Problem in video chats with 3 or more users

Hi,

I run Jitsi on my own Linux server.

Video conferencing with two persons runs very well, but if a third participant joins the meeting, different problems arise: The screen gets black on all participants and no voice is hearable.

I already opened all necessary ports that are required:

Status: active

To Action From


22/tcp ALLOW Anywhere
3306 ALLOW Anywhere
80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
Apache Full ALLOW Anywhere
3000 ALLOW Anywhere
9999 ALLOW Anywhere
4443/tcp ALLOW Anywhere
10000/udp ALLOW Anywhere
22/tcp (v6) ALLOW Anywhere (v6)
3306 (v6) ALLOW Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)
Apache Full (v6) ALLOW Anywhere (v6)
3000 (v6) ALLOW Anywhere (v6)
9999 (v6) ALLOW Anywhere (v6)
4443/tcp (v6) ALLOW Anywhere (v6)
10000/udp (v6) ALLOW Anywhere (v6)

This is my config:

/* eslint-disable no-unused-vars, no-var */

var config = {
// Configuration
//

// Alternative location for the configuration.
// configLocation: './config.json',

// Custom function which given the URL path should return a room name.
// getroomnode: function (path) { return 'someprefixpossiblybasedonpath'; },


// Connection
//

hosts: {
    // XMPP domain.
    domain: 'meeting.ipdoc.com',

    // When using authentication, domain for guest users.
    // anonymousdomain: 'guest.example.com',

    // Domain for authenticated users. Defaults to <domain>.
    // authdomain: 'meeting.ipdoc.com',

    // Jirecon recording component domain.
    // jirecon: 'jirecon.meeting.ipdoc.com',

    // Call control component (Jigasi).
    // call_control: 'callcontrol.meeting.ipdoc.com',

    // Focus component domain. Defaults to focus.<domain>.
    // focus: 'focus.meeting.ipdoc.com',

    // XMPP MUC domain. FIXME: use XEP-0030 to discover it.
    muc: 'conference.meeting.ipdoc.com'
},

// BOSH URL. FIXME: use XEP-0156 to discover it.
bosh: '//meeting.ipdoc.com/http-bind',

// The name of client node advertised in XEP-0115 'c' stanza
clientNode: 'http://jitsi.org/jitsimeet',

// The real JID of focus participant - can be overridden here
// focusUserJid: 'focus@auth.meeting.ipdoc.com',


// Testing / experimental features.
//

testing: {
    // Enables experimental simulcast support on Firefox.
    enableFirefoxSimulcast: false,

    // P2P test mode disables automatic switching to P2P when there are 2
    // participants in the conference.
    p2pTestMode: false

    // Enables the test specific features consumed by jitsi-meet-torture
    // testMode: false
},

// Disables ICE/UDP by filtering out local and remote UDP candidates in
// signalling.
// webrtcIceUdpDisable: false,

// Disables ICE/TCP by filtering out local and remote TCP candidates in
// signalling.
// webrtcIceTcpDisable: false,


// Media
//

// Audio

// Disable measuring of audio levels.
// disableAudioLevels: false,

// Start the conference in audio only mode (no video is being received nor
// sent).
// startAudioOnly: false,

// Every participant after the Nth will start audio muted.
// startAudioMuted: 10,

// Start calls with audio muted. Unlike the option above, this one is only
// applied locally. FIXME: having these 2 options is confusing.
// startWithAudioMuted: false,

// Enabling it (with #params) will disable local audio output of remote
// participants and to enable it back a reload is needed.
// startSilent: false

// Video

// Sets the preferred resolution (height) for local video. Defaults to 720.
// resolution: 720,

// w3c spec-compliant video constraints to use for video capture. Currently
// used by browsers that return true from lib-jitsi-meet's
// util#browser#usesNewGumFlow. The constraints are independency from
// this config's resolution value. Defaults to requesting an ideal aspect
// ratio of 16:9 with an ideal resolution of 720.
// constraints: {
//     video: {
//         aspectRatio: 16 / 9,
//         height: {
//             ideal: 720,
//             max: 720,
//             min: 240
//         }
//     }
// },

// Enable / disable simulcast support.
// disableSimulcast: false,

// Enable / disable layer suspension.  If enabled, endpoints whose HD
// layers are not in use will be suspended (no longer sent) until they
// are requested again.
// enableLayerSuspension: false,

// Suspend sending video if bandwidth estimation is too low. This may cause
// problems with audio playback. Disabled until these are fixed.
disableSuspendVideo: true,

// Every participant after the Nth will start video muted.
// startVideoMuted: 10,

// Start calls with video muted. Unlike the option above, this one is only
// applied locally. FIXME: having these 2 options is confusing.
// startWithVideoMuted: false,

// If set to true, prefer to use the H.264 video codec (if supported).
// Note that it's not recommended to do this because simulcast is not
// supported when  using H.264. For 1-to-1 calls this setting is enabled by
// default and can be toggled in the p2p section.
// preferH264: true,

// If set to true, disable H.264 video codec by stripping it out of the
// SDP.
// disableH264: false,

// Desktop sharing

// The ID of the jidesha extension for Chrome.
desktopSharingChromeExtId: null,

// Whether desktop sharing should be disabled on Chrome.
// desktopSharingChromeDisabled: false,

// The media sources to use when using screen sharing with the Chrome
// extension.
desktopSharingChromeSources: [ 'screen', 'window', 'tab' ],

// Required version of Chrome extension
desktopSharingChromeMinExtVersion: '0.1',

// Whether desktop sharing should be disabled on Firefox.
// desktopSharingFirefoxDisabled: false,

// Optional desktop sharing frame rate options. Default value: min:5, max:5.
// desktopSharingFrameRate: {
//     min: 5,
//     max: 5
// },

// Try to start calls with screen-sharing instead of camera video.
// startScreenSharing: false,

// Recording

// Whether to enable file recording or not.
// fileRecordingsEnabled: false,
// Enable the dropbox integration.
// dropbox: {
//     appKey: '<APP_KEY>' // Specify your app key here.
//     // A URL to redirect the user to, after authenticating
//     // by default uses:
//     // 'https://meeting.ipdoc.com/static/oauth.html'
//     redirectURI:
//          'https://meeting.ipdoc.com/subfolder/static/oauth.html'
// },
// When integrations like dropbox are enabled only that will be shown,
// by enabling fileRecordingsServiceEnabled, we show both the integrations
// and the generic recording service (its configuration and storage type
// depends on jibri configuration)
// fileRecordingsServiceEnabled: false,
// Whether to show the possibility to share file recording with other people
// (e.g. meeting participants), based on the actual implementation
// on the backend.
// fileRecordingsServiceSharingEnabled: false,

// Whether to enable live streaming or not.
// liveStreamingEnabled: false,

// Transcription (in interface_config,
// subtitles and buttons can be configured)
// transcribingEnabled: false,

// Misc

// Default value for the channel "last N" attribute. -1 for unlimited.
channelLastN: -1,

// Disables or enables RTX (RFC 4588) (defaults to false).
// disableRtx: false,

// Disables or enables TCC (the default is in Jicofo and set to true)
// (draft-holmer-rmcat-transport-wide-cc-extensions-01). This setting
// affects congestion control, it practically enables send-side bandwidth
// estimations.
// enableTcc: true,

// Disables or enables REMB (the default is in Jicofo and set to false)
// (draft-alvestrand-rmcat-remb-03). This setting affects congestion
// control, it practically enables recv-side bandwidth estimations. When
// both TCC and REMB are enabled, TCC takes precedence. When both are
// disabled, then bandwidth estimations are disabled.
// enableRemb: false,

// Defines the minimum number of participants to start a call (the default
// is set in Jicofo and set to 2).
// minParticipants: 2,

// Use XEP-0215 to fetch STUN and TURN servers.
// useStunTurn: true,

// Enable IPv6 support.
// useIPv6: true,

// Enables / disables a data communication channel with the Videobridge.
// Values can be 'datachannel', 'websocket', true (treat it as
// 'datachannel'), undefined (treat it as 'datachannel') and false (don't
// open any channel).
// openBridgeChannel: true,


// UI
//

// Use display name as XMPP nickname.
// useNicks: false,

// Require users to always specify a display name.
// requireDisplayName: true,

// Whether to use a welcome page or not. In case it's false a random room
// will be joined when no room is specified.
enableWelcomePage: true,

// Enabling the close page will ignore the welcome page redirection when
// a call is hangup.
// enableClosePage: false,

// Disable hiding of remote thumbnails when in a 1-on-1 conference call.
// disable1On1Mode: false,

// Default language for the user interface.
// defaultLanguage: 'en',

// If true all users without a token will be considered guests and all users
// with token will be considered non-guests. Only guests will be allowed to
// edit their profile.
enableUserRolesBasedOnToken: false,

// Whether or not some features are checked based on token.
// enableFeaturesBasedOnToken: false,

// Enable lock room for all moderators, even when userRolesBasedOnToken is enabled and participants are guests.
// lockRoomGuestEnabled: false,

// When enabled the password used for locking a room is restricted to up to the number of digits specified
// roomPasswordNumberOfDigits: 10,
// default: roomPasswordNumberOfDigits: false,

// Message to show the users. Example: 'The service will be down for
// maintenance at 01:00 AM GMT,
// noticeMessage: '',

// Enables calendar integration, depends on googleApiApplicationClientID
// and microsoftApiApplicationClientID
// enableCalendarIntegration: false,

// Stats
//

// Whether to enable stats collection or not in the TraceablePeerConnection.
// This can be useful for debugging purposes (post-processing/analysis of
// the webrtc stats) as it is done in the jitsi-meet-torture bandwidth
// estimation tests.
// gatherStats: false,

// To enable sending statistics to callstats.io you must provide the
// Application ID and Secret.
// callStatsID: '',
// callStatsSecret: '',

// enables callstatsUsername to be reported as statsId and used
// by callstats as repoted remote id
// enableStatsID: false

// enables sending participants display name to callstats
// enableDisplayNameInStats: false


// Privacy
//

// If third party requests are disabled, no other server will be contacted.
// This means avatars will be locally generated and callstats integration
// will not function.
// disableThirdPartyRequests: false,


// Peer-To-Peer mode: used (if enabled) when there are just 2 participants.
//

p2p: {
    // Enables peer to peer mode. When enabled the system will try to
    // establish a direct connection when there are exactly 2 participants
    // in the room. If that succeeds the conference will stop sending data
    // through the JVB and use the peer to peer connection instead. When a
    // 3rd participant joins the conference will be moved back to the JVB
    // connection.
    enabled: true,

    // Use XEP-0215 to fetch STUN and TURN servers.
    // useStunTurn: true,

    // The STUN servers that will be used in the peer to peer connections
    stunServers: [
        { urls: 'stun:stun.l.google.com:19302' },
        { urls: 'stun:stun1.l.google.com:19302' },
        { urls: 'stun:stun2.l.google.com:19302' }
    ],

    // Sets the ICE transport policy for the p2p connection. At the time
    // of this writing the list of possible values are 'all' and 'relay',
    // but that is subject to change in the future. The enum is defined in
    // the WebRTC standard:
    // https://www.w3.org/TR/webrtc/#rtcicetransportpolicy-enum.
    // If not set, the effective value is 'all'.
    // iceTransportPolicy: 'all',

    // If set to true, it will prefer to use H.264 for P2P calls (if H.264
    // is supported).
    preferH264: true

    // If set to true, disable H.264 video codec by stripping it out of the
    // SDP.
    // disableH264: false,

    // How long we're going to wait, before going back to P2P after the 3rd
    // participant has left the conference (to filter out page reload).
    // backToP2PDelay: 5
},

analytics: {
    // The Google Analytics Tracking ID:
    // googleAnalyticsTrackingId: 'your-tracking-id-UA-123456-1'

    // The Amplitude APP Key:
    // amplitudeAPPKey: '<APP_KEY>'

    // Array of script URLs to load as lib-jitsi-meet "analytics handlers".
    // scriptURLs: [
    //      "libs/analytics-ga.min.js", // google-analytics
    //      "https://example.com/my-custom-analytics.js"
    // ],
},

// Information about the jitsi-meet instance we are connecting to, including
// the user region as seen by the server.
deploymentInfo: {
    // shard: "shard1",
    // region: "europe",
    // userRegion: "asia"
}

// Local Recording
//

// localRecording: {
// Enables local recording.
// Additionally, 'localrecording' (all lowercase) needs to be added to
// TOOLBAR_BUTTONS in interface_config.js for the Local Recording
// button to show up on the toolbar.
//
//     enabled: true,
//

// The recording format, can be one of 'ogg', 'flac' or 'wav'.
//     format: 'flac'
//

// }

// Options related to end-to-end (participant to participant) ping.
// e2eping: {
//   // The interval in milliseconds at which pings will be sent.
//   // Defaults to 10000, set to <= 0 to disable.
//   pingInterval: 10000,
//
//   // The interval in milliseconds at which analytics events
//   // with the measured RTT will be sent. Defaults to 60000, set
//   // to <= 0 to disable.
//   analyticsInterval: 60000,
//   }

// If set, will attempt to use the provided video input device label when
// triggering a screenshare, instead of proceeding through the normal flow
// for obtaining a desktop stream.
// NOTE: This option is experimental and is currently intended for internal
// use only.
// _desktopSharingSourceDevice: 'sample-id-or-label'

// If true, any checks to handoff to another application will be prevented
// and instead the app will continue to display in the current browser.
// disableDeepLinking: false

// A property to disable the right click context menu for localVideo
// the menu has option to flip the locally seen video for local presentations
// disableLocalVideoFlip: false

// List of undocumented settings used in jitsi-meet
/**
 _immediateReloadThreshold
 autoRecord
 autoRecordToken
 debug
 debugAudioLevels
 deploymentInfo
 dialInConfCodeUrl
 dialInNumbersUrl
 dialOutAuthUrl
 dialOutCodesUrl
 disableRemoteControl
 displayJids
 etherpad_base
 externalConnectUrl
 firefox_fake_device
 googleApiApplicationClientID
 iAmRecorder
 iAmSipGateway
 microsoftApiApplicationClientID
 peopleSearchQueryTypes
 peopleSearchUrl
 requireDisplayName
 tokenAuthUrl
 */

// List of undocumented settings used in lib-jitsi-meet
/**
 _peerConnStatusOutOfLastNTimeout
 _peerConnStatusRtcMuteTimeout
 abTesting
 avgRtpStatsN
 callStatsConfIDNamespace
 callStatsCustomScriptUrl
 desktopSharingSources
 disableAEC
 disableAGC
 disableAP
 disableHPF
 disableNS
 enableLipSync
 enableTalkWhileMuted
 forceJVB121Ratio
 hiddenDomain
 ignoreStartMuted
 nick
 startBitrate
 */

};

/* eslint-enable no-unused-vars, no-var */

So I guess the problem has to do with the transition from P2P to server mode?

Thanks for your help

Welcome to the forum.

First check to make sure port 10000/UDP is appropriately forwarded. If it is, then check out the AVdanced configuration section of the Quick Install Guide.

Ports are open according to UFW.

Status: active

To Action From


22/tcp ALLOW Anywhere
3306 ALLOW Anywhere
80/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
Apache Full ALLOW Anywhere
3000 ALLOW Anywhere
9999 ALLOW Anywhere
4443/tcp ALLOW Anywhere
10000/udp ALLOW Anywhere
3478/udp ALLOW Anywhere
5349/tcp ALLOW Anywhere

How do I “foward” the ports to Jitsi? There is no such instruction in the install guide?

The file /etc/jitsi/videobridge/sip-communicator.properties looks like this:

org.jitsi.videobridge.AUTHORIZED_SOURCE_REGEXP=focus@auth.meeting.ipdoc.com/.*
org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=127.0.0.1
org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=148.251.176.87

Are you behind a NAT (running your server on a router)?

this is incorrect if you have a VPS (direct on the Internet) these values should not be set. The problem could come from your hoster running a firewall.

No, I’m not running behind a NAT. Jitsi runs on a dedicated server under this IP 148.251.176.87 (meeting.ipdoc.com)

I set these values because it was mentioned in the advanced section of the Quick install guide.

you mean where it’s stated

Advanced configuration

If the installation is on a machine behind NAT

If the installation is on a machine behind NAT jitsi-videobridge should configure itself automatically on boot. If three way calls do not work, further configuration of jitsi-videobridge is needed in order for it to be accessible from outside.

Then below the two lines in /etc/jitsi/videobridge/sip-communicator.properties should be configured.

So either the documentation is very misleading or I don’t understand it?

Any idea? :frowning:

not set these unappropriate NAT values ? Check with your hoster if there is a firewall ?

Ok I removed these two lines

org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=127.0.0.1
org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=

And restartet the services. But the problem is still not solved

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:5269 0.0.0.0:* LISTEN 1932/lua5.1
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 766/systemd-resolve
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1045/sshd
tcp 0 0 0.0.0.0:3000 0.0.0.0:* LISTEN 17649/node
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1606/master
tcp 0 0 0.0.0.0:5280 0.0.0.0:* LISTEN 1932/lua5.1
tcp 0 0 127.0.0.1:5347 0.0.0.0:* LISTEN 1932/lua5.1
tcp 0 0 0.0.0.0:5222 0.0.0.0:* LISTEN 1932/lua5.1
tcp 0 0 127.0.0.1:27017 0.0.0.0:* LISTEN 946/mongod
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 9477/mysqld
tcp6 0 0 :::80 :::* LISTEN 621/apache2
tcp6 0 0 :::5269 :::* LISTEN 1932/lua5.1
tcp6 0 0 :::22 :::* LISTEN 1045/sshd
tcp6 0 0 :::8888 :::* LISTEN 1489/java
tcp6 0 0 ::1:25 :::* LISTEN 1606/master
tcp6 0 0 172.17.0.1:4443 :::* LISTEN 1671/java
tcp6 0 0 148.251.176.87:4443 :::* LISTEN 1671/java
tcp6 0 0 2a01:4f8:211:2cd:::4443 :::* LISTEN 1671/java
tcp6 0 0 :::443 :::* LISTEN 621/apache2
tcp6 0 0 :::5280 :::* LISTEN 1932/lua5.1
tcp6 0 0 ::1:5347 :::* LISTEN 1932/lua5.1
tcp6 0 0 :::5222 :::* LISTEN 1932/lua5.1
tcp6 0 0 :::8999 :::* LISTEN 6760/docker-proxy
tcp6 0 0 :::9000 :::* LISTEN 12795/java
tcp6 0 0 :::9001 :::* LISTEN 29442/java
tcp6 0 0 :::9002 :::* LISTEN 28768/java
tcp6 0 0 :::9003 :::* LISTEN 30295/java
tcp6 0 0 :::9004 :::* LISTEN 31024/java
udp 0 0 127.0.0.53:53 0.0.0.0:* 766/systemd-resolve
udp 0 0 0.0.0.0:38051 0.0.0.0:* 1671/java
udp6 0 0 :::59374 :::* 1671/java
udp6 0 0 :::41045 :::* 1489/java
udp6 0 0 148.251.176.87:10000 :::* 1671/java
udp6 0 0 2a01:4f8:211:2cd::10000 :::* 1671/java
udp6 0 0 172.17.0.1:10000 :::* 1671/java
udp6 0 0 :::43395 :::* 1671/java

A service is listening on port 10000 and

nc -v -u -z -w 3 meeting.ipdoc.com 10000

results in

Connection to meeting.ipdoc.com 10000 port [udp/*] succeeded!