Hey everyone! I currently have my AI-powered calling app running on LiveKit Cloud, but one of our clients requires a fixed IP range to connect their SIP trunk. About a week ago, I began deploying LiveKit on Kubernetes. I’ve made good progress — I can already create rooms, register trunks, and make calls. However, I’ve been stuck for a while on a specific error I haven’t been able to resolve. I’m attaching my Helm release config in case it helps spot what might be going wrong. I’d really appreciate any guidance from the community — thanks in advance!

Thanks for reaching out, Duvan. I'm an AI assistant and I'm here to help. Give me a moment while I research this topic.

2025-07-10T042348.913Z INFO livekit redis/redis.go:142 connecting to redis {_“simple”_: true, _“addr”_: “livekit-redis”} 2025-07-10T042354.036Z WARN livekit rtcconfig/ip.go:272 could not validate external IP {_“ip”_: “3.14.183.89”, _“error”_: “context canceled”} 2025-07-10T042354.036Z WARN livekit rtcconfig/ip.go:272 could not validate external IP {_“ip”_: “3.14.183.89”, _“error”_: “context canceled”} 2025-07-10T042354.036Z WARN livekit rtcconfig/ip.go:272 could not validate external IP {_“ip”_: “3.14.183.89”, _“error”_: “context canceled”} 2025-07-10T042354.076Z INFO livekit rtcconfig/webrtc_config.go:276 failed to get external ip {_“local”_: “10.0.62.34”, _“err”_: “context canceled”} 2025-07-10T042354.077Z INFO livekit rtcconfig/webrtc_config.go:276 failed to get external ip {_“local”_: “10.0.48.108”, _“err”_: “context canceled”} 2025-07-10T042354.077Z INFO livekit rtcconfig/webrtc_config.go:276 failed to get external ip {_“local”_: “169.254.170.23”, _“err”_: “context canceled”} 2025-07-10T042354.077Z INFO livekit rtcconfig/webrtc_config.go:99 no external IPs found, using node IP for NAT1To1Ips {_“ip”_: “3.14.183.89”} 2025-07-10T042354.079Z INFO livekit service/turn.go:145 Starting TURN server {_“turn.relay_range_start”_: 30000, _“turn.relay_range_end”_: 40000, _“turn.portTLS”_: 443, _“turn.externalTLS”_: true, _“turn.portUDP”_: 3478} 2025-07-10T042354.085Z INFO livekit service/server.go:265 starting LiveKit server {_“portHttp”_: 7880, _“nodeID”_: “ND_Z4dFPhUbNQxR”, _“nodeIP”_: “3.14.183.89”, _“version”_: “1.9.0”, _“rtc.portTCP”_: 7881, _“rtc.portICERange”_: [50000, 60000]} 2025-07-10T042435.692Z INFO livekit.agents service/agentservice.go:298 worker registered {_“namespace”_: “”, _“jobType”_: “JT_ROOM”, _“agentName”_: “outbound-agent”, _“workerID”_: “AW_ZBRgM5eSMsYZ”} 2025-07-10T042703.430Z INFO livekit.api service/twirp.go:128 API RoomService.ListRooms {_“service”_: “RoomService”, _“method”_: “ListRooms”, _“room”_: [], _“duration”_: “551.514µs”, _“status”_: “200"} 2025-07-10T042704.194Z INFO livekit service/roomallocator.go:166 selected node for room {_“room”_: “call-893c6cbf-5373-4cbf-bdd2-8451726b43bf”, _“selectedNodeID”_: “ND_shxSvW2sqg34"} 2025-07-10T042704.200Z INFO livekit.api service/twirp.go:128 API RoomService.CreateRoom {_“service”_: “RoomService”, _“method”_: “CreateRoom”, _“room”_: “call-893c6cbf-5373-4cbf-bdd2-8451726b43bf”, _“request”_: {_“name”_: “call-893c6cbf-5373-4cbf-bdd2-8451726b43bf”}, _“duration”_: “6.901481ms”, _“status”_: “200”} 2025-07-10T042704.314Z INFO livekit.api service/twirp.go:128 API AgentDispatchService.CreateDispatch {_“service”_: “AgentDispatchService”, _“method”_: “CreateDispatch”, _“room”_: “call-893c6cbf-5373-4cbf-bdd2-8451726b43bf”, _“request”_: {_“agentName”_: “outbound-agent”, _“room”_: “call-893c6cbf-5373-4cbf-bdd2-8451726b43bf”, _“metadata”_: “__size: 365"}, _“duration”_: “6.871517ms”, _“status”_: “200"} 2025-07-10T042704.626Z INFO livekit.agents service/agentservice.go:413 assigned job to worker {_“jobID”_: “AJ_TwmrBEW5oGBy”, _“namespace”_: “”, _“agentName”_: “outbound-agent”, _“jobType”_: “JT_ROOM”, _“room”_: “call-893c6cbf-5373-4cbf-bdd2-8451726b43bf”, _“roomID”_: “RM_xCs3oyzoiqJP”, _“workerID”_: “AW_sseokwAjHnw8"} 2025-07-10T042705.202Z INFO livekit agent/client.go:173 failed to send job request {_“error”_: “no response from servers”, _“namespace”_: “”, _“jobType”_: “JT_ROOM”, _“agentName”_: “”} 2025-07-10T042709.351Z INFO livekit service/roommanager.go:394 starting RTC session {_“room”_: “call-893c6cbf-5373-4cbf-bdd2-8451726b43bf”, _“roomID”_: “RM_xCs3oyzoiqJP”, _“participant”_: “agent-AJ_TwmrBEW5oGBy”, _“pID”_: “PA_xQ9vBP6r5UxA”, _“remote”_: false, _“room”_: “call-893c6cbf-5373-4cbf-bdd2-8451726b43bf”, _“nodeID”_: “ND_shxSvW2sqg34”, _“numParticipants”_: 0, _“participantInit”_: {_“Identity”_: “agent-AJ_TwmrBEW5oGBy”, _“Reconnect”_: false, _“ReconnectReason”_: “RR_UNKNOWN”, _“AutoSubscribe”_: true, _“Client”_: {_“sdk”_: “PYTHON”, _“version”_: “1.0.8", _“protocol”_: 15}, _“Grants”_: {_“Identity”_: “”, _“Kind”_: “agent”, _“Video”_: {_“RoomCreate”_: false, _“RoomList”_: false, _“RoomRecord”_: false, _“RoomAdmin”_: false, _“RoomJoin”_: true, _“Room”_: “call-893c6cbf-5373-4cbf-bdd2-8451726b43bf”, _“CanPublish”_: true, _“CanSubscribe”_: true, _“CanPublishData”_: true, _“CanPublishSources”_: [], _“CanUpdateOwnMetadata”_: true, _“IngressAdmin”_: false, _“Hidden”_: false, _“Recorder”_: false, _“Agent”_: true, _“CanSubscribeMetrics”_: false, _“DestinationRoom”_: “”}, _“SIP”_: {}, _“RoomConfig”_: {}, _“RoomPreset”_: “”}, _“Region”_: “”, _“AdaptiveStream”_: false, _“ID”_: “”, _“SubscriberAllowPause”_: “not-set”, _“DisableICELite”_: false, _“CreateRoom”_: {_“name”_: “call-893c6cbf-5373-4cbf-bdd2-8451726b43bf”}}} 2025-07-10T042709.353Z INFO livekit service/roommanager.go:945 created TURN password {_“username”_: “BhXV1InNQJkd5EFeeVQQxHMyQjZmFWNlR2MxYTOmdjYiNDZ2ADMyIDOzETZkdTMlB”, _“password”_: “XBxnKiwaQUKi4fU7rewBSChyHPB3g2dWjGLG8H7SDpO”} 2025-07-10T042710.676Z INFO livekit hwstats/cpu.go:129 high cpu load {_“load”_: 0.9055790828787376} 2025-07-10T042724.627Z INFO livekit rtc/participant.go:1097 participant closing {_“room”_: “call-893c6cbf-5373-4cbf-bdd2-8451726b43bf”, _“roomID”_: “RM_xCs3oyzoiqJP”, _“participant”_: “agent-AJ_TwmrBEW5oGBy”, _“pID”_: “PA_xQ9vBP6r5UxA”, _“remote”_: false, _“sendLeave”_: false, _“reason”_: “SIGNAL_SOURCE_CLOSE”, _“isExpectedToResume”_: false} 2025-07-10T042724.627Z INFO livekit rtc/room.go:717 removing participant without connection {_“room”_: “call-893c6cbf-5373-4cbf-bdd2-8451726b43bf”, _“roomID”_: “RM_xCs3oyzoiqJP”, _“participant”_: “agent-AJ_TwmrBEW5oGBy”, _“pID”_: “PA_xQ9vBP6r5UxA”, _“remote”_: false, _“subscriberCandidates”_: [“[local[][trickle[] udp4 host 3.14.183.89:54640 (resolved: 3.14.183.89:54640)“, “[local[][trickle[] tcp4 host 3.14.183.89:7881 (resolved: 3.14.183.89:7881)“, “[local[][trickle[] udp4 host 3.14.183.89:53872 (resolved: 3.14.183.89:53872)“, “[local[][trickle[] tcp6 host [fd00ec223[]7881 (resolved: [fd00ec223[]7881)“, “[local[][trickle[] udp6 host [fd00ec223[]52769 (resolved: [fd00ec223[]52769)“, “[local[][trickle[] udp4 host 3.14.183.89:57672 (resolved: 3.14.183.89:57672)“, “[local[][trickle[] udp4 host 3.14.183.89:59306 (resolved: 3.14.183.89:59306)“, “[remote[][trickle[] udp4 host 192.168.10.91:55095”, “[remote[][trickle] tcp4 host 192.168.10.91:59857"], _“connectionType”_: “unknown”, _“reason”_: “SIGNAL_SOURCE_CLOSE”, _“clientInfo”_: {_“sdk”_: “PYTHON”, _“version”_: “1.0.8”, _“protocol”_: 15}} 2025-07-10T042724.628Z INFO livekit.transport rtc/transport.go:2511 ICE candidate pair stats {_“room”_: “call-893c6cbf-5373-4cbf-bdd2-8451726b43bf”, _“roomID”_: “RM_xCs3oyzoiqJP”, _“participant”_: “agent-AJ_TwmrBEW5oGBy”, _“pID”_: “PA_xQ9vBP6r5UxA”, _“remote”_: false, _“transport”_: “SUBSCRIBER”, _“stats”_: [{_“state”_: “failed”, _“nominated”_: false, _“local”_: “3.14.183.89:54640 udp type(host/), priority(2130706431)“, _“remote”_: “192.168.10.91:55095 udp type(host/), priority(2122260223)“, _“requestsSent”_: 8, _“responsesReceived”_: 0, _“requestsReceived”_: 0, _“responsesSent”_: 0, _“firstRequestSentAt”_: “2025-07-08T232709.622Z”, _“lastRequestSentAt”_: “2025-07-08T232710.848Z”, _“firstResponseReceivedAt”_: “1754-08-30T224341.128Z”, _“lastResponseReceivedAt”_: “1754-08-30T224341.128Z”, _“firstRequestReceivedAt”_: “1754-08-30T224341.128Z”, _“lastRequestReceivedAt”_: “1754-08-30T224341.128Z”}, {_“state”_: “failed”, _“nominated”_: false, _“local”_: “3.14.183.89:53872 udp type(host/), priority(2130706431)“, _“remote”_: “192.168.10.91:55095 udp type(host/), priority(2122260223)“, _“requestsSent”_: 8, _“responsesReceived”_: 0, _“requestsReceived”_: 0, _“responsesSent”_: 0, _“firstRequestSentAt”_: “2025-07-08T232709.622Z”, _“lastRequestSentAt”_: “2025-07-08T232710.848Z”, _“firstResponseReceivedAt”_: “1754-08-30T224341.128Z”, _“lastResponseReceivedAt”_: “1754-08-30T224341.128Z”, _“firstRequestReceivedAt”_: “1754-08-30T224341.128Z”, _“lastRequestReceivedAt”_: “1754-08-30T224341.128Z”}, {_“state”_: “failed”, _“nominated”_: false, _“local”_: “3.14.183.89:57672 udp type(host/), priority(2130706431)“, _“remote”_: “192.168.10.91:55095 udp type(host/), priority(2122260223)“, _“requestsSent”_: 8, _“responsesReceived”_: 0, _“requestsReceived”_: 0, _“responsesSent”_: 0, _“firstRequestSentAt”_: “2025-07-08T232711.380Z”, _“lastRequestSentAt”_: “2025-07-08T232712.584Z”, _“firstResponseReceivedAt”_: “1754-08-30T224341.128Z”, _“lastResponseReceivedAt”_: “1754-08-30T224341.128Z”, _“firstRequestReceivedAt”_: “1754-08-30T224341.128Z”, _“lastRequestReceivedAt”_: “1754-08-30T224341.128Z”}, {_“state”_: “failed”, _“nominated”_: false, _“local”_: “3.14.183.89:59306 udp type(host/), priority(2130706431)“, _“remote”_: “192.168.10.91:55095 udp type(host/), priority(2122260223)“, _“requestsSent”_: 8, _“responsesReceived”_: 0, _“requestsReceived”_: 0, _“responsesSent”_: 0, _“firstRequestSentAt”_: “2025-07-08T232711.380Z”, _“lastRequestSentAt”_: “2025-07-08T232712.584Z”, _“firstResponseReceivedAt”_: “1754-08-30T224341.128Z”, _“lastResponseReceivedAt”_: “1754-08-30T224341.128Z”, _“firstRequestReceivedAt”_: “1754-08-30T224341.128Z”, _“lastRequestReceivedAt”_: “1754-08-30T224341.128Z”}]} 2025-07-10T042724.629Z INFO livekit.agents agent/worker.go:514 job ended {_“workerID”_: “AW_sseokwAjHnw8", _“agentName”_: “outbound-agent”, _“jobType”_: “JT_ROOM”, _“jobID”_: “AJ_TwmrBEW5oGBy”, _“status”_: “JS_FAILED”, _“error”_: “agent worker left the room”} 2025-07-10T043204.836Z INFO livekit.room rtc/room.go:937 closing room {_“room”_: “call-893c6cbf-5373-4cbf-bdd2-8451726b43bf”, _“roomID”_: “RM_xCs3oyzoiqJP”} 2025-07-10T043204.836Z INFO livekit service/roommanager.go:175 deleting room state {_“room”_: “call-893c6cbf-5373-4cbf-bdd2-8451726b43bf”} 2025-07-10T043204.839Z INFO livekit.room service/roommanager.go:624 room closed {_“room”_: “call-893c6cbf-5373-4cbf-bdd2-8451726b43bf”, _“roomID”_: “RM_xCs3oyzoiqJP”} 2025-07-10T043204.839Z INFO livekit.room rtc/room.go:921 closing idle room {_“room”_: “call-893c6cbf-5373-4cbf-bdd2-8451726b43bf”, _“roomID”_: “RM_xCs3oyzoiqJP”, _“reason”_: “empty timeout”}

Hey there! I noticed some tricky logs that suggest LiveKit is having a bit of trouble figuring out your external IP address. No worries - this happens sometimes in Kubernetes, and I can help you sort it out. • Sometimes firewalls can block UDP ports • Your pods might be struggling to reach external STUN servers • The IP address your cluster is advertising might not be accessible from the outside world What does this mean for you? Well, it could cause some hiccups with SIP trunk registration or media traffic. But don't stress - we've got some straightforward fixes! Here are some friendly steps to resolve this: 1. Let's manually set your external IP in the Helm config. In your

values.yaml

or Helm overrides, you'll want to add:

rtc:
  node_ip: "YOUR_EXTERNAL_IP"
  use_external_ip: false

• Just replace

YOUR_EXTERNAL_IP

with the public IP address of the node running LiveKit. Think of it like giving LiveKit clear directions to find you! 1. Make sure your Kubernetes service is showing off those UDP and TCP ports on this external IP (covering the LiveKit RTC and SIP media range like

50000-60000

UDP). 2. Do a quick network and firewall check to ensure STUN traffic can flow smoothly in and out. 3. If you're using a load balancer, just double-check it's playing nice with UDP traffic. After making these changes, give it another try. With a clear

node_ip

, your SIP provider should now see exactly where to reach you. Still seeing some issues? No problem! Just share your

rtc

section and a bit about your Kubernetes network setup, and we'll work through this together. Need more context? I've got some great reference sources that can dive deeper into these network configurations. Sources: pkg/rtcconfig/config.go | pkg/config/config.go

this is my livekit-helm-release.yaml: apiVersion: helm.toolkit.fluxcd.io/v2beta1 kind: HelmRelease metadata: name: livekit namespace: livekit spec: interval: 5m chart: spec: chart: livekit-server version: 1.9.0 sourceRef: kind: HelmRepository name: livekit namespace: flux-system values: replicaCount: 1 livekit: port: 7880 log_level: info rtc: tcp_port: 7881 port_range_start: 50000 port_range_end: 60000 use_external_ip: true node_ip: “$NODE_IP” ice_servers: - urls: [“stun:stun.l.google.com:19302"] - urls: [“stun:stun1.l.google.com:19302”] enable_loopback_candidate: false keys: e17d****: 09bf9**** turn: enabled: true domain: dapta-dev-turn.dev.dapta.ai tls_port: 443 udp_port: 3478 external_tls: true secretName: livekit-turn-tls redis: address: livekit-redis password: ** # Configuración del servicio TCP para ICE fallback service: type: NodePort ports: - name: rtc-tcp port: 7881 targetPort: 7881 nodePort: 30881 protocol: TCP turn: service: type: LoadBalancer annotations: {} ports: - name: turn-udp port: 3478 protocol: UDP targetPort: 3478 - name: turn-tls port: 443 protocol: TCP targetPort: 443 loadBalancer: type: alb tls: - hosts: - dapta-dev-livekit.dev.dapta.ai autoscaling: enabled: true minReplicas: 1 maxReplicas: 1 targetCPUUtilizationPercentage: 60 resources: limits: cpu: 1500m memory: 2048Mi requests: cpu: 1000m memory: 1024Mi ingress: enabled: true className: nginx annotations: kubernetes.io/ingress.class: nginx cert-manager.io/cluster-issuer: letsencrypt-prod nginx.ingress.kubernetes.io/ssl-redirect: “true” nginx.ingress.kubernetes.io/force-ssl-redirect: “true” nginx.ingress.kubernetes.io/proxy-read-timeout: “3600" nginx.ingress.kubernetes.io/proxy-send-timeout: “3600” nginx.ingress.kubernetes.io/proxy-connect-timeout: “3600" nginx.ingress.kubernetes.io/proxy-buffering: “off” nginx.ingress.kubernetes.io/proxy-request-buffering: “off” nginx.ingress.kubernetes.io/proxy-http-version: “1.1” nginx.ingress.kubernetes.io/proxy-set-headers: Connection upgrade, Upgrade $http_upgrade hosts: - host: dapta-dev-livekit.dev.dapta.ai paths: - path: / pathType: Prefix tls: - secretName: livekit-tls hosts: - dapta-dev-livekit.dev.dapta.ai

Hey there! I noticed something that might be causing some headaches with your LiveKit setup. The

node_ip: "$NODE_IP"

configuration could be tripping you up by not correctly advertising your public IP address. If your deployment isn't reliably replacing

$NODE_IP

when it matters, you might see those pesky external IP validation errors in your logs. Here's a friendly tip: for SIP trunking and static IP needs, just directly plug in your public IP—something like

node_ip: "203.0.113.7"

right in your Helm values file. Pro move? After doing this, set

use_external_ip

to

false

unless you genuinely need STUN-based discovery. Quick word of advice: try not to mix unresolved variables with explicit values in your Helm config—it can get messy! Make sure those UDP and TCP ports are open and mapped to your IP. After redeploying, you should see those external IP validation errors disappear, which usually means smoother SIP and media connectivity. Still seeing issues? Double-check that your SIP trunk provider has whitelisted this public IP, and take a peek at your network and firewall rules to ensure everything's open. You've got this! 🌟 Sources: Deploying LiveKit | LiveKit Docs | config-sample.yaml | pkg/rtcconfig/ip.go | pkg/sip/config.go | JavaScript & React Components | livekit/livekit_composite | DeepWiki | examples/server-do.yaml

The error log and helm realease are of Livekit server https://docs.livekit.io/home/self-hosting/kubernetes.md

I don't have the answer you're looking for. You could also try asking your question: • in one of the other Slack channels or • to https://deepwiki.com/livekit/livekit_composite which is trained on all LiveKit source code If you find the answer, please post it here to help others!