You don't need to change any logic You should install STUN/TURN server please search mailing lists `coturn`
On Sun, 8 Dec 2019 at 15:45, Coscend@OM <[email protected]> wrote: > Further, to clarify, > > 1. The server hosting OM, Kurento and Docker is in the DMZ. > > 2. The client devices are in the one single subnet, connected to a > switch. > > > > That is, even though the devices are in one subnet, they still receive the > stream from a different subnet. The stream has to pass through a firewall > and router to reach the two devices. Only peer-to-peer connection is in > the same sub-net and does not go through the firewall. > > > > So, all these video and audio effects are due to streaming across the > firewall. > > > > ------------------------- > > In sum, we need to change the logic in the following sections of the code > to get the stream (video and audio) at the same time through the firewall > to the users. Any insight into this would be appreciated. > > > > om-web/…raw-video.js: > > getVideoStream: > https://github.com/apache/openmeetings/blob/master/openmeetings-web/src/main/java/org/apache/openmeetings/web/room/raw-video.js#L57 > > > > om-web/…raw-video-manager.js: > > onBroadcast: > https://github.com/apache/openmeetings/blob/master/openmeetings-web/src/main/java/org/apache/openmeetings/web/room/raw-video-manager.js#L27 > > > > activityAllowed, activityToggle, hasActivity, Client set(Activity a), > Client toggle(Activity a) > > om-core/…StreamProcessor.java: > https://github.com/apache/openmeetings/blob/master/openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/StreamProcessor.java#L211 > > > > om-core/…KurentoHandler.java: > https://github.com/apache/openmeetings/blob/master/openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/KurentoHandler.java#L243 > > > > om-db/…Client.java: > https://github.com/apache/openmeetings/blob/master/openmeetings-db/src/main/java/org/apache/openmeetings/db/entity/basic/Client.java#L175 > > > > Thank you. > > > > Sincerely, > > > > Hemant K. Sabat > > www.Coscend.com <http://www.coscend.com/> > > ------------------------------------------------------------------ > > *Real-time, Interactive Video Collaboration, Tele-healthcare, > Tele-education, Telepresence Services, on the fly…* > > ------------------------------------------------------------------ > > CONFIDENTIALITY NOTICE: See 'Confidentiality Notice Regarding E-mail > Messages from Coscend Communications Solutions' posted at: > http://www.Coscend.com/Anchor/Common/Terms_and_Conditions.html > <http://www.coscend.com/Anchor/Common/Terms_and_Conditions.html> > > > > > > > > *From:* Coscend@OM [mailto:[email protected]] > *Sent:* Sunday, December 8, 2019 4:23 AM > *To:* 'Openmeetings user-list' <[email protected]> > *Subject:* RE: OM5: Reverse Proxy - CoTURN NAT > > > > Dear Maxim, > > > > We tested both: > > 5.0.0-M2 (BEFORE issues 2101 and 2132 were fixed) and > > 5.0.0-M3 (AFTER issues were fixed) > > https://issues.apache.org/jira/browse/OPENMEETINGS-2101 > > https://issues.apache.org/jira/browse/OPENMEETINGS-2132 > > Setup: CentOS 8 + Coturn + Kurento via Docker-CE-3:19.03.5-3 > > ----------- > > M2: > > Intranet (no router / firewall) > > Either audio or video are transmitting individually. > > The users can either see OR hear each other. But the users cannot do both > at the same time. > > But when both video and audio are turned on, both video and audio > disappears on users’ own as well as other users’ screen. Only a green > boundary highlighter appeared when someone spoke. > > > > Extranet (with firewall and router): Same result. This means firewall > and router ports are open and transmission is enabled. > > > > M3: > > Intranet (no router / firewall) > > Both audio and video are NOT transmitting. > > Each user can see itself on its own screen. They cannot see other users > on their screen. They cannot hear other users. > > > > Extranet (with firewall and router): Same result. > > > > --------- > > Another issue: Start Recording Test: This does not stop. > > --------- > > > > Thank you. > > > > Sincerely, > > > > Hemant K. Sabat > > www.Coscend.com <http://www.coscend.com/> > > ------------------------------------------------------------------ > > *Real-time, Interactive Video Collaboration, Tele-healthcare, > Tele-education, Telepresence Services, on the fly…* > > ------------------------------------------------------------------ > > CONFIDENTIALITY NOTICE: See 'Confidentiality Notice Regarding E-mail > Messages from Coscend Communications Solutions' posted at: > http://www.Coscend.com/Anchor/Common/Terms_and_Conditions.html > <http://www.coscend.com/Anchor/Common/Terms_and_Conditions.html> > > > > > > > > > > > > *From:* Maxim Solodovnik [mailto:[email protected] > <[email protected]>] > *Sent:* Wednesday, December 4, 2019 10:40 AM > *To:* Openmeetings user-list <[email protected]>; > [email protected] > *Subject:* Re: OM5: Reverse Proxy - CoTURN NAT > > > > This might be one of > > https://issues.apache.org/jira/browse/OPENMEETINGS-2101 > > https://issues.apache.org/jira/browse/OPENMEETINGS-2132 > > > > On Wed, 4 Dec 2019 at 04:43, Coscend@OM <[email protected]> wrote: > > Dear Maxim, > > > > All stable releases: > > Kurento: Installed using docker command. How do we find its version? > > OM 5.0.0-M2 > > Docker-CE-3:19.03.5-3 > > CentOS 8 > > MariadB 10.3.18 > > > > Steps used: > > Intranet: Two devices connected via a switch. No router. (Extranet > gives same result with the same steps.) > > Hardware Firewall ports open: Tomcat 443, 49152-63555, Coturn 3478, 8888 > > > > Start coturn > > Start Docker > > Start Kurento: docker run -d --name kms -p 8888:8888 --mount > type=bind,source= …,target=… > > Start MariaDB > > Start Tomcat (SSL) > > Install OM – 5.0.0-M2 successful. > > Create a user. > > > > OM Admin / Moderator enters Presentation room. > > User enters room. > > Moderator allows user all moderation rights. > > Moderator turns on video. > > User turns on video. > > ---- > both can see each other. > > Both turn off videos. > > Moderator turns on audio. > > User turns on audio. > > ------ > Both can hear each other. > > Both turn off audio. > > > > -------------ISSUE STARTS BELOW. > > ISSUE 1--- > > Moderator turns on video. > > User turns on video. > > --- > Both can see each other. > > Moderator turns on audio. > > --- > Moderator can see himself. User video turns off on moderator > screen. User can see his video on his own screen. > > ---- > Both cannot hear each other. > > Moderator turns off audio. > > --- > Moderator can see himself. User video still off on his screen. > User can see his video on his own screen. > > Moderator turns off video. > > User turns off video. > > --------------REPEAT THE ABOVE ISSUE > > ISSUE 2--- > > …Repeat steps in ISSUE 1 with roles in reversed order (User going first > and moderator following it). Same result. > > User turns on video. > > Moderator turns on video. > > --- > Both can see each other. > > > > --------------REPEAT ISSUE 1 and ISSUE 2 > > Moderator starts with audio. > > User turns on audio. > > --- > both can hear each other > > Moderator turns on video. > > --- > Moderator can see the green bar rising for audio. User can see > the green boundary of moderator video frame glowing. Both cannot hear each > other. > > --- > Both cannot see each other. > > --------------REPEAT THE ABOVE ISSUE with roles in reversed order. > > …Repeat steps with roles in reversed order (User going first and moderator > following it). Same result. > > User starts with audio. > > > > > > Thank you. > > > > Sincerely, > > > > Hemant K. Sabat > > www.Coscend.com <http://www.coscend.com/> > > ------------------------------------------------------------------ > > *Real-time, Interactive Video Collaboration, Tele-healthcare, > Tele-education, Telepresence Services, on the fly…* > > ------------------------------------------------------------------ > > CONFIDENTIALITY NOTICE: See 'Confidentiality Notice Regarding E-mail > Messages from Coscend Communications Solutions' posted at: > http://www.Coscend.com/Anchor/Common/Terms_and_Conditions.html > <http://www.coscend.com/Anchor/Common/Terms_and_Conditions.html> > > > > > > > > *From:* Maxim Solodovnik [mailto:[email protected]] > *Sent:* Tuesday, December 3, 2019 12:40 PM > *To:* Openmeetings user-list <[email protected]> > *Cc:* Coscend@OM <[email protected]> > *Subject:* Re: OM5: Reverse Proxy - CoTURN NAT > > > > Please provide > > > > 1) OM version you are using > > 2) KMS version you are using > > 3) What are the steps to reproduce the issue > > > > Thanks in advance > > > > > > On Tue, 3 Dec 2019 at 05:58, Daniel Baker <[email protected]> > wrote: > > Can you try for testing purposes on a real server. Help to eliminate > possibilities. > > On 12/3/2019 1:44 AM, Coscend@OM wrote: > > Dear Daniel, > > > > Thank you for the pointer. Unfortunately, our servers are > enterprise-grade (meaning prohibitively expensive) and hence, need to have > VMs to be cost-effective. > > > > > > Dear Maxim, > > > > After over 50 tests with different configurations of coturn and firewall > ports, we are now able to stream in intranet as well as extranet: > > Videos of all participants > > Audio of all participants > > > > The issue: Users can see EITHER video OR audio, but NOT BOTH, AT THE SAME > TIME. > > We would appreciate any insight the solution. > > > > ---- > > Possible cause > > Firewall ports (both hardware and software) are not blocking because the > users can: > > 1. See either video or audio at any time, but not both concurrently. > > 2. Giving the same result in the following use cases: > > both intranet (two devices connected to one switch, and no router between > the devices) and > > extranet (router+firewall). > > > > We are attempting to refine the logic of methods, variables and their > values stored in and retrieved from OM database: > > activityAllowed, activityToggle, hasActivity, Client set(Activity a), > Client toggle(Activity a) > > > > om-core: > https://github.com/apache/openmeetings/blob/master/openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/StreamProcessor.java#L211 > > > > om-core: > https://github.com/apache/openmeetings/blob/master/openmeetings-core/src/main/java/org/apache/openmeetings/core/remote/KurentoHandler.java#L243 > > > > om-db: > https://github.com/apache/openmeetings/blob/master/openmeetings-db/src/main/java/org/apache/openmeetings/db/entity/basic/Client.java#L175 > > > > Thank you. > > > > Sincerely, > > > > Hemant K. Sabat > > www.Coscend.com <http://www.coscend.com/> > > ------------------------------------------------------------------ > > *Real-time, Interactive Video Collaboration, Tele-healthcare, > Tele-education, Telepresence Services, on the fly…* > > ------------------------------------------------------------------ > > CONFIDENTIALITY NOTICE: See 'Confidentiality Notice Regarding E-mail > Messages from Coscend Communications Solutions' posted at: > http://www.Coscend.com/Anchor/Common/Terms_and_Conditions.html > <http://www.coscend.com/Anchor/Common/Terms_and_Conditions.html> > > > > > > > > > > *From:* Daniel Baker [mailto:[email protected] > <[email protected]>] > *Sent:* Saturday, November 30, 2019 1:28 PM > *To:* [email protected]; [email protected] > *Subject:* Re: OM5: Reverse Proxy - CoTURN NAT > > > > Went to a real server ( laptop , ubuntu ) . No VM. > > On 11/30/2019 2:06 PM, Coscend@OM wrote: > > Hello Daniel, > > > > Thank you for highlighting one of the possibilities. What was the > solution you implemented in your case? How did it go? > > > > Perhaps we can learn from your use case and implement it in our context. > > > > Sincerely, > > > > Hemant K. Sabat > > www.Coscend.com <http://www.coscend.com/> > > ------------------------------------------------------------------ > > *Real-time, Interactive Video Collaboration, Tele-healthcare, > Tele-education, Telepresence Services, on the fly…* > > ------------------------------------------------------------------ > > CONFIDENTIALITY NOTICE: See 'Confidentiality Notice Regarding E-mail > Messages from Coscend Communications Solutions' posted at: > http://www.Coscend.com/Anchor/Common/Terms_and_Conditions.html > <http://www.coscend.com/Anchor/Common/Terms_and_Conditions.html> > > > > > > *From:* Daniel Baker [mailto:[email protected] > <[email protected]>] > *Sent:* Friday, November 29, 2019 3:14 AM > *To:* [email protected]; Maxim Solodovnik > <[email protected]> <[email protected]>; [email protected] > *Subject:* Re: OM5: Reverse Proxy - CoTURN NAT > > > > I had a similar issue but put it down to it being in a VM (virtualbox) > > On 11/27/2019 3:23 PM, Maxim Solodovnik wrote: > > This "We can see our own video/audio. We are not getting the video and > audio of other users" > > most probably mean audio/video is NOT working on your server > > > > I would: > > 1) check if audio/video works on localhost > > (I'm using FF + Chrome in the same room to check video is transferred) > > 2+) add network levels one by one and check if video is being transferred > > > > config looks good, but there are lots of options .... > > > > On Wed, 27 Nov 2019 at 03:25, Coscend@OM <[email protected]> wrote: > > Dear Maxim and Rene, > > > > We are serving HTTPS by Tomcat9/OM5 binary. We can see our own > video/audio. We are not getting the video and audio of other users. > > Below is our config. Perhaps you could suggest what we are missing. > > > > ----------------------------------------------- > > > > Hardware NAT / firewall: Open TCP 3478 5349 UDP 49152-65535 for Coturn. > 443 for Tomcat > > > > - - >Coturn config: > > Listening port=3478 > > Tls-listening-port=5439 > > listening-ip=<Local IP of server hosting coturn> > > relay-ip=<Local IP of server hosting Tomcat> > > external-ip=<Public IP>/<Local IP of server hosting coturn> > > > > verbose > fingerprint > lt-cred-match > > use-auth-secret > static-auth-secret=<SECRETVALUE> > realm=<OURFQDN.com> > min-port=49152 > max-port=65535 > no-stun > > > > - - >Tomcat > > Rest is same as in vanilla OM binary > > > > <Server port="8005" shutdown="SHUTDOWN"> > > <Connector port="443" > protocol="org.apache.coyote.http11.Http11AprProtocol" > > maxThreads="150" SSLEnabled="true" > > > <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" > /> > > <SSLHostConfig> > <Certificate > certificateFile="/etc/letsencrypt/live/OURFQDN.com/cert.pem" > > certificateKeyFile="/etc/letsencrypt/live/OURFQDN.com/privkey.pem" > </SSLHostConfig> > </Connector> > > <!-- Define an AJP 1.3 Connector on port 8009 --> > > <Connector port="8009" protocol="AJP/1.3" redirectPort="443" /> > > [snipped] > > > > > > - - >applicationContext.xml > > Rest is same as in vanilla OM binary > > p:turnUrl="<External_IP>:5349" (We > have tried both 3478 and 5349) > > p:turnUser="" > > p:turnSecret="<SECRETVALUE>" > > > > > > Thank you. > > > > Sincerely, > > > > Hemant K. Sabat > > www.Coscend.com <http://www.coscend.com/> > > ------------------------------------------------------------------ > > *Real-time, Interactive Video Collaboration, Tele-healthcare, > Tele-education, Telepresence Services, on the fly…* > > ------------------------------------------------------------------ > > CONFIDENTIALITY NOTICE: See 'Confidentiality Notice Regarding E-mail > Messages from Coscend Communications Solutions' posted at: > http://www.Coscend.com/Anchor/Common/Terms_and_Conditions.html > <http://www.coscend.com/Anchor/Common/Terms_and_Conditions.html> > > > > > > *From:* Maxim Solodovnik [mailto:[email protected]] > *Sent:* Monday, November 25, 2019 10:23 AM > *To:* Openmeetings user-list <[email protected]>; > [email protected] > *Subject:* Re: OM5: Reverse Proxy - CoTURN NAT > > > > Unfortunately I don't get your last email :( > > > > You can > > 1) serve HTTPS by OM > > OR > > 2) serve HTTPS by reverse proxy > > NOT both > > > > what is your configuration? > > > > On Fri, 22 Nov 2019 at 22:41, Coscend@OM <[email protected]> wrote: > > Hello Maxim, > > > > Are serving HTTPS pages from Tomcat? That is, certificates are input in > server.xml including port 5443. > > > > > > Hello Rene, > > > > Thank you for the insight. Yes, ports open TCP 3478 UDP 49152-65535 for > Coturn. > > > > Sincerely, > > > > Hemant K. Sabat > > www.Coscend.com <http://www.coscend.com/> > > ------------------------------------------------------------------ > > *Real-time, Interactive Video Collaboration, Tele-healthcare, > Tele-education, Telepresence Services, on the fly…* > > ------------------------------------------------------------------ > > CONFIDENTIALITY NOTICE: See 'Confidentiality Notice Regarding E-mail > Messages from Coscend Communications Solutions' posted at: > http://www.Coscend.com/Anchor/Common/Terms_and_Conditions.html > <http://www.coscend.com/Anchor/Common/Terms_and_Conditions.html> > > > > > > > > > > *From:* Maxim Solodovnik [mailto:[email protected]] > *Sent:* Thursday, November 21, 2019 1:17 PM > *To:* Openmeetings user-list <[email protected]> > *Subject:* Re: OM5: Reverse Proxy - CoTURN NAT > > > > As far as I understand OM is available at 443 (via reverse proxy) > > > > Any errors in browser console? > > > > On Wed, 20 Nov 2019 at 01:21, R. Scholz <[email protected]> > wrote: > > Hello Hemant, > > *- - > Hardware based: NAT, Strict Firewall: ports open TCP 3478 UDP > 49152-65535* > Have you open port 5443 (Tomcat-https-Port)? 3478 and the port range is > for Coturn, I think. > > Best regrads, > > René > > Am 19.11.2019 um 18:15 schrieb Coscend@OM: > > Correction in setup: > > > > External client- - > Public IP > > > > - - > Hardware based: NAT, Strict Firewall: ports open TCP 3478 UDP > 49152-65535 > > > > - - > Reverse proxy via Apache HTTPD, Nginx etc. (HTTPS LetsEncrypt): > > Working configuration from OM-408 > > > > - - > CoTURN: Config from Rene, Juan and Maxim: NAT via CoTURN: > https://markmail.org/message/3dgy62lj3m74mogy?q=rene+scholz+from:%22Ren%C3%A9+Scholz%22+turn+server+problem > > > > - - > OM5-Tomcat: HTTP (port 5080 in server.xml): Maxim’s overall and > ImageMagick guidance > > > > - - > Kurento, docker: Alvaro’s tutorial on Docker, Kurento in CentOS 7/8 > > > > > > *From:* Coscend@OM [mailto:[email protected] > <[email protected]>] > *Sent:* Tuesday, November 19, 2019 10:40 PM > *To:* 'Openmeetings user-list' <[email protected]> > <[email protected]> > *Subject:* OM5: Reverse Proxy - CoTURN NAT > > > > Dear OM Community, > > > > Could you guide us on this problem: video not appearing in our OM5 > installation? > > > > Even in the intranet / LAN, > > · We cannot see others’ video. > > · we can see own video (self). > > Same result in WAN via NAT, reverse proxy. > > > > -------------- > > Here is our setup: > > > > Reverse proxy via Apache HTTPD, Nginx etc. (HTTPS LetsEncrypt): > > Working configuration from OM-408 > > > > - - > NAT, Strict Firewall: ports open TCP 3478 UDP 49152-65535 > > > > - - > CoTURN: Config from Rene, Juan and Maxim: NAT via CoTURN: > https://markmail.org/message/3dgy62lj3m74mogy?q=rene+scholz+from:%22Ren%C3%A9+Scholz%22+turn+server+problem > > > > - - > OM5-Tomcat: HTTP (port 5080 in server.xml): Maxim’s overall and > ImageMagick guidance > > > > - - > Kurento, docker: Alvaro’s tutorial on Docker, Kurento in CentOS 7/8 > > > > Thank you. > > > > Sincerely, > > > > Hemant K. Sabat > > www.Coscend.com <http://www.coscend.com/> > > ------------------------------------------------------------------ > > *Real-time, Interactive Video Collaboration, Tele-healthcare, > Tele-education, Telepresence Services, on the fly…* > > ------------------------------------------------------------------ > > CONFIDENTIALITY NOTICE: See 'Confidentiality Notice Regarding E-mail > Messages from Coscend Communications Solutions' posted at: > http://www.Coscend.com/Anchor/Common/Terms_and_Conditions.html > <http://www.coscend.com/Anchor/Common/Terms_and_Conditions.html> > > > > > > > > > > > -- > > WBR > Maxim aka solomax > > > > > -- > > WBR > Maxim aka solomax > > > > > -- > > WBR > Maxim aka solomax > > > > > -- > > WBR > Maxim aka solomax > > > > > -- > > WBR > Maxim aka solomax > -- WBR Maxim aka solomax
