From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mail.toke.dk; spf=pass (mailfrom) smtp.mailfrom=irif.fr (client-ip=2001:660:3301:8000::1:2; helo=korolev.univ-paris7.fr; envelope-from=jch@irif.fr; receiver=) Authentication-Results: mail.toke.dk; dkim=pass (2048-bit key; unprotected) header.d=irif.fr header.i=@irif.fr header.a=rsa-sha256 header.s=dkim-irif header.b=fjZWY/Ji Received: from korolev.univ-paris7.fr (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]) by mail.toke.dk (Postfix) with ESMTPS id 9FD72A55383 for ; Thu, 15 Feb 2024 19:09:15 +0100 (CET) Received: from mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [81.194.30.253]) by korolev.univ-paris7.fr (8.14.4/8.14.4/relay1/82085) with ESMTP id 41FI9EbX025555; Thu, 15 Feb 2024 19:09:14 +0100 Received: from mailhub.math.univ-paris-diderot.fr (localhost [127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTP id 8EBC3A3406; Thu, 15 Feb 2024 19:09:13 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=irif.fr; h= content-type:content-type:mime-version:user-agent:references :in-reply-to:subject:subject:from:from:message-id:date:date :received:received; s=dkim-irif; t=1708020552; x=1708884553; bh= yiXWhGcBuGQbTeouRlgDUKnxhXRsphUDEZAVUpAIgB0=; b=fjZWY/JiZe0ZwN0A RIaGUZP+sY4FQAu/4dyOWqEJnXNZbdWAYe5G4w0B+6ljfiAQsd+4waxcqjs1IJ7s kyiU55qNZZ3n0TT6UKLdso5QJcKFEfoBb4jezFqsnYR2/32NBN/gaen3mFwVjIQI CalKmEyU8fQtdQIxbWnqzBiAWyP6lelofpF/kNHMqjhzQh1v8nCRMtL/eh91FhtP cvy8A8J9dD+C6E8LUd9YClZolcyuQ/k+/No2ZOiNWjXFJqh8s1DL3VpqVYlei1hu Xdxc8N6mOcvzK9pi2i8tzuoaHKeRpxEHXowGMTCbhhYZT0hB/rakSMKMIzJdW7bs 4tFeBQ== X-Virus-Scanned: amavisd-new at math.univ-paris-diderot.fr Received: from mailhub.math.univ-paris-diderot.fr ([127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id thEWB1aRifzD; Thu, 15 Feb 2024 19:09:12 +0100 (CET) Received: from pirx.irif.fr (unknown [78.194.40.74]) (Authenticated sender: jch) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTPSA id AB581A346C; Thu, 15 Feb 2024 19:09:11 +0100 (CET) Date: Thu, 15 Feb 2024 19:09:10 +0100 Message-ID: <87le7lzjjt.wl-jch@irif.fr> From: Juliusz Chroboczek To: Dirk-Willem van Gulik In-Reply-To: References: <87o7cmhole.wl-jch@irif.fr> <87h6iehcng.wl-jch@irif.fr> User-Agent: Wanderlust/2.15.9 (Almost Unreal) Emacs/29.1 Mule/6.0 MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (korolev.univ-paris7.fr [194.254.61.138]); Thu, 15 Feb 2024 19:09:15 +0100 (CET) X-Miltered: at korolev with ID 65CE534A.000 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)! X-j-chkmail-Enveloppe: 65CE534A.000 from mailhub.math.univ-paris-diderot.fr/mailhub.math.univ-paris-diderot.fr/null/mailhub.math.univ-paris-diderot.fr/ X-j-chkmail-Score: MSGID : 65CE534A.000 on korolev.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000 X-j-chkmail-Status: Ham Message-ID-Hash: 7TWC5SJ2GZU5WTGRYVFS5ATWNW4JTW7I X-Message-ID-Hash: 7TWC5SJ2GZU5WTGRYVFS5ATWNW4JTW7I X-MailFrom: jch@irif.fr X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: galene@lists.galene.org X-Mailman-Version: 3.3.9 Precedence: list Subject: [Galene] Re: udp-port range and subsequent "turn" use of ports outside that range List-Id: =?utf-8?q?Gal=C3=A8ne_videoconferencing_server_discussion_list?= Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: > The situation is slightly more odd. With galene ran as: > > /usr/local/bin/galene -static /usr/local/share/galene \ > .... \ > -turn OUTSIDEIP:SRCPORT \ > -udp-range 18100-19100 > I would expect to only see UDP traffic going out that originates from > OUTSIDEIP. I don't see why. The above configuration only specifies that the TURN server is advertised on OUTSIDEIP. It says nothing about the addresses that are advertised for direct (non-TURN) traffic. So in the above configuration, Galene will advertise: - all local addresses with ports 18100-19100 ; - arbitrary STUN-ed addresses ; - TURN addresses on OUTSIDEIP:SRCPORT. > 1) I had not expected to see OUTSIDEIP_2 in this list at all. That's a STUNed address. > 2) I had not expected source UDP ports such as 11247 in below list. If you seen port 11247 inside the NAT, then it's suprising. Seeing port 11247 outside the NAT might happen if the NAT remapped a port in udp-range to a different value. > With the attempts to reach 10.11.0.240 a case where perhaps some RFC1918 > optimisation can be applied. That's normal behaviour, the first point in the enumeration above. Please be patient, I'm up to my ears in other stuff right now, but I'm really interested in understanding the behaviour you've pointed out. -- Juliusz