livekit PeerConnection timeout for some clinets from China

Hello, we have last version of Livekit server on Aliun in China, and it works fine, but some clients can not connect without VPN, also sometimes it disconnects and client can not restore the connection. Some clients from Canada, USA, Hong Kong are experiencing the same issue. I think it happens becuase some internet providers block some kind of traffic, becuase VPN helps in most cases.

Please help.

Jan 25 '23 06:01 mrAndywendy

Also the same issue discovered in Korea, some users can not connect to the server. The connection to websocket is OK, but PeerConnection is timeout.

Jan 26 '23 13:01 mrAndywendy

Area you running a self-deployed livekit server? You can use connect test tool to test.

Jan 31 '23 11:01 aimin-git

Yes, the server is self-deployed. We tried your test-tool and if user uses mobile internet or some providers it displays

error could not connect PeerConnection after timeout

via VPN it is fine.

Jan 31 '23 11:01 mrAndywendy

" could not connect PeerConnection after timeout" means the wss connection to livekit server has timeout. It looks related to the network connection.

Jan 31 '23 12:01 aimin-git

No, WebSocket is OK, it connects and receives data. Problem is with TURN, as I understand.

Jan 31 '23 12:01 mrAndywendy

What's your configuration? Do you have the build-in TURN enabled?

Jan 31 '23 12:01 aimin-git

Yes, TURN is enabled.

I will attach the config.

Jan 31 '23 12:01 mrAndywendy

You could disable the TURN or use a external TURN to have a test. I also have a livekit server in alicloud, I am not enabling the TURN.

Jan 31 '23 12:01 aimin-git

webhook: api_key: 'key1' urls: - 'https://connect.xxx.com/api/livekit/webhook'

log_level: error

rtc: port_range_start: 50000 port_range_end: 60000 tcp_port: 7881 use_external_ip: true packet_buffer_size: 3000

pli_throttle: low_quality: 5s mid_quality: 5s high_quality: 5s

stun_servers: - dev-turn.xxxx.com:3478

turn: enabled: true tls_port: 5349 domain: lk-conf.xxx.com cert_file: /etc/nginx/wildcard.xxxxx.com.crt key_file: /etc/nginx/wildcard.xxxxx.com.key

prometheus_port: 6789

limit: num_tracks: -1 bytes_per_sec: 1_000_000_000

keys: key1: key2:

Jan 31 '23 12:01 mrAndywendy

We used it with disabled TURN, but on test tool it does not pass, so we enabled it back.

Jan 31 '23 12:01 mrAndywendy

When bring in up the livekit server, configure the node-ip as the external ip, it will work. "command: --config /etc/livekit.yaml --node-ip xx.xx.xx.xx"

Jan 31 '23 13:01 aimin-git

Unfortunately

We used an external IP address and an internal. Sometimes it connected, but after page reloading it could not connect.

Jan 31 '23 14:01 mrAndywendy

It looks a issue related to NAT tranverse. Packet capture and livekit logs will help.

Feb 01 '23 01:02 aimin-git

We used extended log mode on the livekit server looks like it does not sense. The only one error is in a log

livekit-server[1566650]: 2023-02-01T03:00:28.056-0600#011ERROR#011livekit.turn#011logger/logadapter.go:108#011error when handling datagram: failed to create stun message from packet: BadFormat for message/cookie: 44445f34 is invalid magic cookie (should be 2112a442)

Also, we used https://cloud.livekit.io/ and client also could not connect without VPN.

At the same time, the user could connect to other WebRTC-based services such as Zoom and so on.

Feb 01 '23 14:02 mrAndywendy

You can try the latest master branch to see if it can work well, it has a connectivity improvement change #1366 , also try a external turn server (with tls enabled) that can be accessed by all users.

Feb 07 '23 01:02 cnderrauber

hi， turn server is ok ? can you give me you conf or trun server test

May 11 '24 04:05 Gor-c