Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

EC2 server can handle authorization, then no more response between server and client

See original GitHub issue

Describe the bug Local test on macos and windows is working as expected, but after deploy to ec2 server, the server side udp doesnt do anything once processed authorization.

Things checked (v) ec2 all udp port forward (v) tested client of intranet ip, also tryed open local NAT port forwarding for all udp ports - same issue (v) tested mobile 4g network - same issue (v) added default google iceServers

Have a question? I added console log inside the server side authorization function, this is the last breakpoint (console log) I can see from the server side.
There are try catch on server side to detect exceptions, and console log on client side. Did not see any of these error message

What I found By inspecting the network records, I noticed the ‘additional-candidates’ in ec2 test only have one ‘candidate’ which is {candidate: "a=candidate:1 1 UDP 2122317823 172.31.3.39 37722 typ host", sdpMid: "0"} My local test ‘cadicate’ has more than one includes my local ip {candidate: "a=candidate:1 1 UDP 2122317823 172.31.128.1 58605 typ host", sdpMid: "0"} {candidate: "a=candidate:2 1 UDP 2122317567 192.168.1.138 58605 typ host", sdpMid: "0"} the 172.xx address is not my home public ip, not sure what it belongs to 😄

any suggestions ? @yandeu Thanks for help~

Issue Analytics

State:
Created a year ago
Comments:11 (4 by maintainers)

Top GitHub Comments

2reactions

yandeucommented, May 23, 2022

You should use your own twilio account to get access to STUN servers.

See https://www.twilio.com/docs/stun-turn/api

1reaction

lancetycommented, May 23, 2022

just found another discussion on stack overflow about the twilio stun server, here is the list I am using, and get 100% success udp connection

    {urls: "stun:global.stun.twilio.com:3478?transport=udp"},
    {urls: "stun:stun.l.google.com:19302"},
    {urls: "stun:stun2.l.google.com:19302"},
    {urls: "stun:stun4.l.google.com:19302"},
]

From my test results, I guess too many stun servers in the udp ice servcer config is not good Browser might not handle that many candidates? Most candidates response received within 1 sec, then few more every 2-5 sec, then no more. I am not sure if the number of respone received in browser same as the stun server I defined at backend, seems there are some effects when changing the size of stun servers in config. Most candidate response is empty, I dont have knowledge to explain what is happening behind of the scene.

Top Results From Across the Web

Troubleshoot connecting to your instance - AWS Documentation

In the navigation pane, choose Instances, and then select your instance. Verify the following: In the Instance state column, verify that your instance...

HTTP authentication - MDN Web Docs - Mozilla

A client that wants to authenticate itself with the server can then do so by including an Authorization request header with the credentials....

Using OAuth 2.0 for Web Server Applications | YouTube Data ...

Any application that uses OAuth 2.0 to access Google APIs must have authorization credentials that identify the application to Google's OAuth ...

AWS Security Best Practices - Awsstatic

Manage Security Monitoring, Alerting, Audit Trail, and Incident Response . ... When you launch a new Amazon EC2 instance from a standard AMI,...

Authorizing requests - Postman Learning Center

You can pass auth details along with any request you send in Postman. ... Realm - A string specified by the server in...