RTMP being blocked by firewalls – Flash media server
If you ever worked with Flash media server or any other media server for that matter you probably know they are not working with the regular Internet protocol which is HTTP, all of the media servers (almost all at least) are working on top of a protocol called RTMP.
Now, if you have users working behind a firewall, they probably can't get passed it's restrictions and they will (in most cases) be blocked and unable to see your application / video.
If you are working on a server like WebOrb (I'm working with it) then the data will also be blocked, and that is a bug issue
Here's a way to solve this
Well, let's first talk a bit more about RTMP, before ditching it and moving on.
With flash media server you can use RTMP over a few ports (1935, 80), 1935 will probably always be blocked because it is not a known port and even simple routers often block it.
port 80 makes things a bit more complicated, you have to make FMS listen to a specific IP or your web-server (if on the same server) will not work.
So, first rule is always use port 80, this is one way to make more users be able to connect to your application, watch your videos and interact with your service.
The connection is being made like so:
rtmp://your_ip_address:80/app_name
DO NOT use any type of arrays of ports, simply use port 80, if the client can't connect to RTMP on port 80, he will no be able to connect on RTMP no matter the port you are using.
So, What am I actually saying over here...?
I'm saying you should only make 1 connection attemp, this attempt is on port 80 using RTMP, this should be your first choice, if the connection is unsuccesful, you should move the connection to use RTMPT which is RTMP encapsulated over HTTP, firewalls will not block this connection becuase it makes RTMP "hide" behind HTTP traffic on port 80.
The connection is made practically the same way
rtmpt://your_ip_address:80/app_name
Why not use RTMPT at all times?
You should not use RTMPT at all times because there's a performance issue, there is an overhead on top of each packet sent.
Why not go through all the possible ports with RTMP first, Why only 80?
In most cases, firewalls will block every port (but 80), the timeouts the user will have to go through will be very long before he will finally be redirected to RTMPT.
I will post some code on how to fallback more efficiently later on this week, this post was actually inspired from a client's solution I did this week during a consulting session.
Good luck
My name is Avi Tzurel. I'm a professional web developer from Israel. I spend most of my day developing both web products and RIA applications as well as imparting my experience onto others. I speak, teach and write about my passions, and develop applications according to what I preach. I specialize in Flex, Adobe Air, HTML, XHTML, Javascript, jQuery and other Javascript libraries, on the server side I do .net along side with Ruby on Rails. You can connect with me on Twitter or email me through the contact page on this blog.
Pages
Me
RSS
Categories
- actionscript
- asp.net
- Concept
- Flash media server
- Flex
- General
- JavaScript
- jQuery
- Product management
- Ruby on rails
- Sql server
Archives
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
Recent Posts
- gitignore template for flex projects
- jQuery colorbox plugin no opacity (overlay) – IE7
- flash media server security hardening
- set button width to text width in flex
- jQuery, wait for animation to end then do something
- Copy object properties to another object – Flex
- YUI Calendar page to the selected date (multi calendar)
- Empty dialogs in flex builder 3 + Flash builder 4
- Git export (like SVN export)
- Access flex application through the SWFLoader component
- Flash builder 4 – sharing a project with your team using SVN Screencast
- Change WebOrb default port from 2037 to what you want
- Dynamic streaming (Adaptive bitrate) using Flash media Server
- Enumeration on a property – Flex 3
- Backup all databases (SQL Express) with a single T-Sql
Tags
Resent Comments
- forex robot on set button width to text width in flex
- Avi Tzurel on jQuery and UpdatePanels (Asp.Net)
- Corrado on jQuery and UpdatePanels (Asp.Net)
- acne treatment on Solo standalone mp3 player to embed in a page
- Avi Tzurel on RTMP being blocked by firewalls – Flash media server
- Max on RTMP being blocked by firewalls – Flash media server
- Graciela Gonzalez on Backup all databases (SQL Express) with a single T-Sql
- Avi Tzurel on Dynamic streaming (Adaptive bitrate) using Flash media Server
- Nikola Dachev on Dynamic streaming (Adaptive bitrate) using Flash media Server
- Wordpress Themes on Copy object properties to another object – Flex
March 23rd, 2010 - 06:52
[quote]
DO NOT use any type of arrays of ports, simply use port 80, if the client can’t connect to RTMP on port 80, he will no be able to connect on RTMP no matter the port you are using.
[/quote]
What are the possible reason for this?
May 18th, 2010 - 18:08
Did you ever post the fallback code somewhere?
May 18th, 2010 - 19:56
Did you ever post that fallback code?
May 18th, 2010 - 23:37
@aj:
That’s because firewalls usually behave like so:
block any other port then 80 (meaning nothing will work)
block any other traffic other then http
So, falling back from port 1935 to port 80 is useless (usually)
falling back from rtmp to rtmpt is useful.
May 18th, 2010 - 23:37
@Ed:
No I didn’t post the code just yet, I will post it very very soon.
Thanks
May 19th, 2010 - 18:30
@aj:
That’s because firewalls usually behave like so:
block any other port then 80 (meaning nothing will work)
block any other traffic other then http
So, falling back from port 1935 to port 80 is useless (usually)
falling back from rtmp to rtmpt is useful.
June 9th, 2010 - 22:42
Still curious if you’ve posted that code snippet yet. I’m guessing it uses an interval to define a timeout after which it gives up on the RTMP connection attempt and tries RTMPT. But I was wondering if you have to do anything special to cancel and cleanup after the 1st hanging connection attempt.
June 10th, 2010 - 16:06
@Ed: I didn’t post that code yet, it’s not only based on a timer, it’s also based on the failure of the first connection.
You don’t have to do any cleanup what so ever, you only assign a new value to the URL of the connection and connect again.
July 19th, 2010 - 19:45
It seems that our company proxy blocks also RTMPT traffic and not only RTMP!!! (Of course it allows HTTP).
Is it possible or am I doing something wrong?!
Basically the .FLV is streamed via RTMPT through a .SWF file
Thank you very much!
July 22nd, 2010 - 12:05
@Max: RTMPT behind the scenes is actually HTTP.
it could be that the proxy is blocking it.
if this is the case, I would go the extra mile and create an HTTP streaming.