Error installing Miro SFU
-
@MiroTalk so you are saying this WebRTCServer acts similar to a reverse proxy allowing all incoming connections via one single port and internally distributes to workers locally? If this is the case, then I guess we have to change the app to only use 44444 and then the exposed (and forwarded) port range is not required?
-
@nebulon More or less yes.
-
SFU Instance Deployment: When you deploy MiroTalk SFU on a server, it dynamically creates WebRtcServers based on the available CPU cores of the server if you enable this option in the config.js
-
Example CPU Core Count: For instance, if the server where you deploy MiroTalk SFU has 2 CPU cores, MiroTalk will create 2 WebRtcServers dynamically (config.mediasoup.numWorkers)
-
Port Allocation: These WebRtcServers are started from a base port number (in this case, 44444) and are internally incremented by logic for each server created.
-
Console Logs Example:
[3/26/2024, 17:37:17:682] [Server] Create a WebRtcServer { worker_pid: 41060, webRtcServerOptions: { listenInfos: [ { protocol: 'udp', ip: '0.0.0.0', announcedAddress: 'Your-Public-IPv4', port: 44444 }, { protocol: 'tcp', ip: '0.0.0.0', announcedAddress: 'Your-Public-IPv4', port: 44444 } ] } } [3/26/2024, 17:37:17:730] [Server] Create a WebRtcServer { worker_pid: 41061, webRtcServerOptions: { listenInfos: [ { protocol: 'udp', ip: '0.0.0.0', announcedAddress: 'Your-Public-IPv4', port: 44445 }, { protocol: 'tcp', ip: '0.0.0.0', announcedAddress: 'Your-Public-IPv4', port: 44445 } ] } } ...
- The console logs I provided illustrate the creation of two WebRtcServers.
- Each server is associated with a unique worker process ID (
worker_pid
). - Each server is configured with both UDP and TCP protocols, listening on all available IPv4 addresses (
0.0.0.0
) and a specific port number. - The port numbers for each server are incremented sequentially. In this example, the first server listens on port 44444, and the second server listens on port 44445.
- Listen Infos: Each WebRTC server's configuration (
webRtcServerOptions
) includes details about the protocols it supports, the IP address it listens on, the announced address (typically the public IPv4 address of your server), and the port it's listening on.
In this scenario, the application requires permission to allow traffic on ports 44444 and 44445.
-
-
So on Cloudron, the firewall is actually closed down and each exposed port needs to be explicitly mentioned. Is there any configuration to limit the ports it will use?
Also I am still not sure if this is independent of the port range for the
rtcMin/MaxPort
configs or if this replaces it? -
I also get an error message:
An error occurred during the install operation: Docker Error: (HTTP code 500) server error - driver failed programming external connectivity on endpoint 943b1ae7-08e5-4d54-8d7f-98938b449d22 (78f68ad50a0916d674692c2342ba809b82238d3e6bd7c9aacf25b67b8499821a): listen tcp4 0.0.0.0:40090: bind: address already in use
-
@girish said in Error installing Miro SFU:
@jdaviescoates workaround is to reinstall the app with a different port range and keep your it doesn't conflict again. Note that the TCP and UDP port ranges should be the same! I recommend something like 12000 .
I tried that. Seemed to install fine, but when I actually tried to use it I get this:
I guess some of the stuff @MiroTalk has mentioned needs to be implemented before it'll work properly
-
Please provide more detailed error logs from for example the browser console, instead of screenshots of rather generic errors. Otherwise there is really nothing to help here, unless it is easily reproducible, which for example in this case is not for me.
-
@nebulon does any of this shed any more light?
Presumably you'd also get the same issue if you visit https://miro.ud.coop (where I've just done a fresh install have have the exact same issue).
-
@jdaviescoates said in Error installing Miro SFU:
if you visit https://miro.ud.coop
I also get the problem a few seconds after creating and joining a room on your instance
-
Mine is not a fresh install and I don't get any of those issues:
https://talk.chourmo.net/
https://talksfu.chourmo.net/ -
@avatar1024 I don't have the issue on yours either.
-
same behaviour on my app instance. after a few seconds "producer transport fails" (and the console says something with
WebRTC: ICE failed, add a STUN server and see about:webrtc for more details
). No problem with the instance of @avatar1024 -
Mine install predate the latest changes on ports stuff so I've still got the old config:
-
I just tried installing using the default 40000 ports on another Cloudron and it works fine there. I guessing changing those values just doesn't work. I wish I knew which other app on my main Cloudron was blocking those ports: is there anyway to find out?
-
-
@MiroTalk sorry to come back to you here, but I am trying to update the app with the port fixes, however it is not entirely clear to me how the port range (default 40000 - 40100) https://github.com/miroslavpejic85/mirotalksfu/blob/main/app/src/config.template.js#L342 and 44444+ from https://github.com/miroslavpejic85/mirotalksfu/blob/main/app/src/config.template.js#L401 is related.
Are both required and can you share what the difference is?
On top of this there is also another
listenInfos
at https://github.com/miroslavpejic85/mirotalksfu/blob/main/app/src/config.template.js#L408 this one does not mention any ports at all, is this correct? -
-
@jdaviescoates said in Error installing Miro SFU:
I just updated Cloudron to 7.7.1 and tried to install Miro SFU but I got this error:
An error occurred during the install operation: Docker Error: (HTTP code 500) server error - driver failed programming external connectivity on endpoint 45483bcf-5f54-47ef-b28d-a13d377e493c (947cbd4cbf34d00ad0c0e0a55e41113ab4505551212b3cffa5c45768c2f29908): listen udp4 0.0.0.0:40026: bind: address already in use
This no longer happens with the latest version.
Nor this:
Looking forward to trying this out in an actual meeting soon! Thanks all
-
Hi @nebulon, i will answer you bellow:
Port Ranges and Firewall Configuration:
MiroTalk SFU (Mediasoup) employs a defined port range (40000:40100) for media transmission in WebRTC applications. This contiguous UDP/TCP port range facilitates the seamless sending and receiving of media streams. Ensuring that these ports remain unblocked by the firewall is crucial for uninterrupted service. If blocked, users must create inbound rules to allow traffic through these ports. While the default range is customizable, it's essential to select bindable and accessible ports.
Dynamic Port Assignment with WebRtcServerActive:
The
webRtcServerActive
option in the config.js file,disabled by default
, activates MiroTalk SFU's dynamic port assignment feature. In this mode, the SFU incrementally allocates ports based on the server's CPU configuration. For example, with three CPUs, ports 44444, 44445, and 44446 would be utilized. In such cases, the traditional port range (40000:40100) becomes unnecessary as theWebRtcServer
manages ports internally. It's vital to ensure that dynamically assigned ports remain unblocked by the firewall and are exclusive to MiroTalk SFU to avoid conflicts with other services. More info about you can find in this topicListen Infos Configuration:
The
listenInfos
configuration dictates the IP addresses and ports where the MiroTalk SFU server listens for incoming connections. Notably, the announcedAddress must be a static IPv4 address of the server, ensuring consistency in addressing. For instance, on Amazon EC2, this would typically be an Elastic IP. While EC2 instances are assigned public IP addresses by default, these may change upon instance stop and start. In contrast, an Elastic IP remains associated with the account, providing consistent addressing across instance lifecycle changes. -
@MiroTalk thanks for the clear explanation. Since Cloudron does not support dynamic configuration of the firewall while an app is running, the explicit port range (40000:40100) is great then and we will just not enable the
webRtcServer
, as the default is anyways. So looks like we are all set with SFU version then.