UDP Gateway Error
raviprakash007 opened this issue · 11 comments
I am facing few issues and ICE getting failed.
UDP Gateway Logs:
12:49:21.499058 handlers.go:25: stunner-auth INFO: static auth request: username="user-1" realm="stunner.l7mp.io" srcAddr=10.128.0.7:58439
12:49:21.499178 server.go:202: turn ERROR: Failed to handle datagram: failed to handle Refresh-request from 10.128.0.7:58439: no allocation found 10.128.0.7:58439:[::]:3478
14:50:38.647262 handlers.go:25: stunner-auth INFO: static auth request: username="user-1" realm="stunner.l7mp.io" srcAddr=10.128.0.243:59645
and it continues...
When I tried to connect Browser Client to use ICE :
17:22:14.045530 handlers.go:25: stunner-auth INFO: static auth request: username="user-1" realm="stunner.l7mp.io" srcAddr=10.0.129.182:35747
2024-02-23 22:52:14.045 IST
17:22:14.045759 turn.go:239: turn INFO: permission denied for client 10.0.129.182:35747 to peer 192.168.1.10
17:22:14.046632 server.go:202: turn ERROR: Failed to handle datagram: failed to handle Send-indication from 10.0.129.182:35747: unable to handle send-indication, no permission added: 192.168.1.10:55136
and then ICE failed.
Can someone help?
Permission denied errors usually mean that the UDPRoute does not cover the destination address. Does the address 192.168.1.10
belong to the backend Service of your UDPRoute? The first issue might also result from the same problem, but you have to elevate the stunnerd logvelel to know more.
ps: please use code blocks in your postings (see the updated question)
IP address 192.168.1.10 is the client machine IP (browser) from where we are trying to create RTC Peer Connection.
My Configuration is as follows:
Installation Steps:
1. helm repo add stunner https://l7mp.io/stunner
2. helm repo update
3. helm install stunner-gateway-operator stunner/stunner-gateway-operator --create-namespace --namespace=stunner --version 0.16.0
4. helm install stunner stunner/stunner --namespace stunner
GatewayClass:
kubectl apply -f - <<EOF
apiVersion: gateway.networking.k8s.io/v1beta1
kind: GatewayClass
metadata:
name: stunner-gatewayclass
spec:
controllerName: "stunner.l7mp.io/gateway-operator"
parametersRef:
group: "stunner.l7mp.io"
kind: GatewayConfig
name: stunner-gatewayconfig
namespace: stunner
description: "STUNner is a WebRTC media gateway for Kubernetes"
EOF
Gateway Config:
kubectl apply -f - <<EOF
apiVersion: stunner.l7mp.io/v1
kind: GatewayConfig
metadata:
name: stunner-gatewayconfig
namespace: stunner
spec:
realm: stunner.l7mp.io
authRef:
name: stunner-auth-secret
namespace: stunner
EOF
Gateway:
kubectl apply $context -f - <<EOF
apiVersion: gateway.networking.k8s.io/v1beta1
kind: Gateway
metadata:
name: udp-gateway
namespace: stunner
spec:
gatewayClassName: stunner-gatewayclass
listeners:
- name: udp-listener
port: 3478
protocol: TURN-UDP
EOF
Secret:
kubectl apply -f - <<EOF
apiVersion: v1
kind: Secret
metadata:
name: stunner-auth-secret
namespace: stunner
type: Opaque
stringData:
type: static
username: xxxxxxx
password: xxxxxxx
EOF
And UDP Route:
kubectl apply -f - <<EOF
apiVersion: stunner.l7mp.io/v1
kind: UDPRoute
metadata:
name: media-plane
namespace: stunner
spec:
parentRefs:
- name: udp-gateway
rules:
- backendRefs:
- name: janus-udp-service
namespace: janus-media-plane
EOF
Service : janus-media-plane:
spec:
clusterIP: 34.118.236.240
clusterIPs:
- 34.118.236.240
internalTrafficPolicy: Cluster
ipFamilies:
- IPv4
ipFamilyPolicy: SingleStack
ports:
- name: 8443-to-8443-udp
port: 8443
protocol: UDP
targetPort: 8443
selector:
io.kompose.service: janus-server
sessionAffinity: None
type: ClusterIP
So the overall design looks like:
Browser <--------> Stunner <-----> (via Janus UDP Service) <---> Janus WebRTC Server (UPD PORT 8443 open)
For signalling
Browser <-----> Nginx Server LB <---(via Janus TCP Service) <----> Janus WebRTC Server
Note: I have followed the example of cloudretro and based on it, I tried to connect with Janus using port 8443
UDP Gateway Logs: (Reverse Order of timestamp so please read from end)
INFO 2024-02-24T10:40:15.439482837Z 10:40:15.439418 server.go:202: turn ERROR: Failed to handle datagram: failed to handle Send-indication from 10.0.129.117:36691: unable to handle send-indication, no permission added: 192.168.1.10:52282
INFO 2024-02-24T10:40:15.439465318Z 10:40:15.439312 turn.go:269: turn DEBUG: Received SendIndication from 10.0.129.117:36691
INFO 2024-02-24T10:40:15.439456777Z 10:40:15.439230 server.go:64: turn DEBUG: Handling TURN packet
INFO 2024-02-24T10:40:15.439395586Z 10:40:15.439070 server.go:39: turn DEBUG: Received 124 bytes of udp from 10.0.129.117:36691 on [::]:3478
INFO 2024-02-24T10:40:14.432141555Z 10:40:14.431805 server.go:202: turn ERROR: Failed to handle datagram: failed to handle Send-indication from 10.0.129.117:36691: unable to handle send-indication, no permission added: 192.168.1.10:52282
INFO 2024-02-24T10:40:14.432134250Z 10:40:14.431767 turn.go:269: turn DEBUG: Received SendIndication from 10.0.129.117:36691
INFO 2024-02-24T10:40:14.432104681Z 10:40:14.431733 server.go:64: turn DEBUG: Handling TURN packet
INFO 2024-02-24T10:40:14.432030251Z 10:40:14.431602 server.go:39: turn DEBUG: Received 124 bytes of udp from 10.0.129.117:36691 on [::]:3478
INFO 2024-02-24T10:40:13.927495573Z 10:40:13.927093 server.go:202: turn ERROR: Failed to handle datagram: failed to handle Send-indication from 10.0.129.117:36691: unable to handle send-indication, no permission added: 192.168.1.10:52282
INFO 2024-02-24T10:40:13.927487546Z 10:40:13.927046 turn.go:269: turn DEBUG: Received SendIndication from 10.0.129.117:36691
INFO 2024-02-24T10:40:13.927478419Z 10:40:13.927033 server.go:64: turn DEBUG: Handling TURN packet
INFO 2024-02-24T10:40:13.927335559Z 10:40:13.927001 server.go:39: turn DEBUG: Received 124 bytes of udp from 10.0.129.117:36691 on [::]:3478
INFO 2024-02-24T10:40:13.926831896Z 10:40:13.926397 turn.go:239: turn INFO: permission denied for client 10.0.129.117:36691 to peer 192.168.1.10
INFO 2024-02-24T10:40:13.926826660Z 10:40:13.926382 handlers.go:91: stunner-auth DEBUG: permission denied on listener "stunner/udp-gateway/udp-listener" for client "10.0.129.117:36691" to peer 192.168.1.10: no route to endpoint
INFO 2024-02-24T10:40:13.926820523Z 10:40:13.926367 handlers.go:74: stunner-auth DEBUG: permission handler for listener "stunner/udp-gateway/udp-listener": client "10.0.129.117:36691", peer "192.168.1.10"
INFO 2024-02-24T10:40:13.926814255Z 10:40:13.926336 handlers.go:30: stunner-auth DEBUG: static auth request: valid username
INFO 2024-02-24T10:40:13.926808638Z 10:40:13.926309 handlers.go:25: stunner-auth INFO: static auth request: username="user-1" realm="stunner.l7mp.io" srcAddr=10.0.129.117:36691
INFO 2024-02-24T10:40:13.926801852Z 10:40:13.926254 turn.go:214: turn DEBUG: Received CreatePermission from 10.0.129.117:36691
INFO 2024-02-24T10:40:13.926793626Z 10:40:13.926234 server.go:64: turn DEBUG: Handling TURN packet
INFO 2024-02-24T10:40:13.926717974Z 10:40:13.926176 server.go:39: turn DEBUG: Received 124 bytes of udp from 10.0.129.117:36691 on [::]:3478
INFO 2024-02-24T10:40:13.681387453Z 10:40:13.681239 allocation_manager.go:116: turn DEBUG: Listening on relay address: 10.0.128.227:39081
INFO 2024-02-24T10:40:13.681128045Z 10:40:13.680924 handlers.go:30: stunner-auth DEBUG: static auth request: valid username
INFO 2024-02-24T10:40:13.681113827Z 10:40:13.680901 handlers.go:25: stunner-auth INFO: static auth request: username="user-1" realm="stunner.l7mp.io" srcAddr=10.0.129.117:36691
INFO 2024-02-24T10:40:13.681107921Z 10:40:13.680866 turn.go:18: turn DEBUG: Received AllocateRequest from 10.0.129.117:36691
INFO 2024-02-24T10:40:13.681099667Z 10:40:13.680847 server.go:64: turn DEBUG: Handling TURN packet
INFO 2024-02-24T10:40:13.681030934Z 10:40:13.680807 server.go:39: turn DEBUG: Received 132 bytes of udp from 10.0.129.117:36691 on [::]:3478
INFO 2024-02-24T10:40:13.662016098Z 10:40:13.661706 turn.go:18: turn DEBUG: Received AllocateRequest from 10.0.129.117:36691
INFO 2024-02-24T10:40:13.662006787Z 10:40:13.661687 server.go:64: turn DEBUG: Handling TURN packet
INFO 2024-02-24T10:40:13.661906171Z 10:40:13.661596 server.go:39: turn DEBUG: Received 40 bytes of udp from 10.0.129.117:36691 on [::]:3478
INFO 2024-02-24T10:26:49.509112758Z 10:26:49.508438 reconcile.go:180: stunner INFO: status: READY, realm: stunner.l7mp.io, authentication: static, listeners: stunner/udp-gateway/udp-listener: [turn-udp://10.0.128.227:3478<0:0>], active allocations: 0
INFO 2024-02-24T10:26:49.509106539Z 10:26:49.508412 reconcile.go:176: stunner INFO: reconciliation ready: new objects: 0, changed objects: 2, deleted objects: 0, started objects: 0, restarted objects: 0
INFO 2024-02-24T10:26:49.509096964Z 10:26:49.508402 reconcile.go:156: stunner WARNING: running with no clusters: all traffic will be dropped
INFO 2024-02-24T10:26:49.509091083Z 10:26:49.508393 reconcile.go:131: cluster-manager DEBUG: reconciliation ready: to-be-created: 0, changed: 0, deleted: 0
INFO 2024-02-24T10:26:49.509084279Z 10:26:49.508384 reconcile.go:131: listener-manager DEBUG: reconciliation ready: to-be-created: 0, changed: 1, deleted: 0
INFO 2024-02-24T10:26:49.509077332Z 10:26:49.508353 reconcile.go:131: auth-manager DEBUG: reconciliation ready: to-be-created: 0, changed: 0, deleted: 0
INFO 2024-02-24T10:26:49.509026167Z 10:26:49.508279 reconcile.go:112: stunner INFO: setting loglevel to "all:DEBUG"
INFO 2024-02-24T10:26:49.506413Z {"level":"INFO", "msg":"Writing /etc/stunnerd/stunnerd.conf (ascii)", "taskName":null}
INFO 2024-02-24T09:43:03.763212031Z 09:43:03.762883 handlers.go:25: stunner-auth INFO: static auth request: username="user-1" realm="stunner.l7mp.io" srcAddr=10.128.0.5:49997
INFO 2024-02-24T09:43:03.752403401Z 09:43:03.752111 handlers.go:25: stunner-auth INFO: static auth request: username="user-1" realm="stunner.l7mp.io" srcAddr=10.128.0.5:49997
INFO 2024-02-24T09:43:03.483993022Z 09:43:03.483646 handlers.go:25: stunner-auth INFO: static auth request: username="user-1" realm="stunner.l7mp.io" srcAddr=10.128.0.5:49997
$ kubectl -n stunner describe stunner
Name: stunner-gatewayconfig
Namespace: stunner
Labels: <none>
Annotations: <none>
API Version: stunner.l7mp.io/v1
Kind: GatewayConfig
Metadata:
Creation Timestamp: 2024-02-24T07:42:08Z
Generation: 2
Resource Version: 140886493
UID: b1c5d6f3-9121-49d5-abf7-f0a7ccedd5ff
Spec:
Auth Ref:
Group:
Kind: Secret
Name: stunner-auth-secret
Namespace: stunner
Auth Type: plaintext
Dataplane: default
Log Level: all:DEBUG
Realm: stunner.l7mp.io
Events: <none>
Name: media-plane
Namespace: stunner
Labels: <none>
Annotations: <none>
API Version: stunner.l7mp.io/v1
Kind: UDPRoute
Metadata:
Creation Timestamp: 2024-02-24T07:42:49Z
Generation: 1
Resource Version: 140758131
UID: e27c23f5-3aa3-4d85-8d6f-b9d4134ceb70
Spec:
Parent Refs:
Group: gateway.networking.k8s.io
Kind: Gateway
Name: udp-gateway
Rules:
Backend Refs:
Group:
Kind: Service
Name: janus-udp-service
Namespace: janus-media
Events: <none>
So here is the offending log line:
INFO 2024-02-24T10:40:13.926826660Z 10:40:13.926382 handlers.go:91: stunner-auth DEBUG: permission denied on listener "stunner/udp-gateway/udp-listener" for client "10.0.129.117:36691" to peer 192.168.1.10: no route to endpoint
This means someone with the address 10.0.129.117:36691
is trying to reach a peer, namely 192.168.1.10
, they don't have permission to reach. If 192.168.1.10
is indeed the browser, then I guess 10.0.129.117
is the pod IP of your Janus media server. So what happens is that the media server opens a TURN relay connection on STUNner and tries to send media to the browser via this relay connection. This obviously fails, as stunnerd
cannot reach the private IP of the browser.
Things should occur precisely the other way around: it should be the broswer that initiates the TURN connection and Janus should run with no ICE servers configured at all, see here.
So please remove all ICE servers from Janus config and add STUNner's TURN URI as the only ICE server for your browser and things should just work fine. If you're using the latest master (just reinstall from the "dev" channel and install stunnerctl
) then the below would return a valid config that you can use for configuring the PeerConnection
on your browser:
./stunnerctl -n stunner auth
{"iceServers":[{"credential":"xxxxxxx","urls":["turn:A.B.C.D:3478?transport=udp"],"username":"xxxxxxx"}],"iceTransportPolicy":"all"}
Ok, I removed ICE servers from the Janus config. But it still didn't work.
One more question to be sure,
For this scenario.
Browser <---->Stunner UDP Route <------> Janus Service (8443 UDP) <-----> Janus Media Server.
Do we need to open 8443 necessarily on Janus Server.?
PS: I am following cloudretro deployment , where a single UDP port has been opened on workers. So I am assuming Janus Media Server as My workers.
2024-02-24 19:57:20.229 IST
14:27:20.228837 server.go:39: turn DEBUG: Received 20 bytes of udp from 10.128.0.7:63891 on [::]:3478
2024-02-24 19:57:20.229 IST
14:27:20.228876 server.go:64: turn DEBUG: Handling TURN packet
2024-02-24 19:57:20.229 IST
14:27:20.228889 stun.go:12: turn DEBUG: Received BindingRequest from 10.128.0.7:63891
2024-02-24 19:57:20.262 IST
14:27:20.262127 server.go:39: turn DEBUG: Received 28 bytes of udp from 10.128.0.5:63895 on [::]:3478
2024-02-24 19:57:20.262 IST
14:27:20.262166 server.go:64: turn DEBUG: Handling TURN packet
2024-02-24 19:57:20.262 IST
14:27:20.262183 turn.go:18: turn DEBUG: Received AllocateRequest from 10.128.0.5:63895
2024-02-24 19:57:20.269 IST
14:27:20.269390 server.go:39: turn DEBUG: Received 28 bytes of udp from 10.128.0.243:63887 on [::]:3478
2024-02-24 19:57:20.269 IST
14:27:20.269654 server.go:64: turn DEBUG: Handling TURN packet
2024-02-24 19:57:20.269 IST
14:27:20.269697 turn.go:18: turn DEBUG: Received AllocateRequest from 10.128.0.243:63887
2024-02-24 19:57:20.273 IST
14:27:20.273372 server.go:39: turn DEBUG: Received 28 bytes of udp from 10.128.0.7:63891 on [::]:3478
2024-02-24 19:57:20.273 IST
14:27:20.273499 server.go:64: turn DEBUG: Handling TURN packet
2024-02-24 19:57:20.484 IST
14:27:20.484631 stun.go:12: turn DEBUG: Received BindingRequest from 10.128.0.5:63895
2024-02-24 19:57:20.492 IST
14:27:20.492685 server.go:39: turn DEBUG: Received 20 bytes of udp from 10.128.0.243:63887 on [::]:3478
2024-02-24 19:57:20.493 IST
14:27:20.492751 server.go:64: turn DEBUG: Handling TURN packet
2024-02-24 19:57:20.493 IST
14:27:20.492764 stun.go:12: turn DEBUG: Received BindingRequest from 10.128.0.243:63887
2024-02-24 19:57:20.495 IST
14:27:20.495646 server.go:39: turn DEBUG: Received 20 bytes of udp from 10.128.0.7:63891 on [::]:3478
2024-02-24 19:57:20.495 IST
14:27:20.495770 server.go:64: turn DEBUG: Handling TURN packet
2024-02-24 19:57:20.495 IST
14:27:20.495874 stun.go:12: turn DEBUG: Received BindingRequest from 10.128.0.7:63891
2024-02-24 19:57:20.536 IST
14:27:20.536075 server.go:39: turn DEBUG: Received 28 bytes of udp from 10.128.0.243:63887 on [::]:3478
2024-02-24 19:57:20.536 IST
14:27:20.536111 server.go:64: turn DEBUG: Handling TURN packet
2024-02-24 19:57:20.536 IST
14:27:20.536126 turn.go:18: turn DEBUG: Received AllocateRequest from 10.128.0.243:63887
2024-02-24 19:57:20.536 IST
14:27:20.536624 server.go:39: turn DEBUG: Received 28 bytes of udp from 10.128.0.5:63895 on [::]:3478
2024-02-24 19:57:20.536 IST
14:27:20.536711 server.go:64: turn DEBUG: Handling TURN packet
2024-02-24 19:57:20.536 IST
14:27:20.536819 turn.go:18: turn DEBUG: Received AllocateRequest from 10.128.0.5:63895
2024-02-24 19:57:20.536 IST
14:27:20.536819 turn.go:18: turn DEBUG: Received AllocateRequest from 10.128.0.5:63895
2024-02-24 19:57:20.539 IST
14:27:20.539145 server.go:39: turn DEBUG: Received 28 bytes of udp from 10.128.0.7:63891 on [::]:3478
2024-02-24 19:57:20.539 IST
14:27:20.539252 server.go:64: turn DEBUG: Handling TURN packet
2024-02-24 19:57:20.539 IST
14:27:20.539297 turn.go:18: turn DEBUG: Received AllocateRequest from 10.128.0.7:63891
2024-02-24 19:57:20.546 IST
14:27:20.546672 server.go:39: turn DEBUG: Received 120 bytes of udp from 10.128.0.243:63887 on [::]:3478
2024-02-24 19:57:20.547 IST
14:27:20.546937 server.go:64: turn DEBUG: Handling TURN packet
2024-02-24 19:57:20.547 IST
14:27:20.547119 turn.go:18: turn DEBUG: Received AllocateRequest from 10.128.0.243:63887
2024-02-24 19:57:20.547 IST
14:27:20.547313 handlers.go:25: stunner-auth INFO: static auth request: username="user-1" realm="stunner.l7mp.io" srcAddr=10.128.0.243:63887
2024-02-24 19:57:20.547 IST
14:27:20.547489 handlers.go:30: stunner-auth DEBUG: static auth request: valid username
2024-02-24 19:57:20.547 IST
14:27:20.547819 allocation_manager.go:116: turn DEBUG: Listening on relay address: 10.0.128.227:42391
2024-02-24 19:57:20.550 IST
14:27:20.549984 server.go:39: turn DEBUG: Received 120 bytes of udp from 10.128.0.5:63895 on [::]:3478
2024-02-24 19:57:20.550 IST
14:27:20.550183 server.go:64: turn DEBUG: Handling TURN packet
2024-02-24 19:57:20.550 IST
14:27:20.550273 turn.go:18: turn DEBUG: Received AllocateRequest from 10.128.0.5:63895
2024-02-24 19:57:20.562 IST
14:27:20.562291 handlers.go:25: stunner-auth INFO: static auth request: username="user-1" realm="stunner.l7mp.io" srcAddr=10.128.0.7:63891
2024-02-24 19:57:20.562 IST
14:27:20.562422 handlers.go:30: stunner-auth DEBUG: static auth request: valid username
2024-02-24 19:57:20.562 IST
14:27:20.562641 allocation_manager.go:116: turn DEBUG: Listening on relay address: 10.0.128.227:60991
2024-02-24 19:57:20.797 IST
14:27:20.797402 server.go:39: turn DEBUG: Received 120 bytes of udp from 10.128.0.243:63887 on [::]:3478
2024-02-24 19:57:20.797 IST
14:27:20.797496 server.go:64: turn DEBUG: Handling TURN packet
2024-02-24 19:57:20.797 IST
14:27:20.797522 turn.go:18: turn DEBUG: Received AllocateRequest from 10.128.0.243:63887
2024-02-24 19:57:20.797 IST
14:27:20.797593 handlers.go:25: stunner-auth INFO: static auth request: username="user-1" realm="stunner.l7mp.io" srcAddr=10.128.0.243:63887
2024-02-24 19:57:20.797 IST
14:27:20.797616 handlers.go:30: stunner-auth DEBUG: static auth request: valid username
2024-02-24 19:57:20.832 IST
14:27:20.832320 server.go:39: turn DEBUG: Received 120 bytes of udp from 10.128.0.5:63895 on [::]:3478
2024-02-24 19:57:20.832 IST
14:27:20.832370 server.go:64: turn DEBUG: Handling TURN packet
2024-02-24 19:57:20.832 IST
14:27:20.832391 turn.go:18: turn DEBUG: Received AllocateRequest from 10.128.0.5:63895
2024-02-24 19:57:20.832 IST
14:27:20.832428 handlers.go:25: stunner-auth INFO: static auth request: username="user-1" realm="stunner.l7mp.io" srcAddr=10.128.0.5:63895
2024-02-24 19:57:20.832 IST
14:27:20.832447 handlers.go:30: stunner-auth DEBUG: static auth request: valid username
2024-02-24 19:57:23.855 IST
14:27:23.854833 turn.go:180: turn DEBUG: Received RefreshRequest from 10.128.0.7:63891
2024-02-24 19:57:23.855 IST
14:27:23.854862 handlers.go:25: stunner-auth INFO: static auth request: username="user-1" realm="stunner.l7mp.io" srcAddr=10.128.0.7:63891
2024-02-24 19:57:23.855 IST
14:27:23.854908 handlers.go:30: stunner-auth DEBUG: static auth request: valid username
2024-02-24 19:57:23.868 IST
14:27:23.868637 server.go:39: turn DEBUG: Received 124 bytes of udp from 10.128.0.243:63887 on [::]:3478
2024-02-24 19:57:23.868 IST
14:27:23.868820 server.go:64: turn DEBUG: Handling TURN packet
2024-02-24 19:57:23.987 IST
14:27:23.986895 server.go:64: turn DEBUG: Handling TURN packet
2024-02-24 19:57:23.987 IST
14:27:23.986950 turn.go:269: turn DEBUG: Received SendIndication from 10.128.0.243:63887
2024-02-24 19:57:23.987 IST
14:27:23.987036 server.go:202: turn ERROR: Failed to handle datagram: failed to handle Send-indication from 10.128.0.243:63887: unable to handle send-indication, no permission added: 10.0.129.130:42590
2024-02-24 19:57:24.129 IST
14:27:24.129273 server.go:39: turn DEBUG: Received 124 bytes of udp from 10.128.0.243:63887 on [::]:3478
2024-02-24 19:57:24.129 IST
14:27:24.129487 server.go:64: turn DEBUG: Handling TURN packet
2024-02-24 19:57:24.129 IST
14:27:24.129586 turn.go:214: turn DEBUG: Received CreatePermission from 10.128.0.243:63887
2024-02-24 19:57:24.129 IST
14:27:24.129723 handlers.go:25: stunner-auth INFO: static auth request: username="user-1" realm="stunner.l7mp.io" srcAddr=10.128.0.243:63887
2024-02-24 19:57:24.129 IST
14:27:24.129790 handlers.go:30: stunner-auth DEBUG: static auth request: valid username
2024-02-24 19:57:24.130 IST
14:27:24.129918 handlers.go:74: stunner-auth DEBUG: permission handler for listener "stunner/udp-gateway/udp-listener": client "10.128.0.243:63887", peer "10.0.129.130"
2024-02-24 19:57:24.130 IST
14:27:24.130049 handlers.go:91: stunner-auth DEBUG: permission denied on listener "stunner/udp-gateway/udp-listener" for client "10.128.0.243:63887" to peer 10.0.129.130: no route to endpoint
2024-02-24 19:57:24.130 IST
14:27:24.130071 turn.go:239: turn INFO: permission denied for client 10.128.0.243:63887 to peer 10.0.129.130
2024-02-24 19:57:30.525 IST
14:27:30.524767 server.go:39: turn DEBUG: Received 20 bytes of udp from 10.128.0.243:63887 on [::]:3478
2024-02-24 19:57:30.525 IST
14:27:30.524874 server.go:64: turn DEBUG: Handling TURN packet
2024-02-24 19:57:30.525 IST
14:27:30.524894 stun.go:12: turn DEBUG: Received BindingRequest from 10.128.0.243:63887
Stunner POD IP: 10.0.128.227
Janus UDP Service IP: 10.0.129.130
I removed the ICE server from Janus, now its not able to write to Janus Pod: 10.0.129.130
So far, so good. Can you post the output of kubectl -n janus-media describe svc janus-udp-service
? We also need the dataplane config: if you're on the stable channel then kubectl -n stunner get cm udp-gateway -o yaml
is the command, and if you're using the dev channel then see here.
I think, I am wasting time over a non-reliable github repo. Its not working