Re: Safari

2020-12-17 Thread Jason 
Daniel,

If you are trying to use iPhone or iPad you are out of luck until the release 
the latest development versión to iOS. Other browsers don’t work, as apple has 
restricted them on iOS.

It does work with other browsers on MacOS.

Jason

> On Friday, Dec 18, 2020 at 1:13 AM, Maxim Solodovnik  (mailto:solomax...@gmail.com)> wrote:
> Hello Daniel,
>
> I don't have Apple devices, so can only guess :((
> According to this site: 
> https://www.whatismybrowser.com/guides/the-latest-version/safari
>
> The latest "stable" Safari version is 14.0
>
> So the advice to end users can be:
> 1) if you have Safari 12 - do not upgrade
> 2) If you have Safai 13.X or 14.0
> a) try to use other browser
> b) try to install Developer Preview (AFAIR it is available from Safari menu)
>
> weird situation, but I see no other options :((
>
> Maybe someone else can suggest anything?
>
>
> On Thu, 17 Dec 2020 at 23:01, Daniel Ascher  (mailto:aplusad...@aplustutoring.com)> wrote:
> > I'm still not clear about what to tell people who are using Safari. Should 
> > I tell them to avoid it completely? Should I tell them to update the last 
> > version(s) of Safari. Sorry for the difficulty understanding this. Thanks! 
> > Dan
> >
> >
> >
> >
> > On Wed, Dec 16, 2020 at 9:32 PM Maxim Solodovnik  > (mailto:solomax...@gmail.com)> wrote:
> > > Well,
> > >
> > > according to my tests Safari 13.X.Y and Safari 14.0.X were not working
> > > Developer preview version (most probably 14.1) was working
> > >
> > >
> > > On Thu, 17 Dec 2020 at 00:53, Daniel Ascher  > > (mailto:aplusad...@aplustutoring.com)> wrote:
> > > > Thanks Maxim. Does this mean it's okay for users as long as they don't 
> > > > use Safari 13?
> > > >
> > > >
> > > >
> > > >
> > > > On Tue, Dec 15, 2020 at 10:22 PM Maxim Solodovnik  > > > (mailto:solomax...@gmail.com)> wrote:
> > > > > Hello Daniel,
> > > > >
> > > > > While investigating (and remote debugging, thanks to Jason)
> > > > > We were able to find out the issue is in Safari browser (and I found 
> > > > > no way to work around this)
> > > > >
> > > > > According to my tests `Safari 12` and `Safari 14.1` should work as 
> > > > > expected
> > > > > Not sure is 14.1 is released :(( (I've tested developer preview ...)
> > > > >
> > > > >
> > > > > On Wed, 16 Dec 2020 at 01:45, Daniel Ascher 
> > > > > mailto:aplusad...@aplustutoring.com)> 
> > > > > wrote:
> > > > > > Hi all. I can't remember if the issues with using Safari for OM 
> > > > > > have been resolved. Can someone let me know? Thanks.
> > > > > >
> > > > > > Dan
> > > > > >
> > > > >
> > > > >
> > > > > --
> > > > > Best regards,
> > > > > Maxim
> > > >
> > > > --
> > > > Daniel Ascher
> > > > President, A+ Test Prep and Tutoring
> > > >
> > > >
> > > > Phone: 215-886-9188 (tel:215-886-9188)
> > > > Email: aplusad...@aplustutoring.com 
> > > > (mailto:aplusad...@aplustutoring.com)
> > > > Address: 505 York Road, Suite 6
> > > > Jenkintown, PA 19046
> > > > Website: aplustutoring.com (http://aplustutoring.com)
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Click to schedule a phone call
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > >
> > >
> > >
> > >
> > > --
> > > Best regards,
> > > Maxim
> >
> > --
> > Daniel Ascher
> > President, A+ Test Prep and Tutoring
> >
> >
> > Phone: 215-886-9188 (tel:215-886-9188)
> > Email: aplusad...@aplustutoring.com (mailto:aplusad...@aplustutoring.com)
> > Address: 505 York Road, Suite 6
> > Jenkintown, PA 19046
> > Website: aplustutoring.com (http://aplustutoring.com)
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > Click to schedule a phone call
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
>
>
>
>
> --
> Best regards,
> Maxim

Re: Safari

2020-12-17 Thread Maxim Solodovnik 
Hello Daniel,

I don't have Apple devices, so can only guess :((
According to this site:
https://www.whatismybrowser.com/guides/the-latest-version/safari

The latest "stable" Safari version is 14.0

So the advice to end users can be:
1) if you have Safari 12 - do not upgrade
2) If you have Safai 13.X or 14.0
   a) try to use other browser
   b) try to install Developer Preview (AFAIR it is available from Safari
menu)

weird situation, but I see no other options :((

Maybe someone else can suggest anything?


On Thu, 17 Dec 2020 at 23:01, Daniel Ascher 
wrote:

> I'm still not clear about what to tell people who are using Safari. Should
> I tell them to avoid it completely? Should I tell them to update the last
> version(s) of Safari. Sorry for the difficulty understanding this. Thanks!
> Dan
>
> On Wed, Dec 16, 2020 at 9:32 PM Maxim Solodovnik 
> wrote:
>
>> Well,
>>
>> according to my tests Safari 13.X.Y and Safari 14.0.X were not working
>> Developer preview version (most probably 14.1) was working
>>
>> On Thu, 17 Dec 2020 at 00:53, Daniel Ascher 
>> wrote:
>>
>>> Thanks Maxim. Does this mean it's okay for users as long as they don't
>>> use Safari 13?
>>>
>>> On Tue, Dec 15, 2020 at 10:22 PM Maxim Solodovnik 
>>> wrote:
>>>
 Hello Daniel,

 While investigating (and remote debugging, thanks to Jason)
 We were able to find out the issue is in Safari browser (and I found no
 way to work around this)

 According to my tests `Safari 12` and `Safari 14.1` should work as
 expected
 Not sure is 14.1 is released :(( (I've tested developer preview ...)

 On Wed, 16 Dec 2020 at 01:45, Daniel Ascher <
 aplusad...@aplustutoring.com> wrote:

> Hi all. I can't remember if the issues with using Safari for OM have
> been resolved. Can someone let me know? Thanks.
>
> Dan
>
>

 --
 Best regards,
 Maxim

>>>
>>>
>>> --
>>> Daniel Ascher
>>>
>>> President, A+ Test Prep and Tutoring
>>> Phone: 215-886-9188
>>> Email: aplusad...@aplustutoring.com
>>> Address: 505 York Road, Suite 6
>>> Jenkintown, PA 19046
>>> Website: aplustutoring.com
>>>   
>>>   
>>> 
>>>   Click to schedule a phone call
>>> 
>>> 
>>>
>>
>>
>> --
>> Best regards,
>> Maxim
>>
>
>
> --
> Daniel Ascher
>
> President, A+ Test Prep and Tutoring
> Phone: 215-886-9188
> Email: aplusad...@aplustutoring.com
> Address: 505 York Road, Suite 6
> Jenkintown, PA 19046
> Website: aplustutoring.com
>   
> 
> 
>   Click to schedule a phone call
> 
> 
>


-- 
Best regards,
Maxim

Re: Safari

2020-12-17 Thread Daniel Ascher 
I'm still not clear about what to tell people who are using Safari. Should
I tell them to avoid it completely? Should I tell them to update the last
version(s) of Safari. Sorry for the difficulty understanding this. Thanks!
Dan

On Wed, Dec 16, 2020 at 9:32 PM Maxim Solodovnik 
wrote:

> Well,
>
> according to my tests Safari 13.X.Y and Safari 14.0.X were not working
> Developer preview version (most probably 14.1) was working
>
> On Thu, 17 Dec 2020 at 00:53, Daniel Ascher 
> wrote:
>
>> Thanks Maxim. Does this mean it's okay for users as long as they don't
>> use Safari 13?
>>
>> On Tue, Dec 15, 2020 at 10:22 PM Maxim Solodovnik 
>> wrote:
>>
>>> Hello Daniel,
>>>
>>> While investigating (and remote debugging, thanks to Jason)
>>> We were able to find out the issue is in Safari browser (and I found no
>>> way to work around this)
>>>
>>> According to my tests `Safari 12` and `Safari 14.1` should work as
>>> expected
>>> Not sure is 14.1 is released :(( (I've tested developer preview ...)
>>>
>>> On Wed, 16 Dec 2020 at 01:45, Daniel Ascher <
>>> aplusad...@aplustutoring.com> wrote:
>>>
 Hi all. I can't remember if the issues with using Safari for OM have
 been resolved. Can someone let me know? Thanks.

 Dan


>>>
>>> --
>>> Best regards,
>>> Maxim
>>>
>>
>>
>> --
>> Daniel Ascher
>>
>> President, A+ Test Prep and Tutoring
>> Phone: 215-886-9188
>> Email: aplusad...@aplustutoring.com
>> Address: 505 York Road, Suite 6
>> Jenkintown, PA 19046
>> Website: aplustutoring.com
>>   
>> 
>> 
>>   Click to schedule a phone call
>> 
>> 
>>
>
>
> --
> Best regards,
> Maxim
>


-- 
Daniel Ascher

President, A+ Test Prep and Tutoring
Phone: 215-886-9188
Email: aplusad...@aplustutoring.com
Address: 505 York Road, Suite 6
Jenkintown, PA 19046
Website: aplustutoring.com
  


  Click to schedule a phone call

Re: Спонтанное пропадание звука или видео

2020-12-17 Thread Maxim Solodovnik 
On Thu, 17 Dec 2020 at 21:09, Телегин Сергей  wrote:

> Здравствуйте. Столкнулись с такой проблемой. Есть OpenMeetings 5.0.1,
> установлен на ВМ Hyper-V с готового образа iso. Тестировали в локальной
> сети с 10 пользователями - все было в порядке. Но сегодня проводили большое
> мероприятие в локальной сети - было примерно 40 человек, но говорили
> одновременно 2-3 человека. При этом у многих пользователей наблюдалась
> проблема с частичной потерей звука или видео. Могло быть даже в пределах
> одного кабинета, на одном месте все видно и слышно, а на соседнем есть
> только звук или только видео. При этом никаких ошибок не всплывало.
> Помогало выйти из комнаты и зайти заново. Все пользователи были в пределах
> одной локальной сети. Для сервера было выделено 16 ядер процессора и 16 гб
> ОЗУ. Хранилище располагалось на SSD. Ну и во время мероприятия большой
> загрузки сервера не заметил.
> Так же видел у некоторых пользователей пачкой могли вывалиться куча ошибок
> с сообщениями "TypeError: Cannot read property ProcessIceCandidate of
> undefined" или "TypeError $(...).data is undefined". но они вроде визуально
> ни на что не влияли. Со звуком и видео я их не связываю.
> Подскажите, в какую сторону нужно копать, а то даже не знаю, с чего начать?
>

я бы посоветовал
1) обновиться на 5.1.0
2) проверить доступный "open files" (`ulimit -n`)
 для пользователя под которым запущен
а) ОМ
б) KMS
в) TURN

ну и логи TURN/KMS можно покурить


> В логах находил вот такие ошибки и предупреждения:
>
> ^[[36mo.a.w.p.w.j.WicketEndpoint:100 [io-5443-exec-62]^[[0;39m - An error
> occurred in web socket connection with id : 100
> ^[[36mo.a.o.c.u.WebSocketHelper:237 [Thread-454419]^[[0;39m - Error while
> sending message to room java.io.IOException: java.io.IOException: Broken
> pipe
>


-- 
Best regards,
Maxim

Re: MaxThreads for kurento

2020-12-17 Thread Maxim Solodovnik 
On Thu, 17 Dec 2020 at 16:58, K. Kamhamea  wrote:

> I recently came to learn that server performance data are crucial as well:
> For instance, 16G is definitely too small a RAM for a media server and a
> fast processor with at least 12 cores and a fast Internt connection
> (>=1GBits/s) also are essential ingresients.
> In my opinion, a TURN Server can be omitted as I tested recently (see my
> other post). It rather turns down server performance. In my opinion a TURN
> server is only necessary if the Media server resides in a private subnet.
>

this is false assumption :(
TURN is required if any of the participants or KMS are behind FW and/or use
some virtual network


> Best K
>
> Am Mi., 16. Dez. 2020 um 16:41 Uhr schrieb Maxim Solodovnik <
> solomax...@gmail.com>:
>
>> Please search archives
>> this topic was discussed
>>
>> On Wed, 16 Dec 2020 at 22:00, kaffeesurrogat 
>> wrote:
>>
>>> Dear list,
>>>
>>> today my kurento-media-server crashed, because i had three guests + me
>>> in one room.
>>>
>>> All of them tried tu use cam+mic.
>>>
>>> sudo watch -n 10 systemctl status kurento-media-server
>>>
>>> gave me a number of tasks which was close to the limit and i found the
>>> following in my logs:
>>>
>>> (openmeetings.log)
>>>
>>> ARN 12-16 10:18:16.279 o.a.o.c.r.KurentoHandler:139 [Thread-10] - Media
>>> Server is not accessible
>>>
>>>
>>> (kurento-media-server)
>>>
>>>   creating thread 'KmsLoop': Error creating thread: Resource temporarily
>>> unavailable
>>>
>>>
>>> according to
>>>
>>>
>>> https://doc-kurento.readthedocs.io/en/latest/user/troubleshooting.html
>>>
>>>
>>> this is due to the limit of threads given.
>>>
>>>
>>> I changed the line
>>>
>>>
>>> #DefaultTasksMax=
>>>
>>>
>>> to
>>>
>>>
>>> DefaultTasksMax=600
>>>
>>>
>>> in
>>>
>>>
>>> /etc/systemd/system.conf
>>>
>>>
>>> After
>>>
>>> |systemctl daemon-reexec
>>>
>>>
>>> I did a check with all my machines. Now the number of threads is well
>>> below the limit.
>>>
>>> Wondering what is going to happen, if i add more than four users and if
>>> it is  a good thing to do, to increase the number of tasks systemwide
>>>  ?
>>>
>>>
>>> In the docs they mention a way to set the limit on a per user bases, but
>>> i didn't figure out how to do this ..
>>>
>>>
>>> Greetings,
>>>
>>> kafeesurrogat
>>> |
>>>
>>
>>
>> --
>> Best regards,
>> Maxim
>>
>

-- 
Best regards,
Maxim

Re: Перестал подключаться плагин Openmeetings из Moodle

2020-12-17 Thread Maxim Solodovnik 
On Thu, 17 Dec 2020 at 04:23, Игорь Швачко  wrote:

> Добрый день, Максим!
> Спасибо за ответ.
> Да, плагин 4.1.1   и moodle 3.9.2+ .
>
> С этим разобрался, была ошибка в букве, в названии приложения,
> была введена заглавная, вместо маленькой.
> Подключается.
> Но теперь при подключении  пользователя moodle начинается подключение,
> а затем  выдается сообщение:
> «Неверный код
>  Доступ запрещён. У вас нет прав для входа в эту комнату.»
>
>

про это было тут: https://markmail.org/message/phpuuvo4tizot2au

нужно найти у себя в ОМ вот этот файл:
https://github.com/apache/openmeetings/blob/master/openmeetings-web/src/main/webapp/META-INF/context.xml#L22

и установить



> На сервере Openmeetings формируется пользователь EXTERNAL с одним правом
> ROOM.
>

by design


> В предыдущем случае, при использовании ОМ 5.0.1  я добавлял DASHBOARD
> и  SOAP
> и тогда  подключение проходило нормально.  При подключении к ОМ 5.1.0
> делал аналогично,
> но это не привело к нормальному подключению и выдало сообщение о неверном
> коде.
> Да, кеши и куки очищены.
>
> Подскажите, пожалуйста, что надо сделать для исправления ситуации с
> подключением.
> И как сделать, чтобы при формировании пользователя EXTERNAL   ему давались
> все
> необходимые права?
>

у такого пользователя должны быть права только на вход в комнату
так и задумано :))


>
> С уважением
> Игорь Швачко
>
>


-- 
Best regards,
Maxim

Re: Increase my understanding of turn/stun

2020-12-17 Thread kaffeesurrogat 
many thanks ali  this helps ...

On 17/12/2020 07:38, Ali Alhaidary wrote:
>
> /etc/turnserver.conf
>
> ##
> # These are the two network ports used by the TURN server which the client
> # may connect to. We enable the standard unencrypted port 3478 for STUN,
> # as well as port 443 for TURN over TLS, which can bypass firewalls.
> #listening-ip=104.248.142.226
>
> listening-port=3478
> tls-listening-port=443
>
> server-name=rooms.the5stars.org
> mobility
>
> # If the server has multiple IP addresses, you may wish to limit which
> # addresses coturn is using. Do that by setting this option (it can be
> # specified multiple times). The default is to listen on all addresses.
> # You do not normally need to set this option.
> #listening-ip=104.248.142.226
>
> # If the server is behind NAT, you need to specify the external IP
> address.
> # If there is only one external address, specify it like this:
> external-ip=104.248.142.226
>
> # If you have multiple external addresses, you have to specify which
> # internal address each corresponds to, like this. The first address
> is the
> # external ip, and the second address is the corresponding internal IP.
> #external-ip=104.248.142.226/10.0.0.11
> #external-ip=104.248.142.226/10.0.0.12
>
> # Fingerprints in TURN messages are required for WebRTC
> fingerprint
>
> # The long-term credential mechanism is required for WebRTC
> lt-cred-mech
>
> # Configure coturn to use the "TURN REST API" method for validating
> time-limited credentials.
> # You can generate a new random value by running the command:
> #   openssl rand -hex 16
> use-auth-secret
> static-auth-secret=
>
> # user=
> stale-nonce=0
>
> # If the realm value is unspecified, it defaults to the TURN server
> hostname.
> # You probably want to configure it to a domain name that you control to
> # improve log output. There is no functional impact.
> realm=rooms.the5stars.org
>
> # Configure TLS support.
> # Adjust these paths to match the locations of your certificate files
> cert=/etc/letsencrypt/live/rooms.the5stars.org/fullchain.pem
> pkey=/etc/letsencrypt/live/rooms.the5stars.org/privkey.pem
>
> # Limit the allowed ciphers to improve security
> # Based on
> https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
> cipher-list="ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS"
>
> # Enable longer DH TLS key to improve security
> dh2066
>
> # All WebRTC-compatible web browsers support TLS 1.2 or later, so disable
> # older protocols
> no-tlsv1
> no-tlsv1_1
>
> # Log to a single filename (rather than new log files each startup).
> You'll
> # want to install a logrotate configuration (see below)
> log-file=/var/log/coturn/coturn.log
>
> # To enable single filename logs you need to enable the simple-log flag
> simple-log
>
> proc-user=nobody
> proc-group=nogroup
>
> ##
>
> On 12/17/20 7:13 AM, Ali Alhaidary wrote:
>>
>> For us, and since I had long discussion and research, I removes the
>> 'user' entry from all files:
>>
>>  /etc/kurento/modules/kurento/WebRtcEndpoint.conf.ini
>>  /opt/opt510/webapps/openmeetings/WEB-INF/classes/openmeetings.properties
>>
>>  /etc/turnserver.conf
>>
>> so we are using only STUN service, all working well
>>
>> On 12/17/20 7:08 AM, Maxim Solodovnik wrote:
>>>
>>>
>>> On Thu, 17 Dec 2020 at 00:36, kaffeesurrogat
>>> mailto:kaffeesurro...@posteo.de>> wrote:
>>>
>>> now i am ashamed, it was me who asked this question a while ago
>>> and you
>>> did answer it.
>>>
>>> sorry for that 
>>>
>>> this means i should leave the line in
>>> 
>>> /opt/open510/webapps/openmeetings/WEB-INF/classes/openmeetings.properties
>>>
>>> like this:
>>>
>>> kurento.turn.user=
>>>
>>>
>>> you can put any user-name to this line :)
>>> for ex.  
>>>
>>>     kurento.turn.user=kaffeesurrogat
>>>
>>> (I guess it can be used while log checking)
>>> or can leave it empty :)
>>>
>>>
>>>
>>> Commenting it out doesn't work .
>>>
>>> I find some error in openmeetings.log
>>> (Could not resolve placeholder kurento.turn.user .)
>>> and the webfrontend is not reachable 
>>>
>>>
>>>
>>>
>>>
>>>
>>> On 16/12/2020 17:12, Maxim Solodovnik wrote:
>>> > I would recommend to remove the `user` from coturn config
>>> > (/etc/turnserver.conf)
>>> > please search mailing lists, I've shared my config (as well as
>>> others
>>> > ... :)))
>>> >
>>> > On Wed, 16 Dec 2020 at 22:49, kaffeesurrogat
>>> mailto:kaffeesurro...@posteo.de>
>>> > >> >> wrote:
>>> >
>>> >
>>> >
>>> >     On 16/12/2020 16:39, Maxim Solodovnik wrote:
>>> >     >
>>> >     >
>>> >     > On Wed, 16 Dec 2020 at 21:28, kaffeesurrogat
>>>

Re: TURN server (coturn) why?

2020-12-17 Thread Ali Alhaidary 
Yes, as you do not have any FW or multiple NATs, but in real life, 
things are different :-)


Ali

On 12/17/20 3:52 PM, K. Kamhamea wrote:
Of course. We had a mutual exchange through camera (we both used even 
I hight resolution) and microphone ( the sound was nearly "brilliant" ).

We also watched videos and other slides.
This test was limited though as two users participated only.
Best K

Am Do., 17. Dez. 2020 um 13:24 Uhr schrieb Ali Alhaidary 
mailto:ali.alhaid...@the5stars.org>>:


kindly define 'worked' please

Ali

On 12/17/20 12:47 PM, K. Kamhamea wrote:

I tested the following configuration and it worked without TURN
Server. Maybe the reason ist the new Kurento version available
since November 2020.
(https://www.kurento.org/blog/kurento-6150-november-2020)

WebRTC.png

Am Mi., 16. Dez. 2020 um 10:13 Uhr schrieb Rohrbach, Gerald
mailto:g.rohrb...@funkegruppe.de>>:

That’s also understanding Maxim.

If client and OM are in the same network no coturn is needed.
( Must not be the same IP range, we do have in each building
different IP ranges in use, everything is routed on the core
switch.

In our case one external OM has external public IP.

Physical machine.

But clients in real live are at home, that means

a home router with NAT is between.

So coturn is needed.

I have tested a lot with this, we do have an internal

OM server and and external.

We are not using the docker KMS, but I think

that should work also.

As our sytems are pretty stable we do not touch.

Gerald

*Von:*Maxim Solodovnik [mailto:solomax...@gmail.com
]
*Gesendet:* Mittwoch, 16. Dezember 2020 09:16
*An:* Openmeetings user-list mailto:user@openmeetings.apache.org>>
*Betreff:* Re: TURN server (coturn) why?

On Wed, 16 Dec 2020 at 12:50, K. Kamhamea
mailto:kamha...@googlemail.com>> wrote:

In summary two conclusions can be drawn, right?

1. There is no need to use courn if your server uses a
unique public IP.

this is false assumption

According to my tests

since WebRTC is P2P

The client IP should be accessible to KMS

So TURN is not necessary as long as the server AND all client
IP addresses are public

And there are no routers FW etc. in the middle 

2. You can run a OM Server in a private network with only
one public IP using coturn.

--- That's cool !!!

And probably it is even necessary to use coturn if your
OM server resides on a cloud that doesn't provide such a
service.

Thank You so much for the link.

K

Am Di., 15. Dez. 2020 um 22:43 Uhr schrieb Ali Alhaidary
mailto:ali.alhaid...@the5stars.org>>:


https://www.callstats.io/blog/2017/10/26/webrtc-product-turn-server


On 12/15/20 5:05 PM, K. Kamhamea wrote:
> I wonder why we need a coturn anyway?
>
> 1. SSL certificates can be installed without it
> 2. The server URL can be written without port
number (meaning it can
> be accessed by the default 433 port) without turn
server installed
> the simple iptables command does the trick
>
> iptables -t nat -A PREROUTING -p tcp --dport 443 -j
REDIRECT --to-port
> 5443
>
> and changing server.xml to the default port doesn't
work anyway (with
> or without turn server)
>
> It think better avoid turn server as it may slow
down the
> communication further.


-- 


Best regards,
Maxim

Спонтанное пропадание звука или видео

2020-12-17 Thread Телегин Сергей 
Здравствуйте. Столкнулись с такой проблемой. Есть OpenMeetings 5.0.1, 
установлен на ВМ Hyper-V с готового образа iso. Тестировали в локальной сети с 
10 пользователями - все было в порядке. Но сегодня проводили большое 
мероприятие в локальной сети - было примерно 40 человек, но говорили 
одновременно 2-3 человека. При этом у многих пользователей наблюдалась проблема 
с частичной потерей звука или видео. Могло быть даже в пределах одного 
кабинета, на одном месте все видно и слышно, а на соседнем есть только звук или 
только видео. При этом никаких ошибок не всплывало. Помогало выйти из комнаты и 
зайти заново. Все пользователи были в пределах одной локальной сети. Для 
сервера было выделено 16 ядер процессора и 16 гб ОЗУ. Хранилище располагалось 
на SSD. Ну и во время мероприятия большой загрузки сервера не заметил. 
Так же видел у некоторых пользователей пачкой могли вывалиться куча ошибок с 
сообщениями "TypeError: Cannot read property ProcessIceCandidate of undefined" 
или "TypeError $(...).data is undefined". но они вроде визуально ни на что не 
влияли. Со звуком и видео я их не связываю.
Подскажите, в какую сторону нужно копать, а то даже не знаю, с чего начать?
В логах находил вот такие ошибки и предупреждения:

^[[36mo.a.w.p.w.j.WicketEndpoint:100 [io-5443-exec-62]^[[0;39m - An error 
occurred in web socket connection with id : 100
^[[36mo.a.o.c.u.WebSocketHelper:237 [Thread-454419]^[[0;39m - Error while 
sending message to room java.io.IOException: java.io.IOException: Broken pipe

Re: TURN server (coturn) why?

2020-12-17 Thread K. Kamhamea 
Of course. We had a mutual exchange through camera (we both used even I
hight resolution) and microphone ( the sound was nearly "brilliant" ).
We also watched videos and other slides.
This test was limited though as two users participated only.
Best K

Am Do., 17. Dez. 2020 um 13:24 Uhr schrieb Ali Alhaidary <
ali.alhaid...@the5stars.org>:

> kindly define 'worked' please
>
> Ali
> On 12/17/20 12:47 PM, K. Kamhamea wrote:
>
> I tested the following configuration and it worked without TURN Server.
> Maybe the reason ist the new Kurento version available since November 2020.
> (https://www.kurento.org/blog/kurento-6150-november-2020)
>
> [image: WebRTC.png]
>
> Am Mi., 16. Dez. 2020 um 10:13 Uhr schrieb Rohrbach, Gerald <
> g.rohrb...@funkegruppe.de>:
>
>> That’s also understanding Maxim.
>>
>>
>>
>> If client and OM are in the same network no coturn is needed. ( Must not
>> be the same IP range, we do have in each building different IP ranges in
>> use, everything is routed on the core switch.
>>
>>
>>
>> In our case one external OM has external public IP.
>>
>> Physical machine.
>>
>>
>>
>> But clients in real live are at home, that means
>>
>> a home router with NAT is between.
>>
>> So coturn is needed.
>>
>> I have tested a lot with this, we do have an internal
>>
>> OM server and and external.
>>
>> We are not using the docker KMS, but I think
>>
>> that should work also.
>>
>> As our sytems are pretty stable we do not touch.
>>
>>
>>
>>
>>
>> Gerald
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> *Von:* Maxim Solodovnik [mailto:solomax...@gmail.com]
>> *Gesendet:* Mittwoch, 16. Dezember 2020 09:16
>> *An:* Openmeetings user-list 
>> *Betreff:* Re: TURN server (coturn) why?
>>
>>
>>
>>
>>
>>
>>
>> On Wed, 16 Dec 2020 at 12:50, K. Kamhamea 
>> wrote:
>>
>> In summary two conclusions can be drawn, right?
>>
>> 1. There is no need to use courn if your server uses a unique public IP.
>>
>>
>>
>> this is false assumption
>>
>> According to my tests
>>
>> since WebRTC is P2P
>>
>> The client IP should be accessible to KMS
>>
>>
>>
>> So TURN is not necessary as long as the server AND all client IP
>> addresses are public
>>
>> And there are no routers FW etc. in the middle 
>>
>>
>>
>> 2. You can run a OM Server in a private network with only one public IP
>> using coturn.
>>
>> --- That's cool !!!
>>
>> And probably it is even necessary to use coturn if your OM server resides
>> on a cloud that doesn't provide such a service.
>>
>>
>>
>> Thank You so much for the link.
>>
>> K
>>
>>
>>
>> Am Di., 15. Dez. 2020 um 22:43 Uhr schrieb Ali Alhaidary <
>> ali.alhaid...@the5stars.org>:
>>
>> https://www.callstats.io/blog/2017/10/26/webrtc-product-turn-server
>>
>>
>> On 12/15/20 5:05 PM, K. Kamhamea wrote:
>> > I wonder why we need a coturn anyway?
>> >
>> > 1. SSL certificates can be installed without it
>> > 2. The server URL can be written without port number (meaning it can
>> > be accessed by the default 433 port) without turn server installed
>> > the simple iptables command does the trick
>> >
>> > iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-port
>> > 5443
>> >
>> > and changing server.xml to the default port doesn't work anyway (with
>> > or without turn server)
>> >
>> > It think better avoid turn server as it may slow down the
>> > communication further.
>>
>>
>>
>>
>> --
>>
>> Best regards,
>> Maxim
>>
>

Re: TURN server (coturn) why?

2020-12-17 Thread Ali Alhaidary 

kindly define 'worked' please

Ali

On 12/17/20 12:47 PM, K. Kamhamea wrote:
I tested the following configuration and it worked without TURN 
Server. Maybe the reason ist the new Kurento version available since 
November 2020. (https://www.kurento.org/blog/kurento-6150-november-2020)


WebRTC.png

Am Mi., 16. Dez. 2020 um 10:13 Uhr schrieb Rohrbach, Gerald 
mailto:g.rohrb...@funkegruppe.de>>:


That’s also understanding Maxim.

If client and OM are in the same network no coturn is needed. (
Must not be the same IP range, we do have in each building
different IP ranges in use, everything is routed on the core switch.

In our case one external OM has external public IP.

Physical machine.

But clients in real live are at home, that means

a home router with NAT is between.

So coturn is needed.

I have tested a lot with this, we do have an internal

OM server and and external.

We are not using the docker KMS, but I think

that should work also.

As our sytems are pretty stable we do not touch.

Gerald

*Von:*Maxim Solodovnik [mailto:solomax...@gmail.com
]
*Gesendet:* Mittwoch, 16. Dezember 2020 09:16
*An:* Openmeetings user-list mailto:user@openmeetings.apache.org>>
*Betreff:* Re: TURN server (coturn) why?

On Wed, 16 Dec 2020 at 12:50, K. Kamhamea mailto:kamha...@googlemail.com>> wrote:

In summary two conclusions can be drawn, right?

1. There is no need to use courn if your server uses a unique
public IP.

this is false assumption

According to my tests

since WebRTC is P2P

The client IP should be accessible to KMS

So TURN is not necessary as long as the server AND all client IP
addresses are public

And there are no routers FW etc. in the middle 

2. You can run a OM Server in a private network with only one
public IP using coturn.

--- That's cool !!!

And probably it is even necessary to use coturn if your OM
server resides on a cloud that doesn't provide such a service.

Thank You so much for the link.

K

Am Di., 15. Dez. 2020 um 22:43 Uhr schrieb Ali Alhaidary
mailto:ali.alhaid...@the5stars.org>>:

https://www.callstats.io/blog/2017/10/26/webrtc-product-turn-server


On 12/15/20 5:05 PM, K. Kamhamea wrote:
> I wonder why we need a coturn anyway?
>
> 1. SSL certificates can be installed without it
> 2. The server URL can be written without port number
(meaning it can
> be accessed by the default 433 port) without turn server
installed
> the simple iptables command does the trick
>
> iptables -t nat -A PREROUTING -p tcp --dport 443 -j
REDIRECT --to-port
> 5443
>
> and changing server.xml to the default port doesn't work
anyway (with
> or without turn server)
>
> It think better avoid turn server as it may slow down the
> communication further.


-- 


Best regards,
Maxim

Re: MaxThreads for kurento

2020-12-17 Thread K. Kamhamea 
I recently came to learn that server performance data are crucial as well:
For instance, 16G is definitely too small a RAM for a media server and a
fast processor with at least 12 cores and a fast Internt connection
(>=1GBits/s) also are essential ingresients.
In my opinion, a TURN Server can be omitted as I tested recently (see my
other post). It rather turns down server performance. In my opinion a TURN
server is only necessary if the Media server resides in a private subnet.
Best K

Am Mi., 16. Dez. 2020 um 16:41 Uhr schrieb Maxim Solodovnik <
solomax...@gmail.com>:

> Please search archives
> this topic was discussed
>
> On Wed, 16 Dec 2020 at 22:00, kaffeesurrogat 
> wrote:
>
>> Dear list,
>>
>> today my kurento-media-server crashed, because i had three guests + me
>> in one room.
>>
>> All of them tried tu use cam+mic.
>>
>> sudo watch -n 10 systemctl status kurento-media-server
>>
>> gave me a number of tasks which was close to the limit and i found the
>> following in my logs:
>>
>> (openmeetings.log)
>>
>> ARN 12-16 10:18:16.279 o.a.o.c.r.KurentoHandler:139 [Thread-10] - Media
>> Server is not accessible
>>
>>
>> (kurento-media-server)
>>
>>   creating thread 'KmsLoop': Error creating thread: Resource temporarily
>> unavailable
>>
>>
>> according to
>>
>>
>> https://doc-kurento.readthedocs.io/en/latest/user/troubleshooting.html
>>
>>
>> this is due to the limit of threads given.
>>
>>
>> I changed the line
>>
>>
>> #DefaultTasksMax=
>>
>>
>> to
>>
>>
>> DefaultTasksMax=600
>>
>>
>> in
>>
>>
>> /etc/systemd/system.conf
>>
>>
>> After
>>
>> |systemctl daemon-reexec
>>
>>
>> I did a check with all my machines. Now the number of threads is well
>> below the limit.
>>
>> Wondering what is going to happen, if i add more than four users and if
>> it is  a good thing to do, to increase the number of tasks systemwide
>>  ?
>>
>>
>> In the docs they mention a way to set the limit on a per user bases, but
>> i didn't figure out how to do this ..
>>
>>
>> Greetings,
>>
>> kafeesurrogat
>> |
>>
>
>
> --
> Best regards,
> Maxim
>

Re: TURN server (coturn) why?

2020-12-17 Thread K. Kamhamea 
I tested the following configuration and it worked without TURN Server.
Maybe the reason ist the new Kurento version available since November 2020.
(https://www.kurento.org/blog/kurento-6150-november-2020)

[image: WebRTC.png]

Am Mi., 16. Dez. 2020 um 10:13 Uhr schrieb Rohrbach, Gerald <
g.rohrb...@funkegruppe.de>:

> That’s also understanding Maxim.
>
>
>
> If client and OM are in the same network no coturn is needed. ( Must not
> be the same IP range, we do have in each building different IP ranges in
> use, everything is routed on the core switch.
>
>
>
> In our case one external OM has external public IP.
>
> Physical machine.
>
>
>
> But clients in real live are at home, that means
>
> a home router with NAT is between.
>
> So coturn is needed.
>
> I have tested a lot with this, we do have an internal
>
> OM server and and external.
>
> We are not using the docker KMS, but I think
>
> that should work also.
>
> As our sytems are pretty stable we do not touch.
>
>
>
>
>
> Gerald
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> *Von:* Maxim Solodovnik [mailto:solomax...@gmail.com]
> *Gesendet:* Mittwoch, 16. Dezember 2020 09:16
> *An:* Openmeetings user-list 
> *Betreff:* Re: TURN server (coturn) why?
>
>
>
>
>
>
>
> On Wed, 16 Dec 2020 at 12:50, K. Kamhamea  wrote:
>
> In summary two conclusions can be drawn, right?
>
> 1. There is no need to use courn if your server uses a unique public IP.
>
>
>
> this is false assumption
>
> According to my tests
>
> since WebRTC is P2P
>
> The client IP should be accessible to KMS
>
>
>
> So TURN is not necessary as long as the server AND all client IP addresses
> are public
>
> And there are no routers FW etc. in the middle 
>
>
>
> 2. You can run a OM Server in a private network with only one public IP
> using coturn.
>
> --- That's cool !!!
>
> And probably it is even necessary to use coturn if your OM server resides
> on a cloud that doesn't provide such a service.
>
>
>
> Thank You so much for the link.
>
> K
>
>
>
> Am Di., 15. Dez. 2020 um 22:43 Uhr schrieb Ali Alhaidary <
> ali.alhaid...@the5stars.org>:
>
> https://www.callstats.io/blog/2017/10/26/webrtc-product-turn-server
>
>
> On 12/15/20 5:05 PM, K. Kamhamea wrote:
> > I wonder why we need a coturn anyway?
> >
> > 1. SSL certificates can be installed without it
> > 2. The server URL can be written without port number (meaning it can
> > be accessed by the default 433 port) without turn server installed
> > the simple iptables command does the trick
> >
> > iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-port
> > 5443
> >
> > and changing server.xml to the default port doesn't work anyway (with
> > or without turn server)
> >
> > It think better avoid turn server as it may slow down the
> > communication further.
>
>
>
>
> --
>
> Best regards,
> Maxim
>