Port 10000?

Please do not hijack other threads that are on different subject.

Check your prosody and jicofo logs. I see other errors when accessing your deployment, like:
UnhandledError: null Script: null Line: null Column: null StackTrace: Error: Feature discovery error: null

@Kimipoker I tested again and it seems to me you are just missing the port forwarding. Make sure on your VPS console you forward the ports from the public ip to the VM.
It can be also a firewall running on the VM blocking the ports.

sorry for that. i will check . thanks

I can confirm that without forwarding the port 10000 it does not work. I don’t know why it seemed like working previously.

Hello guys,

I’ve a question. Why 10000 Port needs to open when behide a firewall? I scan meet.jit.si and not see this port. In my internal network I can see guest camera stream, but when I access my jitsi server from external network I can’t see them. What’s wrong?

Thanks advance!

nmap -PN --dns-servers 8.8.4.4 meet.jit.si

Starting Nmap 7.01 ( https://nmap.org ) at 2019-10-14 09:14 -03
Nmap scan report for meet.jit.si (52.67.86.114)
Host is up (0.035s latency).
Other addresses for meet.jit.si (not scanned): 54.207.114.82 2600:1f1e:c1a:5001:fcab:45b9:30b8:280e 2600:1f1e:c1a:5002:e65b:c69c:eb60:d385
rDNS record for 52.67.86.114: ec2-52-67-86-114.sa-east-1.compute.amazonaws.com
Not shown: 994 filtered ports
PORT STATE SERVICE
80/tcp open http
113/tcp closed ident
443/tcp open https
5060/tcp open sip
8008/tcp open http
8010/tcp closed xmpp

Port 10000 udp is where clients communicate with jvb, if you don’t allow this and haven’t done the port forwarding the clients cannot send to jvb and so nothing will be received.

You are scanning the wrong thing, you need to find one of the jvb instances which is used in your geo region and scan that :slight_smile: meet.jit.si is complex and not just a single machine and ip-address most probably you are scanning just one of the load balancers fronting the service …

You need to open/forward needed ports and set public and private address of the bridge as said here: https://github.com/jitsi/jitsi-meet/blob/master/doc/quick-install.md#advanced-configuration

1 Like

Thanks @damencho I’ll check my settings again.

It’s nop posible to change these port 10000 to other ?

1 Like

yes it’s possible, add the below line:
org.jitsi.videobridge.SINGLE_PORT_HARVESTER_PORT=YourNewPort

to:
/etc/jitsi/videobridge/sip-communicator.properties

1 Like

Thanks, thats the line that I need to put to work behiend a NAT

Hi, what happend with multiple videobridges2 servers and NAT port forwarding UDP 10000 ? Need diferent forward for each one , or jicofo manage this ?

If you have multiple public IPs just forward port 10000/UDP from each public IP to videobridges private IPs. In case you only have one public IP you can configure the videobridges to use different ports and forward each port to each videobridge private IP.
As @Yassine said you can configure the videobridge’s listening port adding org.jitsi.videobridge.SINGLE_PORT_HARVESTER_PORT=YourNewPort to /etc/jitsi/videobridge/sip-communicator.properties

In addition to assigning a port to each JVB, it is necessary to indicate in each one of them public and private IP or only in one ???

Example:

JVB1:
org.jitsi.videobridge.SINGLE_PORT_HARVESTER_PORT=10000 (JVB Port)
org.jitsi.videobridge.NAT_HARVESTER_LOCAL_ADDRESS=10.x.x.10 (node private IP)
org.jitsi.videobridge.NAT_HARVESTER_PUBLIC_ADDRESS=89.x.x.10 (same public IP)

JVB 2:
org.jitsi.videobridge.SINGLE_PORT_HARVESTER_PORT=10001 (JVB Port)
org.jitsi.videobridge.NAT_HARVESTER_LOCAL_ADDRESS=10.x.x.11 (node private IP)
org.jitsi.videobridge.NAT_HARVESTER_PUBLIC_ADDRESS=89.x.x.10 (same public IP)

JVB 3:
org.jitsi.videobridge.SINGLE_PORT_HARVESTER_PORT=10002 (JVB Port)
org.jitsi.videobridge.NAT_HARVESTER_LOCAL_ADDRESS=10.x.x.13 (node private IP)
org.jitsi.videobridge.NAT_HARVESTER_PUBLIC_ADDRESS=89.x.x.10 (same public IP)

it is right?

No need to add NAT_HARVESTER_... lines if there is a valid org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES line and your clients are remote (not in the same network with JVB)

I’m not even sure this matters, actually.

Thanks a lot!!

I have a LB that exposes a single VIP and has two JVBs assigned below it.

Does anyone know how is the assignment or persistence of a client session with a JVB? By IP and source port?

If I have two JVBs exposed by the same IP and different ports 10000 and 10001, when establishing a session, how are the clients assigned?

In the event that one of the JVBs goes down, how are those connections reassigned? through statistics or metrics?

Thanks!!

Jicofo communicates with clients and jvbs and chooses a jvb and sends address and port to the client.

This is either jicofo can trigger a reload on the client or migrate the client to a new jvb or the client itself will reload and will be assigned a new jvb.

OK! Thanks a lot!! Your answers have helped me a lot.

Just one last doubt, in my intermediate balancer which assigns a public VIP for several JVBs (specifically 4) I have enabled a default session persistence / assignment called Source address, this means:

Also known as simple persistence, source address affinity persistence supports TCP and UDP protocols, and directs session requests to the same server based solely on the source IP address of a packet.

I understand this assignment would be correct since all the JVBs are accessible and synchronized. Another option would be to disable said persistence algorithm so that any member would assume any incoming request generating some “anomalous” or unexpected behavior.

I’m going to test and tell you

Thanks again!!

After trying all the options and using the same IP but different port in each JVB everything works correctly, however our telecommunications equipment forces us to use the same IP and the same public port for several JVB hosts facing the outside.

NGINX + PROSODY + JICOFO
Private IP: 10.X.X.4
Public IP: 89.X.X.19
Port: 443 access web + internal ports

JVB1: 
Private IP: 10.X.X.5
Public IP: 89.X.X.19
Port: 10000

JVB2: 
Private IP: 10.X.X.6
Public IP: 89.X.X.19
Port: 10000

Is there any configuration option in sip?
Will Jicofo handle this correctly?

@damencho any ideas??

Thanks greetings!!

There is no way to differentiate udp traffic other than ip address and/or port. From the description above, you need to drop one of the bridges and use only one in that environment.