Galène videoconferencing server discussion list archives
 help / color / mirror / Atom feed
* [Galene] Federated servers or multiple turns?
@ 2022-11-23 16:43 Han So
  2022-11-24 19:59 ` [Galene] " Juliusz Chroboczek
  0 siblings, 1 reply; 12+ messages in thread
From: Han So @ 2022-11-23 16:43 UTC (permalink / raw)
  To: galene

Had anyone worked on federating multiple Galene servers or having multiple turn servers?
Or having multiple Helene servers that can have shared rooms across servers?


Hans

^ permalink raw reply	[flat|nested] 12+ messages in thread

* [Galene] Re: Federated servers or multiple turns?
  2022-11-23 16:43 [Galene] Federated servers or multiple turns? Han So
@ 2022-11-24 19:59 ` Juliusz Chroboczek
  2022-11-30 15:11   ` Han So
  0 siblings, 1 reply; 12+ messages in thread
From: Juliusz Chroboczek @ 2022-11-24 19:59 UTC (permalink / raw)
  To: Han So; +Cc: galene

> Had anyone worked on federating multiple Galene servers

The original plan was to allow server federation, and to allow
distributing a single group on multiple servers.  It turned out, however,
that Galene requires fewer server ressources than initially expected, so
the need for such fine-grained load-balancing didn't materalise.

For now, you can distribute load by putting different Galene groups on
different servers.  You may either redirect clients to the right server at
the HTTP level (see the "redirect" directive in the configuration file),
or you could redirect just the websocket connection (so the URL visible in
the browser is the one of the original server, not the one that that the
user has been redirected to).

> having multiple turn servers?

You could have multiple TURN servers, sure.  Could you please explain why
you'd want that?

-- Juliusz

^ permalink raw reply	[flat|nested] 12+ messages in thread

* [Galene] Re: Federated servers or multiple turns?
  2022-11-24 19:59 ` [Galene] " Juliusz Chroboczek
@ 2022-11-30 15:11   ` Han So
  2022-11-30 15:33     ` Dave Taht
  2022-11-30 23:06     ` Juliusz Chroboczek
  0 siblings, 2 replies; 12+ messages in thread
From: Han So @ 2022-11-30 15:11 UTC (permalink / raw)
  To: Juliusz Chroboczek; +Cc: galene

This is really to improve security and anonymity
- that way person 1 can log into Galen’s server 1 and be in the same group as person 2 who logged into Galene server 2. 


Multiple turn servers as well.  Currently they both access the same turn so both individuals would see the same ip addresses they are connected to.  Having multiple turns, one for each side would reduce aggregation.  Coturn has an alternate server setting for round robin, but it needs the client to be able to process a 300 error then reroute that client to the alternate server.   Perhaps this wouldn’t matter if we had multiple federated servers that contain the same group but each server would have a different turn.

Hans

> On Nov 24, 2022, at 2:59 PM, Juliusz Chroboczek <jch@irif.fr> wrote:
> 
> 
>> 
>> Had anyone worked on federating multiple Galene servers
> 
> The original plan was to allow server federation, and to allow
> distributing a single group on multiple servers.  It turned out, however,
> that Galene requires fewer server ressources than initially expected, so
> the need for such fine-grained load-balancing didn't materalise.
> 
> For now, you can distribute load by putting different Galene groups on
> different servers.  You may either redirect clients to the right server at
> the HTTP level (see the "redirect" directive in the configuration file),
> or you could redirect just the websocket connection (so the URL visible in
> the browser is the one of the original server, not the one that that the
> user has been redirected to).
> 
>> having multiple turn servers?
> 
> You could have multiple TURN servers, sure.  Could you please explain why
> you'd want that?
> 
> -- Juliusz

^ permalink raw reply	[flat|nested] 12+ messages in thread

* [Galene] Re: Federated servers or multiple turns?
  2022-11-30 15:11   ` Han So
@ 2022-11-30 15:33     ` Dave Taht
  2022-11-30 23:06     ` Juliusz Chroboczek
  1 sibling, 0 replies; 12+ messages in thread
From: Dave Taht @ 2022-11-30 15:33 UTC (permalink / raw)
  To: Han So; +Cc: Juliusz Chroboczek, galene

There is some very interesting work on stacked SFU's leveraging pion
(the same lib galene uses) in the matrix project.

https://matrix.org/blog/2022/08/05/this-week-in-matrix-2022-08-05#element-call-website

I can be found these days @dtaht:matrix.org.

^ permalink raw reply	[flat|nested] 12+ messages in thread

* [Galene] Re: Federated servers or multiple turns?
  2022-11-30 15:11   ` Han So
  2022-11-30 15:33     ` Dave Taht
@ 2022-11-30 23:06     ` Juliusz Chroboczek
  2022-12-02  3:08       ` Han So
  1 sibling, 1 reply; 12+ messages in thread
From: Juliusz Chroboczek @ 2022-11-30 23:06 UTC (permalink / raw)
  To: Han So; +Cc: galene

> This is really to improve security and anonymity

What's your attack model?  Are you assuming that the server is controlled
by an attacker?

> Currently they both access the same turn so both individuals would see
> the same ip addresses they are connected to.

You can easily use a different TURN server for each client.  Just change
this line:

  https://github.com/jech/galene/blob/master/rtpconn/webclient.go#L1189

However, given that most clients don't go through a TURN server but
connect directly to Galene, I fail to see how that would improve
anonymity.

-- Juliusz

^ permalink raw reply	[flat|nested] 12+ messages in thread

* [Galene] Re: Federated servers or multiple turns?
  2022-11-30 23:06     ` Juliusz Chroboczek
@ 2022-12-02  3:08       ` Han So
  2022-12-02 11:39         ` Juliusz Chroboczek
  0 siblings, 1 reply; 12+ messages in thread
From: Han So @ 2022-12-02  3:08 UTC (permalink / raw)
  To: Juliusz Chroboczek; +Cc: galene

Attempted what you said, but it turned out we couldn’t even get a simple external turn server working.  We tried to use a pion go turn server, a simple one, then the log one, and also tried a coturn server.  As a last ditch effort we copied the galene local turn server and moved it externally and that didn’t work.  In all cases the initial connection was fine, relay test was successful, but the moment we enable the video and audio, it fails.  This was prior to doing any code changes to attempt multiple turns.  Any hints on how to make external turns work?
Hans

> On Nov 30, 2022, at 6:06 PM, Juliusz Chroboczek <jch@irif.fr> wrote:
> 
> 
>> 
>> This is really to improve security and anonymity
> 
> What's your attack model?  Are you assuming that the server is controlled
> by an attacker?
> 
>> Currently they both access the same turn so both individuals would see
>> the same ip addresses they are connected to.
> 
> You can easily use a different TURN server for each client.  Just change
> this line:
> 
>  https://github.com/jech/galene/blob/master/rtpconn/webclient.go#L1189
> 
> However, given that most clients don't go through a TURN server but
> connect directly to Galene, I fail to see how that would improve
> anonymity.
> 
> -- Juliusz

^ permalink raw reply	[flat|nested] 12+ messages in thread

* [Galene] Re: Federated servers or multiple turns?
  2022-12-02  3:08       ` Han So
@ 2022-12-02 11:39         ` Juliusz Chroboczek
  2022-12-05 16:38           ` Han So
  0 siblings, 1 reply; 12+ messages in thread
From: Juliusz Chroboczek @ 2022-12-02 11:39 UTC (permalink / raw)
  To: Han So; +Cc: galene

> Attempted what you said, but it turned out we couldn’t even get a simple
> external turn server working.

Strange.  Did the relay test work on both sides?  (Client and server?)

^ permalink raw reply	[flat|nested] 12+ messages in thread

* [Galene] Re: Federated servers or multiple turns?
  2022-12-02 11:39         ` Juliusz Chroboczek
@ 2022-12-05 16:38           ` Han So
  2022-12-05 17:14             ` Han So
  0 siblings, 1 reply; 12+ messages in thread
From: Han So @ 2022-12-05 16:38 UTC (permalink / raw)
  To: Juliusz Chroboczek; +Cc: galene

Relay test seemed to work from the Galene server..  I can chat fine and even see some good success messages in the coturn logs.. but audio and video does not work

Hans

> On Dec 2, 2022, at 6:39 AM, Juliusz Chroboczek <jch@irif.fr> wrote:
> 
> 
>> 
>> Attempted what you said, but it turned out we couldn’t even get a simple
>> external turn server working.
> 
> Strange.  Did the relay test work on both sides?  (Client and server?)

^ permalink raw reply	[flat|nested] 12+ messages in thread

* [Galene] Re: Federated servers or multiple turns?
  2022-12-05 16:38           ` Han So
@ 2022-12-05 17:14             ` Han So
  2022-12-05 22:03               ` Han So
  0 siblings, 1 reply; 12+ messages in thread
From: Han So @ 2022-12-05 17:14 UTC (permalink / raw)
  To: Han So; +Cc: Juliusz Chroboczek, galene

Nvm, I was able to get external coturn working - needed to open up ports between my local machine and the turn server

Hans

> On Dec 5, 2022, at 11:38 AM, Han So <Hansolo2218@gmail.com> wrote:
> 
> Relay test seemed to work from the Galene server..  I can chat fine and even see some good success messages in the coturn logs.. but audio and video does not work
> 
> Hans
> 
>> On Dec 2, 2022, at 6:39 AM, Juliusz Chroboczek <jch@irif.fr> wrote:
>> 
>> 
>>> 
>>> Attempted what you said, but it turned out we couldn’t even get a simple
>>> external turn server working.
>> 
>> Strange.  Did the relay test work on both sides?  (Client and server?)

^ permalink raw reply	[flat|nested] 12+ messages in thread

* [Galene] Re: Federated servers or multiple turns?
  2022-12-05 17:14             ` Han So
@ 2022-12-05 22:03               ` Han So
  2022-12-06 18:21                 ` Han So
  0 siblings, 1 reply; 12+ messages in thread
From: Han So @ 2022-12-05 22:03 UTC (permalink / raw)
  To: Han So; +Cc: Juliusz Chroboczek, galene

Now trying to update the ice configuration and updated in one place you suggested.
Got and initial error 401 unauthorized … will continue to troubleshoot to see why.  The configuration server struc looked good I thought.

Hans

> On Dec 5, 2022, at 12:15 PM, Han So <Hansolo2218@gmail.com> wrote:
> 
> Nvm, I was able to get external coturn working - needed to open up ports between my local machine and the turn server
> 
> Hans
> 
>> On Dec 5, 2022, at 11:38 AM, Han So <Hansolo2218@gmail.com> wrote:
>> 
>> Relay test seemed to work from the Galene server..  I can chat fine and even see some good success messages in the coturn logs.. but audio and video does not work
>> 
>> Hans
>> 
>>>> On Dec 2, 2022, at 6:39 AM, Juliusz Chroboczek <jch@irif.fr> wrote:
>>> 
>>> 
>>>> 
>>>> Attempted what you said, but it turned out we couldn’t even get a simple
>>>> external turn server working.
>>> 
>>> Strange.  Did the relay test work on both sides?  (Client and server?)

^ permalink raw reply	[flat|nested] 12+ messages in thread

* [Galene] Re: Federated servers or multiple turns?
  2022-12-05 22:03               ` Han So
@ 2022-12-06 18:21                 ` Han So
  2022-12-07 15:17                   ` Han So
  0 siblings, 1 reply; 12+ messages in thread
From: Han So @ 2022-12-06 18:21 UTC (permalink / raw)
  To: Han So; +Cc: Juliusz Chroboczek, galene

[-- Attachment #1: Type: text/html, Size: 9477 bytes --]

^ permalink raw reply	[flat|nested] 12+ messages in thread

* [Galene] Re: Federated servers or multiple turns?
  2022-12-06 18:21                 ` Han So
@ 2022-12-07 15:17                   ` Han So
  0 siblings, 0 replies; 12+ messages in thread
From: Han So @ 2022-12-07 15:17 UTC (permalink / raw)
  To: Han So; +Cc: Juliusz Chroboczek, galene

[-- Attachment #1: Type: text/html, Size: 10259 bytes --]

^ permalink raw reply	[flat|nested] 12+ messages in thread

end of thread, other threads:[~2022-12-07 15:17 UTC | newest]

Thread overview: 12+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-11-23 16:43 [Galene] Federated servers or multiple turns? Han So
2022-11-24 19:59 ` [Galene] " Juliusz Chroboczek
2022-11-30 15:11   ` Han So
2022-11-30 15:33     ` Dave Taht
2022-11-30 23:06     ` Juliusz Chroboczek
2022-12-02  3:08       ` Han So
2022-12-02 11:39         ` Juliusz Chroboczek
2022-12-05 16:38           ` Han So
2022-12-05 17:14             ` Han So
2022-12-05 22:03               ` Han So
2022-12-06 18:21                 ` Han So
2022-12-07 15:17                   ` Han So

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox