Open jakobkilian opened 1 year ago
Some more info on that case. Hope that helps, please tell me if I can get any other log...
When being connected to Galene with a browser, there is this message in the journalctl -u galen
every 2min:
Feb 12 13:34:53 portal.MYDOMAIN.org galene[15002]: turnc ERROR: 2023/02/12 13:34:53 fail to refresh permissions: write tcp4 127.0.0.1:37898->127.0.0.1:5349: write: broken pipe
Feb 12 13:34:53 portal.MYDOMAIN.org galene[15002]: turnc ERROR: 2023/02/12 13:34:53 fail to refresh permissions: CreatePermission error response (error 400: Bad Request
Feb 12 13:34:53 portal.MYDOMAIN.org galene[15002]: )
Another thing that I checked is, if port 5349 is reachable from inside and outside of the network → it is.
The output of serverConnection.rtcConfiguration
in the Firefox console is the following. This config has been tested with Trickle ICE
Object { iceServers: (1) […] }
iceServers: Array [ {…} ]
0: Object { credential: "test123", credentialType: "password", username: "test", … }
credential: "test123"
credentialType: "password"
urls: Array [ "turn:turn.MYDOMAIN.org:5349", "turn:turn.MYDOMAIN.org:5349?transport=tcp" ]
username: "test"
<prototype>: Object { … }
length: 1
<prototype>: Array []
<prototype>: Object { … }
Note: I changed the actual domain to MYDOMAIN on purpose.
Would be very happy to receive tips on how I can debug the problem further :)
Did you actually experienced issues with Galène build in Turn server?
Did you actually experienced issues with Galène build in Turn server?
Hmm, the relay-test with the internal did work. I just had the "Port 1194 is not reachable from outside in IPv6" Issue and then read, that the internal Turn server generally does not support IPV6. Still about 5 % of the people cannot participate in video calls (or have to change their machine) – most of the time they can enter the call and listen but video streams are not visible. As these people sometimes use iPads (difficult to debug) or are "external" people (which I cannot easily ask to send me their logs for debugging) I didn't really come further and therefore though I check the IPV6 reachability. Very often people with problems were using eduroam or company internal Wifis...
Wrong derivation?
Two things come to mind.
Ah, thanks. that wasn't clear to me. The standard config actually has the listening-port=3478
line commented in /etc/turnserver.conf
so there never was a TCP/UDP port open.
So I uncommented, restarted and tested (using turn:turn.krakelee.org:3478
with the Trickle ICE tool) with both 3478 and 1149 with no success. Nevertheless the turn server is still reachable with 5349...
Is there any other setting in coturn_ynh that I need to set to activate TCP/UDP?
/relay-test
». It should report success.Sorry, maybe I didn't express myself correctly: I can't do 1, 2 or 3 because the coturn server is not accessible via UDP/TCP. However, this is a matter concerning coturn_ynh, I might create an issue there if I don't get any further.
Shame on me, I had blocked the UDP port despite checking several times → now I can reach the coturn server on 1149 from outside with UDP/TCP. Unfortunately, everything remains the same with Galene:
12:05:13 Relay test failed: timeout
12:05:13 Perhaps you didn't configure a TURN server?
my /var/www/galene/live/data/ice-servers.json
is:
[
{
"urls": [
"turn:turn.MYDOMAIN.org:1149",
"turn:turn.MYDOMAIN.org:1149?transport=tcp"
],
"username": "test",
"credential": "test123"
}
]
With exactly those creds I can reach it with the Trickle ICE tool...
Describe the bug
Installed coturn_ynh as I wanted to solve this issue. Sometimes people still can't see the video streams of others in galene (opened an issue a while ago) and I thought this might be related, too. I checked if the TURN server is available with the Trickle ICE tool –> working. I followed the galene_ynh docu for using an own turn server, but the relay-test (in the chat box in galene) fails. I tried the
use-auth-secret
and thelt-cred-mech
mode with no success (Trickle ICE worked for both). In the logs (sudo journalctl -u coturn
) I can only find a note that the relay-test failed. Where can I find verbose information like auth fail or an error code?Context