How should i do to make my android client to connect pionturn server for video call?Do i need to install the pionturn server in my server where the openfire was install?
Hello, yes you need to install the Pionturn Plugin and portfoward the port you choose + the range that can be set to your preference (be generous at least lets say 1000 for a small to middle server) in the Pionturn plugin tab. there is a guide on the read me of the Pionturn plugin.
Your picture only shows the External Service Discovery side, after going to the Pionturn plugin tab, selecting your profile(Video) and saving it, you are going to need to restart the Pionturn plugin.
after that you can go to your logs and see what info did the Pionturn plugin provide(does that includes your external IP?) if the answer is yes then all you need is to port foward and try to make a call.
if the call doesnt work grab your logs clean what you think its worth and send here.(just the pionturn stuff).
dear zoi, thanks for your answer.
i followed all of the guide to set my plugin, and reload the PionTurn plugin,then i got this message
2024.04.28 02:36:29.867 INFO [PluginMonitorTask-2]: org.jivesoftware.openfire.container.PluginManager - Successfully unloaded plugin 'pionturn'.
2024.04.28 02:36:29.927 INFO [PluginMonitorExec-2]: org.ifsoft.turn.openfire.PionTurn - checkNatives pionTurn executable path /opt/openfire/bin/../plugins/pionturn/classes/linux-64/turn-server-log
2024.04.28 02:36:29.934 INFO [PluginMonitorExec-2]: org.ifsoft.turn.openfire.PionTurn - PionTurn enabled /opt/openfire/bin/../plugins/pionturn/classes/linux-64/turn-server-log -host-name <My external IP> -public-ip <My external IP> -port 8989 -min_port 50000 -max_port 55000 -realm <My external IP> -users admin=123456
2024.04.28 02:36:29.938 INFO [PluginMonitorExec-2]: org.jivesoftware.openfire.container.PluginManager - Successfully loaded plugin 'pionturn-1.0.0'.
subsequently,i have opened all of ports what i need and try to use the Trickle ICE (webrtc.github.io) to test my pionturn server(i am sorry if i did wrong, thanks for your patience help), i got this message in my logs
2024.04.28 02:41:30.813 INFO [Thread-121]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: Binding request l=0 attrs=0 id=bDJUT0hRV1ZLZmZh,
2024.04.28 02:41:30.813 INFO [Thread-121]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: Binding success response l=20 attrs=2 id=bDJUT0hRV1ZLZmZh, attr0=XOR-MAPPED-ADDRESS attr1=FINGERPRINT
and the Truckle ICE returned " TURN allocate request timed out." .
i know nothing about all of them . i deployed the coturn on my virtual machine before only, and its passed the Trickle ICE.
i dont know how connect the PionTurn on my Android client, maybe i need WebSocket and WebRTC?
I am sorry for my stupid because i dont know how to port forward and make a call.
Hello, first of all lets address the Elephant in the room, at your very first screenshot is that image of your External Service Discovery still true for now?
because look the image is showing that you used: “Using shared secret to generate passwords”
but your Pionturn log is telling a different story: “-users admin=123456”
so how come your Pionturn is using an Old authentication mechanism different from what your External Service Discovery is showing?
Now if that image is not reflecting the actual state of your External Service Discovery and you already fixed everything, can you share a big chunk of your Pionturn plugin logs at the same time the call is happening? 2 Lines there is not enough.
yes, i reset the External Service Discovery and the Pionturn , giveup “Using shared secret to generate passwords” and use hardcoded credentials “-users admin=123456” because Trickle ICE (webrtc.github.io) test need a username but i dont know how to fill this out if i “Using shared secret to generate passwords”.
i’m sorry for the logs i can’t share more because of that only 2 lines.
May i shouldn’t use Trickle ICE (webrtc.github.io) to call?
You can use if you want, but IMO the best way to test your calls is to use the XMPP android APP “Conversations” that can be bought on the playstore or can also be installed for free on F-droid.
As for the Trickle ICE maybe try another browser? Chromium based is the best one i think.
have you port foward your range too right? UDP only right? just making sure here. all the ports for Pionturn including the 8989 and your range 50000:55000 must be UDP
if you are on linux would be like this with UFW
sudo ufw allow 8989/udp
sudo ufw allow 50000:55000/udp
I can definetely say that your 8989 is probably OK. i cant confirm on the range though. but if you show me more logs it might be easier.
To make it all clear let me explain how it works.
Your Pionturn is the TURN/STUN server, your External Service Discovery will give all the info the client(Conversations)needs to make the call. if the client thinks STUN is OK it will only use STUN, if the clients decides that TURN is needed it will use TURN. if your password is wrong for some reason(some characteres might not work well as stated on the Pionturn readme)then the client will only be able to try STUN, If your range is not open/forwarded it will only be able to use STUN, if your “External IP” (Pionturn logs will show you the IP it have) is not accurate the client will also only be able to use STUN.
Thanks for you patience answer.
i opened ports 8989 and range 50000:55000 on my CentOS 7 with firewall-cmd only UDP.
that is, it prefers the STUN server over the TURN server, unless I specify that the TURN server is selected?
so you means i can connect the PionTurn Serve just like how to connect Coturn Serve with " Java WebSocket" and " Google’s WebRTC Android Library" jar?
and I would like to know, how does “Using shared secret to generate passwords” work? it doesn’t seem to have specified a username.
i am sorry to waste your time with my stupid.
I have not read up on the context of your question, but generally, STUN should be preferred to TURN as STUN typically offers better results for the end user.
With TURN, all data is transmitted via a proxy server, while with STUN, data can flow peer to peer, which often is a lot faster.
Thanks for your anwser.
What you mean is that because STUN can penetrate the server directly, it can be point-to-point, so it will be much faster, while TURN can’t penetrate directly so it needs a proxy server to forward,is peer - proxy server -peer ,will be slower than STUN.
The client will choose if TURN or STUN.
as for the
let me try to explain. when you use the Old method with -users admin=123456 everything passes unencrypted in the line. so if someone is intercepting your Pionturn server might be more easily compromised(making it people to abuse from your Turn server resources) its not a “Security issue” because they cant really do anything but use your TURN server. however if using the Ephemeral credentials the External Service Discovery and The Pionturn plugin are the only ones that really know your password. when the External Service Discovery delivers that to the client(conversations) it will deliver a temporary password only valid for 10 minutes. so even if someone does intercept the connection they can not really know the real password. that being said, you cant use that mechanism with the Trickle ICE tool. but you can use with other clients such as Conversations, Dino and so on.
Correct.
Thanks for your anwser!
dear zoid, i get a new problem. i install this PionTurn plugin on my Cloud Server, but it doesn’t effect(I’ve done everything I need to do), it can’t pass Trickle ICE (webrtc.github.io) test.
The log:
2024.04.30 22:20:51.049 INFO [Thread-70]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: Binding request l=0 attrs=0 id=dGVaV0l4djBlT25u,
2024.04.30 22:20:51.049 INFO [Thread-70]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: Binding success response l=20 attrs=2 id=dGVaV0l4djBlT25u, attr0=XOR-MAPPED-ADDRESS attr1=FINGERPRINT
Then , i try to use command “turnutils_stunclient” to test, here are the results
it stuck here!and i used the command “tcpdump” to catch packet:
it stuck here too!
The log:
2024.04.30 22:26:54.105 INFO [Thread-70]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: Allocate request l=40 attrs=5 id=56tX6Dci0TnEEqIW, attr0=REQUESTED-TRANSPORT attr1=LIFETIME attr2=EVEN-PORT attr3=REQUESTED-ADDRESS-FAMILY attr4=FINGERPRINT
2024.04.30 22:26:54.105 INFO [Thread-70]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: Allocate error response l=112 attrs=3 id=56tX6Dci0TnEEqIW, attr0=ERROR-CODE attr1=NONCE attr2=REALM
after many attempts, the entire log was just repeating these four line.
then I deployed openfire on the VM and installed the Pionturn plugin, and you know what, it worked!
Trickle ICE (webrtc.github.io) test logs:
2024.04.30 22:56:33.060 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: Binding request l=0 attrs=0 id=eWdNNWowTWgrRHVn,
2024.04.30 22:56:33.060 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: Binding success response l=20 attrs=2 id=eWdNNWowTWgrRHVn, attr0=XOR-MAPPED-ADDRESS attr1=FINGERPRINT
2024.04.30 22:56:33.120 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: Allocate request l=8 attrs=1 id=Yk1zRU9pMWlPbkdV, attr0=REQUESTED-TRANSPORT
2024.04.30 22:56:33.121 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: Allocate error response l=112 attrs=3 id=Yk1zRU9pMWlPbkdV, attr0=ERROR-CODE attr1=NONCE attr2=REALM
2024.04.30 22:56:33.121 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: Allocate request l=148 attrs=5 id=cStVOXA1b2xsVThr, attr0=REQUESTED-TRANSPORT attr1=USERNAME attr2=REALM attr3=NONCE attr4=MESSAGE-INTEGRITY
2024.04.30 22:56:33.121 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine resolveHostName - lookup: 192.168.175.128 = 192.168.175.128
2024.04.30 22:56:33.122 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: Allocate success response l=56 attrs=4 id=cStVOXA1b2xsVThr, attr0=XOR-RELAYED-ADDRESS attr1=LIFETIME attr2=XOR-MAPPED-ADDRESS attr3=MESSAGE-INTEGRITY
2024.04.30 22:56:33.186 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: Refresh request l=148 attrs=5 id=Q1h3dEFOL1pGU2Fq, attr0=LIFETIME attr1=USERNAME attr2=REALM attr3=NONCE attr4=MESSAGE-INTEGRITY
2024.04.30 22:56:33.186 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: Refresh success response l=32 attrs=2 id=Q1h3dEFOL1pGU2Fq, attr0=LIFETIME attr1=MESSAGE-INTEGRITY
command “turnutils_stunclient” test:
“tcpdump” catch packet:
The logs:
2024.04.30 22:58:36.001 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: Allocate request l=40 attrs=5 id=v8kTZJjbZMm6FB8L, attr0=REQUESTED-TRANSPORT attr1=LIFETIME attr2=EVEN-PORT attr3=REQUESTED-ADDRESS-FAMILY attr4=FINGERPRINT
2024.04.30 22:58:36.002 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: Allocate error response l=112 attrs=3 id=v8kTZJjbZMm6FB8L, attr0=ERROR-CODE attr1=NONCE attr2=REALM
2024.04.30 22:58:36.002 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: Allocate request l=180 attrs=9 id=4C4Y6TIvdkTZGG59, attr0=REQUESTED-TRANSPORT attr1=LIFETIME attr2=EVEN-PORT attr3=REQUESTED-ADDRESS-FAMILY attr4=USERNAME attr5=NONCE attr6=REALM attr7=MESSAGE-INTEGRITY attr8=FINGERPRINT
2024.04.30 22:58:36.002 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine resolveHostName - lookup: 192.168.175.128 = 192.168.175.128
2024.04.30 22:58:36.002 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine resolveHostName - lookup: 192.168.175.128 = 192.168.175.128
2024.04.30 22:58:36.002 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine resolveHostName - lookup: 192.168.175.128 = 192.168.175.128
2024.04.30 22:58:36.002 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: Allocate success response l=68 attrs=5 id=4C4Y6TIvdkTZGG59, attr0=XOR-RELAYED-ADDRESS attr1=LIFETIME attr2=XOR-MAPPED-ADDRESS attr3=RESERVATION-TOKEN attr4=MESSAGE-INTEGRITY
2024.04.30 22:58:36.002 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: Refresh request l=156 attrs=6 id=JXYKW1trNiZfO9FH, attr0=LIFETIME attr1=USERNAME attr2=NONCE attr3=REALM attr4=MESSAGE-INTEGRITY attr5=FINGERPRINT
2024.04.30 22:58:36.002 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: Refresh success response l=32 attrs=2 id=JXYKW1trNiZfO9FH, attr0=LIFETIME attr1=MESSAGE-INTEGRITY
2024.04.30 22:58:36.005 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: Allocate request l=36 attrs=4 id=5QGqgQXYKdtAFGt/, attr0=REQUESTED-TRANSPORT attr1=LIFETIME attr2=RESERVATION-TOKEN attr3=FINGERPRINT
2024.04.30 22:58:36.005 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: Allocate error response l=112 attrs=3 id=5QGqgQXYKdtAFGt/, attr0=ERROR-CODE attr1=NONCE attr2=REALM
2024.04.30 22:58:36.018 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: Allocate request l=176 attrs=8 id=Q+1OgKqp6v59lIiJ, attr0=REQUESTED-TRANSPORT attr1=LIFETIME attr2=RESERVATION-TOKEN attr3=USERNAME attr4=NONCE attr5=REALM attr6=MESSAGE-INTEGRITY attr7=FINGERPRINT
2024.04.30 22:58:36.018 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine resolveHostName - lookup: 192.168.175.128 = 192.168.175.128
2024.04.30 22:58:36.018 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: Allocate success response l=56 attrs=4 id=Q+1OgKqp6v59lIiJ, attr0=XOR-RELAYED-ADDRESS attr1=LIFETIME attr2=XOR-MAPPED-ADDRESS attr3=MESSAGE-INTEGRITY
2024.04.30 22:58:36.018 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: Refresh request l=156 attrs=6 id=wIJWw28CyvvUF6yW, attr0=LIFETIME attr1=USERNAME attr2=NONCE attr3=REALM attr4=MESSAGE-INTEGRITY attr5=FINGERPRINT
2024.04.30 22:58:36.018 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: Refresh success response l=32 attrs=2 id=wIJWw28CyvvUF6yW, attr0=LIFETIME attr1=MESSAGE-INTEGRITY
2024.04.30 22:58:36.019 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: Allocate request l=40 attrs=5 id=atQW94AdDoxb5N9g, attr0=REQUESTED-TRANSPORT attr1=LIFETIME attr2=EVEN-PORT attr3=REQUESTED-ADDRESS-FAMILY attr4=FINGERPRINT
2024.04.30 22:58:36.019 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: Allocate error response l=112 attrs=3 id=atQW94AdDoxb5N9g, attr0=ERROR-CODE attr1=NONCE attr2=REALM
2024.04.30 22:58:36.019 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: Allocate request l=180 attrs=9 id=czKrLVuzKIIYn9L7, attr0=REQUESTED-TRANSPORT attr1=LIFETIME attr2=EVEN-PORT attr3=REQUESTED-ADDRESS-FAMILY attr4=USERNAME attr5=NONCE attr6=REALM attr7=MESSAGE-INTEGRITY attr8=FINGERPRINT
2024.04.30 22:58:36.019 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine resolveHostName - lookup: 192.168.175.128 = 192.168.175.128
2024.04.30 22:58:36.019 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine resolveHostName - lookup: 192.168.175.128 = 192.168.175.128
2024.04.30 22:58:36.019 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: Allocate success response l=68 attrs=5 id=czKrLVuzKIIYn9L7, attr0=XOR-RELAYED-ADDRESS attr1=LIFETIME attr2=XOR-MAPPED-ADDRESS attr3=RESERVATION-TOKEN attr4=MESSAGE-INTEGRITY
2024.04.30 22:58:36.019 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: Refresh request l=156 attrs=6 id=Gfr1j0mSLSTEZPJ0, attr0=LIFETIME attr1=USERNAME attr2=NONCE attr3=REALM attr4=MESSAGE-INTEGRITY attr5=FINGERPRINT
2024.04.30 22:58:36.019 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: Refresh success response l=32 attrs=2 id=Gfr1j0mSLSTEZPJ0, attr0=LIFETIME attr1=MESSAGE-INTEGRITY
2024.04.30 22:58:36.019 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: ChannelBind request l=168 attrs=7 id=YQHvCIsdD+VmIwaI, attr0=CHANNEL-NUMBER attr1=XOR-PEER-ADDRESS attr2=USERNAME attr3=NONCE attr4=REALM attr5=MESSAGE-INTEGRITY attr6=FINGERPRINT
2024.04.30 22:58:36.020 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: ChannelBind success response l=24 attrs=1 id=YQHvCIsdD+VmIwaI, attr0=MESSAGE-INTEGRITY
2024.04.30 22:58:36.020 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: ChannelBind request l=168 attrs=7 id=lpkqX6LIuCJFbe74, attr0=CHANNEL-NUMBER attr1=XOR-PEER-ADDRESS attr2=USERNAME attr3=NONCE attr4=REALM attr5=MESSAGE-INTEGRITY attr6=FINGERPRINT
2024.04.30 22:58:36.020 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: ChannelBind success response l=24 attrs=1 id=lpkqX6LIuCJFbe74, attr0=MESSAGE-INTEGRITY
2024.04.30 22:58:36.020 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: ChannelBind request l=168 attrs=7 id=HTDHmZpPl+A7bJLx, attr0=CHANNEL-NUMBER attr1=XOR-PEER-ADDRESS attr2=USERNAME attr3=NONCE attr4=REALM attr5=MESSAGE-INTEGRITY attr6=FINGERPRINT
2024.04.30 22:58:36.020 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: ChannelBind success response l=24 attrs=1 id=HTDHmZpPl+A7bJLx, attr0=MESSAGE-INTEGRITY
2024.04.30 22:58:36.020 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: ChannelBind request l=168 attrs=7 id=GQZiM7tCZZbGJv/s, attr0=CHANNEL-NUMBER attr1=XOR-PEER-ADDRESS attr2=USERNAME attr3=NONCE attr4=REALM attr5=MESSAGE-INTEGRITY attr6=FINGERPRINT
2024.04.30 22:58:36.020 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: ChannelBind success response l=24 attrs=1 id=GQZiM7tCZZbGJv/s, attr0=MESSAGE-INTEGRITY
2024.04.30 22:58:36.020 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: ChannelBind request l=168 attrs=7 id=xQpWHB2C12gcNH4N, attr0=CHANNEL-NUMBER attr1=XOR-PEER-ADDRESS attr2=USERNAME attr3=NONCE attr4=REALM attr5=MESSAGE-INTEGRITY attr6=FINGERPRINT
2024.04.30 22:58:36.021 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: ChannelBind success response l=24 attrs=1 id=xQpWHB2C12gcNH4N, attr0=MESSAGE-INTEGRITY
2024.04.30 22:58:36.021 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: Refresh request l=156 attrs=6 id=ydUhe9Q23e57Adda, attr0=LIFETIME attr1=USERNAME attr2=NONCE attr3=REALM attr4=MESSAGE-INTEGRITY attr5=FINGERPRINT
2024.04.30 22:58:36.021 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: Refresh success response l=32 attrs=2 id=ydUhe9Q23e57Adda, attr0=LIFETIME attr1=MESSAGE-INTEGRITY
2024.04.30 22:58:36.021 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: CreatePermission request l=160 attrs=6 id=avBC/muLZq+s3DdL, attr0=XOR-PEER-ADDRESS attr1=USERNAME attr2=NONCE attr3=REALM attr4=MESSAGE-INTEGRITY attr5=FINGERPRINT
2024.04.30 22:58:36.021 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: CreatePermission success response l=24 attrs=1 id=avBC/muLZq+s3DdL, attr0=MESSAGE-INTEGRITY
2024.04.30 22:58:36.021 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: ChannelBind request l=168 attrs=7 id=zIW3psS3Rjt8+0S/, attr0=CHANNEL-NUMBER attr1=XOR-PEER-ADDRESS attr2=USERNAME attr3=NONCE attr4=REALM attr5=MESSAGE-INTEGRITY attr6=FINGERPRINT
2024.04.30 22:58:36.021 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: ChannelBind success response l=24 attrs=1 id=zIW3psS3Rjt8+0S/, attr0=MESSAGE-INTEGRITY
2024.04.30 22:58:36.224 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: Refresh request l=156 attrs=6 id=/PzzbxIIJFHY4iTO, attr0=LIFETIME attr1=USERNAME attr2=NONCE attr3=REALM attr4=MESSAGE-INTEGRITY attr5=FINGERPRINT
2024.04.30 22:58:36.224 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: Refresh success response l=32 attrs=2 id=/PzzbxIIJFHY4iTO, attr0=LIFETIME attr1=MESSAGE-INTEGRITY
2024.04.30 22:58:36.224 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: CreatePermission request l=160 attrs=6 id=ZaO647vNDmec5whV, attr0=XOR-PEER-ADDRESS attr1=USERNAME attr2=NONCE attr3=REALM attr4=MESSAGE-INTEGRITY attr5=FINGERPRINT
2024.04.30 22:58:36.224 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: CreatePermission success response l=24 attrs=1 id=ZaO647vNDmec5whV, attr0=MESSAGE-INTEGRITY
2024.04.30 22:58:36.224 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: ChannelBind request l=168 attrs=7 id=NZdDxIGJ3gK6hhqn, attr0=CHANNEL-NUMBER attr1=XOR-PEER-ADDRESS attr2=USERNAME attr3=NONCE attr4=REALM attr5=MESSAGE-INTEGRITY attr6=FINGERPRINT
2024.04.30 22:58:36.224 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: ChannelBind success response l=24 attrs=1 id=NZdDxIGJ3gK6hhqn, attr0=MESSAGE-INTEGRITY
2024.04.30 22:58:51.082 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: Refresh request l=156 attrs=6 id=rRBW8M1tySvVmabC, attr0=LIFETIME attr1=USERNAME attr2=NONCE attr3=REALM attr4=MESSAGE-INTEGRITY attr5=FINGERPRINT
2024.04.30 22:58:51.082 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: Refresh success response l=32 attrs=2 id=rRBW8M1tySvVmabC, attr0=LIFETIME attr1=MESSAGE-INTEGRITY
2024.04.30 22:58:51.653 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Inbound STUN: Refresh request l=156 attrs=6 id=pCZRGhfjM1ijgPAa, attr0=LIFETIME attr1=USERNAME attr2=NONCE attr3=REALM attr4=MESSAGE-INTEGRITY attr5=FINGERPRINT
2024.04.30 22:58:51.654 INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine Outbound STUN: Refresh success response l=32 attrs=2 id=pCZRGhfjM1ijgPAa, attr0=LIFETIME attr1=MESSAGE-INTEGRITY
i dont know why,i have done same things on my virtual machine as what i had done on my Cloud Server, but the results were very different.
maybe i need to install the openssl and openssl-devel on my Cloud Server?
I dont think this has any connection with the problem you are facing.
what exactly are you trying to accomplish? see if my assessment is correct:
You are trying to deploy Pionturn plugin on your Openfire server that is deployed on the internet(for people to access from the Internet, it has a Domain pointing to it and so on. is this assessment correct?
because your tests on the VM are also not tunned to work in the internet. maybe it might work on LAN, but who needs a TURN server on LAN? right? see: INFO [Thread-20]: org.ifsoft.turn.openfire.PionTurn - PionTurn onOutputLine resolveHostName - lookup: 192.168.175.128 = 192.168.175.128.
this is pointing to an internal IP, and i have no idea why Trickle ICE would give you a positive result on this. this should be pointing to an external address.
putting that aside, tell me more about the environment of your “Cloud server” when you do this tests are you for any chance connected to a VPN to the same server as the Openfire/Pionturn? have you tried to deploy everything correct, and do actually calls (with Conversations or dino, or forks) with all clients being from outside that environment?(Not using VPN on that server). I am just trying to wild guess what your environment is and how this tests are being performed and so on.
IMO the best way to test a TURN server is to use Conversations, 2 acc, one maybe using mobile data, and other way using your LAN WIFI, or 2 Using mobile data but one with a VPN(outside your server) and trying to connect a call, then watching the logs. to narrow down when calls do work, and when they dont.
If you get angry about me , i am sorry.
I’ve never used a VPN on my cloud server. I’m sorry for not providing you with my cloud server environment, which caused you to waste a lot of time. because I’m just a novice when it comes to STUN/TURN.
thank you very much for your continued help, it has benefited me a lot. but now I have to put the Pionturn thing aside, and I’m going to get the more important stuff done.
but if you still need the environment of my cloud server , you can tell me what it is, and I’ll be sure to get back to you.
sorry for wasting too much of your time.
Networking in general, and STUN/TURN specifically, are complex subjects. There’s no shame in having trouble setting things up correctly.
As an aside: I do not see any indication that @zoidberg was angry with you. They are being detailed and to the point in an effort to better help you, I think. I suspect that their wording might not be interpreted as they were intended because you are not sharing the same native language.
Thanks, guus, it’s me who misunderstood.