+- Jellyfin Forum (https://forum.jellyfin.org)
+-- Forum: Support (https://forum.jellyfin.org/f-support)
+--- Forum: Troubleshooting (https://forum.jellyfin.org/f-troubleshooting)
+---- Forum: Networking & Access (https://forum.jellyfin.org/f-networking-access)
+---- Thread: Jellyfin Random Log out on Playback (/t-jellyfin-random-log-out-on-playback)
Jellyfin Random Log out on Playback - jbamford - 2024-12-27
Good afternoon,
So I have a strange problem with the Android App, Desktop Browsers, and Desktop Jellyfin App seems to work okay but the Jellyfin app on Android on a Samsung A9 Tablet has a strange problem, can log in and play Movies, TV Shows etc but after so long Jellyfin will boot itself out with Connection cannot be established, Please check the hostname and your network connection. When this happens I can log back in straight away and carry on watching which show I was watching.
Jellyfin is running behind two Nginx Load Balancers with SSL Offloading, I have tested with just the IP address of the Server over HTTP and the same happens, no one else externally is having this problem though, some users use Android Jellyfin App, Android TV App or browsers.
I thought it was a Client timeout issue so before I tested with just the Servers IP Address with no Load Balancers in front I changed the Configuration.
Would anyone have any ideas as to what is causing the problem?
Jellyfin is installed on Ubuntu 24.04 no Docker,
ffmpeg
Jellyfin Version 10.9.9 Updated to latest Version but to test but rolled back to do a comparison of logs. Logs show nothing related to this problem apart from error receiving data: "The remote party closed the WebSocket connection without completing the close handshake
Hardware. 3 node Cluster R740s. Tested on bare metal fresh install of Ubuntu.
I cannot reproduce it on my Samsing A25 Phone, Desktop, Laptop or TV Android App, only seems to happen on the tablet.
Nginx Config
Code:
server {
listen 80;
server_name domain.uk;
return 301 https://domain.uk$request_uri;
}
#map $http_upgrade $connection_upgrade {
# default upgrade;
# '' close;
server {
listen 443;
server_name domain.uk;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
add_header X-XSS-Protection "0";
ssl_certificate /etc/letsencrypt/live/domain.uk/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.uk/privkey.pem;
include /etc/nginx/common/ssl.conf;
keepalive_timeout 65; # Time (in seconds) to keep the connection open
keepalive_requests 100; # Max number of requests per connection
client_max_body_size 100M;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_pass http://10.10.0.21:8096;
proxy_buffering on;
proxy_buffers 16 4k;
proxy_buffer_size 4k;
proxy_busy_buffers_size 8k;
proxy_temp_file_write_size 8k;
proxy_max_temp_file_size 16k;
proxy_connect_timeout 60s;
proxy_send_timeout 60s;
proxy_read_timeout 60s;
}
location = /web/ {
proxy_pass http://10.10.0.21:8096/web/index.html;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
}
location /socket {
proxy_pass http://10.10.0.21:8096;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
proxy_connect_timeout 60s;
proxy_send_timeout 60s;
proxy_read_timeout 60s;
}
location ~ /Items/(.*)/Images {
proxy_pass http://10.10.0.21:8096;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
}Regards
RE: Jellyfin Random Log out on Playback - TheDreadPirate - 2024-12-27
Remove the /web location in your nginx config. That was deprecated in 10.9 and needs to be removed. Not sure if that is the root or the problem, but we should eliminate it as a factor. Also, buffering should not be enabled. It really doesn't benefit Jellyfin.
Can you replicate the problem then share your Jellyfin log via pastebin?
Here is my nginx config for reference.
Code:
server {
listen 50443 ssl;
listen [::]:50443 ssl;
http2 on;
server_name jellyfin.domain.tld;
## The default `client_max_body_size` is 1M, this might not be enough for some posters, etc.
client_max_body_size 20M;
# use a variable to store the upstream proxy
# in this example we are using a hostname which is resolved via DNS
# (if you aren't using DNS remove the resolver line and change the variable to point to an IP address e.g `set $jellyfin 127.0.0.1`)
set $jellyfin 172.16.100.10;
ssl_certificate /etc/letsencrypt/live/domain.tld-0002/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.tld-0002/privkey.pem; # managed by Certbot
ssl_trusted_certificate /etc/letsencrypt/live/domain.tld-0002/chain.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
# Security / XSS Mitigation Headers
# NOTE: X-Frame-Options may cause issues with the webOS app
add_header X-XSS-Protection "0"; # Do NOT enable. This is obsolete/dangerous
add_header X-Content-Type-Options "nosniff";
# kill cache
add_header Last-Modified $date_gmt;
add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
if_modified_since off;
expires off;
etag off;
# Permissions policy. May cause issues on some clients
add_header Permissions-Policy "accelerometer=(), ambient-light-sensor=(), battery=(), bluetooth=(), camera=(), clipboard-read=(), display-capture=(), document-domain=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), payment=(), publickey-credentials-get=(), serial=(), sync-xhr=(), usb=(), xr-spatial-tracking=()" always;
# Tell browsers to use per-origin process isolation
add_header Origin-Agent-Cluster "?1" always;
# Content Security Policy
# See: https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP
# Enforces https content and restricts JS/CSS to origin
# External Javascript (such as cast_sender.js for Chromecast) must be whitelisted.
# NOTE: The default CSP headers may cause issues with the webOS app
add_header Content-Security-Policy "default-src https: data: blob: ; img-src 'self' https://* ; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' https://www.gstatic.com https://www.youtube.com blob:; worker-src 'self' blob:; connect-src 'self'; object-src 'none'; frame-ancestors 'self'";
location / {
# Proxy main Jellyfin traffic
proxy_pass http://$jellyfin:8096;
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
# Disable buffering when the nginx proxy gets very resource heavy upon streaming
proxy_buffering off;
}
location /socket {
# Proxy Jellyfin Websockets traffic
proxy_pass http://$jellyfin:8096;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
}
}RE: Jellyfin Random Log out on Playback - jbamford - 2025-01-13
Hi sorry for such a slow reply, Christmas came up been a bit busy, I have disabled Buffering and removed /web from the server block, I didn't have /web in the server block when it first occurred si i added it from the Jellyfin installation guide.
I will report back once I have watched a few things to see if it happens, interesting thing though it doesn't do it outside the network via the FQDN of the server only internally. I shall do some more investigating if it happens again though.
Code:
server {
listen 80;
server_name domain.uk;
return 301 https://domain.uk$request_uri;
}
#map $http_upgrade $connection_upgrade {
# default upgrade;
# '' close;
server {
listen 443;
server_name domain.uk;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
add_header X-XSS-Protection "0";
ssl_certificate /etc/letsencrypt/live/domain.uk/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.uk/privkey.pem;
include /etc/nginx/common/ssl.conf;
keepalive_timeout 65; # Time (in seconds) to keep the connection open
keepalive_requests 100; # Max number of requests per connection
client_max_body_size 100M;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_pass http://10.10.0.21:8096;
proxy_buffering off;
proxy_buffers 16 4k;
proxy_buffer_size 4k;
proxy_busy_buffers_size 8k;
proxy_temp_file_write_size 8k;
proxy_max_temp_file_size 16k;
proxy_connect_timeout 60s;
proxy_send_timeout 60s;
proxy_read_timeout 60s;
}
location /socket {
proxy_pass http://10.10.0.21:8096;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
proxy_connect_timeout 60s;
proxy_send_timeout 60s;
proxy_read_timeout 60s;
}
location ~ /Items/(.*)/Images {
proxy_pass http://10.10.0.21:8096;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Forwarded-Host $http_host;
}Regards
RE: Jellyfin Random Log out on Playback - TheDreadPirate - 2025-01-13
For local access, you would need to enable NAT loopback/hairpin or configure your router with static DNS entries to resolve your local IP for your domain name. That should keep the traffic within the LAN. It sounds like your traffic is going out to the Internet and coming right back.
RE: Jellyfin Random Log out on Playback - jbamford - 2025-01-18
(2025-01-13, 10:16 PM)TheDreadPirate Wrote: For local access, you would need to enable NAT loopback/hairpin or configure your router with static DNS entries to resolve your local IP for your domain name. That should keep the traffic within the LAN. It sounds like your traffic is going out to the Internet and coming right back.
That is correct, when using dig domain.uk points to the WAN IP. but using the IP of the actual Server seems to be giving the same, issue I am facing right now is that I can't reproduce the issue seems to be behaving itself.
Not a problem, I have use the DNS Resolver on the firewall to resolve the domain.uk to the Load Balancers internal IP.
Regards
RE: Jellyfin Random Log out on Playback - jbamford - 2025-03-13
Good evening.
I have determined that this problem isn't because the traffic is being routed out the WAN and back in the WAN connection internally.
The problem persists on 4G. When opening the app it loads fine but when going to the movies section or TV section it boots me right out with connection cannot be established. This problem only seems to occur on Android devices such as mobile and tablet. Android TV works fine though, Jellyfin app Linux works. Jellyfin on browsers are perfectly fine just the android app.
Regards
RE: Jellyfin Random Log out on Playback - TheDreadPirate - 2025-03-13
Can you share your full jellyfin log via privatebin.net?
RE: Jellyfin Random Log out on Playback - jbamford - 2025-03-13
I can do. Log from server or android device? If so from android where would the log be?
Regards
RE: Jellyfin Random Log out on Playback - TheDreadPirate - 2025-03-14
The logs from the server.
RE: Jellyfin Random Log out on Playback - jbamford - 2025-03-14
(2025-03-14, 12:40 PM)TheDreadPirate Wrote: The logs from the server.
So this is the log from the Server, switched to 4G loaded up the App, it logged straight in, which gives me this request [2025-03-14 14:42:23.761 +00:00] [INF] WS "148.252.146.135" request, when it boots me out I get this [2025-03-14 14:42:42.259 +00:00] [INF] WS "148.252.146.135" closed, logging back in straight away works but gets stuck on loading movies section [2025-03-14 14:42:43.067 +00:00] [INF] WS "148.252.146.135" request.
Web based through a Browser I can play all day long outside the network it is just the Android App that gives me trouble.
[2025-03-14 14:42:23.761 +00:00] [INF] WS "148.252.146.135" request
[2025-03-14 14:42:42.259 +00:00] [INF] WS "148.252.146.135" closed
[2025-03-14 14:42:43.067 +00:00] [INF] WS "148.252.146.135" request
[2025-03-14 14:43:31.067 +00:00] [INF] Sending ForceKeepAlive message to 1 inactive WebSockets
Regards