Error 1020 when connection BBB via iOS

[Braehler]

Describe the bug
Since the latest Update to version 2.2.28 our users are not able to see or share teir webcams on iOS devices

To Reproduce
Steps to reproduce the behavior:

1. Go to a room of your choise and join the meeting
2. Click on share webcam
3. Choose the webcam and click share webcam
4. Wait for the webcam to appear
5. See error 1020

Expected behavior
When sharing the webcam on iOS it this error should not happen. We expected the same behavior as sharing your webcam on WIN /Linux/ MacOS

**BBB version (optional):2.2.28
BigBlueButton continually evolves. Providing the version/build helps us to pinpoint when an issue was introduced.
Example:
$ sudo bbb-conf --check | grep BigBlueButton
BigBlueButton Server 2.2.2 (1816)

Smartphone (please complete the following information):

• Device: [e.g. iPhoneSE, Ipad ]
• OS: [e.g. iOS13.1 iOS 14]
• Browser [Safari]
• Version [e.g. 13, 14]

Any ideas on that?

Additional context
Add any other context about the problem here.

[prlanzarin]

Can you check if your STUN/TURN configurations were overwritten in bbb-web?
Also, from which version did you jump to 2.2.28 from?

[Cistoge]

I have the same problem, probably after an upgrade on last weekend. My server is not behind a NAT firewall, so I never changed anything in the STUN/TURN configuration.

[mcferdev]

I am with the same problem.
Mine doesn´t work with iOS 13.7
BBB version 2.2.26

I have Stun configured.

Was working perfect before the iOS upgrade. I checked with many devices, but all of them was with version 13.7...

[DJeremyy]

I have the same problem. It worked Monday October 26 on several iPads. It is since Wednesday October 28 that the activation of the camera systematically fails on Safari.

I tested this on Safari 14.0 (15610.1.28.1.9, 15610) on MacOS 10.15.7 and iPadOS 14.1. On MacOS, no problem with Firefox and Chrome.

Does Apple silently update Safari?

[mcferdev]

The problem is, if you try to use the Chrome on Iphone, it doesn´t allow. Appears a message saying that is recommended using the Safari for better performance... I don´t know in english what is the message, but it´s something like these.

[Cosnavel]

We have the same issue. Opened it up here #10747 I think the entire Safari Compatibility broke. The issue is on Bountysource as well.

[prlanzarin]

Please do not mix 2.2 and 2.3 issues, if possible.

2.3 users, issue 10747.

For the "me too" folks: please try test.bigbluebutton.org (2.2), and see if it works. It's the minimum you can do to make things easier for us to see if this is a real issue or a configuration issue.

@Cistoge

My server is not behind a NAT firewall, so I never changed anything in the STUN/TURN configuration.

Your server not being on NAT isn't the point. I was talking about the bbb-web STUN configuration, which is for the end users. A reliable a STUN server and preferably a TURN server as well must be configured if you want to expect it to always work. Can you confirm which STUN server are you using in bbb-web? Docs here: https://docs.bigbluebutton.org/2.2/setup-turn-server.html#configure-bigbluebutton-to-use-the-coturn-server.

[DJeremyy]

For the "me too" folks: please try test.bigbluebutton.org (2.2), and see if it works. It's the minimum you can do to make things easier for us to see if this is a real issue or a configuration issue.

@prlanzarin Indeed, it works on test.bigbluebutton.org. It seems to be a configuration issue.

[ffdixon]

For those that upgraded to 2.2.28, can you try specifying the following values for stun0 in /usr/share/bbb-web/WEB-INF/classes/spring/turn-stun-servers.xml:

<bean id="stun0" class="org.bigbluebutton.web.services.turn.StunServer">
    <constructor-arg index="0" value="stun:stun.l.google.com:19302"/>
</bean>

Restart BigBlueButton and then try joining a session with iOS and share a webcam. Let us know if that works.

[akshay-codemonk]

Nope this did not work for me.

Here are the things I have tried so far

1. Tried setting up and configuring Turn/Stun server as mentioned in a lot of places for 1020 issues
2. Downgraded from 2.2.28 to 2.2.16 and also 2.2.9 (via bbb-install xenial-220-2.2.x)
3. The issue is even reproducible on any device via chrome dev tools if we select the device iPhone X and try to join a session
4. However it does work on test.bigbluebutton.org (most of the times)

the issue started appearing on safari browsers all of a sudden without any config change on our servers (running on AWS c5.xlarge instance)

[timm2k]

I solved error 1020 for some MacOS users by adding port information to stun0 in /usr/share/bbb-web/WEB-INF/classes/spring/turn-stun-servers.xml. My STUN/TURN runs on port :443 (and default ports 3478, 5349 tcp+udp, 443/tcp+udp redirected via firewall to 5349) on a different maschine and port information was missing in stun0.

Second problem was STUN/TURN server wasn't able to accept IPv6. So I've configured IPv6 (address, firewall) and error 1020 was solved for more MacOS users.

Also consider https://docs.bigbluebutton.org/2.2/troubleshooting#configure-bigbluebuttonfreeswitch-to-support-ipv6 if your BBB is available via IPv6.

I'm not sure this case is correct:
I've some DS-Lite users which only get a IPv6 from their ISP. When the 6to4 or 4in6 tunneling at ISPs side is overloaded this can also cause trouble because Kurento's stun config is at IPv4 since only. When using IPv6 a fallback to IPv4 should not be nessesary because there is no (Carrier-grade) NAT in needed. Nevertheless a communication via IPv4 with the STUN server takes place.

Kind regards
Timm

[Cistoge]

Well, if I understand correctly, the STUN server is configured in /usr/share/bbb-web/WEB-INF/classes/spring/turn-stun-servers.xml as stun.freeswitch.org, I never changed that file, it is the original file from package bbb-web.

[Braehler]

We upgraded from 2.2.26 to 2.2.28
on test.bigbluebutton.org we are able to use the webcam
We did not change anything in the settings, and/ or the stun configuration
Currently I can´t try your solution @ffdixon because we have some classes runnning during the whole day, so I´m gonna try it in the evening

[timm2k]

So the port number for stun is present in /usr/share/bbb-web/WEB-INF/classes/spring/turn-stun-servers.xml @Braehler @Cistoge ? Please confirm this.

If you use still use stun.freeswitch.org (port is missing here which may causes problems on MacOS!) switch over to stun.l.google.com:19302 since Freeswitch's stun service was facing some problems in the near past. Please have a look at @ffdixon config example #10746 (comment) above.

Hint: Please use copy and paste. There is a lower case L and not a number 1 :-)
And don't forget bbb-conf --restart after changing the file. Note: this will kill all running BBB sessions on that machine.

[Braehler]

@timm2k
yes, this is what our config is currently using:
bean id="stun1" class="org.bigbluebutton.web.services.turn.StunServer"
constructor-arg index="0" value="stun:stun.freeswitch.org"
bean
so I´ll just replace this with stun.1.google.com:19302 ?

[Braehler]

sorry ;-)
I´ll give it a try later that day, because, as I mentioned above, we have some classes running during the day.

[akshay-codemonk]

For those that upgraded to 2.2.28, can you try specifying the following values for stun0 in /usr/share/bbb-web/WEB-INF/classes/spring/turn-stun-servers.xml:

<bean id="stun0" class="org.bigbluebutton.web.services.turn.StunServer">
    <constructor-arg index="0" value="stun:stun.l.google.com:19302"/>
</bean>

Restart BigBlueButton and then try joining a session with iOS and share a webcam. Let us know if that works.

as @ffdixon suggested
after replacing stun.freeswitch.org to stun.l.google.com:19302 it seems to work on safari (on BBB 2.2.28)

[prlanzarin]

@akshay-codemonk

The issue is even reproducible on any device via chrome dev tools if we select the device iPhone X and try to join a session

Just tried that. It's working in a dev server I set up and working in test.bigbluebutton.org. So it's probably a configuration issue.
I also did try iPhones between 12 and 14 with Browsertack at test.bigbluebutton.org and it worked. So there's another thing pointing to configuration issues.

You're on AWS. AWS EC2 instances are usually behind NAT. Did you set up a STUN in Kurento? If so, are you sure it's still working? https://docs.bigbluebutton.org/2.2/configure-firewall#extra-steps-when-server-is-behind-nat Steps here to check that.
Also, from 2.2.26 onwards you can remove KURENTO's STUN configuration and instead use externalIPv4/externalIPv6 configurations to get a more stable behaviour. The docs for those new configs are inlined in /etc/kurento/modules/kurento/WebRtcEndpoint.conf.ini.

[Cistoge]

Setting the stun server to stun.1.google.com:19302 solved the problem for me.

[Braehler]

Changing the stun server settings works for us as well

[dietze]

just wanted to add: still using 2.2.23 and suddenly the same experience, using Safari on iPadOS 14 Webcams stopped working, throwing error 1020, but also Safari using MacOS Catalina 10.15.7. Alternatively using Firefox on the same devices - mobile and MacOS - worked flawless. Following advise above changing the stun server entry from freeswitch to google server resolved the issue and now Safari on either MacOS and iOS devices is working again. Seems to be Safari related issue.

[more-zamani]

For those that upgraded to 2.2.28, can you try specifying the following values for stun0 in /usr/share/bbb-web/WEB-INF/classes/spring/turn-stun-servers.xml:

<bean id="stun0" class="org.bigbluebutton.web.services.turn.StunServer">
    <constructor-arg index="0" value="stun:stun.l.google.com:19302"/>
</bean>

Restart BigBlueButton and then try joining a session with iOS and share a webcam. Let us know if that works.

Hi dear @ffdixon
I've tried this code in v2.2.28 but it didn't fix my problem on iOS 14.0.1. It shows webcam for first time but when I enter to another room, it doesn't work again.

I even try test.bigbluebutton.org and it doesn't work too. (shows error 1020)

Please help me to solve this problem. I explain completely in this topic

[EmmyGraugans]

Regarding that some people have success with test.bigbluebutton.org and some don't - we managed to reproduce that bit at least (though not 100% sure what to make from it).

From Home-WiFi with "real" IPv4-Adress and "fake" IPv6 via 6to4 tunnel from the Fritzbox, test.bigbluebutton.org does NOT work.
From "Mobile Data" with no IPv6-Address at all, test.bigbluebutton.org DOES work.
However, deactivating the 6to4 tunnel in the Fritzbox still doesn't make it work from WiFi...??
(even a complete Update and reboot of the Fritzbox didn't change a thing sigh)

So what remains is:
test.bigbluebutton.org DOES work from mobile data with IPv4
test.bigbluebutton.org does NOT work from Fritzbox with IPv4

Sorry, I was hoping for more :(

Edit: all testet with iOS 14.0 from an iPhone and iPadOS 14.1 from an iPad...

[jarne]

Changing to stun.l.google.com:19302 fixed several issues for me, including the echo test taking very long to load (about 30 seconds) and sometimes not working, and also fixed the webcam on macOS / Safari 14.

[EmmyGraugans]

Same here on our own servers - couldn't try it yesterday because the servers were actively used, but now with the Google-STUN-server, all works. For whichever reason, test.bigbluebutton.org ALSO works now from whichever internet-connection.

[mcferdev]

Setting the stun server to stun.1.google.com:19302 solved the problem for me.

For me too.

[DDQW]

Hi there,
`

<bean id="stun0" class="org.bigbluebutton.web.services.turn.StunServer">
    <constructor-arg index="0" value="stun:stun.l.google.com:19302"/>
</bean>


<bean id="turn0" class="org.bigbluebutton.web.services.turn.TurnServer">
    <constructor-arg index="0" value="nope"/>
    <constructor-arg index="1" value="turns:turn.iku-gmbh.de:443?transport=tcp"/>
    <constructor-arg index="2" value="86400"/>
</bean>

<bean id="turn1" class="org.bigbluebutton.web.services.turn.TurnServer">
    <constructor-arg index="0" value="nope"/>
    <constructor-arg index="1" value="turn:turn.iku-gmbh.de:443?transport=tcp"/>
    <constructor-arg index="2" value="86400"/>
</bean>

<bean id="stunTurnService"
        class="org.bigbluebutton.web.services.turn.StunTurnService">
    <property name="stunServers">
        <set>
            <ref bean="stun0"/>
        </set>
    </property>
    <property name="turnServers">
        <set>
            <ref bean="turn0"/>
            <ref bean="turn1"/>
        </set>
    </property>
</bean>

`

is there anything wrong with this? i also get the 1020 on ios

The turn server is working just ios is acting up

[prlanzarin]

@DDQW have you at least tested it on test.bigbluebutton.org?

[coderDem]

Hi,

yes, i am also running my own turn-server, configured as described in the bigbluebutton documentation.
Did you wait a day or more, to be sure, that the AAAA dns entry has gone?

What does your turn config (/usr/share/bbb-web/WEB-INF/classes/spring/turn-stun-servers.xml) look like on the BBB server?

Hello,

I checked that I have no AAAA-record set.
Here is my config:

`

<bean id="stun0" class="org.bigbluebutton.web.services.turn.StunServer">      
    <constructor-arg index="0" value="stun:turn.MYDOMAIN.de"/>                   
</bean>                                                                       
                                                                              
                                                                              
<bean id="turn0" class="org.bigbluebutton.web.services.turn.TurnServer">      
    <constructor-arg index="0" value="PASSWORD"/>                            
    <constructor-arg index="1" value="turns:turn.MYDOMAIN.de:443?transport=tcp"/>
    <constructor-arg index="2" value="86400"/>                                
</bean>                                                                       
                                                                              
<bean id="turn1" class="org.bigbluebutton.web.services.turn.TurnServer">      
    <constructor-arg index="0" value="PASSWORD"/>                            
    <constructor-arg index="1" value="turn:turn.MYDOMAIN.de:443?transport=tcp"/> 
    <constructor-arg index="2" value="86400"/>                                
</bean>                                                                       
                                                                              
<bean id="stunTurnService"                                                    
        class="org.bigbluebutton.web.services.turn.StunTurnService">          
    <property name="stunServers">                                             
        <set>                                                                 
            <ref bean="stun0"/>                                               
        </set>                                                                
    </property>                                                               
    <property name="turnServers">                                             
        <set>                                                                 
            <ref bean="turn0"/>                                               
            <ref bean="turn1"/>                                               
        </set>                                                                
    </property>                                                               
</bean>                                                                       

`

[sam9032]

Hi,
yes, i am also running my own turn-server, configured as described in the bigbluebutton documentation.
Did you wait a day or more, to be sure, that the AAAA dns entry has gone?
What does your turn config (/usr/share/bbb-web/WEB-INF/classes/spring/turn-stun-servers.xml) look like on the BBB server?

Hello,

I checked that I have no AAAA-record set.
Here is my config:

`

<bean id="stun0" class="org.bigbluebutton.web.services.turn.StunServer">      
    <constructor-arg index="0" value="stun:turn.MYDOMAIN.de"/>                   
</bean>                                                                       
                                                                              
                                                                              
<bean id="turn0" class="org.bigbluebutton.web.services.turn.TurnServer">      
    <constructor-arg index="0" value="PASSWORD"/>                            
    <constructor-arg index="1" value="turns:turn.MYDOMAIN.de:443?transport=tcp"/>
    <constructor-arg index="2" value="86400"/>                                
</bean>                                                                       
                                                                              
<bean id="turn1" class="org.bigbluebutton.web.services.turn.TurnServer">      
    <constructor-arg index="0" value="PASSWORD"/>                            
    <constructor-arg index="1" value="turn:turn.MYDOMAIN.de:443?transport=tcp"/> 
    <constructor-arg index="2" value="86400"/>                                
</bean>                                                                       
                                                                              
<bean id="stunTurnService"                                                    
        class="org.bigbluebutton.web.services.turn.StunTurnService">          
    <property name="stunServers">                                             
        <set>                                                                 
            <ref bean="stun0"/>                                               
        </set>                                                                
    </property>                                                               
    <property name="turnServers">                                             
        <set>                                                                 
            <ref bean="turn0"/>                                               
            <ref bean="turn1"/>                                               
        </set>                                                                
    </property>                                                               
</bean>                                                                       

`

My config currently looks the same.
In the past I swapped the order of turns:turn.MYDOMAIN.de and turn:turn.MYDOMAIN.de, maybe that makes a difference for you?
A few comments above they played also with this config.

[coderDem]

I have also updated the Turn-Servers with:

apt-get update & apt-get dist-upgrade
systemctl restart coturn

Now it seems to work for the version 2.2.36.

[coderDem]

I'm going crazy, I have fixed this issue a couple days ago on my servers and it is back not working on the macOS and iOS devices...

[stonerl]

@coderDem in case you have a macOS device for testing, install stuntman and test your server.

stunclient --mode full --localport 30000 your-coturn-server.tld 3478

What is your output?

[coderDem]

@coderDem in case you have a macOS device for testing, install stuntman and test your server.

stunclient --mode full --localport 30000 your-coturn-server.tld 3478

What is your output?

Hello,

my output is:

Binding test: fail
Behavior test: fail
Filtering test: fail

It is weird after I made the same:

apt-get update & apt-get dist-upgrade
systemctl restart coturn

The sharing of the cam and desktop are working again.
But based on the output above it should not work.
I have installed the turn server with this:

wget -qO- https://ubuntu.bigbluebutton.org/bbb-install.sh | bash -s -- -c turn.example.com:1234abcd -e info@example.com

And my config looks like this:

# Example coturn configuration for BigBlueButton                                                                              
                                                                                                                              
# These are the two network ports used by the TURN server which the client                                                    
# may connect to. We enable the standard unencrypted port 3478 for STUN,                                                      
# as well as port 443 for TURN over TLS, which can bypass firewalls.                                                          
listening-port=3478                                                                                                           
tls-listening-port=443                                                                                                        
                                                                                                                              
# If the server has multiple IP addresses, you may wish to limit which                                                        
# addresses coturn is using. Do that by setting this option (it can be                                                        
# specified multiple times). The default is to listen on all addresses.                                                       
# You do not normally need to set this option.                                                                                
#listening-ip=172.17.19.101                                                                                                   
                                                                                                                              
# If the server is behind NAT, you need to specify the external IP address.                                                   
# If there is only one external address, specify it like this:                                                                
#external-ip=                                                                                                                 
                                                                                                                              
# If you have multiple external addresses, you have to specify which                                                          
# internal address each corresponds to, like this. The first address is the                                                   
# external ip, and the second address is the corresponding internal IP.                                                       
#external-ip=172.17.19.131/10.0.0.11                                                                                          
#external-ip=172.17.18.132/10.0.0.12                                                                                          
                                                                                                                              
# Fingerprints in TURN messages are required for WebRTC                                                                       
fingerprint                                                                                                                   
                                                                                                                              
# The long-term credential mechanism is required for WebRTC                                                                   
lt-cred-mech                                                                                                                  
                                                                                                                              
# Configure coturn to use the "TURN REST API" method for validating time-                                                     
# limited credentials. BigBlueButton will generate credentials in this                                                        
# format. Note that the static-auth-secret value specified here must match                                                    
# the configuration in BigBlueButton's turn-stun-servers.xml                                                                  
# You can generate a new random value by running the command:                                                                 
#   openssl rand -hex 16                                                                                                      
use-auth-secret                                                                                                               
static-auth-secret=XXXXXXXXXXX                                                                                               
                                                                                                                              
# If the realm value is unspecified, it defaults to the TURN server hostname.                                                 
# You probably want to configure it to a domain name that you control to                                                      
# improve log output. There is no functional impact.                                                                          
# realm=example.com                                                                                                           
realm=DOMAIN.DE                                                                                                              
                                                                                                                              
# Configure TLS support.                                                                                                      
# Adjust these paths to match the locations of your certificate files                                                         
cert=/etc/letsencrypt/live/DOMAIN.DE/fullchain.pem                                                                      
pkey=/etc/letsencrypt/live/DOMIAN.DE/privkey.pem                                                                        
                                                                                                                              
# Limit the allowed ciphers to improve security                                                                               
# Based on https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/                                                  
cipher-list="ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS"
                                                                                                                              
# Enable longer DH TLS key to improve security                                                                                
dh2066                                                                                                                        
                                                                                                                              
# All WebRTC-compatible web browsers support TLS 1.2 or later, so disable                                                     
# older protocols                                                                                                             
no-tlsv1                                                                                                                      
no-tlsv1_1                                                                                                                    
                                                                                                                              
# Log to a single filename (rather than new log files each startup). You'll                                                   
# want to install a logrotate configuration (see below)                                                                       
log-file=/var/log/coturn.log                                                                                                  
simple-log                                                                                                                    

Could it be that the installation of the turn-server are wrong?

[stonerl]

It could be. I'd recommend you follow this guide: https://docs.bigbluebutton.org/2.2/setup-turn-server.html#configure-bigbluebutton-to-use-your-turn-server

[sam9032]

@coderDem in case you have a macOS device for testing, install stuntman and test your server.

stunclient --mode full --localport 30000 your-coturn-server.tld 3478

What is your output?

As far as I understand, you are testing against port 3478 here but if you follow the bigbluebutton config, it is not open at all. Only 443 is open, or does it work differently?

And then it would also make sense that you, @coderDem get "failed" as output.

I see with my turn server, the coturn service crashes irregularly but two times a week and does not restart itself. Since I noticed that, I use my monitoring system to restart the service automatically when it crashes.

[sam9032]

Oh sorry, i was wrong. The default non tls listening port seems to be 3478, also in my config.

If i test it from linux with turnutils_stunclient -p 3478 myturnserver.com and turnutils_stunclient -p 443 myturnserver.com i got an ip address back.

So I would rather guess that your coturn service also crashes from time to time.

[coderDem]

Hello,

Thank you for the help guys.
So I have made some tests.
I have two Turn-Server, I updated one Turn-Sever from Ubuntu 18.04 to Ubuntu 20.04 and installed it a second time.
I also enabled the IPv6 on this server. Waited a day and the webcam sharing is still working on iOS 14.5.1 and macOS 11.4 in Safari browser for both BBB 2.2.31 and BBB 2.3.1 verisons.
The second Turn-Server running on Ubuntu 18.04 here I disabled the IPv6 after a day the webcam sharing worked not anymore.
I checked the status of coturn it was active. After restarting of the service the webcam sharing is working.
So I decided to update also this server to Ubuntu 20.04 and installed the Turn-Server a second time.

I will wait a couple of days and report the results.

Thank you and have a great day.

[coderDem]

@coderDem in case you have a macOS device for testing, install stuntman and test your server.

stunclient --mode full --localport 30000 your-coturn-server.tld 3478

What is your output?

As far as I understand, you are testing against port 3478 here but if you follow the bigbluebutton config, it is not open at all. Only 443 is open, or does it work differently?

And then it would also make sense that you, @coderDem get "failed" as output.

I see with my turn server, the coturn service crashes irregularly but two times a week and does not restart itself. Since I noticed that, I use my monitoring system to restart the service automatically when it crashes.

The part with the restart of the service seems to be very interesting. How do you check if the service crashes? Is the service than not active?

[sam9032]

I see with my turn server, the coturn service crashes irregularly but two times a week and does not restart itself. Since I noticed that, I use my monitoring system to restart the service automatically when it crashes.

The part with the restart of the service seems to be very interesting. How do you check if the service crashes? Is the service than not active?

Yes, the service has "exited" and is inactive. And if this is the case, the monitoring system restarts it.

[stonerl]

@sam9032 I assume you don't use systemd?

[Mischosch]

watch out for status Active (failed). systemd setup was a mess on ubuntu 18, as far as I remember. Better upgrade to latest ubuntu version and coturn version and enable Always restart option for coturn, if that is not already default.

[sam9032]

I use ubuntu 18.04 with systemd, why is it a mess there? How do I enable Always restart in Ubuntu 20.04 instead?

[uka-support]

I use ubuntu 18.04 with systemd, why is it a mess there? How do I enable Always restart in Ubuntu 20.04 instead?

I have a file /etc/systemd/system/coturn.service.d/override.conf:

[Service]
# ...
Restart=always

Just took a look at systemctl status coturn and it restarted today. Restart counter is at 7, so this seems to happen regularly.

[sam9032]

I use ubuntu 18.04 with systemd, why is it a mess there? How do I enable Always restart in Ubuntu 20.04 instead?

I have a file /etc/systemd/system/coturn.service.d/override.conf:

[Service]
# ...
Restart=always

Just took a look at systemctl status coturn and it restarted today. Restart counter is at 7, so this seems to happen regularly.

Hm interesting. The Restart=alwaysoption is set there too, but doesn't work as expected. Mabe because of Ubuntu 18.04?
The Bigbluebutton documentation also configures it this way.

Do you see any other hints why the coturn service restarts so often?

[uka-support]

@sam9032 I'm running Ubuntu 18 too, but didn't investigate any further. coturn just seems to crash sometimes. I guess, the recommendation for Ubuntu 20 has some serious background. :-)

[hiroshisuga]

Simply adding :3478 in the in-house turn server entry in /usr/share/bbb-web/WEB-INF/classes/spring/turn-stun-servers.xml, like
<bean id="stun0" class="org.bigbluebutton.web.services.turn.StunServer">
<constructor-arg index="0" value="stun:my.stun.server:3478"/>
</bean>
helped in my case.
Does this make sense???

-- Update --
The server is now working as expected even without :3478. It was possible that the server restarting that I did after adding :3478 did the job. Anyway, I believe adding :3478 (default port) does not harm anything.

[fcecagno]

Simply adding :3478 in the in-house turn server entry in /usr/share/bbb-web/WEB-INF/classes/spring/turn-stun-servers.xml, like
<bean id="stun0" class="org.bigbluebutton.web.services.turn.StunServer">
<constructor-arg index="0" value="stun:my.stun.server:3478"/>
</bean>
helped in my case.
Does this make sense???

I believe it's required to specify the stun port.

[sam9032]

Simply adding :3478 in the in-house turn server entry in /usr/share/bbb-web/WEB-INF/classes/spring/turn-stun-servers.xml, like
<bean id="stun0" class="org.bigbluebutton.web.services.turn.StunServer">
<constructor-arg index="0" value="stun:my.stun.server:3478"/>
</bean>
helped in my case.
Does this make sense???

Yes, this is required for stun and should be available. This is also specified in the bigbluebutton documentation.

[PhMemmel]

The sample config in BBB docs does NOT include the port in the stun section: See https://docs.bigbluebutton.org/admin/setup-turn-server.html#configure-bigbluebutton-to-use-your-turn-server

If the port is mandatory (I'm wondering though because I haven't had any problems with that configuration and 3478 is the default port anyway) it should be added to the sample config.

[stonerl]

It is not mandatory, since 3478 is the default port. 443 on the other hand is not the default port for TURN over TLS; that would 5349. That is why this port needs to be specified.

[sam9032]

The sample config in BBB docs does NOT include the port in the stun section: See https://docs.bigbluebutton.org/admin/setup-turn-server.html#configure-bigbluebutton-to-use-your-turn-server

If the port is mandatory (I'm wondering though because I haven't had any problems with that configuration and 3478 is the default port anyway) it should be added to the sample config.

Hmm, you're right. I was firmly convinced that I read it there along with the port and in my config, it is also set. But since it is the default port, there should be no difference.
I just removed the port and it seems to run just like it did before.

[coderDem]

Hello Guys,

so this is my lession learend from this TURN-server problem.
I had 4 BBB, one with version 2.2.31, 2.2.36, 2.3.3 and 2.3.1 and two TURN-server one with enabled IPv6 and with disabled IPv6.
Before the update both TURN-server was on version Ubuntu 18.04. After disabling the IPv6 on the TURN-server I had still the problem. After this I updated the TURN-server with enabled IPv6 from Ubuntu 18.04 to Ubuntu 20.04. After one week without any problem, I updated also the TURN-server with disabled IPv6, since I need often to restart the service since the Webcam connection don't worked on my iPhone anymore. I am running both TURN-server for more than one week on Ubuntu 20.04 and I have no problems at all with the webcam connection with my iPhone and MacBook.

Answer to my problem:
Update the TURN-server from Ubuntu 18.04 to 20.04 and reinstall conturn on it.

Thank you for the help guys.

Best Regards,
Ivan

[sam9032]

Hello Guys,

so this is my lession learend from this TURN-server problem.
I had 4 BBB, one with version 2.2.31, 2.2.36, 2.3.3 and 2.3.1 and two TURN-server one with enabled IPv6 and with disabled IPv6.
Before the update both TURN-server was on version Ubuntu 18.04. After disabling the IPv6 on the TURN-server I had still the problem. After this I updated the TURN-server with enabled IPv6 from Ubuntu 18.04 to Ubuntu 20.04. After one week without any problem, I updated also the TURN-server with disabled IPv6, since I need often to restart the service since the Webcam connection don't worked on my iPhone anymore. I am running both TURN-server for more than one week on Ubuntu 20.04 and I have no problems at all with the webcam connection with my iPhone and MacBook.

Answer to my problem:
Update the TURN-server from Ubuntu 18.04 to 20.04 and reinstall conturn on it.

Thank you for the help guys.

Best Regards,
Ivan

Thank you! Really helpful insights.
But you left the config as it is in the documentation, except you added the info about your turn server?

[coderDem]

Thank you! Really helpful insights.
But you left the config as it is in the documentation, except you added the info about your turn server?

I left the config like in the documentation.

[hadifarnoud]

why was this issue closed? is it fixed?