From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mail.toke.dk; spf=pass (mailfrom) smtp.mailfrom=irif.fr (client-ip=2001:660:3301:8000::1:2; helo=korolev.univ-paris7.fr; envelope-from=jch@irif.fr; receiver=) Authentication-Results: mail.toke.dk; dkim=pass (2048-bit key; unprotected) header.d=irif.fr header.i=@irif.fr header.a=rsa-sha256 header.s=dkim-irif header.b=WTw9WZUR Received: from korolev.univ-paris7.fr (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]) by mail.toke.dk (Postfix) with ESMTPS id D72049DCDC3 for ; Thu, 12 Jan 2023 15:47:59 +0100 (CET) Received: from potemkin.univ-paris7.fr (potemkin.univ-paris7.fr [IPv6:2001:660:3301:8000::1:1]) by korolev.univ-paris7.fr (8.14.4/8.14.4/relay1/82085) with ESMTP id 30CEloWX006656 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 12 Jan 2023 15:47:50 +0100 Received: from mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [81.194.30.253]) by potemkin.univ-paris7.fr (8.14.4/8.14.4/relay2/82085) with ESMTP id 30CElox5015569; Thu, 12 Jan 2023 15:47:50 +0100 Received: from mailhub.math.univ-paris-diderot.fr (localhost [127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTP id 39BBBF12E7; Thu, 12 Jan 2023 15:47:50 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=irif.fr; h= content-transfer-encoding:content-type:content-type:mime-version :user-agent:references:in-reply-to:subject:subject:from:from :message-id:date:date:received:received; s=dkim-irif; t= 1673534868; x=1674398869; bh=4dAnOl9aRppsvTQlaqwWph6MqYvo6KEoSSE HSfhAiSg=; b=WTw9WZURR52Trv+NEQvhFpqAWIpSOku5mXkfWy0Tj2K79g5e9nk t/yTu3yPyQ8yhP4xOqAo1D0hRaStxXpgNQIVda8nlZMWADqJ8VnVGCzBPeapxdUE hGypQFs0cU9wphS2PV+vTTYwdR+oA0DckghJgUS3e4f+aKW657t3WvphLCF9TzRL eLuhEVY0eYUREs8hT1eT0v6mf42kv52sljqcX7AW3OIgmOiuSXxDmkjQCYwripDB 5ZTXL4pJI1lU0PbaBODZoayPNUrA4llZOK1tm5xR6J9/5CZ6Oj8U5M13fxL1JXxS pM0t5guufOsqtDUGRRene6Xg6h/IQ+HJc3w== X-Virus-Scanned: amavisd-new at math.univ-paris-diderot.fr Received: from mailhub.math.univ-paris-diderot.fr ([127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id 1iBwRDzHdJUk; Thu, 12 Jan 2023 15:47:48 +0100 (CET) Received: from pirx.irif.fr (unknown [78.194.40.74]) (Authenticated sender: jch) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTPSA id 3156BF12E3; Thu, 12 Jan 2023 15:47:47 +0100 (CET) Date: Thu, 12 Jan 2023 15:47:47 +0100 Message-ID: <875ydb6c8c.wl-jch@irif.fr> From: Juliusz Chroboczek To: Werner Fleck In-Reply-To: References: <87sfgg3nmy.wl-jch@irif.fr> <87r0w03ml3.wl-jch@irif.fr> <3EEAFE96-7303-41BA-B7A8-C54C8E07A3EB@rouillier.fr> <87a62o54ts.wl-jch@irif.fr> <39712e61-808a-7dc3-989f-c65410de7129@gmail.com> <878ri76i0n.wl-jch@irif.fr> User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/28.2 Mule/6.0 MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]); Thu, 12 Jan 2023 15:47:50 +0100 (CET) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (potemkin.univ-paris7.fr [194.254.61.141]); Thu, 12 Jan 2023 15:47:50 +0100 (CET) X-Miltered: at korolev with ID 63C01D96.002 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)! X-Miltered: at potemkin with ID 63C01D96.001 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)! X-j-chkmail-Enveloppe: 63C01D96.002 from potemkin.univ-paris7.fr/potemkin.univ-paris7.fr/null/potemkin.univ-paris7.fr/ X-j-chkmail-Enveloppe: 63C01D96.001 from mailhub.math.univ-paris-diderot.fr/mailhub.math.univ-paris-diderot.fr/null/mailhub.math.univ-paris-diderot.fr/ X-j-chkmail-Score: MSGID : 63C01D96.002 on korolev.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000 X-j-chkmail-Score: MSGID : 63C01D96.001 on potemkin.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000 X-j-chkmail-Status: Ham X-j-chkmail-Status: Ham Message-ID-Hash: 4MH2WUP5MNNLKFEU4Q5Q5WXOTCSVAPE7 X-Message-ID-Hash: 4MH2WUP5MNNLKFEU4Q5Q5WXOTCSVAPE7 X-MailFrom: jch@irif.fr X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: galene@lists.galene.org X-Mailman-Version: 3.3.7 Precedence: list Subject: [Galene] Galene in Docker [was: ANNOUNCE: galene-0.6.2] List-Id: =?utf-8?q?Gal=C3=A8ne_videoconferencing_server_discussion_list?= Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: > I`m running Coturn, also in a docker container. > The Coturn container runs in host network mode, i.e. with direct network > access. I found this necessary because it uses UDP ports 49152 to 65535 > which was a performance killer using bridged networking. Yes, there's no way around it: if you run Galene behind a NAT, you need something outside of the NAT to establish communication. > The Gal=E8ne container runs in standard bridged mode but has no ports > exposed. It only gets docker internal traffic. Are you allowing unrestricted outgoing UDP traffic from the Galene container? If you don't, then all of the traffic will be routed through the TURN server, which will cause load on the TURN server and increase connection establishment delay by two seconds. If you do allow unrestricted traffic from Galene the Galene, then your solution is pretty good. However, it requires setting up an external TURN server, which I feel is more hassle than just running Galene directly exposed to the Internet. > The system runs very stable, but I only used it with less than > 8 participants. So I don=B4t know how it would behave with much more > clients. You should have no problems (as long as you're allowing unrestricted outgoing UDP). There's a slight increase in connection establishment time due to the STUN exchange with the TURN server, but it should be negligible. -- Juliusz