Adding ability to set UDP port range

Brent W. Baccala

unread,

May 23, 2022, 7:28:52 PM5/23/22

to BigBlueButton-dev

Hi -

I'd like to add the ability to set the UDP port range used by Big Blue Button.

Right now, the documentation says that ports 16384 - 32768 need to be mapped through a firewall to the server.

I find it useful to restrict my servers to a more limited port range, to facilitate running multiple BBB servers on a single public IP address. I'm currently running four BBB servers on a single IP address (one directly, and the other three behind an nginx reverse proxy), and it seems to work fine by giving each server a block of 1000 UDP ports. Of course, I never have more than 20 users on a single server, and usually far less.

In general, restricting the port range would be useful for avoiding other applications that need UDP ports. In my case, the other application is other BBB instances.

To make this work, I change the port ranges in three places for three components: FreeSWITCH, kurento, and webrtc.

Our default configuration, on both 2.4 and 2.5, is for FreeSWITCH to use the first half of the port range (16384-24576) and for Kurento and bbb-webrtc-sfu to share the second half of the port range (24577-32768).

Is there a good reason for this? I've been assigning them all the same port range, figuring that if they can't bind to a particular port, they'll just pick a different one.

In principle, I figure that each program only needs two ports (one for data and one for control), so the whole server should be able to operate on six UDP ports, but I'm not expecting that to happen! Might be a nice goal to keep in mind, though.

In short - why do we split the port numbers like we do? How many ports do these programs really need? Any objection to making this a configurable option?

agape

brent

Paulo Lanzarin

unread,

May 24, 2022, 8:16:29 AM5/24/22

to bigblueb...@googlegroups.com

> why do we split the port numbers like we do?

No particular reason. Yes, overlapping ranges work.

> How many ports do these programs really need?

Depends on the use case and on the server configurations. One UDP socket per media stream
(as far as FS and mediasoup are concerned, but even that can be false depending on the configs) -
more than that if it's Kurento. So the range varies wildly depending on the use case.

The range is wide because the application needs to work for the widest array of use cases out of the box

([20 users per server - 500 users per server], +cameras/-cameras, ...).

> Any objection to making this a configurable option?

It is configurable. See https://docs.bigbluebutton.org/admin/customize.html#change-udp-ports

(and https://github.com/bigbluebutton/bigbluebutton.github.io/pull/391/files#diff-1b00af420ce0ac512d093d0afbc4974ac7854beba405dc1a10402f956158f840R1056-R1063

for the yet uncommitted mediasoup variant). Unless you're suggesting we shim that into a bbb-conf

command or bbb-install option.

> In principle, I figure that each program only needs two ports (one for data and one for control), so the whole server should be able to operate on six UDP ports, but I'm not expecting that to happen!

In principle, yes. However, of the applications that depend on media UDP ports, only mediasoup can bind to a single

UDP socket and demultiplex them based on remote info (ICE bindings, etc) - and it's untested on our side.

So yes, nice goal - not a priority (or even achievable at the moment).

--
You received this message because you are subscribed to the Google Groups "BigBlueButton-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bigbluebutton-...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/bigbluebutton-dev/f7bc57dd-1424-4278-8f02-9265421621acn%40googlegroups.com.

Brent W. Baccala

unread,

May 24, 2022, 7:50:23 PM5/24/22

to BigBlueButton-dev

On Tuesday, May 24, 2022 at 8:16:29 AM UTC-4 prlanzarin wrote:

> Any objection to making this a configurable option?

It is configurable. See https://docs.bigbluebutton.org/admin/customize.html#change-udp-ports
(and https://github.com/bigbluebutton/bigbluebutton.github.io/pull/391/files#diff-1b00af420ce0ac512d093d0afbc4974ac7854beba405dc1a10402f956158f840R1056-R1063
for the yet uncommitted mediasoup variant). Unless you're suggesting we shim that into a bbb-conf
command or bbb-install option.

I seem to be better at reading source code than documentation.

Yes, I'm proposing that we add --set-port-range as a bbb-conf command.

I think it's a good idea to automate the procedure described in the documentation, because I do that just about every time I run bbb-install.

In fact, I've already automated it; I just want to check that my procedure (setting all the ports ranges the same) doesn't have some hidden problem. Looking at your documentation PR, I see that you recommend putting the changes in production.xml, while I've been editing default.yml.

I'll work it up into a pull request.

agape

brent

Brent W. Baccala

unread,

May 27, 2022, 6:18:36 PM5/27/22

to BigBlueButton-dev

I've submitted my proposal as PR #15096.

It adds a --set-port-range option to bbb-conf, and makes bbb-conf --check display the current port ranges.