=frps daemon
After=syslog.target network.target
Wants=network.target
[Service]
Type=simple
ExecStart=/usr/local/frp/frps -c /usr/local/frp/frps.ini
Restart= always
RestartSec=1min
[Install]
WantedBy=multi-user.target
# 配置frp server为默认启动服务
sudo systemctl enable frps
# 启动frp server
sudo systemctl start frps
# 查看frp server服务状态
sudo systemctl status frps
# install frp
wget https://github.com/fatedier/frp/releases/download/v0.32.1/frp_0.32.1_linux_amd64.tar.gz
tar -zxvf frp_0.32.1_linux_amd64.tar.gz
sudo mv frp_0.32.1_linux_amd64 /usr/local/frp
# config frpc
sudo vim /usr/local/frp/frpc.ini
# frp client配置文件内容:
# 1. server_addr为vps的公网ip地址
# 2. server_port为frp server监听端口
# 3. token需要保持和frp server中token一致才能认证通过
# 4. tls_enable需要设置为true,否则login失败
# 5. [ssh]为将本主机22端口映射到frp server的5000端口
[common]
server_addr = xxx.xxx.xxx.xxx
server_port = 7000
token = xxxxx
tls_enable = true
[ssh]
type = tcp
local_ip = 127.0.0.1
local_port = 22
remote_port = 5000
# 配置frp client为linux service
sudo vim /etc/systemd/system/frpc.service
# frpc service
[Unit]
Description=frpc daemon
After=syslog.target network.target
Wants=network.target
[Service]
Type=simple
ExecStart=/usr/local/frp/frpc -c /usr//local/frp/frpc.ini
Restart= always
RestartSec=1min
[Install]
WantedBy=multi-user.target
# 配置frp client为默认启动服务
sudo systemctl enable frpc
# 启动frp client
sudo systemctl start frpc
# 查看frp client服务状态
sudo systemctl status frpc
