Tip: how to check UDP/10000 connectivity

a. P2P works differently. As gpatel-fr mentioned, by default JVB is not used in a P2P scenario - both peers negotiate a random port to cimmunicate over.
b. Because 1 of the clients is behind a router, there is no way for the mobile client to determine the home user’s public IP address without STUN (assuming the router is a NAT device). You don’t necessarily have to set up you own STUN server, there are several free ones available, like the google STUN servers. The Jitsi quick install also provides a STUN implementation.

Hi…Just attempted port 80 just as 443 (TCP) and we as a whole realize it IS working, so why there isn’t anything for these port in the container underneath - from your perspective (in your ss).

Do I have to catch traffic from another Ip address… as in my public IP seems to be: 1.2.3.4 and both me and my worker is associated with this equivalent issue (by means of various interface at pfsenses) so would i be able to do bundle catch from this PC or would it be a good idea for me to utilize another PC whose public ip is: 5.6.7.8?

to test you can use this script in the terminal
for i in (seq 1 20); do sleep 3; nc -z -v -u your.domain.com 10000; done

Also, at /etc/jitsi/videobridge/sip-communicator.properties
use …_PUBLIC_ADDRESS, first then _LOCAL_ADDRESS

org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=<ur.public.ip>
org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=<ur.private.ip>

as per my experience…

How do I test this on Windows?

I have no Windows experience but I can suggest you another option. I prepared an echo service which will send the needed text to your port.

  • run ngrep on Jitsi server

  • run the following command on the second console on Jitsi

curl "http://checkmyport.emrah.com?proto=udp&port=10000&text=is%20accessable"
  • if curl is not already installed, install it first
apt-get install curl

A new method to check UDP/10000 connectivity

Unlike the first method, this new method does not require any client-side action.

on the server

  • Install curl and ngrep packages
apt-get install ngrep curl
  • start to watch the port (it’s UDP/10000 in our case)
ngrep -q 'accessible' udp port 10000
  • connect to a new console and send an echo request to my echo server
curl "http://checkmyport.emrah.com?proto=udp&port=10000&text=it-is-accessible"
  • If you see the sent message (it-is-accessible) on the first console, this means that the port is open to the public.

The third method
Unlike the first method, this method does not require any server-side action.

Edit:
It seems that this method is not very accurate. The results vary depending on the hosting/cloud providers

On a Linux client

  • Install ncat
apt-get install ncat
  • Try to connect to the server
nc -z -v -u YOUR-HOST-ADDRESS 10000

>>> Connection to YOUR-HOST-ADDRESS 10000 port [udp/*] succeeded!

If you you see the succeeded message, this means that the port is open to the public.

testing this on my server on a random (blocked by default) port gives a successful result and a line in my ufw.log file.

nc -z -v -u emrah.com 54321
Connection to emrah.com 54321 port [udp/*] succeeded!

I only get succeeded message if there is really an UDP server on the server side. Which package provides the nc command in your system?

I’m trying nc from ncat, IIRC netcat-openbsd or netcat-traditional behave differently

well, AFAIK the message you posted (succeeded!) is the one from netcat-openbsd (netcat-traditional answers ‘Open’)

with ncat package on Ubuntu 20.04 (the one from nmap) I get:

nc -z -v -u emrah.com 54321
Ncat: Version 7.80 ( https://nmap.org/ncat )
Ncat: Connected to 207.154.243.197:54321.
Ncat: UDP packet sent successfully
Ncat: 1 bytes sent, 0 bytes received in 2.02 seconds.

sudo update-alternatives --config nc
There are 3 choices for the alternative nc (providing /bin/nc).

  Selection    Path                 Priority   Status
------------------------------------------------------------
  0            /bin/nc.openbsd       50        auto mode
  1            /bin/nc.openbsd       50        manual mode
  2            /bin/nc.traditional   10        manual mode
* 3            /usr/bin/ncat         40        manual mode

After some tests, I think that the results depend on the hosting providers.

For example on Digital Ocean it’s succeded if there is an UDP service but on AWS it’s always succeded.

On a Ovh server and a Ionos server, same result as AWS.

My server (emrah.com) is on Digital Ocean and the results are completly different for you and me although we use the same tools too :confused:

nc -z is doing a ’ Zero-I/O mode, report connection status only’; UDP is a connection-less protocol however. So IMO it’s basically reporting on the sending of a packet. I have tried it a few times and I have seen ncat (the one of namp) display ‘connection refused’, in an apparently random manner (it has shown this message also on the adress where I know that my test server is listening to). In all cases, the packet was sent. It seems that nc from ncat ou the bsd version is sending the UDP packet and waits for a default delay for replied data then returns. Sometimes ncat timesout immediately and returns. It looks more like a bug to me.

1 Like

your post about nc from nmap reminds me that nmap is available for Windows, all that is needed is to download nmap-x.xx-win32.zip from nmap.org (with x.xx being the last version), extract the files, run the Visual C redisitributables installer if necessary (vcredist_x86.exe) and use ncat.exe from the download directory with the very first method you posted.

I have not UDP/10000 problem but meeting is not working more than two users mean when third one joins meeting audio or video of all goes and when it comes 2 then again it works. How to solve this ?

This is a network problem, firewall blocking port 10000 udp, or not correctly configured port forwarding or jvb not reporting correct public address.

one could use iperf to not only check the connectivity but also check the throughput. The service may also be corruptive if the firewalls have open udp ports but also flooding detection active.

hi Ritik.Did you resolve the issue???Becasue i am facing the same one. I am using jitsi from 6 to 9 months but yesterday i faced these type of issue.can you tell me how did u resolve??

can you tell me how to check these error.because i am getting Pair failed error with UDP host