search

processone / eturnal

STUN / TURN standalone server
https://eturnal.net
Apache License 2.0
225 stars 22 forks source link

Calls Do Not Connect #54

Closed Warnthebase closed 9 months ago

Warnthebase commented 9 months ago

Hello,

I am having an issue with my calls not connecting. TrickleIce shows everything is working correctly:

Time    Type    Foundation  Protocol    Address Port    Priority    URL (if present)    relayProtocol (if present)
0.004   host    3431801334  udp 818f189b-183b-4e1f-9992-957a75063bc0.local  60418   126 | 30 | 255      
0.017   srflx   970610555   udp <public ip of peer> 31585   100 | 30 | 255  stun:matrix.mydomain.com:3478   
0.091   relay   1914238475  udp <public ip of server>   2 | 31 | 255    turn:matrix.mydomain.com:3478?transport=udp udp
0.134   Done

As does Matrix VoIP Tester

turn:<public server IP>:3478?transport=udp
STUN & TURN
Excellent
Succeeded the relaying test.

Candidates:
<public peer IP> port 30596/udp (server-reflexive (STUN))
<public server IP> port 57140/udp (relay (TURN))

However, when I place a call (both clients using Element), the call does not connect. If I put both devices on the same LAN, the calls connect without issue.

This comes in the log every few seconds, as the client does not send any data:

Relayed 0 KiB (in 0 B / 0 packets, out 0 B / 0 packets), duration: 1 seconds [UDP, session 7eugpszr72x4, user 1621923899:@user:mydomain.com, client <public peer IP>:51650, relay <public server IP>:57326]

TURN section from homeserver.yaml from synapse:

turn_uris: [ "turn:matrix.mydomain.com:3478?transport=udp", "stun:matrix.mydomain.com:3478?transport=udp" ]
turn_shared_secret: "<secret from eternal.yml>"
turn_allow_guests: true

I can see in my firewall logs that it is trying to make a direct connection (from peer2 to peer), and not using the relay server (public server IP), which I believe should not be the case?

I feel like I am 98% of the way there to success and I am missing something minor. Any assistance on getting this and calls to work is greatly appreciated :-).

weiss commented 9 months ago

The first thing I'd double-check is whether the relay port range (all UDP ports between relay_min_port and relay_max_port) are accessible for clients. The Trickle ICE thing doesn't check this part of the setup. The Matrix VoIP tester claims to do that, but that's not trivial to do (which is why Trickle ICE and others don't), so I'm not entirely conviced they perform this check correctly (I'd be interested in the Relayed […] log line eturnal logs for the VoIP tester to verify this part).

I can see in my firewall logs that it is trying to make a direct connection (from peer2 to peer), and not using the relay server (public server IP), which I believe should not be the case?

Clients always try peer2peer before falling back to TURN relaying, so that's probably fine.

Warnthebase commented 9 months ago

Not entirely sure what the root cause was, but this issue has been solved (at least for now).

Not sure if it did anything, but I removed the relay_min_port and relay_max_port settings from eturnal.yml, and moved them into my docker-compose file (the port range did not change). A quick docker compose down && docker compose up -d --remove-orphans and I suddenly had no issues.

Unfortunately do not have the log files, but if/when the issue pops up again, I will make sure to turn on log_level=debugand capture the eturnal logs.

Thanks for your help @weiss