From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-wr1-x42e.google.com (mail-wr1-x42e.google.com [IPv6:2a00:1450:4864:20::42e]) by mail.toke.dk (Postfix) with ESMTPS id 18A9A82A674 for ; Mon, 12 Apr 2021 09:10:04 +0200 (CEST) Authentication-Results: mail.toke.dk; dkim=pass (2048-bit key) header.d=rouillier-fr.20150623.gappssmtp.com header.i=@rouillier-fr.20150623.gappssmtp.com header.b=vu+4QinX Received: by mail-wr1-x42e.google.com with SMTP id x7so11707000wrw.10 for ; Mon, 12 Apr 2021 00:10:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rouillier-fr.20150623.gappssmtp.com; s=20150623; h=from:mime-version:subject:date:references:to:in-reply-to:message-id; bh=FnsFSFFTYbHnUgifV52uUwLX8mbzl3zrhIup8BlURdc=; b=vu+4QinX5xcg3Il7aEuGO+ng+KZJss8YGnWI26HGCAq9im2hJRkqlC3jJXWKbY7BDY m6v/AR3ZomS4LAVR2IRNdW6QTIXw8IN2kyqXjSb/FIPf3VY8tC7CtwSJSYLEK/SGHwAE aOwQyxMc5mAaKndbmcm/wXjGZMlg45pQpK/EMcfNcGWK2MWJLz+i2TvaUtEKjcrB01YN MRmQYSkFTKee19yF9fRWqN6NQyWq7MNh6hlTH/p5pAi/RJVli5ft9KjqvQLv9cwTT2CM o/1GOETSawCYN7AVeJx62PCxYaRuw/ON5etJVLHyiNHgR8NqApW4RH+di/sbU4pjz5/i swSw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:subject:date:references:to :in-reply-to:message-id; bh=FnsFSFFTYbHnUgifV52uUwLX8mbzl3zrhIup8BlURdc=; b=Scq5DBRnjfeVjsKdvYFQ14+qKWhd/aoAqCAglsSjDdl1ie5PV1/kkfMG+mF0iIAzJM c9qA6ITs9OcbJ7UjUa5n+fyV3VHxqLKBgBoTp5ru+ykvdzXCLdJf0E0HzXO5xXpf60Ns KrUixgWzn+TZZZePC4/BkMlrkHCCsQgY+1L21kD1TEd2zBA2G3/tdqSktFMpkYWh84l0 Jg69xWYzszkNW8NI9UuGekCTm0FHytWIcdmHitl8JIJEF+ix4i56Nqy8zTN4d4j1bFhf hPIBH50wWLwEw9qrr2iBTzEzwo8dFM4GWzznC+tyXyhd4CD+iEHc67I+Xmxz04vt4JuC YQHw== X-Gm-Message-State: AOAM533QAqSEHq/TpPJZGzyZAoaNuhl2a1zwk+6jfxROuSxgkXt0S7Wy C42z1YIC7LW/1NNfaw3JxSvyyj1ocAgJYG0+ X-Google-Smtp-Source: ABdhPJws0BCHJpSQBtqe5fYSxfpFwrUHEiRspltMXm4OvvmsPTfHrD9tE3YnLzQHlj03qWBqLz0xoQ== X-Received: by 2002:a5d:47cb:: with SMTP id o11mr584300wrc.378.1618211401971; Mon, 12 Apr 2021 00:10:01 -0700 (PDT) Received: from ?IPv6:2a01:e0a:29d:45e0:ed66:3b45:eb17:69b0? ([2a01:e0a:29d:45e0:ed66:3b45:eb17:69b0]) by smtp.gmail.com with ESMTPSA id m17sm4550013wrq.63.2021.04.12.00.10.00 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 12 Apr 2021 00:10:00 -0700 (PDT) From: Fabrice Rouillier Content-Type: multipart/alternative; boundary="Apple-Mail=_006FBC3F-C01B-4074-BFAC-92AD8321624E" Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.60.0.2.21\)) Date: Mon, 12 Apr 2021 09:10:00 +0200 References: <6AF7B2D8-D370-432F-BCB8-C714C1DED4CC@rouillier.fr> <2bf5e895-c758-62d4-68a1-1c747268bb26@crans.org> <09B3386F-42F0-4A30-A1F9-B65CCC106A4E@rouillier.fr> <2540d5d9-6ac8-d6f6-f468-565e98853d43@crans.org> <21640176-922A-4715-A0E3-DE5BEFECD720@rouillier.fr> <87v98uz0fv.wl-jch@irif.fr> To: galene@lists.galene.org In-Reply-To: Message-Id: X-Mailer: Apple Mail (2.3654.60.0.2.21) Message-ID-Hash: GBJU6IEYJXKVUWL6DMRV4OZ4DLUWM7KV X-Message-ID-Hash: GBJU6IEYJXKVUWL6DMRV4OZ4DLUWM7KV X-MailFrom: fabrice@rouillier.fr X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.4 Precedence: list Subject: [Galene] Installation Script List-Id: =?utf-8?q?Gal=C3=A8ne_videoconferencing_server_discussion_list?= Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --Apple-Mail=_006FBC3F-C01B-4074-BFAC-92AD8321624E Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Hi, I have implemented and tested a script to install Galene and a TURN that = works behind a Router, even a domestic one. You can doowload it here : = https://gitlab.inria.fr/rouillie/visio/-/tree/master/galene It works only for Ubuntu 20.04 or Debian buster for the moment, mainly = because I am lazy :-) but it opens the door to an very easy deployment = on a cloud or simply at home. Cheers, Fabrice ------------------------- Fabrice Rouillier fabrice@rouillier.fr Bureau virtuel : https://www.rouillier = .fr/visio/fabrice > Le 10 avr. 2021 =C3=A0 16:41, Fabrice Rouillier = a =C3=A9crit : >=20 > Hi Juliusz, >=20 > Thanks for your help. > See below for a simple setting that works with our external coturn. >=20 >> The problem is probably that your NAT doesn't implement hairpinning, = so >> Gal=C3=A8ne and the TURN server cannot communicate. >> Coturn is probably >> connecting over IPv6, which the built-in server doesn't handle. >=20 > I have deactivated the IPV6 everywhere and double checked (inspecting = about:websocket ) in Firefox that it does not use IPV6. >=20 >> Could you please check Gal=C3=A8ne's log for mentions of a relay = test? If the >> server-side relay test (the one in Gal=C3=A8ne's log) fails, that's = probably >> indicative of a problem with hairpinning. >=20 > Server side : the relay-test do not fails. >=20 > Client side :=20 > - using the builtin turn, the relay test fails ,=20 > - using coturn (on the same server) it works. >=20 >> Fabrice =E2=80=94 if your instance of Gal=C3=A8ne is behind NAT, then = I strongly >> recommend running an instance of coturn on a host that is not behind = NAT. >=20 > The following works :=20 >=20 > - port forwarding from my router (Freebox) to a Linux 20.04 VM = (virtual box) :=20 >=20 > 49152-65535 (UDP/TCP) > 3478 (UDP/TCP)=20 > 8443 (UDP/TCP)=20 >=20 > - coturn on the VM with the following configuration >=20 > listening-port=3D3478 > fingerprint > lt-cred-mech > user=3D: > server-name=3D > realm=3D >=20 > - galene on the VM launched with the option -turn auto=20 > and data/ice-servers.json with the following contents >=20 > [ > { > "Urls": [ > "turn::3478", > =C2=AB turn::3478?transport=3Dtcp" > ], > "username": "", > "credential": "" > } > ] >=20 --Apple-Mail=_006FBC3F-C01B-4074-BFAC-92AD8321624E Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8 Hi,

I = have implemented and tested a script to install Galene and a TURN that = works behind a Router, even a domestic one.


It works only = for Ubuntu 20.04 or Debian buster for the moment, mainly because I am = lazy :-) but it opens the door to an very easy deployment on a cloud or = simply at home.

Cheers,

Fabrice
-------------------------
Fabrice Rouillier

Bureau virtuel = : https://www.rouillier.fr/visio/fabrice





Le 10 avr. 2021 =C3=A0 16:41, Fabrice Rouillier <fabrice@rouillier.fr> a =C3=A9crit :

Hi = Juliusz,

Thanks = for your help.
See below for a simple setting that = works with our external coturn.

The problem is probably that your NAT = doesn't implement hairpinning, so
Gal=C3=A8ne and the TURN = server cannot communicate.
 Coturn is = probably
connecting over IPv6, which the built-in server = doesn't handle.
I have deactivated the IPV6 everywhere and double = checked (inspecting about:websocket) in Firefox that it does not use = IPV6.

Could you please check = Gal=C3=A8ne's log for mentions of a relay test?  If the
server-side relay test (the one in Gal=C3=A8ne's log) fails, = that's probably
indicative of a problem with = hairpinning.

Server side : the relay-test do not = fails.

Client side = : 
   - using the builtin turn, the = relay test fails , 
   - using = coturn (on the same server) it works.

Fabrice =E2=80=94 if your instance of Gal=C3=A8ne is behind = NAT, then I strongly
recommend running an instance of = coturn on a host that is not behind NAT.

The following works : 

- port forwarding from my router = (Freebox) to a Linux 20.04  VM (virtual box) : 

   49152-65535 = (UDP/TCP)
   3478 (UDP/TCP) 
   8443 = (UDP/TCP) 

- coturn on the VM with the following configuration

  = listening-port=3D3478
  fingerprint
  lt-cred-mech
  user=3D<TURN= USER>:<TURN PASSWD>
  = server-name=3D<TURN SERVER NAME>
  = realm=3D<DOMAINE>

- galene on the VM launched with the option -turn = auto 
  and data/ice-servers.json= with the following contents

[
    {
  =       "Urls": [
          =   "turn:<TURN SERVER NAME>:3478",
  =           =C2=AB turn:<TURN = SERVER NAME>:3478?transport=3Dtcp"
        = ],
        "username": "<TURN = USER>",
        "credential": "<TURN = PASSWD>"
    }
]


= --Apple-Mail=_006FBC3F-C01B-4074-BFAC-92AD8321624E--