Dear Daniel,
Thank you for the pointer. Unfortunately, our servers are
enterprise-grade (meaning prohibitively expensive) and hence, need to
have VMs to be cost-effective.
Dear Maxim,
After over 50 tests with different configurations of coturn and
firewall ports, we are now able to stream in intranet as well as extranet:
Videos of all participants
Audio of all participants
The issue: Users can see EITHER video OR audio, but NOT BOTH, AT THE
SAME TIME.
We would appreciate any insight the solution.
----
Possible cause
Firewall ports (both hardware and software) are not blocking because
the users can:
1.See either video or audio at any time, but not both concurrently.
2.Giving the same result in the following use cases:
both intranet (two devices connected to one switch, and no router
between the devices) and
extranet (router+firewall).
We are attempting to refine the logic of methods, variables and their
values stored in and retrieved from OM database:
activityAllowed, activityToggle, hasActivity, Client set(Activity a),
Client toggle(Activity a)
om-core:
https://github.com/apache/openmeetings/blob/master/openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/StreamProcessor.java#L211
om-core:
https://github.com/apache/openmeetings/blob/master/openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/KurentoHandler.java#L243
om-db:
https://github.com/apache/openmeetings/blob/master/openmeetings-db/src/main/java/org/apache/openmeetings/db/entity/basic/Client.java#L175
Thank you.
Sincerely,
Hemant K. Sabat
www.Coscend.com <http://www.coscend.com/>
------------------------------------------------------------------
*Real-time, Interactive Video Collaboration, Tele-healthcare,
Tele-education, Telepresence Services, on the fly…*
------------------------------------------------------------------
CONFIDENTIALITY NOTICE: See 'Confidentiality Notice Regarding E-mail
Messages from Coscend Communications Solutions' posted
at:http://www.Coscend.com/Anchor/Common/Terms_and_Conditions.html
<http://www.coscend.com/Anchor/Common/Terms_and_Conditions.html>
*From:*Daniel Baker [mailto:[email protected]]
*Sent:* Saturday, November 30, 2019 1:28 PM
*To:* [email protected]; [email protected]
*Subject:* Re: OM5: Reverse Proxy - CoTURN NAT
Went to a real server ( laptop , ubuntu ) . No VM.
On 11/30/2019 2:06 PM, Coscend@OM wrote:
Hello Daniel,
Thank you for highlighting one of the possibilities. What was the
solution you implemented in your case? How did it go?
Perhaps we can learn from your use case and implement it in our
context.
Sincerely,
Hemant K. Sabat
www.Coscend.com <http://www.coscend.com/>
------------------------------------------------------------------
*Real-time, Interactive Video Collaboration, Tele-healthcare,
Tele-education, Telepresence Services, on the fly…*
------------------------------------------------------------------
CONFIDENTIALITY NOTICE: See 'Confidentiality Notice Regarding
E-mail Messages from Coscend Communications Solutions' posted
at:http://www.Coscend.com/Anchor/Common/Terms_and_Conditions.html
<http://www.coscend.com/Anchor/Common/Terms_and_Conditions.html>
*From:*Daniel Baker [mailto:[email protected]]
*Sent:* Friday, November 29, 2019 3:14 AM
*To:* [email protected]
<mailto:[email protected]>; Maxim Solodovnik
<[email protected]> <mailto:[email protected]>;
[email protected] <mailto:[email protected]>
*Subject:* Re: OM5: Reverse Proxy - CoTURN NAT
I had a similar issue but put it down to it being in a VM
(virtualbox)
On 11/27/2019 3:23 PM, Maxim Solodovnik wrote:
This "We can see our own video/audio. We are not getting the
video and audio of other users"
most probably mean audio/video is NOT working on your server
I would:
1) check if audio/video works on localhost
(I'm using FF + Chrome in the same room to check video is
transferred)
2+) add network levels one by one and check if video is being
transferred
config looks good, but there are lots of options ....
On Wed, 27 Nov 2019 at 03:25, Coscend@OM
<[email protected] <mailto:[email protected]>> wrote:
Dear Maxim and Rene,
We are serving HTTPS by Tomcat9/OM5 binary. We can see
our own video/audio. We are not getting the video and
audio of other users.
Below is our config. Perhaps you could suggest what we
are missing.
-----------------------------------------------
Hardware NAT / firewall: Open TCP 3478 5349 UDP
49152-65535 for Coturn. 443 for Tomcat
- - >Coturn config:
Listening port=3478
Tls-listening-port=5439
listening-ip=<Local IP of server hosting coturn>
relay-ip=<Local IP of server hosting Tomcat>
external-ip=<Public IP>/<Local IP of server hosting coturn>
verbose
fingerprint
lt-cred-match
use-auth-secret
static-auth-secret=<SECRETVALUE>
realm=<OURFQDN.com>
min-port=49152
max-port=65535
no-stun
- - >Tomcat
Rest is same as in vanilla OM binary
<Server port="8005" shutdown="SHUTDOWN">
<Connector port="443"
protocol="org.apache.coyote.http11.Http11AprProtocol"
maxThreads="150" SSLEnabled="true" >
<UpgradeProtocol
className="org.apache.coyote.http2.Http2Protocol" />
<SSLHostConfig>
<Certificate
certificateFile="/etc/letsencrypt/live/OURFQDN.com/cert.pem"
certificateKeyFile="/etc/letsencrypt/live/OURFQDN.com/privkey.pem"
</SSLHostConfig>
</Connector>
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3"
redirectPort="443" />
[snipped]
- - >applicationContext.xml
Rest is same as in vanilla OM binary
p:turnUrl="<External_IP>:5349" (We have tried both 3478
and 5349)
p:turnUser=""
p:turnSecret="<SECRETVALUE>"
Thank you.
Sincerely,
Hemant K. Sabat
www.Coscend.com <http://www.coscend.com/>
------------------------------------------------------------------
*Real-time, Interactive Video Collaboration,
Tele-healthcare, Tele-education, Telepresence Services, on
the fly…*
------------------------------------------------------------------
CONFIDENTIALITY NOTICE: See 'Confidentiality Notice
Regarding E-mail Messages from Coscend Communications
Solutions' posted
at:http://www.Coscend.com/Anchor/Common/Terms_and_Conditions.html
<http://www.coscend.com/Anchor/Common/Terms_and_Conditions.html>
*From:*Maxim Solodovnik [mailto:[email protected]
<mailto:[email protected]>]
*Sent:* Monday, November 25, 2019 10:23 AM
*To:* Openmeetings user-list <[email protected]
<mailto:[email protected]>>;
[email protected] <mailto:[email protected]>
*Subject:* Re: OM5: Reverse Proxy - CoTURN NAT
Unfortunately I don't get your last email :(
You can
1) serve HTTPS by OM
OR
2) serve HTTPS by reverse proxy
NOT both
what is your configuration?
On Fri, 22 Nov 2019 at 22:41, Coscend@OM
<[email protected] <mailto:[email protected]>>
wrote:
Hello Maxim,
Are serving HTTPS pages from Tomcat? That is,
certificates are input in server.xml including port 5443.
Hello Rene,
Thank you for the insight. Yes, ports open TCP 3478
UDP 49152-65535 for Coturn.
Sincerely,
Hemant K. Sabat
www.Coscend.com <http://www.coscend.com/>
------------------------------------------------------------------
*Real-time, Interactive Video Collaboration,
Tele-healthcare, Tele-education, Telepresence
Services, on the fly…*
------------------------------------------------------------------
CONFIDENTIALITY NOTICE: See 'Confidentiality Notice
Regarding E-mail Messages from Coscend Communications
Solutions' posted
at:http://www.Coscend.com/Anchor/Common/Terms_and_Conditions.html
<http://www.coscend.com/Anchor/Common/Terms_and_Conditions.html>
*From:*Maxim Solodovnik [mailto:[email protected]
<mailto:[email protected]>]
*Sent:* Thursday, November 21, 2019 1:17 PM
*To:* Openmeetings user-list
<[email protected]
<mailto:[email protected]>>
*Subject:* Re: OM5: Reverse Proxy - CoTURN NAT
As far as I understand OM is available at 443 (via
reverse proxy)
Any errors in browser console?
On Wed, 20 Nov 2019 at 01:21, R. Scholz
<[email protected]
<mailto:[email protected]>> wrote:
Hello Hemant,
/- - > Hardware based: NAT, Strict Firewall:
ports open TCP 3478 UDP 49152-65535/
Have you open port 5443 (Tomcat-https-Port)? 3478
and the port range is for Coturn, I think.
Best regrads,
René
Am 19.11.2019 um 18:15 schrieb Coscend@OM:
Correction in setup:
External client- - > Public IP
- - > Hardware based: NAT, Strict Firewall:
ports open TCP 3478 UDP 49152-65535
- - > Reverse proxy via Apache HTTPD, Nginx
etc. (HTTPS LetsEncrypt):
Working configuration from OM-408
- - > CoTURN: Config from Rene, Juan and
Maxim: NAT via CoTURN:
https://markmail.org/message/3dgy62lj3m74mogy?q=rene+scholz+from:%22Ren%C3%A9+Scholz%22+turn+server+problem
- - > OM5-Tomcat: HTTP (port 5080 in
server.xml): Maxim’s overall and ImageMagick
guidance
- - > Kurento, docker: Alvaro’s tutorial on
Docker, Kurento in CentOS 7/8
*From:* Coscend@OM
[mailto:[email protected]]
*Sent:* Tuesday, November 19, 2019 10:40 PM
*To:* 'Openmeetings user-list'
<[email protected]>
<mailto:[email protected]>
*Subject:* OM5: Reverse Proxy - CoTURN NAT
Dear OM Community,
Could you guide us on this problem: video not
appearing in our OM5 installation?
Even in the intranet / LAN,
·We cannot see others’ video.
·we can see own video (self).
Same result in WAN via NAT, reverse proxy.
--------------
Here is our setup:
Reverse proxy via Apache HTTPD, Nginx etc.
(HTTPS LetsEncrypt):
Working configuration from OM-408
- - > NAT, Strict Firewall: ports open TCP
3478 UDP 49152-65535
- - > CoTURN: Config from Rene, Juan and
Maxim: NAT via CoTURN:
https://markmail.org/message/3dgy62lj3m74mogy?q=rene+scholz+from:%22Ren%C3%A9+Scholz%22+turn+server+problem
- - > OM5-Tomcat: HTTP (port 5080 in
server.xml): Maxim’s overall and ImageMagick
guidance
- - > Kurento, docker: Alvaro’s tutorial on
Docker, Kurento in CentOS 7/8
Thank you.
Sincerely,
Hemant K. Sabat
www.Coscend.com <http://www.coscend.com/>
------------------------------------------------------------------
*Real-time, Interactive Video Collaboration,
Tele-healthcare, Tele-education, Telepresence
Services, on the fly…*
------------------------------------------------------------------
CONFIDENTIALITY NOTICE: See 'Confidentiality
Notice Regarding E-mail Messages from Coscend
Communications Solutions' posted
at:http://www.Coscend.com/Anchor/Common/Terms_and_Conditions.html
<http://www.coscend.com/Anchor/Common/Terms_and_Conditions.html>
--
WBR
Maxim aka solomax
--
WBR
Maxim aka solomax
--
WBR
Maxim aka solomax
