Meeting crashed after 20 seconds in 2 users scenario

comment this line

Still fails with the same error after commenting that line. New logs:

0: log file opened: /var/log/turn_1107_2020-09-14.log
0: 
RFC 3489/5389/5766/5780/6062/6156 STUN/TURN Server
Version Coturn-4.5.0.7 'dan Eider'
0: 
Max number of open files/sockets allowed for this process: 4096
0: 
Due to the open files/sockets limitation,
max supported number of TURN Sessions possible is: 2000 (approximately)
0: 

==== Show him the instruments, Practical Frost: ====

0: TLS supported
0: DTLS supported
0: DTLS 1.2 supported
0: TURN/STUN ALPN supported
0: Third-party authorization (oAuth) supported
0: GCM (AEAD) supported
0: OpenSSL compile-time version: OpenSSL 1.1.1  11 Sep 2018 (0x1010100f)
0: 
0: SQLite supported, default database location is /var/lib/turn/turndb
0: Redis supported
0: PostgreSQL supported
0: MySQL supported
0: MongoDB is not supported
0: 
0: Default Net Engine version: 3 (UDP thread per CPU core)

=====================================================

0: Bad configuration format: keep-address-family
0: Black listing: 0.0.0.0-0.255.255.255
0: Black listing: 10.0.0.0-10.255.255.255
0: Black listing: 100.64.0.0-100.127.255.255
0: Black listing: 127.0.0.0-127.255.255.255
0: Black listing: 169.254.0.0-169.254.255.255
0: Black listing: 127.0.0.0-127.255.255.255
0: Black listing: 172.16.0.0-172.31.255.255
0: Black listing: 192.0.0.0-192.0.0.255
0: Black listing: 192.0.2.0-192.0.2.255
0: Black listing: 192.88.99.0-192.88.99.255
0: Black listing: 192.168.0.0-192.168.255.255
0: Black listing: 198.18.0.0-198.19.255.255
0: Black listing: 198.51.100.0-198.51.100.255
0: Black listing: 203.0.113.0-203.0.113.255
0: Black listing: 240.0.0.0-255.255.255.255

What is the output?

netstat -taunp | grep turn
udp        0      0 172.31.16.215:3478      0.0.0.0:*                           1133/turnserver     
udp        0      0 172.31.16.215:3478      0.0.0.0:*                           1133/turnserver     
udp        0      0 127.0.0.1:3478          0.0.0.0:*                           1133/turnserver     
udp        0      0 127.0.0.1:3478          0.0.0.0:*                           1133/turnserver     
udp        0      0 172.31.16.215:3479      0.0.0.0:*                           1133/turnserver     
udp        0      0 172.31.16.215:3479      0.0.0.0:*                           1133/turnserver     
udp        0      0 127.0.0.1:3479          0.0.0.0:*                           1133/turnserver     
udp        0      0 127.0.0.1:3479          0.0.0.0:*                           1133/turnserver     
udp6       0      0 ::1:3478                :::*                                1133/turnserver     
udp6       0      0 ::1:3478                :::*                                1133/turnserver     
udp6       0      0 ::1:3479                :::*                                1133/turnserver     
udp6       0      0 ::1:3479                :::*                                1133/turnserver

coturn seems working

Could you compair your config according to this topic

I added this to /etc/turnserver.conf:

listening-ip=[my-private-IP]
allowed-peer-ip=[my-private-IP]
no-udp

And this to /etc/nginx/modules-enabled/60-jitsi-meet.conf config:

upstream turn {
    server [my-private-IP]:5349;
}

But still get the same errors. Were those the changes you meant, @emrah? Also, curious if @damencho has any further thoughts?

Do you select the upstream based on the server name or protocol? map line in the /etc/nginx/modules-enabled/60-jitsi-meet.conf

ssl_preread_alpn_protocols doesn’t work correctly according to my tests

I think protocol? It looks like this:

map $ssl_preread_alpn_protocols $upstream {
    ~\bh2\b         web;
    ~\bhttp/1\.     web;
    default         turn;
}

This config doesn’t work for me and I switched to ssl_preread_server_name

mapped based on the server name…

1 Like

That requires setting up a separate host for coturn then, right? I would really like to avoid that if possible.

No need a new server, even a new installation… only a second host address for the turn server.

check Coturn chronicles

1 Like

Ok thanks. Excuse my beginner’s question, but how does one create a second host address (FQDN) for the turn server and add a DNS record for it?

Also—I see in the other thread that you haven’t gotten the mobile apps to work using this setup. I am using the JitsiMeetSDK in my mobile app, and I absolutely need the mobile SDK to work for what I’m working on. Were you using the Jitsi Meet public app, or the SDK?

You have a domain name, right. Let’s say it’s mydomain.com. You should have added a DNS A record since your clients can access your server using this host address. A record to define (host address, IP address) pair. Something like

meet.mydomain.com -> 1.2.3.4

You should do the same thing for the turn address too.

turn.mydomain.com -> 1.2.3.4

The IP address is the same for both records.

Only the mobile devices which are behind a corporate firewall, are affected by this situation. For now I don’t take time to solve this since my clients are not affected too much.

1 Like

Thanks. This is what I figured but thought there might be a way to do it internally since it’s all happening on the same box.