Err http2 server refused stream что делать

If you observe blank or white pages when visiting your website, confirm whether the issue occurs when temporarily pausing Cloudflare External link icon

Open external link and contact your hosting provider for assistance.

​​ Error 502 bad gateway or error 504 gateway timeout

An HTTP 502 or 504 error occurs when Cloudflare is unable to establish contact with your origin web server.

• (Most common cause) 502/504 from your origin web server
• 502/504 from Cloudflare

​​ 502/504 from your origin web server

Cloudflare returns an Cloudflare-branded HTTP 502 or 504 error when your origin web server responds with a standard HTTP 502 bad gateway or 504 gateway timeout error:

Resolution

• Ensure the origin server responds to requests for the hostname and domain within the visitor’s URL that generated the 502 or 504 error.
• Investigate excessive server loads, crashes, or network failures.
• Identify applications or services that timed out or were blocked.

​​ 502/504 from Cloudflare

A 502 or 504 error originating from Cloudflare appears as follows:

If the error does not mention “cloudflare,” contact your hosting provider for assistance on 502/504 errors from your origin .

Resolution

1. Time and timezone the issue occurred.
2. URL that resulted in the HTTP 502 or 504 response (for example: https://www.example.com/images/icons/image1.png )
3. Output from browsing to /cdn-cgi/trace .

​​ Error 503: service temporarily unavailable

• Error doesn’t contain “cloudflare” or “cloudflare-nginx” in the HTML response body.

• Error contains “cloudflare” or “cloudflare-nginx” in the HTML response body.

1. Your domain name
2. The time and timezone of the 503 error occurrence
3. The output of www.example.com/cdn-cgi/trace External link icon

​​ Error 520: web server returns an unknown error

Error 520 occurs when the origin server returns an empty, unknown, or unexpected response to Cloudflare.

Resolution A quick workaround while further investigating 520 errors is to either make the record DNS-only in the Cloudflare DNS app or temporarily pause Cloudflare .

• Origin web server application crashes
• Cloudflare IPs External link icon

• upstream prematurely closed connection while reading response header from upstream is a common error we may notice in our logs. This indicates the origin web server was having issues which caused Cloudflare to generate 520 errors.

• Full URL(s) of the resource requested when the error occurred
• Cloudflare cf-ray from the 520 error message
• Output from http:///cdn-cgi/trace
• Two HAR files :
  • one with Cloudflare enabled on your website, and
  • the other with Cloudflare temporarily disabled .

  ​​ Error 521: web server is down

  Error 521 occurs when the origin web server refuses connections from Cloudflare. Security solutions at your origin may block legitimate connections from certain Cloudflare IP addresses External link icon

  • Offlined origin web server application
  • Blocked Cloudflare requests

  Resolution

  • Ensure your origin web server is responsive
  • Review origin web server error logs to identify web server application crashes or outages.
  • Confirm Cloudflare IP addresses External link icon

  ​​ Error 522: connection timed out

  1. Before a connection is established, the origin web server does not return a SYN+ACK to Cloudflare within 15 seconds of Cloudflare sending a SYN.
  2. After a connection is established, the origin web server doesn’t acknowledge (ACK) Cloudflare’s resource request within 90 seconds.

  Resolution

  If you are using Cloudflare Pages , verify that you have a custom domain set up and that your CNAME record is pointed to your custom Pages domain. Instructions on how to set up a custom Pages domain can be found here .

  ​​ Error 523: origin is unreachable

  Error 523 occurs when Cloudflare cannot contact your origin web server. This typically occurs when a network device between Cloudflare and the origin web server doesn’t have a route to the origin’s IP address.

  • Confirm the correct origin IP address is listed for A or AAAA records within your Cloudflare DNS app.
  • Troubleshoot Internet routing issues between your origin and Cloudflare, or with the origin itself.
  • A traceroute to your origin web server from your Railgun server.
  • The most recent syslog file from your Railgun server.

  ​​ Error 524: a timeout occurred

  Error 524 indicates that Cloudflare successfully connected to the origin web server, but the origin did not provide an HTTP response before the default 100 second connection timed out. This can happen if the origin server is taking too long because it has too much work to do — e.g. a large data query, or because the server is struggling for resources and cannot return any data in time. A 524 occurs if the origin web server acknowledges (ACK) the resource request after the connection has been established, but does not send a timely response.

  Resolution

  • Implement status polling of large HTTP processes to avoid hitting this error.
  • Contact your hosting provider to exclude the following common causes at your origin web server:
    • A long-running process on the origin web server.
    • An overloaded origin web server.

    Logging request response time at your origin web server helps identify the cause of resource slowness. Contact your hosting provider or site administrator for assistance in adjusting log formats or search for related logging documentation for your brand of web server such as Apache External link icon

    Enterprise customers can increase the 524 timeout up to 6000 seconds using the proxy_read_timeout API endpoint API link label

    Please note that you may observe a 1 second difference between the timeout you’ve set and the actual time at which the Error 524 is returned. This is expect, it’s due to the current work on implementing Pingora, our new proxy External link icon

    Open external link . As a workaround you can simply set the timeout to 1 second more (121 seconds instead of 120 seconds for example).

    ​​ Error 525: SSL handshake failed

    Resolution

    • No valid SSL certificate installed
    • Port 443 (or other custom secure port) is not open
    • No SNI support
    • The cipher suites presented by Cloudflare to the origin do not match the cipher suites supported by the origin web server

    If 525 errors occur intermittently, review the origin web server error logs to determine the cause. Configure Apache to log mod_ssl errors External link icon

    Open external link . Also, nginx includes SSL errors in its standard error log, but may possibly require an increased log level External link icon

    • Check if you have a certificate installed on your origin server. You can check this article for more details on how to run some tests. In case you don’t have any certificate, you can create and install our free Cloudflare origin CA certificate . Using Origin CA certificates allows you to encrypt traffic between Cloudflare and your origin web server.
    • Review the cipher suites your server is using to ensure they match what is supported by Cloudflare.
    • Check your server’s error logs from the timestamps you see 525s to ensure there are errors that could be causing the connection to be reset during the SSL handshake.

    ​​ Error 526: invalid SSL certificate

    1. Cloudflare cannot validate the SSL certificate at your origin web server, and
    2. Full SSL (Strict)SSL is set in the Overview tab of your Cloudflare SSL/TLS app.

    Resolution For a potential quick fix, set SSL to Full instead of Full (strict) in the Overview tab of your Cloudflare SSL/TLS app for the domain.

    • Certificate is not expired
    • Certificate is not revoked
    • Certificate is signed by a Certificate Authority External link icon

    

    If the origin server uses a self-signed certificate, configure the domain to use Full SSL instead of Full SSL (Strict). Refer to recommended SSL settings for your origin .

    ​​ Error 527: Railgun Listener to origin error

    Deprecation notice

    Railgun was deprecated on 2023-06-01 and will be phased out on 2024-01-31. Refer to the announcement External link icon

    A 527 error indicates an interrupted connection between Cloudflare and your origin’s Railgun server (rg-listener) External link icon

    • Firewall interference
    • Network incidents or packet loss between the Railgun server and Cloudflare

    For additional details to aid troubleshooting, increase Railgun logging External link icon

    • Connection timeouts
    • LAN timeout exceeded
    • Connection refusals
    • TLS/SSL related errors
    • The full content of the railgun.conf file
    • The full content of the railgun-nat.conf file
    • Railgun log files that detail the observed errors

    ​​ Connection timeouts

    The following Railgun log errors indicate a connection failure between the Railgun Listener and your origin web server:

      
    connection failed 0.0.0.0:443/example.com: dial tcp 0.0.0.0:443: i/o timeout 
    no response from origin (timeout) 0.0.0.0:80/example.com

    Resolution

    Contact your hosting provider for assistance to test for connectivity issues between your origin web server and your Railgun Listener. For example, a netcat command tests connectivity when run from the Railgun Listener to the origin web server’s SERVERIP and PORT (80 for HTTP or 443 for HTTPS):

      
    nc -vz SERVERIP PORT

    ​​ LAN timeout exceeded

    The following Railgun Listener log error is generated if the origin web server does not send an HTTP response to the Railgun Listener within the 30 second default timeout:

      
    connection failed 0.0.0.0:443/example.com: dial tcp 0.0.0.0:443: i/o timeout

    The time is adjusted by the lan.timeout parameter of the railgun.conf file.

    Resolution

    Either increase the lan.timeout limit in railgun.conf, or review the web server configuration. Contact your hosting provider to confirm if the origin web server is overloaded.

    ​​ Connection refusals

    The following errors appear in the Railgun logs when requests from the Railgun Listener are refused:

      
    Error getting page: dial tcp 0.0.0.0:80:connection refused

    Resolution

    Allow the IP of your Railgun Listener at your origin web server’s firewall.

    ​​ TLS/SSL related errors

    The following errors appear in the Railgun logs if TLS connections fail:

      
    connection failed 0.0.0.0:443/example.com: remote error: handshake failure 
    connection failed 0.0.0.0:443/example.com: dial tcp 0.0.0.0:443:connection refused 
    connection failed 127.0.0.1:443/www.example.com: x509: certificate is valid for 
    example.com, not www.example.com

    Resolution

    • Port 443 is open
    • An SSL certificate is presented by the origin web server
    • the SAN or Common Name of the origin web server’s SSL certificate contains the requested or target hostname
    • SSL is set to Full or Full (Strict) in the Overview tab of the Cloudflare SSL/TLS app

    ​​ Error 530

    HTTP error 530 is returned with an accompanying 1XXX error displayed. Search for the specific 1XXX error for troubleshooting information.

    Enabling Load Balancing in China will cause a 530 error.

    ​​ Related resources

    • Gathering information to troubleshoot site issues
    • Contacting Cloudflare Support
    • Customizing Cloudflare error pages
    • MTR/Traceroute Diagnosis and Usage
    • Cloudflare Community Tips External link icon

    Troubleshooting Guide

    If you encountered any problems with the installation of BigBlueButton, this section covers how to resolve many of the common issues.

    If you have not already done so, read through the getting help section.

    Introduction​

    Start here: run sudo bbb-conf —check

    We’ve built in a BigBlueButton configuration utility, called bbb-conf , to help you configure your BigBlueButton server and troubleshoot your setup if something doesn’t work right.

    If you think something isn’t working correctly, the first step is enter the following command.

    $ sudo bbb-conf --check 

    This will check your setup to ensure the correct processes are running, the BigBlueButton components have correctly started, and look for common configuration problems that might prevent BigBlueButton from working properly.

    If you see text after the line ** Potential problems described below ** , then it may be warnings (which you can ignore if you’ve change settings) or errors with the setup.

    Recording​

    Recording not processing after upgrading​

    If after updating from BigBlueButton 2.0 to BigBlueButton 2.2 your recordings are not processing, and if you are seeing Permission denied errors in /var/log/bigbluebutton/bbb-rap-worker.log

    I, [2019-06-07T14:26:09.034878 #14808] INFO -- : /usr/lib/ruby/2.5.0/logger.rb:754:in `initialize': Permission denied @ rb_sysopen - /var/log/bigbluebutton/presentation/process-02feca80700b3e95b877af85db972904397857a1-1559909318977.log (Errno::EACCES) 

    You can resolve the errors with the following command

    $ sudo chown -hR bigbluebutton:bigbluebutton /var/log/bigbluebutton/presentation /var/log/bigbluebutton/screenshare 

    and then rebuild the recordings that had not yet processed. You can see the list of recordings with

    $ bbb-record --list 

    and then to rebuild a recording, use sudo bbb-record —rebuild , as in

    $ sudo bbb-record --rebuild 298b06603719217df51c5d030b6e9417cc036476-1559314745219 

    bbb-webrtc-sfu and mediasoup​

    Webcams/screen sharing aren’t working​

    Certify that appropriate external addresses have been set for mediasoup. When installed via packages, mediasoup IPs are normally misconfigured. If installed via bbb-install, then IPv4 is generally correct, but IPv6 might be absent.

    Nonetheless, we recommend double-checking the instructions in Updating mediasoup.

    Configure mediasoup to use IPv6​

    mediasoup (bbb-webrtc-sfu) does not come with a IPv6 enabled by default when installed either via packages or bbb-install.

    To configure IPv6, bbb-webrtc-sfu’s override configuration file (located in /etc/bigbluebutton/bbb-webrtc-sfu/production.yml ) should be used.

    See Updating mediasoup for instructions and examples on how to do so.

    I’m having troubles seeing webcams or screen sharing in Firefox​

    That’s usually the symptom of a known Firefox issue where it doesn’t comply with ICE-lite implementations (and mediasoup is one).

    This issue can be worked around by forcing TURN usage in Firefox user agents. To achieve that, set the public.kurento.forceRelayOnFirefox configuration to true in /etc/bigbluebutton/bbb-html5.yml . For example:

    public: media: forceRelayOnFirefox: true 

    How often does this Firefox issue happens?​

    Short (non) answer: that’s difficult to measure.

    Every Firefox installation is prone to the lack of ICE-lite spec compliance. However, the issue doesn’t manifest itself on all Firefox installations as it is dependent on how the end user’s network topology is organized. It’s generally a small subset of Firefox users, but that can vary depending on the user base.

    Where can I track progress on a definitive solution or better workaround?​

    This is a Firefox bug, so the best place to get an overview on progress and what the issue is about is Mozilla’s issue.

    You can also track BigBlueButton’s issue for updates on additional workarounds.

    Why isn’t forceRelayOnFirefox enabled by default?​

    It’s not on by default because bigbluebutton does not come with a TURN server by default, and that’s what versioned-in-code setting presumes.

    How do I know if mediasoup is being used?​

    The most direct and precise way to figure out whether mediasoup is being used is checking about :webrtc (Firefox) or chrome://webrtc-internals. For example: open one of those, share a camera. Look for the remote description (SDP); see if it contains mediasoup-client in the SDP header. If it does, you’re using mediasoup.

    Regardless of that: mediasoup is the default in 2.5 and should always be used unless default settings were explicitly changed.

    mediasoup is the default in 2.5. Why is Kurento still around?​

    Because Kurento is still used for stream recording. It should be removed as a dependency as soon as this issue is addressed.

    Is single-core performance still important with mediasoup?​

    How can I control the number of mediasoup workers?​

    To control the number of mediasoup workers, bbb-webrtc-sfu’s override configuration file (located in /etc/bigbluebutton/bbb-webrtc-sfu/production.yml ) should be used.

    There are a couple of configurations of interest here:

    mediasoup.workers​

    This configuration controls the number of mediasoup workers intended for general use (media type agnostic, shared pool).

    Accepted values are:

    • «auto» (default): creates ceil((min(nproc,32) * 0.8) + (max(0, nproc — 32) / 2)) workers;
    • «cores» : creates workers up to the host’s core count (as provided by os.cpus().length);
    • : overrides the number of workers with a fixed value;
    • The default and fallback values are auto .
    • To set the number of workers to cores : yq w -i /etc/bigbluebutton/bbb-webrtc-sfu/production.yml mediasoup.workers «cores»

    mediasoup.dedicatedMediaTypeWorkers​

    This configuration controls the number of mediasoup workers to be used by specific media types. If a dedicated pool is set, streams of its media type will always land on it. Otherwise, they will use the shared pool.

    The configuration is an object of the following format:

    mediasoup.dedicatedMediaTypeWorkers:  audio: "auto"|"cores"|  main: "auto"|"cores"|  content: "auto"|"cores"| 

    The semantics of auto , cores and Number are the same as in the mediasoup.workers configuration. Default values for all media types are 0 (no dedicated workers).

    The media types semantics are:

    • audio : audio (listen only, microphone) streams;
    • main : webcam video streams;
    • content : screen sharing streams (audio and video).
    • To set the number of dedicated audio workers to auto : yq w -i /etc/bigbluebutton/bbb-webrtc-sfu/production.yml mediasoup.dedicatedMediaTypeWorkers.audio «auto»

    Can I scale the number of streams up indefinitely with mediasoup?​

    No. Scalability improves a lot with mediasoup, but there are still a couple of bottlenecks that can be hit as far as far as the media stack is concerned. Namely:

    • The signaling server (bbb-webrtc-sfu): it does not scale vertically indefinitely.
    • The mediasoup worker balancing algorithm implemented by bbb-webrtc-sfu is still focused on multiparty meetings with a restrained number of users. If your goal is thousand-user 1-N (streaming-like) meetings, you may max out CPU usage on certain mediasoup workers even though there are other idle oworkers free.

    bbb-webrtc-sfu fails to start with a SETSCHEDULER error​

    bbb-webrtc-sfu runs with CPUSchedulingPolicy=fifo. In systems without appropriate capabilities (SYS_NICE), the application will fail to start. The error can be verified in journalctl logs as 214/SETSCHEDULER.

    Similar to bbb-html5, you can override this by running

    mkdir /etc/systemd/system/bbb-webrtc-sfu.service.d 

    and creating /etc/systemd/system/bbb-webrtc-sfu.service.d/override.conf with the following contents

    [Service] CPUSchedulingPolicy=other Nice=-10 

    Then do systemctl daemon-reload and restart BigBlueButton.

    Kurento​

    WebRTC video not working with Kurento​

    Check the value for /proc/sys/net/ipv4/tcp_syncookies that it contains the value 1 .

    $ cat /proc/sys/net/ipv4/tcp_syncookies 1 

    If not, edit /etc/sysctl.conf and set the value for net.ipv4.tcp_syncookies to 1 .

    net.ipv4.tcp_syncookies = 1 

    Save the file and restart.

    Unit kurento-media-server.service is masked​

    If sudo bbb-conf —check returns the warning

    Restarting BigBlueButton 2.0.0-RC9 (and cleaning out all log files) . Stopping BigBlueButton  . cleaning log files Starting BigBlueButton Failed to start kurento-media-server.service: Unit kurento-media-server.service is masked. 

    You can unmask Kurento using the command

    $ systemctl unmask kurento-media-server.service 

    Unable to share webcam​

    The default installation of BigBlueButton should work in most netowrk configurations; however, if your users ae behind a restrictive network that blocks outgoing UDP connections, they may encounter 1020 errors (media unable to reach server).

    If you get reports of these errors, setup TURN server to help their browsers send WebRTC audio and video streams via TCP over port 443 to the TURN server. The TURN server will then relay the media to your BigBlueButton server.

    FreeSWITCH​

    Configure BigBluebutton/FreeSWITCH to support IPV6​

    The HTML5 client now enables users on mobile devices to connect to a BigBlueButton server. However, on some cellular networks iOS devices only receive an IPV6 address.

    To enable BigBlueButton (FreeSWITCH) to accept incoming web socket connections on IPV6, the BigBlueButton server must have an IPV6 address. You also need to make the following changes to the server.

    First, create the file /etc/nginx/conf.d/bigbluebutton_sip_addr_map.conf with this content:

    map $remote_addr $freeswitch_addr  "~:" [2001:db8::1];  default 192.0.2.1; > 

    replacing the ip addresses 192.0.2.1 with the system’s external IPV4 addresses, and replace 2001:db8::1 with the system’s external IPV6 address. Next, edit the file /etc/bigbluebutton/nginx/sip.nginx to have the following:

    proxy_pass https://$freeswitch_addr:7443; 

    Next, ensure all of the following params are present in freeswitch’s sip_profiles/external-ipv6.xml :

    • ws-binding
    • wss-binding
    • rtcp-audio-interval-msec
    • rtcp-video-interval-msec
    • dtmf-type
    • liberal-dtmf
    • enable-3pcc

    If any are missing, copy them from sip_profiles/external.xml , then restart BigBlueButton ( sudo bbb-conf —restart ).

    FreeSWITCH fails to bind to IPV4​

    In rare occasions after shutdown/restart, the FreeSWITCH database can get corrupted. This will cause FreeSWITCH to have problems binding to IPV4 address (you may see error 1006 when users try to connect).

    To check, look in /opt/freeswitch/var/log/freeswitch/freeswitch.log for errors related to loading the database.

    2018-10-25 11:05:11.444727 [ERR] switch_core_db.c:108 SQL ERR [unsupported file format] 2018-10-25 11:05:11.444737 [ERR] switch_core_db.c:223 SQL ERR [unsupported file format] 2018-10-25 11:05:11.444759 [NOTICE] sofia.c:5949 Started Profile internal-ipv6 [sofia_reg_internal-ipv6] 2018-10-25 11:05:11.444767 [CRIT] switch_core_sqldb.c:508 Failure to connect to CORE_DB sofia_reg_external! 2018-10-25 11:05:11.444772 [CRIT] sofia.c:3049 Cannot Open SQL Database [external]! 

    If you see these errors, clear the FreeSWITCH database (BigBlueButton doesn’t use the database and FreeSWITCH will recreate it on startup).

    $ sudo systemctl stop freeswitch $ rm -rf /opt/freeswitch/var/lib/freeswitch/db/* $ sudo systemctl start freeswitch 

    Forward calls from an Asterisk server to FreeSWITCH​

    Let’s assume the following:

    asterisk server ip: 192.168.1.100 bigbluebutton/freeswitch ip: 192.168.1.200 

    Changes to your Asterisk server​

    Setup your gateway to BigBlueButton/FreeSWITCH. in /etc/asterisk/sip.conf add

    [fs-gw] type=peer username=fs-gw insecure=very contactpermit=192.168.1.200/255.255.255.255 qualify=no nat=yes host=192.168.1.200 canreinvite=no disallow=all allow=ulaw 

    Route the calls to the gateway. In /etc/asterisk/extensions.conf context where your calls are being handled, forward the calls to the gateway. Here, when someone dials 85001, the call is sent to the fs-gw defined above.

    exten => 85001,1,Dial(SIP/fs-gw/$) exten => 85001,2,Hangup 

    Changes to your BigBlueButton/FreeSWITCH server​

    In BigBlueButton/FreeSWITCH, make the following changes:

    Lock down so that only Asterisk can forward calls to FreeSWITCH. In /opt/freeswitch/conf/autoload_configs/acl.conf.xml , add the following ACL. We also need to allow BigBlueButton to call into FreeSWITCH, that’s why we add the IP of BigBlueButton/FreeSWITCH into the ACL.

     list name="asterisk-gw" default="deny"> node type="allow" cidr="192.168.1.200/32"/> node type="allow" cidr="192.168.1.100/32"/> node type="allow" cidr="127.0.0.1/32"/> list> 

    Then we apply the ACL into the profile that receives the calls from external gateways. In /opt/freeswitch/conf/sip_profiles/external.xml , add the ACL under

     settings>   param name="apply-inbound-acl" value="asterisk-gw"/> . settings> 

    To debug, try connecting to FS CLI and increase logging level. Once connected, make your call and see what the logs say.

    $ /opt/freeswitch/bin/fs_cli -p $(xmlstarlet sel -t -m 'configuration/settings/param[@name="password"]' -v @value /opt/freeswitch/etc/freeswitch/autoload_configs/event_socket.conf.xml)  Once connected:  help -- shows the available commands  console loglevel -- change log level  Ctrl-D to exit 

    FreeSWITCH fails to bind to port 8021​

    FreeSWITCH supports both IPV4 and IPV6. However, if your server does not support IPV6, FreeSWITCH will be unable to bind to port 8021. If you run sudo bbb-conf —check and see the following error

    # Error: Found text in freeswitch.log: # # Thread ended for mod_event_socket # # FreeSWITCH may not be responding to requests on port 8021 (event socket layer) # and users may have errors joining audio. # 

    it might be that your server has IPV6 disabled (or does not support it). You can check this by running the following command

    $ sudo ip addr | grep inet6 inet6 ::1/128 scope host . 

    If you do not see the line inet6 ::1/128 scope host , then your server has IPV6 disabled. In this case, we need to disable FreeSWITCH’s support for IPV6. First, edit /opt/freeswitch/etc/freeswitch/autoload_configs/event_socket.conf.xml and change the line

     param name="listen-ip" value="::"/> 

     param name="listen-ip" value="127.0.0.1"/> 

    This tells FreeSWITCH that instead of binding port 8021 to the local IPV6 address, bind to the IPV4 address 127.0.0.1. Next, execute the following two commands

    $ sudo mv /opt/freeswitch/etc/freeswitch/sip_profiles/internal-ipv6.xml /opt/freeswitch/etc/freeswitch/sip_profiles/internal-ipv6.xml_ $ sudo mv /opt/freeswitch/etc/freeswitch/sip_profiles/external-ipv6.xml /opt/freeswitch/etc/freeswitch/sip_profiles/external-ipv6.xml_ 

    and then restart BigBlueButton with the commands

    $ sudo bbb-conf --clean $ sudo bbb-conf --check 

    FreeSWITCH fails to start with a SETSCHEDULER error​

    When running in a container (like a chroot, OpenVZ, LXC or LXD), it might not be possible for FreeSWITCH to set its CPU priority to real-time round robin. If not, it will result in lower performance compared to a non-virtualized installation.

    If you running BigBlueButton in a container and an error starting FreeSWITCH, try running systemctl status freeswitch.service and see if you see the error related to SETSCHEDULER

    $ systemctl status freeswitch.service ● freeswitch.service - freeswitch  Loaded: loaded (/lib/systemd/system/freeswitch.service; enabled; vendor preset: enabled)  Active: inactive (dead) (Result: exit-code) since Mon 2017-10-02 16:17:29 UTC; 18s ago  Process: 10967 ExecStart=/opt/freeswitch/bin/freeswitch -u freeswitch -g daemon -ncwait $DAEMON_OPTS (code=exited, status=214/SETSCHEDULER)  Main PID: 3327 (code=exited, status=0/SUCCESS) Oct 02 16:17:29 scw-9e2305 systemd[1]: Failed to start freeswitch. Oct 02 16:17:29 scw-9e2305 systemd[1]: freeswitch.service: Unit entered failed state. Oct 02 16:17:29 scw-9e2305 systemd[1]: freeswitch.service: Failed with result 'exit-code'. Oct 02 16:17:29 scw-9e2305 systemd[1]: freeswitch.service: Service hold-off time over, scheduling restart. Oct 02 16:17:29 scw-9e2305 systemd[1]: Stopped freeswitch. Oct 02 16:17:29 scw-9e2305 systemd[1]: freeswitch.service: Start request repeated too quickly. Oct 02 16:17:29 scw-9e2305 systemd[1]: Failed to start freeswitch. 

    If you see SETSCHEDULER in the error message, edit /lib/systemd/system/freeswitch.service and comment the following:

    #LimitRTPRIO=infinity #LimitRTTIME=7000000 #IOSchedulingClass=realtime #IOSchedulingPriority=2 #CPUSchedulingPolicy=rr #CPUSchedulingPriority=89 

    Save the file, run systemctl daemon-reload , and then restart BigBlueButton. FreeSWITCH should now startup without error.

    Users not able to join Listen Only mode​

    When doing sudo bbb-conf —check , you may see the warning

    voice Application failed to register with sip server 

    This error occurs when bbb-apps-sip isn’t able to make a SIP call to FreeSWITCH. You’ll see this in BigBlueButton when users click the headset icon and don’t join the voice conference.

    One possible cause for this is you have just installed BigBlueButton, but not restarted it. The packages do not start up the BigBlueButton components in the right order. To restart BigBlueButton, do the following:

    $ sudo bbb-conf --restart $ sudo bbb-conf --check 

    If you don’t want FreeSWITCH to bind to 127.0.0.1, you need to figure out which IP address its using. First, determine the IP address FreeSWITCH is monitoring for incoming SIP calls with the following command:

    $ netstat -ant | grep 5060 

    You should see an output such as

    tcp 0 0 234.147.116.3:5060 0.0.0.0:* LISTEN 

    In this example, FreeSWITCH is listening on IP address 234.147.116.3. The IP address on your server will be different.

    Next, edit /usr/share/red5/webapps/sip/WEB-INF/bigbluebutton-sip.properties and set the value for sip.server.host to the IP address returned from the above command. Save the changes (you’ll need to edit the file as root to save changes).

    Restart BigBlueButton using the commands and run the built-in diagnostics checks.

    $ sudo bbb-conf --clean $ sudo bbb-conf --check 

    Unable to connect using fs_cli​

    As of BigBlueButton 2.2.18, the packaging now replaces the default ClueCon password for connecting to the FreeSWITCH command line interface ( fs_cli ) with a random password.

    (By default, FreeSWITCH only allowed unauthenticated connections from 127.0.0.1, but it’s still good security practice to not use default passwords).

    To connect to fs_cli , use the following command which supplies the password for authenticating.

    /opt/freeswitch/bin/fs_cli -p $(xmlstarlet sel -t -m 'configuration/settings/param[@name="password"]' -v @value /opt/freeswitch/etc/freeswitch/autoload_configs/event_socket.conf.xml) 

    We also added /usr/local/bin/fs_clibbb with the contents

    #!/bin/bash /opt/freeswitch/bin/fs_cli -p $(xmlstarlet sel -t -m 'configuration/settings/param[@name="password"]' -v @value /opt/freeswitch/etc/freeswitch/autoload_configs/event_socket.conf.xml) 

    that will let you type fs_clibbb at the command prompt to get into FreeSWITCH console.

    Echo test hangs upgrading BigBlueButton 2.2​

    The install scripts now change the default CLI password for FreeSWITCH and the other parts of BigBlueButton need to use this new password. For a new installation, the install scripts will automatically set this new password.

    If you upgrade using bbb-install.sh, the script will update the FreeSWITCH password using sudo bbb-conf —setip .

    If you upgraded using manual steps, be sure to do ao sudo bbb-conf —setip to sync all the FreeSWITCH passwords.

    FreeSWITCH using default stun server​

    For many years, in BigBlueButton’s FreeSWITCH configuration file /opt/freeswitch/etc/freeswitch/vars.xml , the default value for external_rtp_ip was stun.freeswitch.org

     X-PRE-PROCESS cmd="set" data="external_rtp_ip=stun:stun.freeswitch.org"/> 

    However, this is not a reliable choice for stun server. Recommend either changing it to your servers external IP address or setup your own stun/turn server. For example, if your server has an external IP at 234.32.3.3

     X-PRE-PROCESS cmd="set" data="external_rtp_ip=234.32.3.3"/> 

    You can add a line in /etc/bigbluebutton/bbb-conf/apply-conf.sh to always apply this value even if the FreeSWITCH package upgrades.

    xmlstarlet edit --inplace --update '//X-PRE-PROCESS[@cmd="set" and starts-with(@data, "external_rtp_ip=")]/@data' --value "external_rtp_ip=234.32.3.3" /opt/freeswitch/conf/vars.xml 

    Note: If your server has an internal/exteral IP address, such as on AWS EC2 server, be sure to set it to the external IP address configure a dummy network interface card (see Update FreeSWITCH).

    HTML5 Server​

    bbb-html5 fails to start with a SETSCHEDULER error​

    As of 2.2.31, the systemd unit file for bbb-html5.service now contains the following lines

    CPUSchedulingPolicy=fifo Nice=19 

    You can override this with creating the following directory

    mkdir /etc/systemd/system/bbb-html5.service.d 

    and creating /etc/systemd/system/bbb-html5.service.d/override.conf with the following contents

    [Service] CPUSchedulingPolicy=other Nice=-10 

    Then do systemctl daemon-reload and restart BigBlueButton.

    Installation and packages​

    The following packages have unmet dependencies​

    When installing the latest build of BigBlueButton, the package bbb-conf now uses yq to manage YAML files.

    You need to add the repository ppa:rmescandon/yq to your server. For steps on how to do this, see Update your server in the BigBlueButton 2.2 install guide.

    Alternatively, if you have not made any customizations to BigBlueButton (outside of using bbb-conf ), you can use bbb-install.sh to install/upgrade to the latest version (the bbb-install.sh script will automatically install the repository for yq ).

    No Symbolic Link​

    If you’ve installed/uninstalled BigBlueButton packages, you may get a No Symbolic Link warning from bbb-conf —check :

    ** Potential Problems **  nginx (conf): no symbolic link in /etc/nginx/sites-enabled for bigbluebutton 

    To solve this, add a symbolic link to nginx for the BigBlueButton site:

    $ sudo ln -s /etc/nginx/sites-available/bigbluebutton /etc/nginx/sites-enabled/bigbluebutton $ sudo /etc/init.d/nginx restart 

    Package install fails with sed error​

    Some of the BigBlueButton packages use sed scripts to extract contents from configuration files. If the file does not exist at the time of the script’s execution, or the sed script matches multiple entries in a file (such as when a configuration line is commented out), you can see an error such as

    Setting up bbb-client (1:2.0.0-374) . sed: -e expression #1, char 42: unterminated `s' command dpkg: error processing package bbb-client (--configure):  subprocess installed post-installation script returned error exit status 1 dpkg: dependency problems prevent configuration of bbb-config:  bbb-config depends on bbb-client; however:  Package bbb-client is not configured yet. dpkg: error processing package bbb-config (--configure):  dependency problems - leaving unconfigured Errors were encountered while processing:  bbb-client  bbb-config E: Sub-process /usr/bin/dpkg returned an error code (1) 

    In the above example, the /var/lib/dpkg/info/bbb-client.postinst failed to finish. To debug, edit this file and change the first line to read

    #!/bin/bash -ex 

    $ sudo apt-get install -f 

    You should now see each command in bbb-conf.postinst as it executes upto the line in which the error occurs. Post this output to https://groups.google.com/forum/#!forum/bigbluebutton-setup for help in resolving the issue.

    Errors with packages​

    Some hosting providers do not provide a complete /etc/apt/source.list . If you are finding your are unable to install a package, try replacing your /etc/apt/sources.list with the following

    deb https://archive.ubuntu.com/ubuntu xenial main restricted universe multiverse deb https://archive.ubuntu.com/ubuntu xenial-updates main restricted universe multiverse deb https://security.ubuntu.com/ubuntu xenial-security main restricted universe multiverse 

    $ sudo apt-get update 

    and try installing BigBlueButton again from the beginning.

    WebRTC errors (1001, 1002. )​

    WebRTC offers very high-quality audio. However, the user’s network settings (or firewall) may not allow WebRTC to connect (or keep connected).

    Here are the following lists the possible WebRTC error messages that a user may encounter:

    • 1001: WebSocket disconnected — The WebSocket had connected successfully and has now disconnected. Possible Causes:
      • Loss of internet connection
      • Nginx restarting can cause this
      • Firewall blocking ws protocol
      • Server is down or improperly configured
      • See potential solution here.
      • Out of date browser
      • For a full list of causes refer here
      • There are 24 different causes so I don’t really want to list all of them
      • Solution for this issue outlined here.
      • Unknown
      • Previously caused by Firefox 33-beta on Mac. We’ve been unable to reproduce since release of FireFox 34
      • NAT is blocking the connection
      • Firewall is blocking the UDP connection/ports

      Networking​

      Server running behind NAT​

      The following issue might be helpful in debugging if you run into errors and your server is behind NAT.

      Could not get your microphone for a WebRTC call​

      Chrome requires (As of Chrome 47) that to access the user’s microphone for WebRTC your site must be serving pages via HTTPS (that is, nginx is configured with a SSL certificate).

      If the user attempts to share their microphone and your BigBlueButton sever is not configured for SSL, Chrome will block access and BigBlueButton will report the following error

      WebRTC Audio Failure: Detected the following WebRTC issue: Could not get your microphone for a WebRTC call. Do you want to try flash instead?

      To enable Chrome to access the user’s microphone, see Configure HTTPS on BigBlueButton.

      The browser is not supported​

      When you attempt to join a BigBlueButton session, the client looks for supported browsers before fully loading. The client gets its list of supported browsers from /usr/share/meteor/bundle/programs/server/assets/app/config/settings.yml . You can see the list of supported browsers at the bottom. For example,

      - browser: mobileSafari version: - 11 - 1 

      states that Mobile Safari version 11.1 or later is supported (notice the first letter is lower case and concatenated with the remainder of the browser name).

      To add a browser to the list, first find your browser’s useragent. You could use a tool like https://wtools.io/check-my-user-agent as well. For example, with the Vivaldi browser you might see

      Vivaldi 2.8.1664 / Linux 0.0.0 

      Next, to add this as a supported browser, append to settings.yml

      - browser: vivaldi version: - 2 - 8 

      save the updated settings.yml file, and then restart your BigBlueButton server with sudo bbb-conf —restart . Note any browser you add must support WebRTC libraries (not all do), so be sure to check it first with https://test.webrtc.org/.

      Tomcat shows «Cannot assign requested address on startup»​

      If your server has multiple IP addresses, Tomcat might not pick the right address to bind. This could throw an error on installation when tomcat is attempting to install.

      Check /var/log/tomcat7/catalina.out for the following error

      Jan 30, 2018 9:17:37 AM org.apache.catalina.core.StandardServer await SEVERE: StandardServer.await: create[localhost:8005]: java.net.BindException: Cannot assign requested address (Bind failed)  at java.net.PlainSocketImpl.socketBind(Native Method) 

      If you see this, first ensure that there isn’t another copy of tomcat running by doing ps -aef | grep tomcat7 . If you do see another copy running, try killing it and then restarting tomcat.

      If you still see the same error in catalina.out , then /etc/tomcat7/server.xml and change

      Server port="8005" shutdown="SHUTDOWN"> 

      Server address="0.0.0.0" port="8005" shutdown="SHUTDOWN"> 

      Restart tomcat7 again and it should start normally.

      nginx not running​

      The common reasons for nginx not running are inability to bind to port 80 and configuration errors. To check if port 80 is already in use, use

      $ sudo netstat -ant 

      to see if any process is currently bound to port 80. If so, check to see if another web server is installed. If so, then stop the web server and try to restart nginx. One of the server requirements before you install BigBlueButton is that port 80 is not in use by another application (such as Apache). For details on why this is a requirements, see We recommend running BigBlueButton on port 80.

      If port 80 is free, check if your nginx configuration file has errors. Try a restart of nginx

      $ sudo systemctl restart nginx 

      and look for the output of

      If you see [ Fail ] , then your nginx configuration files might have a syntax error. Check the syntax of the nginx configuration files using the command

      $ sudo nginx -t 

      and see if it reports any errors. You can also check the error.log file for nginx to see what errors it gives on startup

      $ sudo cat /var/log/nginx/error.log 

      «Welcome to nginx»​

      During installation of BigBlueButton the packaging scripts attempt to assign the correct IP address during setup. However, if the IP address changes (such as when rebooting a VM), or the first IP address was not the correct IP address for the server, you may see a «Welcome to nginx» page.

      To reconfigure the BigBlueButton to use the correct IP address or hostname, see BigBlueButton does not load.

      bbb-web​

      Blank presentation area on create or upload​

      If you join a meeting and the default presentation is not visible or your uploaded presentation doesn’t display, then this is most likely due to a permissions error. To solve this, ensure that /var/bigbluebutton/ is owned by bigbluebutton rather than root or any other account. See this issue for more explanation.

      Unable to create presentation​

      If you see the following error in /var/log/bigbluebutton/bbb-web.log

       failed to map segment from shared object: Operation not permitted 

      use the command mount to check that the /tmp director does not have noexec permissions (which would prevent executables from running in the /tmp directory). If you see noexec for /tmp , you need to remount the directory with permissions that enable processes (such as the slide conversion) to execute in the /tmp directory.

      Too many open files​

      On servers with greater than 8 CPU cores, bbb-web log ( /var/log/bigbluebutton/bbb-web.log ) may throw an error of Too many open files

      Caused by: java.io.IOException: Too many open files 

      To resolve, create an override file that increases the number of open files for bbb-web

      $ sudo mkdir -p /etc/systemd/system/bbb-web.service.d/ $ sudo cat > /etc/systemd/system/bbb-web.service.d/override.conf [Service] LimitNOFILE= LimitNOFILE=8192 HERE $ sudo systemctl daemon-reload 

      bbb-web takes a long time to startup​

      bbb-web relies on the SecureRandom class (which uses available entropy) to provide random values for its session IDs. On a virtualized server, however, the available entropy can run low and cause bbb-web to block for a long period before it finishes it’s startup sequence (see Slow startup of tomcat).

      To provide bbb-web with more entropy, you can install haveged

      $ sudo apt-get install haveged 

      Error installing bbb-web​

      If you get the following error during upgrade to BigBlueButton

      Unpacking bbb-web (1:2.2.0-67) over (1:2.2.0-66) . dpkg: error processing archive /var/cache/apt/archives/bbb-web_1%3a2.2.0-67_amd64.deb (--unpack):  trying to overwrite '/etc/bigbluebutton/nginx/web', which is also in package bbb-client 1:2.2.0-28 dpkg-deb: error: subprocess paste was killed by signal (Broken pipe) Errors were encountered while processing:  /var/cache/apt/archives/bbb-web_1%3a2.2.0-67_amd64.deb E: Sub-process /usr/bin/dpkg returned an error code (1)``` 

      Then first uninstall bbb-client

      $ sudo apt-get purge bbb-client 

      and try installing BigBlueButton again.

      Other errors​

      Root partition too small​

      If the root partition on your BigBlueButton server is too small (for disk space requirements see Before you install), we recommend moving the following directories to an external partition with sufficient disk space.

      BigBlueButton processing and storage of recordings:

      Location of all media directories on disk available here.

      To make the move, we’ll first stop BigBlueButton, then move the above directories to a new location on the external partition, create symbolic links from the original locations to the new locations, and restart BigBlueButton.

      In the following example, the external partition is mounted on /mnt .

      $ sudo bbb-conf --stop $ sudo mv /var/freeswitch/meetings /mnt $ sudo ln -s /mnt/recordings /var/freeswitch/meetings $ sudo mv /usr/share/red5/webapps/video/streams /mnt $ sudo ln -s /mnt/streams /usr/share/red5/webapps/video/streams $ sudo /var/bigbluebutton /mnt $ sudo ln -s /mnt/bigbluebutton /var/bigbluebutton $ sudo bbb-conf --start 

      BigBlueButton does not load​

      If your has changed it’s network connection (such as on reboot), you can clean most of BigBlueButton’s configuration files with the following steps.

      $ sudo bbb-conf --setip $ sudo bbb-conf --clean $ sudo bbb-conf --check 

      For more information see bbb-conf options.

      Running within an LXD Container​

      LXD is a very powerful container system for Ubuntu lets you run full Ubuntu 16.04 servers within a container. Because you can easily clone and snapshot LXD containers, they are ideal for development and testing of BigBlueButton.

      However, if you install BigBlueButton within an LXD container, you will get the following error from sudo bbb-conf —check

      ** Potential problems described below ** # # Error: Unable to connect to the FreeSWITCH Event Socket Layer on port 8021 

      If you check the output of sudo bbb-conf —status , you’ll be able to identify that three different applications failed to start: FreeSWITCH, bbb-webrtc-sfu and bbb-html5. Optionally, check their errors via systemctl status .service and verify that their boot sequence failed due to a SETSCHEDULER error.

      This error occurs because the default systemd unit scripts for FreeSWITCH, bbb-html5 and bbb-webrtc-sfu try to run with permissions not available to the LXD container. To get them working within an LXD container, follow the steps outlined in the following sections:

      • FreeSWITCH fails to start with a SETSCHEDULER error
      • bbb-webrtc-sfu fails to start with a SETSCHEDULER error
      • bbb-html5 fails to start with a SETSCHEDULER error

      You can now run BigBlueButton within a LXD container.

      Unable to connect to redis​

      The packages bbb-apps-akka , bbb-fsesl-akka , and bbb-transcode-akka are packaged by sbt, but they need to have redis-server running before they startup. If sudo bbb-conf —debug shows redis connection errors

      Sep 22 15:32:12 sv21 bbb-apps-akka[7804]: Exception in thread "main" io.lettuce.core.RedisConnectionException: Unable to connect to 127.0.0.1:6379 Sep 22 15:32:12 sv21 bbb-apps-akka[7804]: #011at io.lettuce.core.RedisConnectionException.create(RedisConnectionException.java:78) Sep 22 15:32:12 sv21 bbb-apps-akka[7804]: #011at io.lettuce.core.RedisConnectionException.create(RedisConnectionException.java:56) Sep 22 15:32:12 sv21 bbb-apps-akka[7804]: Caused by: io.netty.channel.AbstractChannel$AnnotatedConnectException: Connection refused: /127.0.0.1:6379 Sep 22 15:32:12 sv21 bbb-apps-akka[7804]: Caused by: java.net.ConnectException: Connection refused Sep 22 15:32:12 sv21 bbb-fsesl-akka[7893]: Exception in thread "main" io.lettuce.core.RedisConnectionException: Unable to connect to 127.0.0.1:6379 Sep 22 15:32:12 sv21 bbb-fsesl-akka[7893]: #011at io.lettuce.core.RedisConnectionException.create(RedisConnectionException.java:78) Sep 22 15:32:12 sv21 bbb-fsesl-akka[7893]: #011at io.lettuce.core.RedisConnectionException.create(RedisConnectionException.java:56) Sep 22 15:32:12 sv21 bbb-fsesl-akka[7893]: Caused by: io.netty.channel.AbstractChannel$AnnotatedConnectException: Connection refused: /127.0.0.1:6379 Sep 22 15:32:12 sv21 bbb-fsesl-akka[7893]: Caused by: java.net.ConnectException: Connection refused Sep 22 15:32:13 sv21 bbb-transcode-akka[8001]: Exception in thread "main" io.lettuce.core.RedisConnectionException: Unable to connect to 127.0.0.1:6379 Sep 22 15:32:13 sv21 bbb-transcode-akka[8001]: #011at io.lettuce.core.RedisConnectionException.create(RedisConnectionException.java:78) Sep 22 15:32:13 sv21 bbb-transcode-akka[8001]: #011at io.lettuce.core.RedisConnectionException.create(RedisConnectionException.java:56) Sep 22 15:32:13 sv21 bbb-transcode-akka[8001]: Caused by: io.netty.channel.AbstractChannel$AnnotatedConnectException: Connection refused: /127.0.0.1:6379 Sep 22 15:32:13 sv21 bbb-transcode-akka[8001]: Caused by: java.net.ConnectException: Connection refused 

      you can add overrides for these three packages to ensure they start after redis.server. Run the following script.

      #!/bin/bash mkdir -p /etc/systemd/system/bbb-apps-akka.service.d cat > /etc/systemd/system/bbb-apps-akka.service.d/override.conf [Unit] Requires=redis-server.service After=redis-server.service HERE mkdir -p /etc/systemd/system/bbb-fsesl-akka.service.d cat > /etc/systemd/system/bbb-fsesl-akka.service.d/override.conf [Unit] Requires=redis-server.service After=redis-server.service HERE  mkdir -p /etc/systemd/system/bbb-transcode-akka.service.d cat > /etc/systemd/system/bbb-transcode-akka.service.d/override.conf [Unit] Requires=redis-server.service After=redis-server.service HERE 

      The script bbb-install now creates these overrides by default.

      500 Internal Server Error​

      It is most likely an error on GreenLight. Check the log file according to Troubleshooting Greenlight.

      If this error occurrs on just a small number of PCs accessing a BigBlueButton server within a LAN through a proxy server and you find the description «Error::Unsafe Host Error (x.x.x.x is not a safe host)» (where x.x.x.x is an IP address) in the log file, check if the «Don’t use the proxy server for local (intranet) addresses» (in the Windows proxy setting) is ticked.

      Legacy errors​

      Conference not found errors​

      The command sudo bbb-conf —debug searches through the red5, tomcat7, and nginx logs looking for errors and exceptions. However, the messages such as

       -- ERRORS found in /usr/share/red5/log/* -- /usr/share/red5/log/bigbluebutton.log:2015-05-02 13:50:37,681-04:00 [pool-17-thread-1] ERROR o.b.w.v.f.a.PopulateRoomCommand - Not XML: [Conference 78505 not found] 

      are innocuous and can be ignored.

      • Introduction
      • Recording
        • Recording not processing after upgrading
        • Webcams/screen sharing aren’t working
        • Configure mediasoup to use IPv6
        • I’m having troubles seeing webcams or screen sharing in Firefox
          • How often does this Firefox issue happens?
          • Where can I track progress on a definitive solution or better workaround?
          • Why isn’t forceRelayOnFirefox enabled by default?
          • mediasoup.workers
          • mediasoup.dedicatedMediaTypeWorkers
          • WebRTC video not working with Kurento
          • Unit kurento-media-server.service is masked
          • Unable to share webcam
          • Configure BigBluebutton/FreeSWITCH to support IPV6
          • FreeSWITCH fails to bind to IPV4
          • Forward calls from an Asterisk server to FreeSWITCH
            • Changes to your Asterisk server
            • Changes to your BigBlueButton/FreeSWITCH server
            • bbb-html5 fails to start with a SETSCHEDULER error
            • The following packages have unmet dependencies
            • No Symbolic Link
            • Package install fails with sed error
            • Errors with packages
            • Server running behind NAT
            • Could not get your microphone for a WebRTC call
            • The browser is not supported
            • Tomcat shows «Cannot assign requested address on startup»
            • nginx not running
            • «Welcome to nginx»
            • Blank presentation area on create or upload
            • Unable to create presentation
            • Too many open files
            • bbb-web takes a long time to startup
            • Error installing bbb-web
            • Root partition too small
            • BigBlueButton does not load
            • Running within an LXD Container
            • Unable to connect to redis
            • 500 Internal Server Error
            • Conference not found errors
            Похожие публикации:

            1. Void c что это
            2. Как в ватсап искать гифки
            3. Как открыть форд транзит с севшим аккумулятором
            4. Как посмотреть код файла