Unstable video and audio sharing between participants

We’ve installed Jitsi on ubuntu 20.04 following this tutorial in local network with our SSL and behind NAT and all required tcp/udp ports are open in network and firewall.
when participants are in room, their video and audio sometimes shares to others and sometimes not(mostly not) and they just see themselves. and when video don’t share, the connection indicator shows poor connection and when shares, it is green. this behavior it’s weird because there is no limitation in our network and we have enough bandwidth.
also in browser console we have jvb websocket 403 errors! is this related to video sharing problem?

console errors:

jvb.conf:

videobridge {
    http-servers {
        public {
            port = 9090
        }
    }
    websockets {
        enabled = true
        domain = "meet.hp.shahr-bank.ir:443"
        tls = true
    }
}

some part of my.domain-config.js:

// Connection
    //

    hosts: {
        // XMPP domain.
        domain: 'meet.hp.shahr-bank.ir',

        // When using authentication, domain for guest users.
        // anonymousdomain: 'guest.example.com',

        // Domain for authenticated users. Defaults to <domain>.
        // authdomain: 'meet.hp.shahr-bank.ir',

        // Focus component domain. Defaults to focus.<domain>.
        // focus: 'focus.meet.hp.shahr-bank.ir',

        // XMPP MUC domain. FIXME: use XEP-0030 to discover it.
        muc: 'conference.' + subdomain + 'meet.hp.shahr-bank.ir',
    },

    // BOSH URL. FIXME: use XEP-0156 to discover it.
    bosh: '//meet.hp.shahr-bank.ir/' + subdir + 'http-bind',

    // Websocket URL
    // websocket: 'wss://meet.hp.shahr-bank.ir/' + subdir + 'xmpp-websocket',

    // The real JID of focus participant - can be overridden here
    // Do not change username - FIXME: Make focus username configurable
    // https://github.com/jitsi/jitsi-meet/issues/7376
    // focusUserJid: 'focus@auth.meet.hp.shahr-bank.ir',

and nginx config:

    # xmpp websockets
    location = /xmpp-websocket {
        proxy_pass http://prosody/xmpp-websocket?prefix=$prefix&$args;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;
        tcp_nodelay on;
    }

    # colibri (JVB) websockets for jvb1
    location ~ ^/colibri-ws/default-id/(.*) {
        proxy_pass http://jvb1/colibri-ws/default-id/$1$is_args$args;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        tcp_nodelay on;
    }

Questions are:

  • Does the unstable video sharing relates to jvb websocket errors? if not where should I look for that problem?
  • any idea how to fix the websocket problem?

Thank you and I appreciate your answers :pray:

Test it at least 3 participants, otherwise it looks like working due to P2P mode.

Are Nginx and JVB on the same host?

all my last tests was with 2 participants; I mean the problem that we sometimes see each other and sometimes not, happens with 2 participants and I didn’t test it for more than 2 participant yet. and actually it’s critical for us because in our product we just have rooms with 2 people. but I will test that as soon as I have access.

you mean in p2p there is no need to websockets?

yes all jitsi stuffs and nginx are on same host

AFAIK when there are only two participants, the first option is to pass media (audio/video) directly without using JVB. If this fails then the other options (to pass media through JVB or TURNS) will be tried.

so you mean there is something wrong in P2P so Jitsi try JVB and we have those websocket errors?
and do you have any idea where is the problem in P2P?
and still I can’t understand that unstable video sharing problem!! are these error caused that?

and for this to happen, should we have udp ports open directly from/to our clients or just from Jitsi server??

You don’t need to allow any public port on client sides. P2P (or multi-party meeting) can work although clients are behind a router/firewall but sometimes P2P may fail. In this case the peers should communicate through JVB or TURNS.

When there are more than 2 participants, the media traffic must be through JVB (or TURNS+JVB).

Colibri websocket is used for signaling. You need it for P2P and for multi-party meetings but although it doesn’t work, you should get media with low quality.

According to your log, it seems that colibri websocket doesn’t work for your setup but you also said that there is no media for some cases. So, this means that you have also UDP/10000 issue which is used to transfer media through JVB.