A quick question regarding user capacity of a room and latency

[pylearndl]

Hi Gaurav,

A great repository, especially a good example of web-room-relay server. I just want to ask a question. How much is a capacity for connections per room users can join? Also, have you measured latency between other user's data being received from relay server? Lets say in one room 10 users joined any playing the game. How much delay will be there to receive other nine user's position on user 1's screen in milliseconds?

[deep-gaurav]

I've not benchmarked as such, but web-room-relay is very light forwarder and from what I've seen never even reached 5-10% CPU and used maximum of 20MB RAM on my Oracle 2GB instance. So maximum connection shouldnt be limited by resources atleast, it'll most likely be limited by "snek" not being able to handle so many responses in browser.

Regarding latency, it highly depends on location, my server is in Hyderabad, India. For me it gives ~100ms latency (I'm in mumbai, india). You can test our both of the things yourself, My server was down due to SSL issue, I've fixed it and snek.deepwith.in should be usable. when two users are connected, Ping is printed to console every second, it's in seconds so, Ping: 0.1 = latency of 100ms

[pylearndl]

Thank you for fixing SSL. snek.deepwith.in ping 0.5 latency of 500ms here in UK. What are the ways could be to improve and optimize the server code to bring latency 50ms? What server hardware would make it possible? I'm also curious to know if would it be possible to use as audio/video chat with 10 users a room, data packets being sent back & forth with lowest possible latency between server and users?

Also, please check this out https://www.youtube.com/watch?v=0RvosCplkCc

[deep-gaurav]

Ok so in case of snek, iirc the latency is basically for roundtrip, i.e we send a Ping with a timestamp, it goes to server, then to other user, it responds back with Pong with same timestamp which goes to server then back to first user. A -> Server -> B -> Server -> A

Effective latency is basically half of this since information from A to B is reached in half of time, which is ~250ms for your case. Which is what I would expect for the UK to India.

Primary factor for latency is distance, there are obviously optimizations that can be done, but most effective way to reduce latency will be to reduce the distance, i.e have server closer to users. For audio/video call Peer-to-peer is generally much better solution since you eliminate the relay to server but with 10s of users peer to peer is not that viable.

I am not exactly sure what is causing negative pings, there is probably some bug in code (and probably lot more 😅).

I'll check the video and get back to you on it.

I'm pretty confident that web-room-relay should be able to handle 10 users audio without any problem, and is a viable solution.

However for video conferencing there is generally more involved than just relaying the video, for example re-encoding in different quality for users with limited bandwidth and so on.

I actually have a project "syncplayer" which used web sockets to sync video of users in a room, which I'm planning to redo with web-room-relay for improved latency, I'll experiment with audio in it to see how viable it is.

[pylearndl]

I tried WebTransport echo server in Rust and WebAssembly client. Now I look forward to code a SFU server using WebTransport. I used wtransport-examples for server and added ws-audio-api to get getUserMedia audio, encode using OpusEncoder and chunk them into buffer packets. I receive buffer packets on client side, decode with OpusDecoder and que them for audio player to play.

Echo server works fine but generates a lag in audio if user increases more than 4. If you want I can share the echo server code with you.

Here is SFU diagram

[pylearndl]

5-10% CPU and used maximum of 20MB RAM on my Oracle 2GB instance. So maximum connection shouldnt be limited

You said snek is running Oracle 2GB instance. Can you tell me bit more about Oracle instance? What operating system on Oracle instance snek is running on and how you set that up and deployed rust snek project on it?

I have Oracle instance 4 cores 24GB RAM running ubuntu 20.04. I want to deploy Rust AUXM server app and wants to try it out how it performs. My Rust AUXM server exposes and run on local machine on https://127.0.0.1:4433. Also how to obtain SSL certificate to get WebTransport run on Oracle Instance. Locally I'm using self signed certificate for WebTransport.

Can you please help me?

[deep-gaurav]

You said snek is running Oracle 2GB instance. Can you tell me bit more about Oracle instance? What operating system on Oracle instance snek is running on and how you set that up and deployed rust snek project on it?

Oh my bad, I'm running on Oracles always free tier 1GB instance not 2GB, It's running ubuntu 20.10 Snek is frontend only, it's hosted on cloudflare pages, backend is web-room-relay. I host it on cloudflare using a service For SSL I use caddy

I have Oracle instance 4 cores 24GB RAM running ubuntu 20.04. I want to deploy Rust AUXM server app and wants to try it out how it performs. My Rust AUXM server exposes and run on local machine on https://127.0.0.1:4433/. Also how to obtain SSL certificate to get WebTransport run on Oracle Instance. Locally I'm using self signed certificate for WebTransport.

Hosting axum server is fairly easy, but oracle 4OCPU 24G ram server is Arm server, so you'll have to either compile project on the server itself or cross compile for arm and send it to server. You can use caddy to reverse proxy local port to some domain with ssl just make sure Port 80 and 443 is open on firewall and vnic Here's an example of caddyfile i use

web-room-relay.deepwith.in {
        reverse_proxy localhost:4433
}

Hosting WTransport is bit more involved as it uses UDP and cannot be proxied by caddy, what i do is once caddy has generated certificates for a particular domain I grab it and pass to WTransport program, For example for above caddyfile my caddy generates certificate in following location /var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/web-room-relay.deepwith.in/

[pylearndl]

1GB instance not 2GB, It's running ubuntu 20.10 Snek is frontend only, it's hosted on cloudflare pages, backend is web-room-relay

What server your ubuntu 20.10 is running on if its not Arm? Have you only had to upload bin release folder for web-room-relay as backend? I can delete my 4CPU 24G ram server Arm server instance if it's not viable option to host AUXM server. My Rust AUXM server is only exposes the port to connect it via JavaScript WebTransport. Do I still have to use cloudflare service?

[deep-gaurav]

What server your ubuntu 20.10 is running on if its not Arm?

Oracle also offers 2 free 1G Memory and 1/8 OCPU AMD servers,

Have you only had to upload bin release folder for web-room-relay as backend?

You only have to upload release binary file i.e /target/release/<binary file>

I can delete my 4CPU 24G ram server Arm server instance if it's not viable option to host AUXM server.

Arm server is fine, you can cross compile to aarch64-unknown-linux-gnu in your x64 local machine, Look for cross with it you can do cross build --target aarch64-unknown-linux-gnu then transfer binary in/target/aarch64-unknown-linux-gnu/release/<binary> to your server and run

My Rust AUXM server is only exposes the port to connect it via JavaScript WebTransport.

By default http is on port 80 and https on 443, so if you do not want to specify port in every request you make from your js, you'll have to run on these port.

Do I still have to use cloudflare service?

I use cloudflare to host my frontend, you can serve it from oracle server also if you would like, I use it because I want to keep web-room-relay frontend agnostic and not host snek, snek is just one use case any other service can use it which can talk to it's protocol

[pylearndl]

I copied Rust code to Ubuntu 20.04 and successfully compiled the code for target aarch64-unknown-linux-gnu. I tried to run binary as a service on Ubuntu but service failed with code=exited, status=1/FAILURE

systemctl start mediaoverweb.service systemctl status mediaoverweb.service

Rust code works fine locally but not on Ubuntu VM. Feb 28 11:28:04 instance-20240220-2028 mediaoverweb[92562]: Open Google Chrome and go https://127.0.0.1:4433 Feb 28 11:28:04 instance-20240220-2028 mediaoverweb[92562]: 2024-02-28T11:28:04.945853Z INFO mediaoverweb: Server ready! Feb 28 11:28:04 instance-20240220-2028 mediaoverweb[92562]: 2024-02-28T11:28:04.946378Z INFO mediaoverweb: Awaiting new connection request Feb 28 11:28:04 instance-20240220-2028 mediaoverweb[92562]: Error: Not a directory (os error 20)

Rust code runs and prints status as it waits for client to connect but then exits with status 1. I could not find help on google. Any thoughts on this error?

[deep-gaurav]

Can you share code? From logs it looks like it's trying to open some file, my guess here is certificate file which it doesnt find, hard to say what it's without source code. You can also try with RUST_LOG=trace might give more info on what is failing

[pylearndl]

Certificate is generated on the go and provided as an argument to async fn ttramwebtransport to open server as part of config. I think code runs upto info!("Awaiting new connection request"); and then throws an error Error: Not a directory (os error 20)

I ran cargo run mediaoverweb on Ubuntu and it works fine as expected. Accepts client connections coming through https://127.0.0.1:4433.

Above error shows when I run the service systemctl start mediaoverweb.service

Please see the full code attached. Nothing I could find on google relating to above error. [wtransport-examples-master.zip]()

#[tokio::main]
async fn main() -> Result<()> {
    let certificate = Certificate::self_signed(["127.0.0.1", "localhost"]);

    let https = https_server(certificate.clone(), "mediaoverweb/http");
    let wss = wss_server(certificate.clone(), websocket);
    let wt = tt_server(certificate.clone(), ttramwebtransport);

    println!("Open Google Chrome and go https://127.0.0.1:4433");

    tokio::try_join!(https, wss, wt)?;

    Ok(())
}

async fn ttramwebtransport(cert: Certificate) -> Result<()> {
    init_logging();
    ROOMS
        .set(Arc::new(RwLock::new(HashMap::new())))
        .map_err(|_| anyhow::anyhow!("Cant init"))?;

    let config = ServerConfig::builder()
        .with_bind_default(4435)
        .with_certificate(cert)
        .build();

    let server = Endpoint::server(config)?;

    info!("Server ready!");
    let (broadcast_sender, broadcast_receiver) = tokio::sync::mpsc::channel(10);
    tokio::spawn(handle_broadcast(broadcast_receiver));
    for id in 0.. {
        info!("Awaiting new connection request"); //**<-- logged as expected upto here**
        let incoming_session = server.accept().await; //**<-- executes the binary upto here then throws an error**
        info!("Some connecection request received");
        tokio::spawn(
            handle_connection(incoming_session, broadcast_sender.clone())
                .instrument(info_span!("Connection", id)),
        );
    }
    Ok(())
}

[deep-gaurav]

Can you share your service file? mediaoverweb.service

[pylearndl]

Please see below mediaoverweb.service

[Unit]
Description=Media Over Web Testing
After=network.target

[Service]
User=wtrust
Group=wtrust
Restart=on-failure
WorkingDirectory=/home/wtrust/rustprojects/wtransport-examples-master/target/aarch64-unknown-linux-gnu/release
ExecStart=/home/wtrust/rustprojects/wtransport-examples-master/target/aarch64-unknown-linux-gnu/release/mediaoverweb       

[Install]
WantedBy=multi-user.target

[pylearndl]

I added env::set_var("RUST_BACKTRACE", "1"); in Rust main fn. I'm still confuse what error says Error: Not a directory (os error 20)

wtrust@instance-20240220-2028:~$ journalctl _PID=103657
Hint: You are currently not seeing messages from other users and the system.
      Users in groups 'adm', 'systemd-journal' can see all messages.
      Pass -q to turn off this notice.
-- Logs begin at Tue 2024-02-27 13:32:47 UTC, end at Thu 2024-02-29 14:07:56 UTC. --
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]: Open Google Chrome and go https://127.0.0.1:4433
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]: 2024-02-29T14:07:56.857399Z  INFO mediaoverweb: Server ready!
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]: 2024-02-29T14:07:56.857429Z  INFO mediaoverweb: Awaiting new connection request
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]: Error: Not a directory (os error 20)
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]: Stack backtrace:
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:    0: std::backtrace_rs::backtrace::libunwind::trace
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:              at /rustc/07dca489ac2d933c78d3c5158e3f43beefeb02ce/library/std/src/../../backtrace/src/backtrace/libunwind.rs:104:5
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:    1: std::backtrace_rs::backtrace::trace_unsynchronized
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:              at /rustc/07dca489ac2d933c78d3c5158e3f43beefeb02ce/library/std/src/../../backtrace/src/backtrace/mod.rs:66:5
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:    2: std::backtrace::Backtrace::create
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:              at /rustc/07dca489ac2d933c78d3c5158e3f43beefeb02ce/library/std/src/backtrace.rs:331:13
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:    3: anyhow::error::<impl core::convert::From<E> for anyhow::Error>::from
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:    4: wtransport_examples_utilities::https::build_router
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:    5: <tokio::future::maybe_done::MaybeDone<Fut> as core::future::future::Future>::poll
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:    6: <tokio::future::poll_fn::PollFn<F> as core::future::future::Future>::poll
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:    7: mediaoverweb::main::{{closure}}
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:    8: tokio::runtime::park::CachedParkThread::block_on
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:    9: mediaoverweb::main
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:   10: std::sys_common::backtrace::__rust_begin_short_backtrace
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:   11: std::rt::lang_start::{{closure}}
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:   12: core::ops::function::impls::<impl core::ops::function::FnOnce<A> for &F>::call_once
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:              at /rustc/07dca489ac2d933c78d3c5158e3f43beefeb02ce/library/core/src/ops/function.rs:284:13
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:   13: std::panicking::try::do_call
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:              at /rustc/07dca489ac2d933c78d3c5158e3f43beefeb02ce/library/std/src/panicking.rs:552:40
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:   14: std::panicking::try
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:              at /rustc/07dca489ac2d933c78d3c5158e3f43beefeb02ce/library/std/src/panicking.rs:516:19
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:   15: std::panic::catch_unwind
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:              at /rustc/07dca489ac2d933c78d3c5158e3f43beefeb02ce/library/std/src/panic.rs:142:14
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:   16: std::rt::lang_start_internal::{{closure}}
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:              at /rustc/07dca489ac2d933c78d3c5158e3f43beefeb02ce/library/std/src/rt.rs:148:48
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:   17: std::panicking::try::do_call
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:              at /rustc/07dca489ac2d933c78d3c5158e3f43beefeb02ce/library/std/src/panicking.rs:552:40
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:   18: std::panicking::try
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:              at /rustc/07dca489ac2d933c78d3c5158e3f43beefeb02ce/library/std/src/panicking.rs:516:19
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:   19: std::panic::catch_unwind
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:              at /rustc/07dca489ac2d933c78d3c5158e3f43beefeb02ce/library/std/src/panic.rs:142:14
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:   20: std::rt::lang_start_internal
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:              at /rustc/07dca489ac2d933c78d3c5158e3f43beefeb02ce/library/std/src/rt.rs:148:20
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:   21: main
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:   22: __libc_start_main
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:              at /build/glibc-Q8DG8B/glibc-2.31/csu/../csu/libc-start.c:308:16
Feb 29 14:07:56 instance-20240220-2028 mediaoverweb[103657]:   23: <unknown>
wtrust@instance-20240220-2028:~$ 

[deep-gaurav]

@pylearndl I've figured out the problem, It's not related to wtransport Problem is WorkingDirectory, it should be /home/wtrust/rustprojects/wtransport-examples-master

[deep-gaurav]

utilities/src/http.rs which is serving index.html is crashing, sicne WorkingDirectory is target it's not able to find web folder and crashing on run

[pylearndl]

You are a star @deep-gaurav.

mediaoverweb service is running now. I'll expose it to cloudflare tunnel service and will do tests on how many users can join in one room before latency increases to one point that voice chat can't handle!

wtrust@instance-20240220-2028:/etc/systemd/system$ systemctl status mediaoverweb.service
● mediaoverweb.service - Media Over Web Testing
     Loaded: loaded (/etc/systemd/system/mediaoverweb.service; enabled; vendor preset: enabled)
     Active: active (running) since Thu 2024-02-29 14:44:36 UTC; 2min 55s ago
   Main PID: 103819 (mediaoverweb)
      Tasks: 5 (limit: 28641)
     Memory: 2.5M
     CGroup: /system.slice/mediaoverweb.service
             └─103819 /home/wtrust/rustprojects/wtransport-examples-master/target/aarch64-unknown-linux-gnu/release/mediaoverweb

Feb 29 14:44:36 instance-20240220-2028 mediaoverweb[103819]: Open Google Chrome and go https://127.0.0.1:4433
Feb 29 14:44:36 instance-20240220-2028 mediaoverweb[103819]: 2024-02-29T14:44:36.862638Z  INFO mediaoverweb: Server ready!
Feb 29 14:44:36 instance-20240220-2028 mediaoverweb[103819]: 2024-02-29T14:44:36.862662Z  INFO mediaoverweb: Awaiting new connection request
wtrust@instance-20240220-2028:/etc/systemd/system$ 

Thank you, appreciate your help. :)

[deep-gaurav]

You're welcome, let me know your results, and if you open source your project, Ping me also. I have plans to explore audio with wtransport but am not able to find time for it.

[pylearndl]

Service is running fine but WebTransport handshakes failed. It's a self-signed SSL certificate error. You mentioned using Caddy to overcome Snek SSL issue in your case.

I host it on cloudflare using a service For SSL I use caddy

Can you guide me how to use Caddy to avoid this issue? Service I'm testing is running on https://talk.bubbles.buzz/

[deep-gaurav]

I used caddy because I was also using it as reverse proxy already. If you just need a valid ssl cerificate you can get it using certbot. Follow following guide till step 2, it'll give you public private key. Basically just install cerbot and run it, make sure port 80 and 443 are open on firewall and vnic (in oracle cloud) https://www.digitalocean.com/community/tutorials/how-to-use-certbot-standalone-mode-to-retrieve-let-s-encrypt-ssl-certificates-on-ubuntu-16-04

Also I dont think problem you are having is SSL error, I think port 4435 is just not open and connection is not reaching your server since error is NETWORK_IDLE_TIMEOUT, again make sure to open port 4435 in firewall (both tcp and udp), and in oracle vnic. Once it's open you will get an SSL error net::ERR_QUIC_PROTOCOL_ERROR.QUIC_TLS_CERTIFICATE_UNKNOWN (TLS handshake failure (ENCRYPTION_HANDSHAKE) 46: certificate unknown).

[pylearndl]

QUIC_NETWORK_IDLE_TIMEOUT error was a typo. Clourflared tunnel service was configured to connect service: https://127.0.0.1:4433 and I was trying to connect https://wt.bubbles.buzz:4433/room/123456 in javascript.

   - hostname: wt.bubbles.buzz
     service: https://127.0.0.1:4433
     originRequest:
        noTLSVerify: true

WebTransport address needed to be https://wt.bubbles.buzz/room/123456 as port 4433 was already configured in Cloudflared config file config.yml. I'm able to reach to service now but facing certificate error as you suspected!

As you said now I'm stuck at QUIC_TLS_CERTIFICATE_UNKNOWN. I tried to follow above link to generate certificate $ sudo certbot certonly --standalone -d wt.bubbles.buzz. But, I can't get certbot to generate certificate for WebTransport webserver api running server at wt.bubbles.buzz!

wtrust@instance-20240220-2028:~$ sudo certbot certonly --standalone -d wt.bubbles.buzz
[sudo] password for wtrust: 
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Requesting a certificate for wt.bubbles.buzz

Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
  Domain: wt.bubbles.buzz
  Type:   unauthorized
  Detail: 2606:4700:3032::6815:471e: Invalid response from http://wt.bubbles.buzz/.well-known/acme-challenge/dDrJuA9riCGX-c-tThwhrvis6e1_nmkXkk4oXZBW1CQ: 502

Hint: The Certificate Authority failed to download the challenge files from the temporary standalone webserver started by Certbot on port 80. Ensure that the listed domains point to this machine and that it can accept inbound connections from the internet.

Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

[deep-gaurav]

Oh I see the problem, your server is not directly exposed to public but instead being routed through cloudflare tunnel. That is the reason why certbot is not able to generate certificates using http validation since it's http server isnt getting exposed. You can use dns based validation to generate certificate in this case then. You can follow this guide for it.

https://www.digitalocean.com/community/tutorials/how-to-acquire-a-let-s-encrypt-certificate-using-dns-validation-with-acme-dns-certbot-on-ubuntu-18-04

Also I'm not sure how will webtransport work behind cloudflare tunnel since it uses udp and most tunnels dont support udp. (I've never used cloudflare tunnel so I'm not sure about it's working)

[pylearndl]

You're right. Cloudflare tunnel uses tcp. I can't get udp webtransport to get it work. Doesn't support udp yet. Your repository has runner.sh. If I were to follow your steps how what would be my runner.sh?

#!/bin/bash
rm -f talkroom
wget /home/wtrust/rustprojects/talkroom/target/aarch64-unknown-linux-gnu/release/talkroom
chmod +x talkroom
export RUST_LOG=INFO
exec ./talkroom

Also your service file has Environment="PORT=9342". What is this line for?

[deep-gaurav]

You dont specifically need runner.sh, I had it mostly so that restarting service deleted and downloaded latest build from github release, You can simply run your server and allow port through firewall, Generally there is 2 places you need to enable it, VNIC assigned to your instance in oracle cloud dashboard and firewall ufw/firewalld/iptables, depending on your instance (afaik, iptables will work). allow both udp and tcp both for the port you need in both these places.

Then in your DNS manager (cloudflare I suppose?) point A record of wt.bubbles.buzz to your Oracle instance public IPV4 address. you should be able to connect directly to your instance then.

[pylearndl]

I have directly exposed server without cloudflare tunnel. I added A rule for @ direcly pointing to my cloud server instance public ip address 130.162.173.69 on godaddy DNS records. Certbot generated valid free 90 days SSL certificate for godaddy domain and SSL certificate works fine for webtransport.

Ports 4433 udp, and 4434 tcp is open on oracle cloud dashboard. Also netstat -lntu shows 4433 udp, 4434 tcp is listening on ubuntu server. I tested https://bubbles.buzz:4433/room/123456 on https://webtransport.day/ and WebTransport connects with server.

Initiating connection...
Connection ready.
Datagram writer ready.
Datagram reader ready.

But, unable to access https runs on Ubuntu server on port 4434? How to access html page which runs locally on Ubuntu Firefox port 4434 https://127.0.0.1:4434

I cannot use Cloudflare tunnel as it requires to change nameservers to cloudflare managed nameservers! Also certbot didn't generated SSL certificate when I routed through cloudflare tunnel.

[deep-gaurav]

Ok great, now webtransport is working fine, for https server you are using, If you are using same code you shared before, I noticed SocketAddr::new(Ipv4Addr::LOCALHOST.into(), 4433); this will only expose 4433 localhost, instead use SocketAddr::new(Ipv4Addr::UNSPECIFIED.into(), 4433);

It'll bind to 0.0.0.0:4433, and should be accessible then.

[pylearndl]

I used SocketAddr::new(Ipv4Addr::UNSPECIFIED.into(), 4434);. Well, I able reach html page on https://bubbles.buzz:4434/, but received the same error again net::ERR_QUIC_PROTOCOL_ERROR.QUIC_TLS_CERTIFICATE_UNKNOWN, despite I'm using the same certificate generated by Certbot for -d *.bubbles.buzz -d bubbles.buzz!

Failed to establish a connection to https://bubbles.buzz:4433/room/123456: net::ERR_QUIC_PROTOCOL_ERROR.QUIC_TLS_CERTIFICATE_UNKNOWN (TLS handshake failure (ENCRYPTION_HANDSHAKE) 46: certificate unknown).
client.js?2:59 Connection failed. WebTransportError: Opening handshake failed. error

WebTransport still works with the same certbot certificate but not https! Test on https://webtransport.day/ url https://bubbles.buzz:4433/room/123456 webtransport connection works fine.

I don't where is this error coming from? Where have I got wrong?

[deep-gaurav]

https seems fine, webtransport seems fine,

I observed following in client.js

let transport = new WebTransport(url, {congestionControl: "low-latency", serverCertificateHashes: [ { algorithm: "sha-256", value: CERT_HASH.buffer } ] } );

This could be the reason, try removing serverCertificateHashes, just simple

let transport = new WebTransport(url)

should work

[pylearndl]

let transport = new WebTransport(url); did the trick. Mediaoverweb working as expected. I have tried with two users join in a room and can do voice chat over WebTransport datagram.

Appreciate your help I received. Thank you very much. I'll buy you a beer :) 👍

I'll do tests for improving latency. Also will find user capacity joined per room without compromising quality of voice chat and latency.

If you try https://bubbles.buzz:4434/, use google chrome, just only tap Start stream and Play stream buttons on the web page. Open another tab or try on other device and tap Start stream and Play stream buttons. You can voice chat two tabs or devices.

[deep-gaurav]

Nice!, Seems to work fine, there is decent latency, but I'm in India and bubbles.buzz seems to be in NewYork so it's to be expected. Let me know your tests results!