WhatsApp videocalls on same network, connection really bad
-
I have got 2 x Unifi U6-Pro at home. (I turn one off for troubleshooting this issue)
The problem is when we use WhatsApp inside the house (so connected to the same AP) to make a videocall from one phone to another the image and sound are not running smooth. It is pretty bad, not good enough to understand each other and keeps disconnecting.
The moment i switch one phone to cellular network it is working phone. I tried this with a similair U6-Pro but with an UXG-Pro instead of PfSense. Worked fine so i am semi sure the problem is my PfSense router. Running PfSense virtually on a ESX8 Hypervisor.
We use a Samsung S22 Ultra and a S21 Plus. I have tried different phones. We are not using "random MAC address".
Iam not seeing any Firewall logs. Network switches are also from Ubiquiti. Internet connection is an 1Gbit fiber line.
Everything is up to date and besides this everything is working fine.
Any ideas?
-
@operations Are you running any IDS/IPS package? Wondered whether it's a signal feedback too...
-
Guessing I'd say either it's trying to use a direct connection somehow and failing or both devices are trying to use the same ports, creating a conflict and falling back to some lesser relay mode.
Are your outbound NAT rules still at the defaults? Automatic mode?Steve
-
@nollipfsense said in WhatsApp videocalls on same network, connection really bad:
@operations Are you running any IDS/IPS package? Wondered whether it's a signal feedback too...
No.
-
@stephenw10 said in WhatsApp videocalls on same network, connection really bad:
Guessing I'd say either it's trying to use a direct connection somehow and failing or both devices are trying to use the same ports, creating a conflict and falling back to some lesser relay mode.
Are your outbound NAT rules still at the defaults? Automatic mode?Steve
No Hybrid mode. I direct some traffic in to certain external IPs and some traffic out via certain external IPs. I have got a /29 subnet.
-
Are any of those rules set to use static source ports? Are they being used by this traffic?
-
@stephenw10 said in WhatsApp videocalls on same network, connection really bad:
Are any of those rules set to use static source ports? Are they being used by this traffic?
Static source ports like 443, 25, 587, 993 etc are being used.
I am not 100% sure which ports are being used by this traffic.
-
It's unlikely any rule should have static source ports set for those ports.
can we see your outbound NAT rules?
-
@stephenw10 said in WhatsApp videocalls on same network, connection really bad:
It's unlikely any rule should have static source ports set for those ports.
can we see your outbound NAT rules?
Of course.
:no_upscale():strip_icc():fill(white):strip_exif()/f/image/NnzPYrG4savPYWfsEUeq9V9P.jpg?f=user_large)
:fill(white):strip_exif()/f/image/66YrTkfqsFSAu1bV1p6PEnUi.png?f=user_large)
-
None of those added rules have static source ports set so that's unlikely to be the problem.
It looks like you have an internal /29 public subnet which is more unusual.
Which internal subnet are the whatsapp clients using?
-
@stephenw10 said in WhatsApp videocalls on same network, connection really bad:
None of those added rules have static source ports set so that's unlikely to be the problem.
It looks like you have an internal /29 public subnet which is more unusual.
Which internal subnet are the whatsapp clients using?
I have got an EXTERNAL /29 subnet. Or are we talking about the same thing?
192.168.100.1/24Phone one is 192.168.100.80 and phone two is 192.168.100.79.
What i do just remembered, DNS wise my phone goes out externally through Adguard. And the other phone goes directly to 1.1.1.1 (or 9.9.9.9). I cannot test it at the moment, but could that be the issue? I have tested before leaving my phone on the WiFi and the other one on cellular network. So my phone was still using Adguard. This test went fine.
-
The automatic outbound NAT rules are including that /29 subnet which means it's assigned to an interface without a gateway. Or potentially as a VIP somewhere?
It won't be causing this, it just looked unusual.
-
@stephenw10 said in WhatsApp videocalls on same network, connection really bad:
The automatic outbound NAT rules are including that /29 subnet which means it's assigned to an interface without a gateway. Or potentially as a VIP somewhere?
It won't be causing this, it just looked unusual.
I have got one external IP address from my fiber ISP.
I have bought a subnet /29 from a different company. So i setup a GRE tunnel and use IP Alias for the /29.
Do you understand what i mean?
I get this is not relevant to my problem. But what so i do differently regarding this?
-
No one with anymore ideas?
-
@operations said in WhatsApp videocalls on same network, connection really bad:
I have bought a subnet /29 from a different company. So i setup a GRE tunnel and use IP Alias for the /29.
Do you understand what i mean?I do. I would check the routing though, make sure the GRE tunnel has no become the default gateway for anything unexpected.
Your description of the problem indicates to me that the calls are forced to fall back to some sort of relay mode rather then clients connecting directly. It's unclear what causes that though.
It could be they require static outbound source ports since you didn't have any set. That would be a significant drawback for WhatsApp working behind many firewalls though.Steve
