The STUN problem of Openfire

I am now encountering a problem, that is:

I deployed the Openfire server(version 3.2.2) in the Internet, which has two public IP addresses, then I deployed two JingleDemo clients in two different private networks, both are behind a NAT device. I want to test the P2P phone call work between the two Jingledemo clients, whenever I set the Openfire configuration with the Media proxy and the STUN enabled or not, the two clients can never establish the communication. I analysed the debug information which shows that the STUN enabled or not has no effect, it just shows the Media proxy information, STUN seems never work?

Any responce information is hoped, and thanks in advance.

Best regards.

What information are you getting from the Clients?

=================================================

Client debug info 1:

NOTE: Openfire server Media proxy enabled

Openfire server STUN enabled

=================================================

Initialized

1

1

Initializing…Resolved

2

C: /172.19.8.238|/172.19.8.238 p:2195

Listening for ECHO: 172.19.8.238:11340

C: /172.19.8.238|/172.19.8.238 p:1103

Service listing

Listening for ECHO: 172.19.8.238:18960

Initializing…Resolved

UpdatePacketListener

0

0

Jingle:

1

1

2

2

3

3

4

4

5

5

6

6

7

7

8

8

9

9

State: org.jivesoftware.smackx.jingle.OutgoingJingleSession$Pending@8f4fb3

REMOVE PACKET LISTENER

Negotiation Closed: aas$scm.net.cn@scm.net.cn/Smack 1302228314233394471

=================================================

note: scm.net.cn is the Openfire server domain name.

And more.

1. I have loaded the JMF native libs.

2. All the firewalls on the server machine and the client machine are closed.

3. The server OS and the Clients OS are all WindowsXP.

4. The client side NAT devices both are Port Restricted Cone NAT.

Hello,

STUN won’t change your negotiation, as STUN Server is used just to provide the public IP address of the users.

According to your debug no UDP packet from each user cannot arrive in the other.

It may being caused by firewall or router blocking these kind of packets.

Please make sure your network is alowing UDP traffic NAT hole punching.

Regards,

Thiago

Dear thiago,

Thank you very much for your very nice responce.

But I am still facing the problem.

I have describled the whole problem and the newly client debug information as follows. Please give me some help.Thanks very much again for your any responce.

==========

I deployed the Openfire server(version 3.2.2) in the Internet, which has two public IP addresses, then I deployed two JingleDemo clients in two different private networks, both are behind a NAT device. I want to test the P2P phone call work between the two Jingledemo clients, whenever I set the Openfire configuration with the Media proxy and the STUN enabled or not, the two clients can never establish the communication. I analysed the debug information which shows that the STUN enabled or not has no effect, it just shows the Media proxy information, STUN seems never work.

And more.

  1. I have loaded the JMF native libs.

  2. All the firewalls on the server machine and the client machine are closed.

  3. The server OS and the Clients OS are all WindowsXP.

  4. The client side NAT devices both are Port Restricted Cone NAT.

I used other commercial IM system in the same environment, they can talked to each other.

And I also did those tests as follows.

One JingleDemo client is deployed in the Internet,just in the same environment with the Openfire server and having a public IP address, while the other JingleDemo client is deployed in one of the two private networks and having a private IP address. They can talk to each other no matter who launchs the call first and whenever the server side Media Proxy or STUN is enabled or not.

And the JingleDemo client in every private network can make a call with the other JingleDemo client in Internet.

Here is the newly test JingleDemo client debug information for two clients in two different private networks (phone call not established):

=================================================

NOTE: Openfire server Media proxy enabled

Openfire server STUN enabled

=================================================

One client debug information:


Initialized

1

1

Initializing…Resolved

Listening for ECHO: 172.19.9.109:14806

C: /172.19.9.109|/172.19.9.109 p:2195

Service listing

Initializing…Resolved

UpdatePacketListener

Jingle: <iq id=“HX7n7-8” to="bb$scm.net.cn@202.115.143.185/Smack" from="ll@202.115.143.185/Smack" type=“set”><jingle xmlns=“http://jabber.org/protocol/jingleinitiator="bb$scm.net.cn@202.115.143.185/Smack" responder="ll@202.115.143.185/Smack" action=“transport-info” sid=“5934709060446387553”><content name=‘Audio-Content’><transport xmlns=“http://jabber.org/protocol/jingle/transport/ice” ><candidate generation=“1” ip=“172.19.209.239” port=“17622” network=“0” username=“1” password=“6523048689249463005” preference=“2195” type=“prflx”/></transport></content></jingle></iq>

0

Jingle: <iq id=“HX7n7-9” to="bb$scm.net.cn@202.115.143.185/Smack" from="ll@202.115.143.185/Smack" type=“set”><jingle xmlns=“http://jabber.org/protocol/jingleinitiator="bb$scm.net.cn@202.115.143.185/Smack" responder="ll@202.115.143.185/Smack" action=“transport-info” sid=“5934709060446387553”><content name=‘Audio-Content’><transport xmlns=“http://jabber.org/protocol/jingle/transport/ice” ><candidate generation=“1” ip=“202.115.143.185” port=“13226” network=“0” username=“1” password=“7089622262738632148” preference=“0” type=“relay”/></transport></content></jingle></iq>

Jingle: <iq id=“HX7n7-7” to="bb$scm.net.cn@202.115.143.185/Smack" from="ll@202.115.143.185/Smack" type=“set”><jingle xmlns=“http://jabber.org/protocol/jingleinitiator="bb$scm.net.cn@202.115.143.185/Smack" responder="ll@202.115.143.185/Smack" action=“description-info” sid=“5934709060446387553”><content name=‘Audio-Content’><description xmlns=“http://jabber.org/protocol/jingle/description/audio” ><payload-type id=“3” name=“gsm” channels=“1” clockrate=“0” /><payload-type id=“4” name=“g723” channels=“1” clockrate=“0” /><payload-type id=“0” name=“PCMU” channels=“1” clockrate=“16000” /></description></content></jingle></iq>

Jingle: <iq id=“HX7n7-10” to="bb$scm.net.cn@202.115.143.185/Smack" from="ll@202.115.143.185/Smack" type=“set”><jingle xmlns=“http://jabber.org/protocol/jingleinitiator="bb$scm.net.cn@202.115.143.185/Smack" responder="ll@202.115.143.185/Smack" action=“content-accept” sid=“5934709060446387553”><content name=‘Audio-Content’><description xmlns=“http://jabber.org/protocol/jingle/description/audio” ><payload-type id=“3” name=“gsm” channels=“1” clockrate=“0” /></description></content></jingle></iq>

BS:gsm

1

2

3

4

5

6

7

8

9

ADDED Valid Cand: 202.115.143.185:13226

Relay Type

Relay Type

Jingle: <iq id=“HX7n7-11” to="bb$scm.net.cn@202.115.143.185/Smack" from="ll@202.115.143.185/Smack" type=“set”><jingle xmlns=“http://jabber.org/protocol/jingleinitiator="bb$scm.net.cn@202.115.143.185/Smack" responder="ll@202.115.143.185/Smack" action=“session-accept” sid=“5934709060446387553”><content name=‘Audio-Content’><description xmlns=“http://jabber.org/protocol/jingle/description/audio” ><payload-type id=“3” name=“gsm” channels=“1” clockrate=“0” /></description><transport xmlns=“http://jabber.org/protocol/jingle/transport/ice” ><candidate generation=“1” ip=“202.115.143.185” port=“12856” network=“0” username=“1” password=“3232088990319908255” preference=“0” type=“relay”/></transport></content></jingle></iq>

Relay Type

Jingle: <iq id=“HX7n7-13” to="bb$scm.net.cn@202.115.143.185/Smack" from="ll@202.115.143.185/Smack" type=“set”><jingle xmlns=“http://jabber.org/protocol/jingleinitiator="bb$scm.net.cn@202.115.143.185/Smack" responder="ll@202.115.143.185/Smack" action=“transport-accept” sid=“5934709060446387553”><content name=‘Audio-Content’><transport xmlns=“http://jabber.org/protocol/jingle/transport/ice” ><candidate generation=“1” ip=“202.115.143.185” port=“12856” network=“0” username=“1” password=“3232088990319908255” preference=“0” type=“relay”/></transport></content></jingle></iq>

Cand: 202.115.143.185

Relay Type

SET ACTIVE

Transport stabilished

Relay Type

triggerTransportEstablished 172.19.9.109:12856|202.115.143.185:13226

Relay Type

Relay Type

Relay Type

Relay Type

Relay Type

org.jivesoftware.smack.XMPPConnection@789144 202.115.143.185: 12030->14192

Track 0 is set to transmit as:

gsm/rtp, 8000.0 Hz, Mono, FrameSize=264 bits

Created RTP session at 12030 to: 202.115.143.185 14192


The other client debug information:


Initialized

1

1

Initializing…Resolved

C: /172.19.209.239|/172.19.209.239 p:2195

Listening for ECHO: 172.19.209.239:17570

Service listing

Initializing…Resolved

UpdatePacketListener

Jingle: <iq id=“H6oyy-8” to="ll@202.115.143.185/Smack" from="qq@202.115.143.185/Smack" type=“set”><jingle xmlns=“http://jabber.org/protocol/jingleinitiator="qq@202.115.143.185/Smack" responder="ll@202.115.143.185/Smack" action=“transport-info” sid=“7558319155648544293”><content name=‘Audio-Content’><transport xmlns=“http://jabber.org/protocol/jingle/transport/ice” ><candidate generation=“1” ip=“172.19.9.109” port=“11052” network=“0” username=“1” password=“7930348670553777584” preference=“2195” type=“prflx”/></transport></content></jingle></iq>

Jingle: <iq id=“H6oyy-9” to="ll@202.115.143.185/Smack" from="qq@202.115.143.185/Smack" type=“set”><jingle xmlns=“http://jabber.org/protocol/jingleinitiator="qq@202.115.143.185/Smack" responder="ll@202.115.143.185/Smack" action=“transport-info” sid=“7558319155648544293”><content name=‘Audio-Content’><transport xmlns=“http://jabber.org/protocol/jingle/transport/ice” ><candidate generation=“1” ip=“202.115.143.185” port=“18568” network=“0” username=“1” password=“7428074536771152777” preference=“0” type=“relay”/></transport></content></jingle></iq>

Jingle: <iq id=“H6oyy-10” to="ll@202.115.143.185/Smack" from="qq@202.115.143.185/Smack" type=“set”><jingle xmlns=“http://jabber.org/protocol/jingleinitiator="qq@202.115.143.185/Smack" responder="ll@202.115.143.185/Smack" action=“content-accept” sid=“7558319155648544293”><content name=‘Audio-Content’><description xmlns=“http://jabber.org/protocol/jingle/description/audio” ><payload-type id=“3” name=“gsm” channels=“1” clockrate=“0” /></description></content></jingle></iq>

0

BS:gsm

1

2

3

4

5

6

7

8

9

ADDED Valid Cand: 202.115.143.185:18568

Jingle: <iq id=“H6oyy-11” to="ll@202.115.143.185/Smack" from="qq@202.115.143.185/Smack" type=“set”><jingle xmlns=“http://jabber.org/protocol/jingleinitiator="qq@202.115.143.185/Smack" responder="ll@202.115.143.185/Smack" action=“transport-accept” sid=“7558319155648544293”><content name=‘Audio-Content’><transport xmlns=“http://jabber.org/protocol/jingle/transport/ice” ><candidate generation=“1” ip=“202.115.143.185” port=“10038” network=“0” username=“1” password=“1317316830380645295” preference=“0” type=“relay”/></transport></content></jingle></iq>

Cand: 202.115.143.185

Relay Type

SET ACTIVE

Transport stabilished

Relay Type

triggerTransportEstablished 172.19.209.239:10038|202.115.143.185:18568

Relay Type

Relay Type

Relay Type

Relay Type

Relay Type

org.jivesoftware.smack.XMPPConnection@1833955 202.115.143.185: 12114->16978

Track 0 is set to transmit as:

gsm/rtp, 8000.0 Hz, Mono, FrameSize=264 bits

Created RTP session at 12114 to: 202.115.143.185 16978

Jingle: <iq id=“H6oyy-12” to="ll@202.115.143.185/Smack" from="qq@202.115.143.185/Smack" type=“set”><jingle xmlns=“http://jabber.org/protocol/jingleinitiator="qq@202.115.143.185/Smack" responder="ll@202.115.143.185/Smack" action=“session-accept” sid=“7558319155648544293”><content name=‘Audio-Content’><description xmlns=“http://jabber.org/protocol/jingle/description/audio” ><payload-type id=“3” name=“gsm” channels=“1” clockrate=“0” /></description><transport xmlns=“http://jabber.org/protocol/jingle/transport/ice” ><candidate generation=“1” ip=“202.115.143.185” port=“10038” network=“0” username=“1” password=“1317316830380645295” preference=“0” type=“relay”/></transport></content></jingle></iq>


From the two clients debug information we can see that both the clients Created RTP session to Openfire server, not to each other. Why?

One more thing , I even set the server side Windows XP OS registry’s TCP/IP Forwarding to 1, its still no use.

“IPEnableRouter”=dword:00000001

“IPEnableRouter”=dword:00000001

“IPEnableRouter”=dword:00000001

Thanks very much in advance for any responce message.

Best regards,

hello3

Hello,

Now your trace is clear and more complete, as you stablished the session.

I’ll call for attention on UDP, because you MUST check if your firewall and router are able to create and allocate UDP channels.

We DON’T use TCP/IP, so the TCP changes that you made are unuseful.

As a restricted PORT NAT you should set it to enable UDP traffic internally and externally.

Which IM system did you used? I’m curious. As we may need to check which kind of voip it’s doing.

Thanks,

Thiago

Dear Thiago,

IM system I used is MSN and QQ.

MSN uses UDP and RTP.

QQ uses UDP and SIP.

Thanks very much again.

Best regards,

hello3