JVB - NAT issues?

#1

Hi all

I have a Jitsi Meet setup with 2 servers
server 1 having all services apart from JVB
server 2 running JVB

The idea was to have the second server running on 443 for JVB as this setup is running in an infrastructure where only 443 is allowed publicly. In the end i resorted to using 4443 for TCP and iptables rule to nat to 4443.

I seem to be having issues with the nat setup somehow. I have tried many different configs. What worries me is that it seems to be trying to pair to the local IP of a device which tries to join a conference even if it’s not coming internally, and ofcourse this won’t work.

example : Pair failed: internalIP:4443/tcp/host -> 100.80.42.34:9/tcp/host (stream.RTP) - this is the private IP of my phone trying over 4G
Some logs:

JVB 2019-03-19 17:04:17.586 FINE: [279] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Processing IQ (packetId OL3NR-7625): 73:32:9F:7D:43:6E:47:C5:C4:01:17:84:96:5C:AF:00:F2:62:ED:90:CA:BF:9C:8C:4E:E5:8A:0B:8E:40:24:AC
JVB 2019-03-19 17:04:17.586 FINE: [279] org.jitsi.videobridge.xmpp.ComponentImpl.processIQRequest() (serving component ‘JitsiVideobridge’) Processing IQ request (packetId OL3NR-7625).
JVB 2019-03-19 17:04:17.588 INFO: [279] org.ice4j.ice.Component.log() Add remote candidate for stream.RTP: 10.192.106.48:9/tcp/host
JVB 2019-03-19 17:04:17.588 INFO: [279] org.ice4j.ice.Component.log() Add remote candidate for stream.RTP: 10.192.106.48:43906/udp/host
JVB 2019-03-19 17:04:17.588 INFO: [279] org.jitsi.videobridge.IceUdpTransportManager.log() We have remote candidates for all ICE components. Starting the ICE agent.
JVB 2019-03-19 17:04:17.588 INFO: [279] org.ice4j.ice.Agent.log() Start ICE connectivity establishment. Local ufrag 1hvda1d6bb4db8
JVB 2019-03-19 17:04:17.588 INFO: [279] org.ice4j.ice.Agent.log() Init checklist for stream stream
JVB 2019-03-19 17:04:17.589 INFO: [279] org.ice4j.ice.Agent.log() ICE state changed from Waiting to Running. Local ufrag 1hvda1d6bb4db8
JVB 2019-03-19 17:04:17.589 INFO: [279] org.jitsi.videobridge.IceUdpTransportManager.log() CAT=stat ice_state_change,conf_id=b9fdb4bd41862b4d,content=data,ch_id=350eb94675db9836,endp_id=q18720yz old_state=Waiting,new_state=Running
JVB 2019-03-19 17:04:17.589 INFO: [279] org.ice4j.ice.ConnectivityCheckClient.log() Start connectivity checks. Local ufrag 1hvda1d6bb4db8
JVB 2019-03-19 17:04:17.590 FINE: [279] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Responding to IQ (packetId OL3NR-7625) with: E6:B9:40:A2:D8:E3:52:1B:37:2F:01:CE:AB:C9:F0:E0:E5:02:FB:1C
JVB 2019-03-19 17:04:17.614 WARNING: [277] org.jitsi.videobridge.EndpointMessageTransport.log() SCTP connection with u65ttqit not ready yet.
JVB 2019-03-19 17:04:17.616 WARNING: [277] org.jitsi.videobridge.EndpointMessageTransport.log() No available transport channel, can’t send a message
JVB 2019-03-19 17:04:17.618 FINE: [277] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Responding to IQ (packetId OL3NR-7623) with: 1209057217335492657337570711059887147766074049714834592436515256E6:B9:40:A2:D8:E3:52:1B:37:2F:01:CE:AB:C9:F0:E0:E5:02:FB:1C
JVB 2019-03-19 17:04:17.627 INFO: [8999] org.ice4j.ice.ConnectivityCheckClient.log() Pair failed: internalIP:10000/udp/host -> 10.192.106.48:43906/udp/host (stream.RTP)
JVB 2019-03-19 17:04:17.648 INFO: [8999] org.ice4j.ice.ConnectivityCheckClient.log() Pair failed: internalIP:4443/tcp/host -> 10.192.106.48:9/tcp/host (stream.RTP)
JVB 2019-03-19 17:04:19.218 FINE: [324] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Processing IQ (packetId OL3NR-7631):
JVB 2019-03-19 17:04:19.218 FINE: [324] org.jitsi.videobridge.xmpp.ComponentImpl.processIQRequest() (serving component ‘JitsiVideobridge’) Processing IQ request (packetId OL3NR-7631).
JVB 2019-03-19 17:04:19.219 FINE: [324] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Responding to IQ (packetId OL3NR-7631) with:
JVB 2019-03-19 17:04:19.882 INFO: [27] org.jitsi.videobridge.Videobridge.log() CAT=stat create_conf,conf_id=ccd5b89fd3b60325 conf_name=null,logging=false,conf_count=2,ch_count=6,v_streams=4
JVB 2019-03-19 17:04:19.900 INFO: [27] org.jitsi.videobridge.health.Health.log() Performed a successful health check in 18ms. Sticky failure: false
JVB 2019-03-19 17:04:24.321 FINE: [326] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Processing IQ (packetId cCzyn-844):
JVB 2019-03-19 17:04:29.218 FINE: [328] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Processing IQ (packetId OL3NR-7636):
JVB 2019-03-19 17:04:29.218 FINE: [328] org.jitsi.videobridge.xmpp.ComponentImpl.processIQRequest() (serving component ‘JitsiVideobridge’) Processing IQ request (packetId OL3NR-7636).
JVB 2019-03-19 17:04:29.220 FINE: [328] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Responding to IQ (packetId OL3NR-7636) with:
JVB 2019-03-19 17:04:29.901 INFO: [27] org.jitsi.videobridge.Videobridge.log() CAT=stat create_conf,conf_id=b8f7f38f2cb1bf3 conf_name=null,logging=false,conf_count=2,ch_count=6,v_streams=4
JVB 2019-03-19 17:04:29.922 INFO: [27] org.jitsi.videobridge.health.Health.log() Performed a successful health check in 21ms. Sticky failure: false
JVB 2019-03-19 17:04:30.507 WARNING: [24] org.jitsi.videobridge.EndpointMessageTransport.log() SCTP connection with q18720yz not ready yet.
JVB 2019-03-19 17:04:30.507 WARNING: [24] org.jitsi.videobridge.EndpointMessageTransport.log() No available transport channel, can’t send a message
JVB 2019-03-19 17:04:30.507 WARNING: [24] org.jitsi.videobridge.EndpointMessageTransport.log() SCTP connection with u65ttqit not ready yet.
JVB 2019-03-19 17:04:30.507 WARNING: [24] org.jitsi.videobridge.EndpointMessageTransport.log() No available transport channel, can’t send a message
JVB 2019-03-19 17:04:30.507 WARNING: [24] org.jitsi.videobridge.EndpointMessageTransport.log() SCTP connection with q18720yz not ready yet.
JVB 2019-03-19 17:04:30.508 WARNING: [24] org.jitsi.videobridge.EndpointMessageTransport.log() No available transport channel, can’t send a message
JVB 2019-03-19 17:04:30.508 WARNING: [24] org.jitsi.videobridge.EndpointMessageTransport.log() SCTP connection with u65ttqit not ready yet.
JVB 2019-03-19 17:04:30.508 WARNING: [24] org.jitsi.videobridge.EndpointMessageTransport.log() No available transport channel, can’t send a message
JVB 2019-03-19 17:04:33.088 FINE: [373] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Processing IQ (packetId OL3NR-7644):
JVB 2019-03-19 17:04:33.089 FINE: [373] org.jitsi.videobridge.xmpp.ComponentImpl.processIQRequest() (serving component ‘JitsiVideobridge’) Processing IQ request (packetId OL3NR-7644).
JVB 2019-03-19 17:04:33.090 INFO: [373] org.ice4j.ice.Agent.log() Gathering candidates for component stream.RTP. Local ufrag 2hmm1d6bb4um2
JVB 2019-03-19 17:04:33.091 INFO: [373] org.jitsi.videobridge.Conference.log() CAT=stat create_ice_tm,conf_id=b9fdb4bd41862b4d ufrag=2hmm1d6bb4um2,bundle=crdkezrp,initiator=true
JVB 2019-03-19 17:04:33.091 INFO: [373] org.jitsi.videobridge.RtpChannel.log() CAT=stat create_stream,conf_id=b9fdb4bd41862b4d,content=audio,ch_id=ec1152e93d7f8ad8,endp_id=null,stream=251185954
JVB 2019-03-19 17:04:33.091 INFO: [373] org.jitsi.videobridge.Content.log() CAT=stat create_channel,conf_id=b9fdb4bd41862b4d,content=audio,ch_id=ec1152e93d7f8ad8,endp_id=null,stream=251185954 transport=default,bundle=crdkezrp,initiator=true,media_type=audio,relay_type=null
JVB 2019-03-19 17:04:33.093 INFO: [373] org.jitsi.videobridge.RtpChannel.log() CAT=stat create_stream,conf_id=b9fdb4bd41862b4d,content=video,ch_id=b7bd45ac2719c1e3,endp_id=null,stream=1274692761
JVB 2019-03-19 17:04:33.093 INFO: [373] org.jitsi.videobridge.Content.log() CAT=stat create_channel,conf_id=b9fdb4bd41862b4d,content=video,ch_id=b7bd45ac2719c1e3,endp_id=null,stream=1274692761 transport=default,bundle=crdkezrp,initiator=true,media_type=video,relay_type=null
JVB 2019-03-19 17:04:33.096 FINE: [373] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Responding to IQ (packetId OL3NR-7644) with: E6:B9:40:A2:D8:E3:52:1B:37:2F:01:CE:AB:C9:F0:E0:E5:02:FB:1C
JVB 2019-03-19 17:04:34.321 FINE: [375] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Processing IQ (packetId cCzyn-850):
JVB 2019-03-19 17:04:36.670 FINE: [420] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Processing IQ (packetId OL3NR-7651): F6:B9:04:BE:D7:85:8F:82:5A:88:C2:E3:5E:D9:F6:1B:C9:B6:AF:84:F5:19:B1:97:BF:C8:0B:4A:A0:44:42:F8
JVB 2019-03-19 17:04:36.670 FINE: [420] org.jitsi.videobridge.xmpp.ComponentImpl.processIQRequest() (serving component ‘JitsiVideobridge’) Processing IQ request (packetId OL3NR-7651).
JVB 2019-03-19 17:04:36.676 FINE: [87] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Processing IQ (packetId OL3NR-7654): F6:B9:04:BE:D7:85:8F:82:5A:88:C2:E3:5E:D9:F6:1B:C9:B6:AF:84:F5:19:B1:97:BF:C8:0B:4A:A0:44:42:F8
JVB 2019-03-19 17:04:36.676 FINE: [87] org.jitsi.videobridge.xmpp.ComponentImpl.processIQRequest() (serving component ‘JitsiVideobridge’) Processing IQ request (packetId OL3NR-7654).
JVB 2019-03-19 17:04:36.677 INFO: [87] org.ice4j.ice.Component.log() Add remote candidate for stream.RTP: 100.80.42.34:9/tcp/host
JVB 2019-03-19 17:04:36.677 INFO: [87] org.ice4j.ice.Component.log() Add remote candidate for stream.RTP: 100.80.42.34:9/tcp/host
JVB 2019-03-19 17:04:36.677 INFO: [87] org.ice4j.ice.Component.log() Add remote candidate for stream.RTP: 100.80.42.34:46352/udp/host
JVB 2019-03-19 17:04:36.677 INFO: [87] org.jitsi.videobridge.IceUdpTransportManager.log() We have remote candidates for all ICE components. Starting the ICE agent.
JVB 2019-03-19 17:04:36.677 INFO: [87] org.ice4j.ice.Agent.log() Start ICE connectivity establishment. Local ufrag 2hmm1d6bb4um2
JVB 2019-03-19 17:04:36.678 INFO: [87] org.ice4j.ice.Agent.log() Init checklist for stream stream
JVB 2019-03-19 17:04:36.678 INFO: [87] org.ice4j.ice.Agent.log() ICE state changed from Waiting to Running. Local ufrag 2hmm1d6bb4um2
JVB 2019-03-19 17:04:36.678 INFO: [87] org.jitsi.videobridge.IceUdpTransportManager.log() CAT=stat ice_state_change,conf_id=b9fdb4bd41862b4d,content=data,ch_id=b27fdce1ded510f8,endp_id=crdkezrp old_state=Waiting,new_state=Running
JVB 2019-03-19 17:04:36.678 INFO: [87] org.ice4j.ice.ConnectivityCheckClient.log() Start connectivity checks. Local ufrag 2hmm1d6bb4um2
JVB 2019-03-19 17:04:36.681 FINE: [87] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Responding to IQ (packetId OL3NR-7654) with: E6:B9:40:A2:D8:E3:52:1B:37:2F:01:CE:AB:C9:F0:E0:E5:02:FB:1C
JVB 2019-03-19 17:04:36.685 WARNING: [420] org.jitsi.videobridge.EndpointMessageTransport.log() SCTP connection with u65ttqit not ready yet.
JVB 2019-03-19 17:04:36.685 WARNING: [420] org.jitsi.videobridge.EndpointMessageTransport.log() No available transport channel, can’t send a message
JVB 2019-03-19 17:04:36.685 WARNING: [420] org.jitsi.videobridge.EndpointMessageTransport.log() SCTP connection with q18720yz not ready yet.
JVB 2019-03-19 17:04:36.686 WARNING: [420] org.jitsi.videobridge.EndpointMessageTransport.log() No available transport channel, can’t send a message
JVB 2019-03-19 17:04:36.690 INFO: [420] org.ice4j.ice.Component.log() Update remote candidate for stream.RTP: 100.80.42.34:9/tcp
JVB 2019-03-19 17:04:36.690 INFO: [420] org.ice4j.ice.Component.log() Not adding duplicate remote candidate: 100.80.42.34:9/tcp
JVB 2019-03-19 17:04:36.693 FINE: [420] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Responding to IQ (packetId OL3NR-7651) with: 18833508323303696062866038843278940213310261803433164080437658444113E6:B9:40:A2:D8:E3:52:1B:37:2F:01:CE:AB:C9:F0:E0:E5:02:FB:1C
JVB 2019-03-19 17:04:36.707 INFO: [9086] org.ice4j.ice.ConnectivityCheckClient.log() Pair failed: internalIP:10000/udp/host -> 100.80.42.34:46352/udp/host (stream.RTP)
JVB 2019-03-19 17:04:36.728 INFO: [9086] org.ice4j.ice.ConnectivityCheckClient.log() Pair failed: internalIP:4443/tcp/host -> 100.80.42.34:9/tcp/host (stream.RTP)
JVB 2019-03-19 17:04:36.750 INFO: [9086] org.ice4j.ice.ConnectivityCheckClient.log() Pair failed: internalIP:4443/tcp/host -> 100.80.42.34:9/tcp/host (stream.RTP)
JVB 2019-03-19 17:04:38.908 FINE: [89] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Processing IQ (packetId OL3NR-7669):
JVB 2019-03-19 17:04:38.908 FINE: [89] org.jitsi.videobridge.xmpp.ComponentImpl.processIQRequest() (serving component ‘JitsiVideobridge’) Processing IQ request (packetId OL3NR-7669).
JVB 2019-03-19 17:04:38.908 FINE: [89] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Responding to IQ (packetId OL3NR-7669) with:
JVB 2019-03-19 17:04:39.218 FINE: [134] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Processing IQ (packetId OL3NR-7671):
JVB 2019-03-19 17:04:39.218 FINE: [134] org.jitsi.videobridge.xmpp.ComponentImpl.processIQRequest() (serving component ‘JitsiVideobridge’) Processing IQ request (packetId OL3NR-7671).
JVB 2019-03-19 17:04:39.219 FINE: [134] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Responding to IQ (packetId OL3NR-7671) with:
JVB 2019-03-19 17:04:39.923 INFO: [27] org.jitsi.videobridge.Videobridge.log() CAT=stat create_conf,conf_id=544c0e0612454686 conf_name=null,logging=false,conf_count=2,ch_count=9,v_streams=9
JVB 2019-03-19 17:04:39.949 INFO: [27] org.jitsi.videobridge.health.Health.log() Performed a successful health check in 27ms. Sticky failure: false
JVB 2019-03-19 17:04:43.422 INFO: [26] org.jitsi.videobridge.VideobridgeExpireThread.log() Running expire()
JVB 2019-03-19 17:04:44.322 FINE: [136] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Processing IQ (packetId cCzyn-858):
JVB 2019-03-19 17:04:48.511 WARNING: [24] org.jitsi.videobridge.EndpointMessageTransport.log() SCTP connection with q18720yz not ready yet.
JVB 2019-03-19 17:04:48.511 WARNING: [24] org.jitsi.videobridge.EndpointMessageTransport.log() No available transport channel, can’t send a message
JVB 2019-03-19 17:04:48.511 WARNING: [24] org.jitsi.videobridge.EndpointMessageTransport.log() SCTP connection with u65ttqit not ready yet.
JVB 2019-03-19 17:04:48.511 WARNING: [24] org.jitsi.videobridge.EndpointMessageTransport.log() No available transport channel, can’t send a message
JVB 2019-03-19 17:04:48.511 WARNING: [24] org.jitsi.videobridge.EndpointMessageTransport.log() SCTP connection with crdkezrp not ready yet.
JVB 2019-03-19 17:04:48.511 WARNING: [24] org.jitsi.videobridge.EndpointMessageTransport.log() No available transport channel, can’t send a message
JVB 2019-03-19 17:04:49.218 FINE: [181] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Processing IQ (packetId OL3NR-7675):
JVB 2019-03-19 17:04:49.218 FINE: [181] org.jitsi.videobridge.xmpp.ComponentImpl.processIQRequest() (serving component ‘JitsiVideobridge’) Processing IQ request (packetId OL3NR-7675).
JVB 2019-03-19 17:04:49.220 FINE: [181] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Responding to IQ (packetId OL3NR-7675) with:
JVB 2019-03-19 17:04:49.950 INFO: [27] org.jitsi.videobridge.Videobridge.log() CAT=stat create_conf,conf_id=858c96eb4a7950f7 conf_name=null,logging=false,conf_count=2,ch_count=9,v_streams=9
JVB 2019-03-19 17:04:49.995 INFO: [27] org.jitsi.videobridge.health.Health.log() Performed a successful health check in 46ms. Sticky failure: false
JVB 2019-03-19 17:04:50.123 FINE: [183] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Processing IQ (packetId OL3NR-7680):
JVB 2019-03-19 17:04:50.123 FINE: [183] org.jitsi.videobridge.xmpp.ComponentImpl.processIQRequest() (serving component ‘JitsiVideobridge’) Processing IQ request (packetId OL3NR-7680).
JVB 2019-03-19 17:04:50.130 INFO: [183] org.jitsi.videobridge.Channel.log() CAT=stat expire_ch,conf_id=b9fdb4bd41862b4d,content=audio,ch_id=ec1152e93d7f8ad8,endp_id=crdkezrp,stream=251185954
JVB 2019-03-19 17:04:50.130 INFO: [183] org.jitsi.videobridge.RtpChannel.log() CAT=stat expire_ch_stats,conf_id=b9fdb4bd41862b4d,content=audio,ch_id=ec1152e93d7f8ad8,endp_id=crdkezrp,stream=251185954 bRecv=0,bSent=0,pRecv=0,pSent=0,bRetr=0,bNotRetr=0,pRetr=0,pNotRetr=0,pMiss=0
JVB 2019-03-19 17:04:50.131 INFO: [183] org.jitsi.videobridge.Channel.log() CAT=stat expire_ch,conf_id=b9fdb4bd41862b4d,content=video,ch_id=b7bd45ac2719c1e3,endp_id=crdkezrp,stream=1274692761
JVB 2019-03-19 17:04:50.131 INFO: [183] org.jitsi.videobridge.RtpChannel.log() CAT=stat expire_ch_stats,conf_id=b9fdb4bd41862b4d,content=video,ch_id=b7bd45ac2719c1e3,endp_id=crdkezrp,stream=1274692761 bRecv=0,bSent=0,pRecv=0,pSent=0,bRetr=0,bNotRetr=0,pRetr=0,pNotRetr=0,pMiss=0
JVB 2019-03-19 17:04:50.132 INFO: [183] org.ice4j.ice.Agent.log() ICE state changed from Running to Terminated. Local ufrag 2hmm1d6bb4um2
JVB 2019-03-19 17:04:50.132 WARNING: [9085] org.jitsi.videobridge.IceUdpTransportManager.log() Cannot get transport type.
JVB 2019-03-19 17:04:50.132 INFO: [183] org.ice4j.socket.MergingDatagramSocket.log() Closing.
JVB 2019-03-19 17:04:50.133 WARNING: [183] org.jitsi.videobridge.EndpointMessageTransport.log() SCTP connection with q18720yz not ready yet.
JVB 2019-03-19 17:04:50.133 WARNING: [183] org.jitsi.videobridge.EndpointMessageTransport.log() No available transport channel, can’t send a message
JVB 2019-03-19 17:04:50.133 WARNING: [183] org.jitsi.videobridge.EndpointMessageTransport.log() SCTP connection with u65ttqit not ready yet.
JVB 2019-03-19 17:04:50.134 WARNING: [183] org.jitsi.videobridge.EndpointMessageTransport.log() No available transport channel, can’t send a message
JVB 2019-03-19 17:04:50.134 INFO: [183] org.jitsi.videobridge.Channel.log() CAT=stat expire_ch,conf_id=b9fdb4bd41862b4d,content=data,ch_id=b27fdce1ded510f8,endp_id=crdkezrp
JVB 2019-03-19 17:04:50.135 FINE: [183] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Responding to IQ (packetId OL3NR-7680) with:
JVB 2019-03-19 17:04:54.322 FINE: [185] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Processing IQ (packetId cCzyn-864):
JVB 2019-03-19 17:04:58.264 INFO: [62] org.ice4j.ice.harvest.AbstractTcpListener.readFromChannel() Failed to handle TCP socket Socket[addr=/184.105.247.194,port=54544,localport=4443]: End of stream!
JVB 2019-03-19 17:04:59.218 FINE: [230] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Processing IQ (packetId OL3NR-7686):
JVB 2019-03-19 17:04:59.218 FINE: [230] org.jitsi.videobridge.xmpp.ComponentImpl.processIQRequest() (serving component ‘JitsiVideobridge’) Processing IQ request (packetId OL3NR-7686).
JVB 2019-03-19 17:04:59.219 FINE: [230] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Responding to IQ (packetId OL3NR-7686) with:
JVB 2019-03-19 17:04:59.996 INFO: [27] org.jitsi.videobridge.Videobridge.log() CAT=stat create_conf,conf_id=8eb94ae304c4a3d7 conf_name=null,logging=false,conf_count=2,ch_count=6,v_streams=4
JVB 2019-03-19 17:05:00.025 INFO: [27] org.jitsi.videobridge.health.Health.log() Performed a successful health check in 30ms. Sticky failure: false
JVB 2019-03-19 17:05:04.323 FINE: [232] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Processing IQ (packetId cCzyn-868):
JVB 2019-03-19 17:05:08.908 FINE: [279] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Processing IQ (packetId OL3NR-7698):
JVB 2019-03-19 17:05:08.909 FINE: [279] org.jitsi.videobridge.xmpp.ComponentImpl.processIQRequest() (serving component ‘JitsiVideobridge’) Processing IQ request (packetId OL3NR-7698).
JVB 2019-03-19 17:05:08.909 FINE: [279] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Responding to IQ (packetId OL3NR-7698) with:
JVB 2019-03-19 17:05:09.218 FINE: [277] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Processing IQ (packetId OL3NR-7700):
JVB 2019-03-19 17:05:09.218 FINE: [277] org.jitsi.videobridge.xmpp.ComponentImpl.processIQRequest() (serving component ‘JitsiVideobridge’) Processing IQ request (packetId OL3NR-7700).
JVB 2019-03-19 17:05:09.219 FINE: [277] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Responding to IQ (packetId OL3NR-7700) with:
JVB 2019-03-19 17:05:10.025 INFO: [27] org.jitsi.videobridge.Videobridge.log() CAT=stat create_conf,conf_id=40e822ab2cfb505b conf_name=null,logging=false,conf_count=2,ch_count=6,v_streams=4
JVB 2019-03-19 17:05:10.056 INFO: [27] org.jitsi.videobridge.health.Health.log() Performed a successful health check in 31ms. Sticky failure: false
JVB 2019-03-19 17:05:14.323 FINE: [324] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Processing IQ (packetId cCzyn-872):
JVB 2019-03-19 17:05:19.218 FINE: [326] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Processing IQ (packetId OL3NR-7704):
JVB 2019-03-19 17:05:19.218 FINE: [326] org.jitsi.videobridge.xmpp.ComponentImpl.processIQRequest() (serving component ‘JitsiVideobridge’) Processing IQ request (packetId OL3NR-7704).
JVB 2019-03-19 17:05:19.219 FINE: [326] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Responding to IQ (packetId OL3NR-7704) with:
JVB 2019-03-19 17:05:19.395 FINE: [328] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Processing IQ (packetId OL3NR-7707):
JVB 2019-03-19 17:05:19.395 FINE: [328] org.jitsi.videobridge.xmpp.ComponentImpl.processIQRequest() (serving component ‘JitsiVideobridge’) Processing IQ request (packetId OL3NR-7707).
JVB 2019-03-19 17:05:19.396 INFO: [328] org.jitsi.videobridge.Channel.log() CAT=stat expire_ch,conf_id=b9fdb4bd41862b4d,content=audio,ch_id=c093f010db4cadb3,endp_id=u65ttqit,stream=203697243
JVB 2019-03-19 17:05:19.396 INFO: [328] org.jitsi.videobridge.RtpChannel.log() CAT=stat expire_ch_stats,conf_id=b9fdb4bd41862b4d,content=audio,ch_id=c093f010db4cadb3,endp_id=u65ttqit,stream=203697243 bRecv=0,bSent=0,pRecv=0,pSent=0,bRetr=0,bNotRetr=0,pRetr=0,pNotRetr=0,pMiss=0
JVB 2019-03-19 17:05:19.397 INFO: [328] org.jitsi.videobridge.Channel.log() CAT=stat expire_ch,conf_id=b9fdb4bd41862b4d,content=video,ch_id=7b92daf5282baafa,endp_id=u65ttqit,stream=1266514083
JVB 2019-03-19 17:05:19.397 INFO: [328] org.jitsi.videobridge.RtpChannel.log() CAT=stat expire_ch_stats,conf_id=b9fdb4bd41862b4d,content=video,ch_id=7b92daf5282baafa,endp_id=u65ttqit,stream=1266514083 bRecv=0,bSent=0,pRecv=0,pSent=0,bRetr=0,bNotRetr=0,pRetr=0,pNotRetr=0,pMiss=0
JVB 2019-03-19 17:05:19.399 INFO: [328] org.ice4j.ice.Agent.log() ICE state changed from Waiting to Terminated. Local ufrag 5bmis1d6bb4dcj
JVB 2019-03-19 17:05:19.399 WARNING: [8998] org.jitsi.videobridge.IceUdpTransportManager.log() Cannot get transport type.
JVB 2019-03-19 17:05:19.400 INFO: [328] org.ice4j.socket.MergingDatagramSocket.log() Closing.
JVB 2019-03-19 17:05:19.400 WARNING: [328] org.jitsi.videobridge.EndpointMessageTransport.log() SCTP connection with u65ttqit not ready yet.
JVB 2019-03-19 17:05:19.400 WARNING: [328] org.jitsi.videobridge.EndpointMessageTransport.log() No available transport channel, can’t send a message
JVB 2019-03-19 17:05:19.400 INFO: [328] org.jitsi.videobridge.Channel.log() CAT=stat expire_ch,conf_id=b9fdb4bd41862b4d,content=data,ch_id=35c8271f22f4ab33,endp_id=u65ttqit
JVB 2019-03-19 17:05:19.402 FINE: [328] org.jitsi.videobridge.xmpp.ComponentImpl.processIQ() (serving component ‘JitsiVideobridge’) Responding to IQ (packetId OL3NR-7707) with:

Any help would be really appreciated

0 Likes

#2

sip communicator config:

org.jitsi.videobridge.TCP_MAPPED_PORT=443
org.jitsi.videobridge.TCP_HARVESTER_PORT=4443
org.jitsi.impl.neomedia.transform.srtp.SRTPCryptoContext.checkReplay=false
org.jitsi.videobridge.AUTHORIZED_SOURCE_REGEXP=focus@auth.jitsi.internal.lan/.*
org.jitsi.videobridge.NAT_HARVESTER_PUBLIC_ADDRESS=publicIP
org.jitsi.videobridge.NAT_HARVESTER_LOCAL_ADDRESS=privateIP

0 Likes

#3

Hi Joshua,

ICE will try all pairs, and with the NAT harvester the bridge will advertise both addresses, so it is normal to see failures for some pairs. I would check the following:

  1. The bridge advertises the correct address (the config looks good to me, but it’s good to verify)

  2. Port 443 on the public address is correctly routed to the address the bridge listens on

  3. Clients try to connect to 443 on the public address (you can easily check that with tcpdump on the clients)

I hope that helps,

Boris

0 Likes

#4

Hi Boris

Thank you for the reply.

When you say : the bridge advertises the correct address do you mean the sip-communicator IP?
When having 2 servers, how does jitsi meet advertise the jvb to the clients? Maybe I have an issue there.
Will anyways check the tcpdump now but would be interesting to know.

Regards
Joshua

0 Likes

#5

You can look at chrome://webrtc-internals and find the last call to setRemoteDescription. Then look for “a=candidate” lines. You should see one with the public address of jvb.

Boris

0 Likes

#6

I managed to make it run on 443 since then, but still won’t work. Below is the a=candidate
a=candidate:1 1 ssltcp 2130706431 internalIP 443 typ host generation 0
a=candidate:2 1 ssltcp 1694498815 externalIP 443 typ srflx raddr internalIP rport 443 generation 0

is this how it should look like?

0 Likes

#7

Yes

(and here’s 17 more characters to make Discord happy)

0 Likes

#8

hmm ok, so that part seems fine but it still won’t work. I will now focus at how the videobridge connects to Prosody. Does it require the same HOST name set for the JVB connection to the XMPP server as the public DNS or can it use a different internal name, I am currently using internal domain names for connectivity between Prosody and JVB, is there any requirement that it should be using only the domain name of the jitsi meet instance hosted by NGINX? maybe this is another issue that is (not visible via logs)

0 Likes

#9

If you have setRemoteDescription with externalIP, which is the public ip of the jvb then the connection between jvb and prosody is fine.
Check that the traffic send from clients to that public address and port can really reach jvb, check port-forwarding and firewalls.

0 Likes

#10

Ho Damencho,

thanks for replying. I can see 443 tcp traffic coming to the server, and checked the firewall, I see allowed traffic from my public IP too so firewall seems to be fine

I see errors in JVB and on the clients in the console. Please find some logs attached.

tcp dump 443 server.txt (36.2 KB)
JVB log.txt (181.2 KB)
https://imgur.com/a/4LayQgF - Jitsi client console

I never see a pair validation from server public IP to client public IP, it always tries server public ip to client private ip

0 Likes

#11

I have added more logs from the JVB. I never see JVB trying to pair to the public IP of the client.
jvb_latest.log (224.2 KB)

0 Likes

#12

I have updated JVB to https://download.jitsi.org/jitsi-videobridge/linux/jitsi-videobridge-linux-x64-1110.zip
I can see more info now:

JVB 2019-03-22 20:44:25.585 INFO: [81] org.ice4j.ice.harvest.AbstractTcpListener.readFromChannel() Failed to handle TCP socket Socket[addr=/62.178.210.10,port=58075,localport=443]: Connection reset by peer
JVB 2019-03-22 20:44:28.588 INFO: [81] org.ice4j.ice.harvest.AbstractTcpListener.readFromChannel() Failed to handle TCP socket Socket[addr=/62.178.210.10,port=58076,localport=443]: Connection reset by peer

0 Likes

#13

Hi,

I said before that you shouldn’t expect to see that, but looking deeper I was wrong. The address is not signaled, but you should see “Receive a peer-reflexive candidate” messages. The tcpdump output looks like it has successful sessions (see e.g. port 42529), so this is baffling to me.

Boris

0 Likes

#14

I am quite stuck and I don’t know what to do now. I am thinking to try with a turn server to see if this would change anything

0 Likes

#15

As an update to this topic, I managed to get it working by redeploying the machine somewhere else with a different firewall. The firewall in question must have not liked the traffic from the JVB due to its pseudo SSL nature. Thanks all for the help. I am happy to say I managed to get jitsi meet to work on CentOS 7.

0 Likes

#16

We are currently using coturn with valid certificates for the tcp connection.

0 Likes