How to ensure colibri-relay-ws is being used when OCTO is enabled?

Hello,

I have managed to set up the WebSocket connections betwen JitsiWeb and JVBs.
However, was not able to trace the connections that use this nginx rule:

location ~ ^/colibri-relay-ws/([0-9.]*)/(.*) {

I wasn’t able to understand, from the documentation, in which cases it is utilized. Could you, perhaps, shed some light on this? I can provide configuration snippets, should they be necessary. I should also mention that for my configuration I used this and this links as main guides.

Thank you in advance.

This is used when you set up cascaded bridges, its used for the communication between them

Hey @damencho,

Thanks for getting back to me.

Actually, this part is what confuses me.
The relays are set up for communication between the bridges. I figured, this communication would be directly between them, without the proxy pass from nginx (through 9090 port, for example).

I have the relays configured on my jvb setup, yet I haven’t seen any requests to address with colibri-relay-ws in it. I checked nginx logs, as well as Developer Tools in the browser (I was able to trace colibri-ws this way).

I even see that it is enabled in the jvb logs:

relayUrl = wss://meet.example.com:443/colibri-relay-ws/jvb-1.meet.example.com

Could you please provide more info on how it actually works? Thank you.

This is between the bridges so you will not be able to see it on the client side.

That means every bridge should know the IP address of the other bridges. It’s easier for them to go through a commonplace that has that information already.

What selection strategy are you using?

You don’t see the bridges communicating cause your conferences always land on the same bridge, is my guess

@damencho,

Thanks for the addtional info. I suppose, it answers my question about visibility on the client side.

However, I have a couple of follow-ups:

And what that place would be?

For testing, as suggested, I am using SplitBridgeSelectionStrategy, to split the load between the bridges regardless of the region.

Unlikely, I see pairs picked and validated on both bridges when people join the conference.

I have just noticed this in the JVB logs though. I suppose, it is working, since it tried to reach the address. Although, what does this warning mean? That it took too long to process the request?

WARNING org.jitsi.utils.logging2.LoggerImpl log Took 213 ms to process an IQ (total delay 214 ms): 
<iq xmlns='jabber:client' to='jvb@auth.meet.example.com/2OTSWrYXR8rZ' from='jvbbrewery@internal-muc.meet.example.com/focus' id='anZiQGF1dGgubWVldC1raWxvLnN0YWdlb2ZmaWNlLnJ1LzJPVFNXcllYUjhyWgBWRlJBSC0zMDg4OAC4zh+/fyrYtg==' type='get'>
    <conference-modify xmlns='jitsi:colibri2' meeting-id='e7c5e1a5-a6ce-4c9a-990a-cb6c0819c3cb'>
        <relay xmlns='jitsi:colibri2' id='jvb-2.meet.example.com'>
            <transport>
                <transport xmlns='urn:xmpp:jingle:transports:ice-udp:1' pwd='1rpcu8ld6adpvtcuupapgua2s1' ufrag='gin41gcticvsj'>
                    <rtcp-mux/>
                    <fingerprint xmlns='urn:xmpp:jingle:apps:dtls:0' hash='sha-256' setup='active'>
                        32:56:61:68:69:CF:EB:B4:25:EA:13:04:DC:25:73:DD:54:E9:27:65:86:AC:88:14:BA:7F:D3:8D:0A:17:71:64
                    </fingerprint>
                    <web-socket xmlns='http://jitsi.org/protocol/colibri' url='wss://meet.example.com:443/colibri-relay-ws/jvb-2.meet.example.com/d454a4a53b96f372/jvb-1.meet.example.com?pwd=1rpcu8ld6adpvtcuupapgua2s1'/>
                    <candidate type='host' protocol='udp' id='40e5121e3b74239d02c0f4a07' ip='172.17.0.8' component='1' port='10000' foundation='1' generation='0' priority='2130706431' network='0'/>
                    <candidate rel-port='10000' type='srflx' protocol='udp' id='75dc66253b74239d0ffffffff8a05ab58' ip='10.7.97.89' component='1' port='10000' foundation='2' generation='0' network='0' priority='1694498815' rel-addr='172.17.0.8'/>
                </transport>
            </transport>
        </relay>
    </conference-modify>
</iq>

Exactly.

Then they should be relaying the stats from the clients which are every 10 seconds. If you had two bridges in the meeting check in both logs for messages/errors containing RelayMessageTransport.

nginx for example where you match server-id to IP address of the bridge.

Now, this was not correct:

the bridge announces to jicofo what is the address it can be reached on for communication, it is this setting: jitsi-videobridge/reference.conf at ce94dbb2b839500507668d3ddf898f14b86533a1 · jitsi/jitsi-videobridge · GitHub
So you may skip the common place nginx and leave every client and every bridge to be able to communicate with the other bridges using this setting.
domain = "mybridge1.domain.com:443"

You would use the nginx if you want to have just one DNS for the whole service.

1 Like

Thanks a lot @damencho!

The last post certainly clarifies a lot of my confusion about nginx and the way the videobridge instances communicate with each other.

And it also confirms my conclusions about what I read in jicofo logs. :slight_smile:

Yeah, I got confused for a moment, sorry.