From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-wr1-x436.google.com (mail-wr1-x436.google.com [IPv6:2a00:1450:4864:20::436]) by mail.toke.dk (Postfix) with ESMTPS id 6BB01829A74 for ; Sat, 10 Apr 2021 16:41:28 +0200 (CEST) Authentication-Results: mail.toke.dk; dkim=pass (2048-bit key) header.d=rouillier-fr.20150623.gappssmtp.com header.i=@rouillier-fr.20150623.gappssmtp.com header.b=ha6lsnnc Received: by mail-wr1-x436.google.com with SMTP id b9so8411600wrs.1 for ; Sat, 10 Apr 2021 07:41:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rouillier-fr.20150623.gappssmtp.com; s=20150623; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=GaMDhjA+DNP4SJAZXz30gPqv9tlhSC/3QxGOY3JaTLE=; b=ha6lsnncfIJTow+1CblA9TYlBHnHUPbIPaApMCF62HvprySRKvvc3oGJIIrqWvCH34 7Ay9O0dSx/CONtnO8OST50wrZ3KeFWlKInUjMbQo12KpDBbskxVyhp6a6UGKdcIX/WVi 7RKhvVvs7iYzP2lsWhgx4sJMCVOhK01TLjzOKeqVo5LchPS4RafjuXg/MUFq81GQLv0J cyPw6KXhp7+r/IYlKsAywKJHQIlFydevBhp+jMW+SlvRv764cB4ti2chnPmZRa2J35Gs 5/hQqNZyLOPGHskqd50arNNnrV3ER5EPBof//Vs6WUj/BT1uUbpQArlYErcLKSZ8OrD6 NDRQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=GaMDhjA+DNP4SJAZXz30gPqv9tlhSC/3QxGOY3JaTLE=; b=RlO/NACR8r9yJlBsTbWHfR2NjmbqqI37z4ZLd2JHWuq3QEf/vfWkvcrlIj2ePIt+OS yhyLSI4FC98tjJna8vUlju203PiCY4V9yabFih2pAE3W/fzXqcQwbC+gPMgzHFCaLxj9 kmg1zDicSlLynQqFoQE4f5xiD/XyGHJ6UrujCst81Znk2wePFPDnPHSTFWhOnir4wWsv BIC2u/+8l+8ZmyB3lLSVAIup5GdZE+SHazGFwKW0RXbcQ6wE6WKTQncvJxwjMVVIutxz RyVuB4am/K6DJ8NK5//fVbYs32V5CF2xVDVqy0a8XdgsSDzR2IrXJa/bQZFRy34MoAmM EaBQ== X-Gm-Message-State: AOAM532p1bHt2Fa40NbbEgfTBB+H7X9vlpqUbeWFViOdFWtTNoOhp+kg 8VdYS/VscaLuGS/p+5V3x4IiZg== X-Google-Smtp-Source: ABdhPJxpqUqAWg10V1W9XkrsRQZ0EcUkebcBs5Se48+AqS5PMHfn4PeIbD4BtYadDCN2Hi3W+H8Vsw== X-Received: by 2002:a05:6000:108b:: with SMTP id y11mr23498907wrw.196.1618065685977; Sat, 10 Apr 2021 07:41:25 -0700 (PDT) Received: from ?IPv6:2a01:e0a:29d:45e0:d402:2bb0:dc9e:aebf? ([2a01:e0a:29d:45e0:d402:2bb0:dc9e:aebf]) by smtp.gmail.com with ESMTPSA id m128sm9558060wmm.14.2021.04.10.07.41.24 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sat, 10 Apr 2021 07:41:24 -0700 (PDT) From: Fabrice Rouillier Message-Id: Content-Type: multipart/alternative; boundary="Apple-Mail=_B7AC0297-C63D-4BE0-ABC6-9F7BE04FD06C" Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.60.0.2.21\)) Date: Sat, 10 Apr 2021 16:41:24 +0200 In-Reply-To: <87v98uz0fv.wl-jch@irif.fr> To: Juliusz Chroboczek References: <6AF7B2D8-D370-432F-BCB8-C714C1DED4CC@rouillier.fr> <2bf5e895-c758-62d4-68a1-1c747268bb26@crans.org> <09B3386F-42F0-4A30-A1F9-B65CCC106A4E@rouillier.fr> <2540d5d9-6ac8-d6f6-f468-565e98853d43@crans.org> <21640176-922A-4715-A0E3-DE5BEFECD720@rouillier.fr> <87v98uz0fv.wl-jch@irif.fr> X-Mailer: Apple Mail (2.3654.60.0.2.21) Message-ID-Hash: UPAQA45BX7OQ7TH7VRJM4GCSW6EWX76P X-Message-ID-Hash: UPAQA45BX7OQ7TH7VRJM4GCSW6EWX76P X-MailFrom: fabrice@rouillier.fr X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: galene@lists.galene.org X-Mailman-Version: 3.3.4 Precedence: list Subject: [Galene] Re: Galene Turn List-Id: =?utf-8?q?Gal=C3=A8ne_videoconferencing_server_discussion_list?= Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: --Apple-Mail=_B7AC0297-C63D-4BE0-ABC6-9F7BE04FD06C Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=utf-8 Hi Juliusz, Thanks for your help. See below for a simple setting that works with our external coturn. > The problem is probably that your NAT doesn't implement hairpinning, = so > Gal=C3=A8ne and the TURN server cannot communicate. > Coturn is probably > connecting over IPv6, which the built-in server doesn't handle. I have deactivated the IPV6 everywhere and double checked (inspecting = about:websocket ) in Firefox that it does not use IPV6. > Could you please check Gal=C3=A8ne's log for mentions of a relay test? = If the > server-side relay test (the one in Gal=C3=A8ne's log) fails, that's = probably > indicative of a problem with hairpinning. Server side : the relay-test do not fails. Client side :=20 - using the builtin turn, the relay test fails ,=20 - using coturn (on the same server) it works. > Fabrice =E2=80=94 if your instance of Gal=C3=A8ne is behind NAT, then = I strongly > recommend running an instance of coturn on a host that is not behind = NAT. The following works :=20 - port forwarding from my router (Freebox) to a Linux 20.04 VM (virtual = box) :=20 49152-65535 (UDP/TCP) 3478 (UDP/TCP)=20 8443 (UDP/TCP)=20 - coturn on the VM with the following configuration listening-port=3D3478 fingerprint lt-cred-mech user=3D: server-name=3D realm=3D - galene on the VM launched with the option -turn auto=20 and data/ice-servers.json with the following contents [ { "Urls": [ "turn::3478", =C2=AB turn::3478?transport=3Dtcp" ], "username": "", "credential": "" } ] --Apple-Mail=_B7AC0297-C63D-4BE0-ABC6-9F7BE04FD06C Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=utf-8
Hi Juliusz,

Thanks = for your help.
See below for a simple setting that works with = our external coturn.

The problem is = probably that your NAT doesn't implement hairpinning, so
Gal=C3=A8ne and the TURN server cannot = communicate.
 Coturn is probably
connecting over IPv6, which the built-in server doesn't = handle.

I= have deactivated the IPV6 everywhere and double checked (inspecting about:websocket) in Firefox that = it does not use IPV6.

Could you please check = Gal=C3=A8ne's log for mentions of a relay test?  If the
server-side relay test (the one in Gal=C3=A8ne's log) fails, = that's probably
indicative of a problem with = hairpinning.

Server side : the relay-test do not = fails.

Client side = : 
   - using the builtin turn, the relay test = fails , 
   - using coturn (on the same server) = it works.

Fabrice =E2=80=94 if your = instance of Gal=C3=A8ne is behind NAT, then I strongly
recommend running an instance of coturn on a host that is not = behind NAT.

The following works : 

- port forwarding from my router (Freebox) to a = Linux 20.04  VM (virtual box) : 

   49152-65535 = (UDP/TCP)
   3478 (UDP/TCP) 
   8443 = (UDP/TCP) 

- coturn on the VM = with the following configuration

  listening-port=3D3478
  = fingerprint
  lt-cred-mech
  user=3D<TURN= USER>:<TURN PASSWD>
  server-name=3D<TURN = SERVER NAME>
  realm=3D<DOMAINE>

- galene on the VM launched with the option -turn = auto 
  and data/ice-servers.json with = the following contents

[
    {
        "Urls": [
            = "turn:<TURN SERVER NAME>:3478",
  =           =C2=AB turn:<TURN = SERVER NAME>:3478?transport=3Dtcp"
  =       ],
  =       "username": "<TURN USER>",
        "credential": "<TURN = PASSWD>"
    }
]

= --Apple-Mail=_B7AC0297-C63D-4BE0-ABC6-9F7BE04FD06C--