From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mail.toke.dk; spf=pass (mailfrom) smtp.mailfrom=irif.fr (client-ip=2001:660:3301:8000::1:2; helo=korolev.univ-paris7.fr; envelope-from=jch@irif.fr; receiver=) Received: from korolev.univ-paris7.fr (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]) by mail.toke.dk (Postfix) with ESMTPS id CB63684C37D for ; Fri, 14 May 2021 21:03:38 +0200 (CEST) Received: from potemkin.univ-paris7.fr (potemkin.univ-paris7.fr [IPv6:2001:660:3301:8000::1:1]) by korolev.univ-paris7.fr (8.14.4/8.14.4/relay1/82085) with ESMTP id 14EJ3bVI010285 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 14 May 2021 21:03:37 +0200 Received: from mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [81.194.30.253]) by potemkin.univ-paris7.fr (8.14.4/8.14.4/relay2/82085) with ESMTP id 14EJ3bP1008366; Fri, 14 May 2021 21:03:37 +0200 Received: from mailhub.math.univ-paris-diderot.fr (localhost [127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTP id 04EDB1039DD; Fri, 14 May 2021 21:03:37 +0200 (CEST) X-Virus-Scanned: amavisd-new at math.univ-paris-diderot.fr Received: from mailhub.math.univ-paris-diderot.fr ([127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id PuVp9Msh_HQn; Fri, 14 May 2021 21:03:35 +0200 (CEST) Received: from pirx.irif.fr (unknown [78.194.40.74]) (Authenticated sender: jch) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTPSA id 396441039DB; Fri, 14 May 2021 21:03:35 +0200 (CEST) Date: Fri, 14 May 2021 21:03:34 +0200 Message-ID: <87a6oxb0jd.wl-jch@irif.fr> From: Juliusz Chroboczek To: Michael Aldridge In-Reply-To: <0a010004-21af-1fc1-d2cf-b45dbda7d1a3@gmail.com> References: <60a45f10-75eb-dfef-7609-4f6be2586e6c@gmail.com> <87lf8hldwu.wl-jch@irif.fr> <0a010004-21af-1fc1-d2cf-b45dbda7d1a3@gmail.com> User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/28.0 Mule/6.0 MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]); Fri, 14 May 2021 21:03:37 +0200 (CEST) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (potemkin.univ-paris7.fr [194.254.61.141]); Fri, 14 May 2021 21:03:37 +0200 (CEST) X-Miltered: at korolev with ID 609EC989.000 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)! X-Miltered: at potemkin with ID 609EC989.000 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)! X-j-chkmail-Enveloppe: 609EC989.000 from potemkin.univ-paris7.fr/potemkin.univ-paris7.fr/null/potemkin.univ-paris7.fr/ X-j-chkmail-Enveloppe: 609EC989.000 from mailhub.math.univ-paris-diderot.fr/mailhub.math.univ-paris-diderot.fr/null/mailhub.math.univ-paris-diderot.fr/ X-j-chkmail-Score: MSGID : 609EC989.000 on korolev.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000 X-j-chkmail-Score: MSGID : 609EC989.000 on potemkin.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000 X-j-chkmail-Status: Ham X-j-chkmail-Status: Ham Message-ID-Hash: SE32VMMZVKII2TSND4HWVFVNZXJOJAXU X-Message-ID-Hash: SE32VMMZVKII2TSND4HWVFVNZXJOJAXU X-MailFrom: jch@irif.fr X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: galene@lists.galene.org X-Mailman-Version: 3.3.4 Precedence: list Subject: [Galene] Re: Troubleshooting 0kbps/0kbps video List-Id: =?utf-8?q?Gal=C3=A8ne_videoconferencing_server_discussion_list?= Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: > Since reaching all the way back into the corp network to see a client is > not practical in this network topology I'm trying to better understand > where/how to put the TURN server. Put the TURN server in the DMZ, and make sure that all clients (inside and outside the corporation) are able to access the TURN port on the DMZ host. > I assume this would make things slightly cleaner from a traffic > management perspective, but that then involves spinning up a dedicated > machine for Galene which is a harder sell in my environment. Hopefully, you'll manage to convince your admins to put a TURN server in the DMZ: they're probably already familiar with TURN, so it won't be as frightening to them as allowing access to a Gal=E8ne server. In fact, they might already have a TURN server available -- Gal=E8ne can share a single TURN server with other videoconferencing software. -- Juliusz