AWS EC2 Settings [WorkingButStrange]

[Smaash Labs]

I've spun up an AWS instance for BBB.  I tried and tried but was never able to get it to work from following the troubleshooting steps to reinstalling the Ubuntu 14.04 AMI.  I then removed the Security Group I created Inbound for BBB and then tried it.  It worked.  Everything worked.  I then did a TCPdump and examined the pcap and here's what I learned:

1. Your EC2 public IP address is port forwarding to your VPC.  You must include your Public IP in your security group.  Allow HTTP from your VPC public IP "Inbound" to access your BBB Ubuntu instance.  
2. DNS queries are performed on the Private IP LAN.  If you have a ssh session to your bbb server do an nslookup:

Example:

xl...@ip-172-x.x.x:~$  nslookup google.com

Server:         172.81.0.2

Address:        172.81.0.2#53

Non-authoritative answer:

Name:   google.com

Address: 172.217.3.206

You need to add the nameserver IP of 172.81.0.2 to your Security Group. This allows 172.81.0.2 UDP for port 53 which is DNS.  This is an example.  You must perform nslookup on your server to see the IP address of the nameserver.

Because I'm testing my BBB install, I'm only allowing my public IP to access the BBB AWS instance.  

Example:

>If my public IP address is 203.4.4.203 I have the following ports opened in my Security Group:

   Allow 203.4.4.203/32 access to TCP Ports:  80,  1935, 9123, 5066, 22

   Allow 203.4.4.203/32 access to UDP Ports:  16384-32768

>For DNS:

 

   Allow 172.81.0.2/32 access to UDP Port: 53

>For your Amazon AWS EC2 public IP address: (example IP:  55.251.239.78)

   Allow 55.251.239.78 access to TCP Port: 80 or *(443 for https)

   *If I were doing an HTTPS implementation I would also allow my AWS EC2 public IP access to TCP Port: 443

=======================

Everything works but when I do a bbb-conf --check I get the following errors below.  Please let me know if they are issues.  

NOTE: Using redo.testfly.ie as my domain example.

xlres@ip-172-x-0-x:~$ sudo bbb-conf --check

BigBlueButton Server 1.0.0 (1024)

                    Kernel version: 3.13.0-105-generic

                      Distribution: Ubuntu 14.04.5 LTS (64-bit)

                            Memory: 7983 MB

/var/www/bigbluebutton/client/conf/config.xml (bbb-client)

                Port test (tunnel): redo.testfly.ie

                              Red5: redo.testfly.ie

              useWebrtcIfAvailable: true

/opt/freeswitch/conf/sip_profiles/external.xml (FreeSWITCH)

                    websocket port: 5066

                    WebRTC enabled: true

/etc/nginx/sites-available/bigbluebutton (nginx)

                       server name: redo.testfly.ie

                              port: 80

                    bbb-client dir: /var/www/bigbluebutton

/var/lib/tomcat7/webapps/bigbluebutton/WEB-INF/classes/bigbluebutton.properties (bbb-web)

                      bbb-web host: redo.testfly.ie

/var/lib/tomcat7/webapps/demo/bbb_api_conf.jsp (API demos)

                               url: redo.testfly.ie

/usr/share/red5/webapps/bigbluebutton/WEB-INF/red5-web.xml (red5)

                  voice conference: FreeSWITCH

                     capture video: true

                   capture desktop: true

/usr/local/bigbluebutton/core/scripts/bigbluebutton.yml (record and playback)

                     playback host: redo.testfly.ie

** Potential problems described below **

# IP does not match:

#                           IP from ifconfig: 172.x.0.x

#   /etc/nginx/sites-available/bigbluebutton: redo.testfly.ie

# Warning: API URL IPs do not match host:

#

#                                IP from ifconfig: 172.x.0.x

#  /var/lib/tomcat7/webapps/demo/bbb_api_conf.jsp: redo.testfly.ie

# Error: Unable to connect to port 1935 (RTMP) on redo.testfly.ie

# Error: Unable to connect to port 9123 (desktop sharing) on redo.testfly.ie

# Warning: The setting of  for local_ip_v4 in

#

#    /opt/freeswitch/conf/vars.xml

#

# does not match the local IP address (172.x.0.x).

# (This is OK if you've manually changed the values)

# Warning: The API demos are installed and accessible from:

#

#    http://redo.testfly.ie/demo/demo1.jsp

#

# These API demos allow anyone to access your server without authentication

# to create/manage meetings and recordings. They are for testing purposes only.

# If you are running a production system, remove them by running:

#

#    sudo apt-get purge bbb-demo

xles@ip-172-x-0-x:~$ 

=====================

Thanks.

 

[Fred Dixon]

Hi,

We recommend checking out the install guide for BigBlueButton 1.1-beta.  We've updated the sections on configuring BigBlueButton behind a firewall (and security group of EC2).  If you try out the newer steps, we would be interested in hearing if you had any difficulties. See

  http://docs.bigbluebutton.org/1.1/install.html

Regards,... Fred

--
You received this message because you are subscribed to the Google Groups "BigBlueButton-Setup" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bigbluebutton-setup+unsub...@googlegroups.com.
To post to this group, send email to bigbluebutton-setup@googlegroups.com.
Visit this group at https://groups.google.com/group/bigbluebutton-setup.
For more options, visit https://groups.google.com/d/optout.

--

BigBlueButton Developer

http://bigbluebutton.org/

@bigbluebutton