Trying to enable VoIP in synapse (matrix) with CoTurn

fgfdffsfd · 01-22-2019, 09:38 AM

Having real trouble doing this and am at the edge of my abilities, so would really appreciate some input. Any VoIP call just hangs when answered.

/etc/turnserver.conf contains:

Code:

min-port=49152
max-port=65535
realm=turn.mydomain.co.uk
use-auth-secret
static-auth-secret=sharedsecretkey

cert=/etc/letsencrypt/live/mydomain.co.uk/fullchain.pem
pkey=/etc/letsencrypt/live/mydomain.co.uk/privkey.pem

lt-cred-mech
no-tcp-relay

sudo turnserver -v returns:

Code:

0: log file opened: /var/log/turn_1011_2019-01-22.log
0: 
RFC 3489/5389/5766/5780/6062/6156 STUN/TURN Server
Version Coturn-4.5.0.7 'dan Eider'
0: 
Max number of open files/sockets allowed for this process: 1048576
0: 
Due to the open files/sockets limitation,
max supported number of TURN Sessions possible is: 524000 (approximately)
0: 

==== Show him the instruments, Practical Frost: ====

0: TLS supported
0: DTLS supported
0: DTLS 1.2 supported
0: TURN/STUN ALPN supported
0: Third-party authorization (oAuth) supported
0: GCM (AEAD) supported
0: OpenSSL compile-time version: OpenSSL 1.1.0g  2 Nov 2017 (0x1010007f)
0: 
0: SQLite supported, default database location is /var/lib/turn/turndb
0: Redis supported
0: PostgreSQL supported
0: MySQL supported
0: MongoDB is not supported
0: 
0: Default Net Engine version: 3 (UDP thread per CPU core)

=====================================================

0: Config file found: /etc/turnserver.conf
0: Config file found: /etc/turnserver.conf
0: Domain name: 
0: Default realm: turn.mydomain.co.uk
0: 
CONFIG: --no-tcp-relay: TCP relay endpoints are not allowed.
0: SSL23: Certificate file found: /etc/letsencrypt/live/mydomain.co.uk/fullchain.pem
0: SSL23: Private key file found: /etc/letsencrypt/live/mydomain.co.uk/privkey.pem
0: TLS1.0: Certificate file found: /etc/letsencrypt/live/mydomain.co.uk/fullchain.pem
0: TLS1.0: Private key file found: /etc/letsencrypt/live/mydomain.co.uk/privkey.pem
0: TLS1.1: Certificate file found: /etc/letsencrypt/live/mydomain.co.uk/fullchain.pem
0: TLS1.1: Private key file found: /etc/letsencrypt/live/mydomain.co.uk/privkey.pem
0: TLS1.2: Certificate file found: /etc/letsencrypt/live/mydomain.co.uk/fullchain.pem
0: TLS1.2: Private key file found: /etc/letsencrypt/live/mydomain.co.uk/privkey.pem
0: TLS cipher suite: DEFAULT
0: DTLS1.2: Certificate file found: /etc/letsencrypt/live/mydomain.co.uk/fullchain.pem
0: DTLS1.2: Private key file found: /etc/letsencrypt/live/mydomain.co.uk/privkey.pem
0: DTLS: Certificate file found: /etc/letsencrypt/live/mydomain.co.uk/fullchain.pem
0: DTLS: Private key file found: /etc/letsencrypt/live/mydomain.co.uk/privkey.pem
0: DTLS cipher suite: DEFAULT
0: NO EXPLICIT LISTENER ADDRESS(ES) ARE CONFIGURED
0: ===========Discovering listener addresses: =========
0: Listener address to use: 127.0.0.1
0: Listener address to use: 192.168.2.2
0: Listener address to use: ::1
0: =====================================================
0: Total: 1 'real' addresses discovered
0: =====================================================
0: NO EXPLICIT RELAY ADDRESS(ES) ARE CONFIGURED
0: ===========Discovering relay addresses: =============
0: Relay address to use: 192.168.2.2
0: Relay address to use: ::1
0: =====================================================
0: Total: 2 relay addresses discovered
0: =====================================================
0: pid file created: /var/run/turnserver.pid
0: IO method (main listener thread): epoll (with changelist)
0: WARNING: I cannot support STUN CHANGE_REQUEST functionality because only one IP address is provided
0: Wait for relay ports initialization...
0:   relay 192.168.2.2 initialization...
0:   relay 192.168.2.2 initialization done
0:   relay ::1 initialization...
0:   relay ::1 initialization done
0: Relay ports initialization done
0: IO method (general relay thread): epoll (with changelist)
0: turn server id=0 created
0: IPv4. TLS/TCP listener opened on : 127.0.0.1:8443
0: IPv4. TLS/TCP listener opened on : 127.0.0.1:5349
0: IPv4. TLS/TCP listener opened on : 192.168.2.2:8443
0: IPv4. TLS/TCP listener opened on : 192.168.2.2:5349
0: IPv6. TLS/TCP listener opened on : ::1:8443
0: IPv6. TLS/TCP listener opened on : ::1:5349
0: IO method (general relay thread): epoll (with changelist)
0: turn server id=1 created
0: IPv4. DTLS/UDP listener opened on: 127.0.0.1:8443
0: IPv4. TLS/TCP listener opened on : 127.0.0.1:8443
0: IPv4. TLS/TCP listener opened on : 127.0.0.1:5349
0: IPv4. DTLS/UDP listener opened on: 127.0.0.1:5349
0: IPv4. TLS/TCP listener opened on : 192.168.2.2:8443
0: IPv4. TLS/TCP listener opened on : 192.168.2.2:5349
0: IPv4. DTLS/UDP listener opened on: 192.168.2.2:8443
0: IPv6. TLS/TCP listener opened on : ::1:8443
0: IPv6. TLS/TCP listener opened on : ::1:5349
0: IPv4. DTLS/UDP listener opened on: 192.168.2.2:5349
0: IPv6. DTLS/UDP listener opened on: ::1:8443
0: IPv6. DTLS/UDP listener opened on: ::1:5349
0: Total General servers: 2
0: IO method (auth thread): epoll (with changelist)
0: IO method (auth thread): epoll (with changelist)
0: IO method (admin thread): epoll (with changelist)
0: IPv4. CLI listener opened on : 127.0.0.1:5766
0: SQLite DB connection success: /var/lib/turn/turndb

My /etc/matrix-synapse/homeserver.yaml contains:

Code:

turn_uris: [ "turn:turn.mydomain.co.uk:3478?transport=udp", "turn:turn.mydomain.co.uk:3478?transport=tcp" ]
turn_shared_secret: sharedsecretkey
turn_user_lifetime: 86400000
turn_allow_guests: True

I don't think it's a network issue: router is 1:1 Nat currently forwarding all traffic, and I have a LOT of ports open on the server while I try to get this right. Where do I go from here?

hafeezisbad · 02-03-2019, 01:19 AM

follow this link

https://www.foxypossibilities.com/20...trix-on-nixos/

chcek your firewall and allowed ports , follow the instruction in the site , are you doing the same verify

if still problem continue , post some logs , your firewall and config files info