Jitsi videobridge is not working in outside network

i am trying to implement jitse videobridge with openfire version 3.9 by refering http://community.igniterealtime.org/community/support/jitsi_videobridge_plugin/b log/2014/02/16/jitsi-videobridge-plugin-ver-12 blog

i have installed it successfully , but when i try to test for a video conference using any of the following url

https://MYDOMAIN.COM:7443/jitsi/apps/ofmeet/?r=mkelgigj1czestt9**or **

**https://MYDOMAIN.COM:7443/jitsi/apps/jitmeet
**

i am not able to see other person from outside network m, internally its working fine but when a person access the same url outside the network it just shows black screen for other user.

sometime when i restart my openfire i do get following warning and error , but i am not sure wht its saying

Feb 18, 2014 10:58:39 AM org.jitsi.util.Logger warn

WARNING: Codec org.jitsi.impl.neomedia.codec.audio.mp3.JNIEncoder is NOT successfully registered

java.lang.UnsatisfiedLinkError: /opt/openfire/plugins/jitsivideobridge/lib/native/libjnffmpeg.so: /lib/libc.so.6: version `GLIBC_2.6’ not found (required by /opt/openfire/plugins/jitsivideobridge/lib/native/libjnffmpeg.so)

at java.lang.ClassLoader$NativeLibrary.load(Native Method)

at java.lang.ClassLoader.loadLibrary1(Unknown Source)

at java.lang.ClassLoader.loadLibrary0(Unknown Source)

at java.lang.ClassLoader.loadLibrary(Unknown Source)

at java.lang.Runtime.loadLibrary0(Unknown Source)

at java.lang.System.loadLibrary(Unknown Source)

at org.jitsi.impl.neomedia.codec.FFmpeg.(FFmpeg.java:216)

at org.jitsi.impl.neomedia.codec.audio.mp3.JNIEncoder.(JNIEncoder.java:59)

at java.lang.Class.forName0(Native Method)

at java.lang.Class.forName(Unknown Source)

at org.jitsi.impl.neomedia.codec.FMJPlugInConfiguration.registerCustomCodecs(FMJPl ugInConfiguration.java:211)

at org.jitsi.impl.neomedia.MediaServiceImpl.setupFMJ(MediaServiceImpl.java:1589)

at org.jitsi.impl.neomedia.MediaServiceImpl.(MediaServiceImpl.java:232)

at java.lang.Class.forName0(Native Method)

at java.lang.Class.forName(Unknown Source)

at org.jitsi.impl.libjitsi.LibJitsiImpl.getService(LibJitsiImpl.java:110)

at org.jitsi.impl.libjitsi.LibJitsiOSGiImpl.getService(LibJitsiOSGiImpl.java:86)

at org.jitsi.service.libjitsi.LibJitsi.invokeGetServiceOnImpl(LibJitsi.java:163)

at org.jitsi.service.libjitsi.LibJitsi.getMediaService(LibJitsi.java:115)

at org.jitsi.videobridge.Content.getMediaService(Content.java:380)

at org.jitsi.videobridge.Channel.getMediaService(Channel.java:931)

at org.jitsi.videobridge.Channel.(Channel.java:250)

at org.jitsi.videobridge.Content.createChannel(Content.java:148)

at org.jitsi.videobridge.ComponentImpl.handleColibriConferenceIQ(ComponentImpl.jav a:282)

at org.jitsi.videobridge.ComponentImpl.handleIQ(ComponentImpl.java:446)

at org.jitsi.videobridge.ComponentImpl.handleIQ(ComponentImpl.java:405)

at org.jitsi.videobridge.ComponentImpl.handleIQGet(ComponentImpl.java:476)

at org.xmpp.component.AbstractComponent.processIQRequest(AbstractComponent.java:51 1)

at org.xmpp.component.AbstractComponent.processIQ(AbstractComponent.java:289)

at org.xmpp.component.AbstractComponent.processQueuedPacket(AbstractComponent.java :239)

at org.xmpp.component.AbstractComponent.access$100(AbstractComponent.java:81)

at org.xmpp.component.AbstractComponent$PacketProcessor.run(AbstractComponent.java :1051)

at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)

at java.lang.Thread.run(Unknown Source)

Feb 18, 2014 10:58:39 AM org.jitsi.util.Logger info

INFO: Created channel cf853718f9e78574 of content audio of conference b51f1f932fd324e1. The total number of conferences is now 1, channels 1.

Feb 18, 2014 10:58:39 AM net.java.sip.communicator.util.Logger info

INFO: Ignoring invalid port range [null to null]

Feb 18, 2014 10:58:39 AM net.java.sip.communicator.util.Logger info

INFO: Ignoring invalid port range [null to null]

Feb 18, 2014 10:58:39 AM net.java.sip.communicator.util.Logger info

INFO: Ignoring invalid port range [null to null]

Feb 18, 2014 10:58:39 AM net.java.sip.communicator.util.Logger info

INFO: Ignoring invalid port range [null to null]

Feb 18, 2014 10:58:39 AM org.ice4j.ice.Agent gatherCandidates

INFO: Gather candidates for component audio.RTP

Feb 18, 2014 10:58:39 AM org.ice4j.ice.Agent createComponent

INFO: [fe80:0:0:0:4e72:b9ff:fe25:542c]:5000/udp (host)

Feb 18, 2014 10:58:39 AM org.ice4j.ice.Agent createComponent

INFO: 192.168.2.237:5000/udp (host)

Feb 18, 2014 10:58:39 AM org.ice4j.ice.Agent gatherCandidates

INFO: Gather candidates for component audio.RTCP

Feb 18, 2014 10:58:39 AM org.ice4j.ice.Agent createComponent

INFO: [fe80:0:0:0:4e72:b9ff:fe25:542c]:5001/udp (host)

Feb 18, 2014 10:58:39 AM org.ice4j.ice.Agent createComponent

INFO: 192.168.2.237:5001/udp (host)

Feb 18, 2014 10:58:39 AM org.jitsi.util.Logger info

INFO: Created content video of conference b51f1f932fd324e1. The total number of conferences is now 1, channels 1.

Feb 18, 2014 10:58:40 AM org.jitsi.util.Logger info

INFO: Created channel 9355923f16266103 of content video of conference b51f1f932fd324e1. The total number of conferences is now 1, channels 2.

Feb 18, 2014 10:58:40 AM org.ice4j.ice.Agent gatherCandidates

INFO: Gather candidates for component video.RTP

Feb 18, 2014 10:58:40 AM org.ice4j.ice.Agent createComponent

INFO: [fe80:0:0:0:4e72:b9ff:fe25:542c]:5002/udp (host)

Feb 18, 2014 10:58:40 AM org.ice4j.ice.Agent createComponent

INFO: 192.168.2.237:5002/udp (host)

Feb 18, 2014 10:58:40 AM org.ice4j.ice.Agent gatherCandidates

INFO: Gather candidates for component video.RTCP

Feb 18, 2014 10:58:40 AM org.ice4j.ice.Agent createComponent

INFO: [fe80:0:0:0:4e72:b9ff:fe25:542c]:5003/udp (host)

Feb 18, 2014 10:58:40 AM org.ice4j.ice.Agent createComponent

INFO: 192.168.2.237:5003/udp (host)

SENT: EF:AC:C6:C6:DF:68:A2:6C:46:6C:1F:C1:B5:0E:82:6B:42:EA:97:FD</finge rprint>6A:31:EB:03:F5:06:C7:5F:A1:74:EA:93:B7:83:1A:70:CA:47:C7:64</finge rprint>

RECV: 22:21:E3:5D:7E:E1:E9:9E:F0:3B:1A:F9:A4:1C:81:5A:39:3E:4F:1E:BA:6 9:90:EB:E7:87:FB:84:98:4F:A2:3622:21:E3:5D:7E:E1:E9:9E:F0:3B:1A:F9:A4:1C:81:5A:39:3E:4F:1E:BA:6 9:90:EB:E7:87:FB:84:98:4F:A2:36

Feb 18, 2014 10:58:40 AM org.ice4j.ice.Component addRemoteCandidate

INFO: Add remote candidate for audio.RTP: 192.168.1.3:1291/udp/host

Feb 18, 2014 10:58:40 AM org.ice4j.ice.Component addRemoteCandidate

INFO: Add remote candidate for audio.RTCP: 192.168.1.3:1292/udp/host

Feb 18, 2014 10:58:40 AM org.ice4j.ice.Agent startConnectivityEstablishment

INFO: Start ICE connectivity establishment

Feb 18, 2014 10:58:40 AM org.ice4j.ice.Agent initCheckLists

INFO: Init checklist for stream audio

Feb 18, 2014 10:58:40 AM org.jitsi.util.Logger info

INFO: ICE processing state of IceUdpTransportManager #13bc863 of channel cf853718f9e78574 of content audio of conference b51f1f932fd324e1 changed from Waiting to Running.

Feb 18, 2014 10:58:40 AM org.ice4j.ice.ConnectivityCheckClient startChecks

INFO: Start connectivity checks!

Feb 18, 2014 10:58:40 AM org.ice4j.ice.Component addRemoteCandidate

INFO: Add remote candidate for video.RTP: 192.168.1.3:1293/udp/host

Feb 18, 2014 10:58:40 AM org.ice4j.ice.Component addRemoteCandidate

INFO: Add remote candidate for video.RTCP: 192.168.1.3:1294/udp/host

Feb 18, 2014 10:58:40 AM org.ice4j.ice.Agent startConnectivityEstablishment

INFO: Start ICE connectivity establishment

Feb 18, 2014 10:58:40 AM org.ice4j.ice.Agent initCheckLists

INFO: Init checklist for stream video

Feb 18, 2014 10:58:40 AM org.jitsi.util.Logger info

INFO: ICE processing state of IceUdpTransportManager #14d6695 of channel 9355923f16266103 of content video of conference b51f1f932fd324e1 changed from Waiting to Running.

Feb 18, 2014 10:58:40 AM org.ice4j.ice.ConnectivityCheckClient startChecks

INFO: Start connectivity checks!

SENT: EF:AC:C6:C6:DF:68:A2:6C:46:6C:1F:C1:B5:0E:82:6B:42:EA:97:FD</finge rprint>6A:31:EB:03:F5:06:C7:5F:A1:74:EA:93:B7:83:1A:70:CA:47:C7:64</finge rprint>

Feb 18, 2014 10:58:47 AM org.ice4j.ice.ConnectivityCheckClient processTimeout

INFO: timeout for pair: 192.168.2.237:5002/udp/host → 192.168.1.3:1293/udp/host (video.RTP), failing.

Feb 18, 2014 10:58:47 AM org.ice4j.ice.ConnectivityCheckClient processTimeout

INFO: timeout for pair: 192.168.2.237:5000/udp/host → 192.168.1.3:1291/udp/host (audio.RTP), failing.

Feb 18, 2014 10:58:47 AM org.ice4j.ice.ConnectivityCheckClient processTimeout

INFO: timeout for pair: 192.168.2.237:5003/udp/host → 192.168.1.3:1294/udp/host (video.RTCP), failing.

Feb 18, 2014 10:58:47 AM org.ice4j.ice.ConnectivityCheckClient processTimeout

INFO: timeout for pair: 192.168.2.237:5001/udp/host → 192.168.1.3:1292/udp/host (audio.RTCP), failing.

Feb 18, 2014 10:58:47 AM org.ice4j.ice.ConnectivityCheckClient updateCheckListAndTimerStates

INFO: CheckList will failed in a few seconds if nosucceeded checks come

Feb 18, 2014 10:58:47 AM org.ice4j.ice.ConnectivityCheckClient updateCheckListAndTimerStates

INFO: CheckList will failed in a few seconds if nosucceeded checks come

It means your linux openfire server does not have GLIBC_2.6 installed

But as far as video chat is concerned why i am not be able to work it outside my network ?

as i dont think GLIBC is causing that problem.

i have opend the port from 50000 and 60000 inside iptables.

is that the rite place to open a port ?

Not sure. I am not a linux expert

But it does look like UDP is blocked from outside your network on ports 50000 to 60000

so wht could be the reason , should i post the log ?

I have the same issue and it seems to be a NAT problem, I think that we need a turn server to solve the nat issue …

Can you elobrate more , as i dont know what is NAT ?

When you come from outside to inside, you don’t present yourself with the real ip address, but with th public ip address of your ISP, protocol that permit to masquerade your real ip address behind the public ip address is NAT.

so do you know how to resolve it , i mean any guideline or something

Sorry I have the same issue and any solution for the moment …

Try opening UDP 5000 to 6000 in IPTABLES as well as 50000 to 60000

This worked for me. I belive portis in the 5k range are part of the ICE for NAT traversal.

All is open on my firewall … When you say open, is it from client to openfire or openfire to client direction ?

What ICE plugin do you use ?

client to openfire.

Maybe verify that your are permitting UDP ports and not the TCP ports for these ranges.

Although these may not be needed for OFMeet, they are running on my installation for other reasons:

• STUN plugin with the local STUN server disabled (only reporting remote servers).
• JingleNodes

I Have exactly the same config all is open on firewall I am on redhat 6.7.

stun and jonglenodes installed.

You can share your desktop with outside people ?

All I can advise is that your need a public IP address for your openfire server if you want to allow Internet users outside of your local network (LAN) network.

I am not a network expert, but I suspect it may not even work with the relayed or dynamic IP addresses Amazon provides. What works for me is a static public address on the Internet

Yes, I concur. I’m using a public IP configured on the server.

Due to the requirement for the UDP media ports to be accessible, you would need a custom configuration on the device that does have the public IP configured (router, firewall, etc). Each of these port ranges will need to be forwarded the gateway device to your server. ICE, STUN, etc, are only effective when your clients are behind a NAT, not when the server is behind a NAT.

in jitsi’s own project, you can find follow paragraph in “how to deploy jitmeet”.

1. Running behind NAT
   In case of videobridge being installed on a machine behind NAT, add the following to the file ~/.sip-communicator/sip-communicator.properties (in the home of user running the videobridge):

org.jitsi.videobridge.NAT_HARVESTER_LOCAL_ADDRESS=<Local.IP.Address>
org.jitsi.videobridge.NAT_HARVESTER_PUBLIC_ADDRESS=<Public.IP.Address>

So the file should look like this at the end:

org.jitsi.impl.neomedia.transform.srtp.SRTPCryptoContext.checkReplay=false
org.jitsi.videobridge.NAT_HARVESTER_LOCAL_ADDRESS=<Local.IP.Address>
org.jitsi.videobridge.NAT_HARVESTER_PUBLIC_ADDRESS=<Public.IP.Address>

I found in openfire videobridge plugin folder there is a same config file “sip-communicator.properties”, but it does not resolve the NAT problem.

I followed your advice and can see in the logs that these settings are read by the plugin. But does not result in any reaction.

If I look at the source code of the videobridge plugin on Github:

https://github.com/jitsi/jitsi-videobridge/blob/master/src/org/jitsi/videobridge /IceUdpTransportManager.java

I can see that support for harvesters and local/public IP addresses mapping was introduced just recently.

Therefore I’m wondering if current released version of the Openfire Jitsi Videobridge plugin supports it already.

Dele, could you clarify if the code referenced above is used by the the latest released version of a plugin or not?

Thanks,

Leo

Installed a Soft VPN called Softether that automatically punched a hole through NAT and setup a ddns link.

Turned out the Nat transversal was my issue even with DMZ and all ports opened to server.

Didn’t even have to use the VPN!

Video Below:

Jay

A big thank you for discovering this, making the video and sharing it with us. You are a star