ICE failed on DigitalOcean servers

[Sayan Bhattacharya]

We are always getting 'ICE failed' from the 'hangup' event on the client side and on the server we are getting an error ' ICE failed for component 1 in stream'. Everything is working locally but not on the server.

We are using canyanio/janus-gateway-docker Janus docker image and running it on DigitalOcean with Nginx proxy.

nginx.conf -

location /rtc {

    proxy_pass http://127.0.0.1:8088/janus

}

And with janus.jcfg - https://pastebin.com/jTp6iZi8

We have tried the various solutions like setting the nat_1_1 to our server's public IP and setting up STUN servers correctly on the client end as well as the server end but still getting the same error.

We have tried to use the Admin API also to get some insight and there also the ICE state fails after sometime and streams and SDP sections become empty. Any ideas what we are doing wrong?

[Mirko Brankovic]

You have to make sure you are docker natting the udp port range that is set in janus.jcfg:media section and that those ports are open on DigitalOcean firewall, open to piblic

--
You received this message because you are subscribed to the Google Groups "meetecho-janus" group.
To unsubscribe from this group and stop receiving emails from it, send an email to meetecho-janu...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/meetecho-janus/0f5c72fc-6204-4fc8-b1db-ed869457feb7n%40googlegroups.com.

[Sayan Bhattacharya]

Hi, thanks for the quick reply but that doesn't seem to work either I have allowed port 20000-40000/udp, the mentioned RTP ports in the janus.jcfg:media . By the way, we are not using RTP in our project, we are just using the video room plugin but the video is not being published properly due to ICE failure. Any other suggestions?

[Mirko Brankovic]

Well, Videoroom is a relay of A/V streams and stream is a continuous flow of RTP packets most of the time over UDP protocol, so you must be using RTP :)

Make sure you expose those ports from you docker file, like:

EXPOSE 20000-40000/udp

To view this discussion on the web visit https://groups.google.com/d/msgid/meetecho-janus/e7040b24-6c7d-4e80-91a8-014a4a4c6124n%40googlegroups.com.

--

Regards,

Mirko

[Sayan Bhattacharya]

Thanks, Mirko. 

I get it now, why the RTP ports are important.

Actually yesterday we were able to make it work when we ran the docker container with "network_mode: host" and as I mentioned earlier I had already opened the firewall ports.

Just curious if we didn't use "network_mode: host", EXPOSE the docker ports, and allowed the ports in the firewall also, do we have to put the IP of our docker host in the nat_1_1_mapping of the janus.jcfg to make it work?

We were just curious about it, again thanks for the help.

[Lorenzo Miniero]

If you're using docker, you may want to watch this talk by Alessandro: http://januscon.it/2019/talk.php?t=docker

L.

[Mirko Brankovic]

webrtc uses RTP protocol for delivering media packets, so it is quite important.

nat_1_1 setting is for sure important since that is how janus will construct ICE candidates (potential RTP endpoints), and deliver it to clients (so they won't be 127.0.0.1:30000, but your_public_ip:30000, cause only that is reachable for clients).

I don't know about this Host mode of docker, I guess it is just different iptables FORWARD chain rules :D

To view this discussion on the web visit https://groups.google.com/d/msgid/meetecho-janus/d63e312a-94d8-4534-afcd-f61371cff2a4n%40googlegroups.com.

--

Regards,

Mirko