1020 media server cannot be reach error.

[Віктор Завадський]

Hello guys.

With help of a manual i installed bbb server in LXC container behind nat:

#bbb-conf --check
BigBlueButton Server 2.2.0-beta-18 (1273)

                    Kernel version: 4.15.18-18-pve
                      Distribution: Ubuntu 16.04.6 LTS (64-bit)
                            Memory: 8192 MB
                         CPU cores: 8
/usr/share/bbb-web/WEB-INF/classes/bigbluebutton.properties (bbb-web)

       bigbluebutton.web.serverURL: https://myroom.com
                defaultGuestPolicy: ALWAYS_ACCEPT
                 svgImagesRequired: true


/etc/nginx/sites-available/bigbluebutton (nginx)
                       server name: myroom.com
                              port: 80
                              port: 443 ssl
                    bbb-client dir: /var/www/bigbluebutton


/var/www/bigbluebutton/client/conf/config.xml (bbb-client)
                Port test (tunnel): rtmp://myroom.com
                              red5: myroom.com
              useWebrtcIfAvailable: true


/opt/freeswitch/etc/freeswitch/vars.xml (FreeSWITCH)
                       local_ip_v4: 10.10.0.101
                   external_rtp_ip: 88.88.88.12
                   external_sip_ip: 88.88.88.12


/opt/freeswitch/etc/freeswitch/sip_profiles/external.xml (FreeSWITCH)
                        ext-rtp-ip: $${external_rtp_ip}
                        ext-sip-ip: $${external_rtp_ip}
                        ws-binding: :5066
                       wss-binding: 88.88.88.12:7443


/usr/local/bigbluebutton/core/scripts/bigbluebutton.yml (record and playback)
                     playback_host: myroom.com
                 playback_protocol: https
                            ffmpeg: 4.1.3-0york1~16.04


/etc/bigbluebutton/nginx/sip.nginx (sip.nginx)
                        proxy_pass: 88.88.88.12


/usr/local/bigbluebutton/bbb-webrtc-sfu/config/default.yml (Kurento SFU)
                        kurento.ip: 10.10.0.101
                       kurento.url: ws://myroom.com:8888/kurento
                    localIpAddress: 10.10.0.101
               recordScreenSharing: true
                     recordWebcams: true
                  codec_video_main: VP8
               codec_video_content: VP8


/usr/share/meteor/bundle/programs/server/assets/app/config/settings.yml (HTML5 client)
                             build: 614
                        kurentoUrl: wss://myroom.com/bbb-webrtc-sfu
                  enableListenOnly: true




** Potential problems described below **
# IP does not match:
#                           IP from ifconfig: 10.10.0.101
#   /etc/nginx/sites-available/bigbluebutton: myroom.com


# Warning: The setting of 88.88.88.12 for proxy_pass in
#
#    /etc/bigbluebutton/nginx/sip.nginx
#
# does not match the local IP address (10.10.0.101).
# (This is OK if you've manually changed the values)

ip and domain is not actual

Difference what i have - ports 80 and 443 is forwarding not by firewall but via apache2 reverce proxy.

Ports 1935, 7443, udp 3478-3479 and 16384-65535 forwarded by firewall (checked by netcat tool). All other setting according to manual (external ip settigs, dummy lo netcard with external ip, stun server ip and port in kurento settings). Everything works fine exept video and screen sharing, i got error 1020 Media server not found, looks like its cannot reach though firewall, and want some additional tune.

 Apache2 reverce proxy settings:

<VirtualHost *:443>
       ServerName  myroom.com
       ProxyPreserveHost On

        RewriteEngine on
        RewriteCond %{HTTP:Upgrade} websocket [NC]
        RewriteCond %{HTTP:Connection} upgrade [NC]
        RewriteRule .* wss://10.10.0.101%{REQUEST_URI} [P]
        ProxyPass / https://10.10.0.101/
       ProxyPassReverse / https//10.10.0.101/
        ProxyRequests Off

SSL settings ....
</VirtualHost>
</IfModule>

Ones more -  all working fine, exept video and screen sharing, got error 1020 Media server cannot be reach when trying turn on camera.

Sory my bad english.

[Chad Pilkey]

Can you try editing "/usr/local/bigbluebutton/bbb-webrtc-sfu/config/default.yml" and change "url" (third line) to "url: ws://127.0.0.1:8888/kurento". Once the change is made restart the SFU with "systemctl restart bbb-webrtc-sfu".

[Віктор Завадський]

Done, still that error.  Logs in /var/log/bbb-webrtc-sfu/bbb-webrtc-sfu.log   show no error. What logs can i check for possible errors ? 

понеділок, 26 серпня 2019 р. 17:51:47 UTC+3 користувач Chad Pilkey написав:

[Erkan Yetik]

Hi, i had same error after rebooting the server, just bbb-conf -- restart and try again. i works for me. İnteresting :) Everrythink works also i check bbb-conf --check but nothing. I just do bbb-conf --restart.

27 Ağustos 2019 Salı 12:54:03 UTC+3 tarihinde Віктор Завадський yazdı:

[Віктор Завадський]

Its not working for me from very beginning, so reboot not help, i sucpect its firewall or listening ipv4\ipv6 server\port issue. But not yet find resolv.

вівторок, 27 серпня 2019 р. 13:13:07 UTC+3 користувач Erkan Yetik написав:

[Віктор Завадський]

Working at last.

Stun server not working untul i add this  line turnURL=kurento:kur...@74.125.200.127:19302([udp|tcp|tls])      to    /etc/kurento/modules/kurento/WebRtcEndpoint.conf.ini

субота, 24 серпня 2019 р. 08:41:39 UTC+3 користувач Віктор Завадський написав:

[Chad Pilkey]

Adding a STUN server is a much better option than a TURN server. With the TURN server all of your webcam, screenshare, and listen-only audio traffic is going to get routed through that TURN server.

On Tuesday, August 27, 2019 at 7:39:22 AM UTC-4, Віктор Завадський wrote:

Working at last.

Stun server not working untul i add this  line turnURL=kurento:kurento@74.125.200.127:19302([udp|tcp|tls])      to    /etc/kurento/modules/kurento/WebRtcEndpoint.conf.ini

[Віктор Завадський]

Stun not working, at last with this config. I check stun ip via Trickle Ice and its ok, but not for me, i evem try to forward its ports to contaienr, without luck. 

Is there any other option i need to add to config or firewall to make STUN working ?

вівторок, 27 серпня 2019 р. 19:32:24 UTC+3 користувач Chad Pilkey написав:

[Chad Pilkey]

STUN is used to find the public IP. If the UDP ports aren't being forwarded or are being blocked then it won't work. To debug you'd can run various port checkers to see if the UDP ports are actually getting through.