Firewall (I guess) issues after deb package install of jitsi-meet

Hi,

I’ve installed jitsi-meet using apt package on a Ubuntu 18.04.4 LTS server. This server is accessible on internet (no NAT), but I have iptables rules to close every ports except the ones I want to open.

There were http/https websites on this server prior to the jitsi-meet install, served by apache. So the ports 80 and 443 are already open.

Meet seems to work fine at first sight, I can go to the homepage, create a meeting, video and sound work when we are 2. But when a third person arrives, only one video remains, the others don’t work. During some other tests, even a meet with 2 people doesn’t work (no video).

Additionally, I’ve found those logs looping in /var/log/jitsi/jvb.log:

2020-04-02 13:22:50.678 SEVERE: [17] Health.doRun#300: Health check failed in 0ms:
java.lang.Exception: Address discovery through STUN failed
at org.jitsi.videobridge.health.Health.doCheck(Health.java:138)
at org.jitsi.videobridge.health.Health.doRun(Health.java:266)
at org.jitsi.utils.concurrent.PeriodicRunnableWithObject.run(PeriodicRunnableWithObject.java:87)
at org.jitsi.utils.concurrent.RecurringRunnableExecutor.run(RecurringRunnableExecutor.java:216)
at org.jitsi.utils.concurrent.RecurringRunnableExecutor.runInThread(RecurringRunnableExecutor.java:292)
at org.jitsi.utils.concurrent.RecurringRunnableExecutor.access$000(RecurringRunnableExecutor.java:36)
at org.jitsi.utils.concurrent.RecurringRunnableExecutor$1.run(RecurringRunnableExecutor.java:328)

So I’m wondering if it could be related to my firewall. Is there a list of ports that should be open (input and output) so everything can work fine?

Thanks!
Grégoire.

1 Like

You need to open 10000 UDP as well.

It’s probably working for 2 people as, by default, peer-to-peer mode is enabled.

I guess we need a bit more from your logfile. Are you sure your JVB is registering with XMPP correctly?

Thanks, it seems to work better with port 10000 open indeed. However, in doc, I understood that it is used only if behind a NAT.

By the way, this port should be open for input, output, or both?

@Th3R3al How can I be sure of that?

Even with port 10000 open, I still a this log looping for ever:

2020-04-02 14:25:29.097 INFO: [16] VideobridgeExpireThread.expire#144: Running expire()
2020-04-02 14:25:31.067 SEVERE: [17] Health.doRun#300: Health check failed in 0ms:
java.lang.Exception: Address discovery through STUN failed
at org.jitsi.videobridge.health.Health.doCheck(Health.java:138)
at org.jitsi.videobridge.health.Health.doRun(Health.java:266)
at org.jitsi.utils.concurrent.PeriodicRunnableWithObject.run(PeriodicRunnableWithObject.java:87)
at org.jitsi.utils.concurrent.RecurringRunnableExecutor.run(RecurringRunnableExecutor.java:216)
at org.jitsi.utils.concurrent.RecurringRunnableExecutor.runInThread(RecurringRunnableExecutor.java:292)
at org.jitsi.utils.concurrent.RecurringRunnableExecutor.access$000(RecurringRunnableExecutor.java:36)
at org.jitsi.utils.concurrent.RecurringRunnableExecutor$1.run(RecurringRunnableExecutor.java:328)
2020-04-02 14:25:41.068 SEVERE: [17] Health.doRun#300: Health check failed in 0ms:
java.lang.Exception: Address discovery through STUN failed
at org.jitsi.videobridge.health.Health.doCheck(Health.java:138)
at org.jitsi.videobridge.health.Health.doRun(Health.java:266)
at org.jitsi.utils.concurrent.PeriodicRunnableWithObject.run(PeriodicRunnableWithObject.java:87)
at org.jitsi.utils.concurrent.RecurringRunnableExecutor.run(RecurringRunnableExecutor.java:216)
at org.jitsi.utils.concurrent.RecurringRunnableExecutor.runInThread(RecurringRunnableExecutor.java:292)
at org.jitsi.utils.concurrent.RecurringRunnableExecutor.access$000(RecurringRunnableExecutor.java:36)
at org.jitsi.utils.concurrent.RecurringRunnableExecutor$1.run(RecurringRunnableExecutor.java:328)
2020-04-02 14:25:51.068 SEVERE: [17] Health.doRun#300: Health check failed in 0ms:
java.lang.Exception: Address discovery through STUN failed
at org.jitsi.videobridge.health.Health.doCheck(Health.java:138)
at org.jitsi.videobridge.health.Health.doRun(Health.java:266)
at org.jitsi.utils.concurrent.PeriodicRunnableWithObject.run(PeriodicRunnableWithObject.java:87)
at org.jitsi.utils.concurrent.RecurringRunnableExecutor.run(RecurringRunnableExecutor.java:216)
at org.jitsi.utils.concurrent.RecurringRunnableExecutor.runInThread(RecurringRunnableExecutor.java:292)
at org.jitsi.utils.concurrent.RecurringRunnableExecutor.access$000(RecurringRunnableExecutor.java:36)
at org.jitsi.utils.concurrent.RecurringRunnableExecutor$1.run(RecurringRunnableExecutor.java:328)

etc.

Can you try clearing your firewall, and restarting jvb2? Does that works?

If it doesn’t work than follow the https://jitsi.org/qi replace STUN_MAPPING_HARVESTER_ADDRESSES with NAT_HARVESTER_LOCAL_ADDRESS and NAT_HARVESTER_PUBLIC_ADDRESS .

I’ve opened outgoing UDP 443.
I’ve restarted service jitsi-videobridge2 (I wasn’t aware this step was required).
And now it works fine :slight_smile:

Health.doRun#294: Performed a successful health check in 18ms. Sticky failure: false

Thanks a lot!
This project is awesome :+1:

1 Like