Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


    Cloudron Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    STUN/TURN server debugging

    Discuss
    stun turn webrtc
    3
    3
    557
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • luckow
      luckow translator last edited by girish

      On Tuesday I had some trouble with customers who were unable to join a BigBlueButton conference due to a limited government network.
      The typical solution for this type of network is a STUN/TURN server constellation, which can be used by these clients to join the meeting via the TURN server.

      I had no clue how to try out to be part of that kind of limited network / to simulate it and why the STUN/TURN server does not work for them.

      I found only two interesting links for testing. Maybe they are helpful for your own debugging too.

      • https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/
      • https://test.webrtc.org/

      Additionally there is a setting in firefox:

      about:config
media.peerconnection.ice.relay_only set to true

      ice-errors_simulation-in-firefox.png

      At the end, the easiest solution is really simple.
      The typical government network firewall looks like:

      iptables -P OUTPUT DROP
iptables -A OUTPUT -p tcp -m tcp --dport 443 -j ACCEPT
iptables -A OUTPUT -p tcp -m tcp --dport 53 -j ACCEPT
iptables -A OUTPUT -p tcp -m tcp --dport 80 -j ACCEPT
iptables -A OUTPUT -p upd -m upp --dport 53 -j ACCEPT

      Only port 80/443/53 are allowed. Rest is blocked

      For this reason WebRTC BigBlueButton meetings without TURN server do not work for them. If you have little snitch on your mac, you can easily simulate this kind of network.

      Pronouns: he/him | Primary language: German

      1 Reply Last reply Reply Quote 3
      • girish
        girish Staff last edited by

        Maybe this helps @robi debug some of the webrtc issues.

        robi 1 Reply Last reply Reply Quote 1
        • robi
          robi @girish last edited by

          @girish We're already done.. had to have udp ports open in the 50,000 range and TURN/STUN ports.

          Thanks for thinking of me though 😛

          Life of Advanced Technology

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Powered by NodeBB