Icecast services behind Traefik

Hi guys!

I am working with traefik for quite some time and it works awesome. However, we are trying to get a icecast server to run in our cluster to be able to create a radio stream. So far I got it working, can access the admin interface. However, when I try to stream audio to it the connection is killed after 11 seconds.

I send the audio to the icecast service using HTTPs requests, however after 11 seconds I see that the server sends a TCP RST package. This will make the connection drop and reset.

I have no idea why this happens. Anyone an idea why this happens and how I can fix it?

Hello Matthijs,

I'm stuck with the same problem. If you have found a solution, I would be glad to hearit. I myself am routing 5 services correctly with traefik, only the icecast service somehow kills the connection every 10-11 seconds.

[2021-01-13  03:34:46] INFO connection/_handle_source_request Source logging in at mountpoint "/mount.ogg" from
[2021-01-13  03:34:46] WARN format/format_get_type Unsupported or legacy stream type: "audio/mpeg". Falling back to generic minimal handler for best effort.
[2021-01-13  03:34:46] INFO source/source_main listener count on /mount.ogg now 0
[2021-01-13  03:34:57] WARN source/get_next_buffer Disconnecting source due to socket timeout

I think I got it working.

      - traefik.tcp.routers.icecast-streaming.rule=HostSNI(`*`)
      - traefik.tcp.routers.icecast-streaming.entrypoints=web2
      - traefik.tcp.routers.icecast-streaming.service=icecast-streaming

      - traefik.http.routers.icecast.rule=Host(`icecast.chabaa`)
      - traefik.http.routers.icecast.entrypoints=web2,web
      - traefik.http.routers.icecast.service=icecast

When posting the question, I already had the idea of routing the tcp traffic, but still had to tweak it a little

- --entrypoints.web.address=:80
- --entrypoints.web2.address=:8080

I too sniffed the docker network traffic and got the TCP RST package. What put me on the track was that TCP packages to the trafik service did not route anywhere, so adding the tcp routing label was the solution.

Thanks, for anybody still having put a thought into it.

1 Like

A bit late to the party, but here's what I used, l leveraging your notes, to allow TLS ingest with name-based routing (SNI) for multiple concurrent instances to run and have encoders connect to the proper instance. Leaving out the HTTP/HTTPS routers, as those are as standard as can be.

      - "{{ service }}-tcp.loadbalancer.server.port=8080"
      - "traefik.tcp.routers.{{  service }}-tcp.service={{ service }}-tcp"
      - "traefik.tcp.routers.{{  service }}-tcp.rule=HostSNI(`{{ domain }}`)"
      - "traefik.tcp.routers.{{  service }}-tcp.entrypoints=encoders"
      - "traefik.tcp.routers.{{  service }}-tcp.tls=true"
      - "traefik.tcp.routers.{{  service }}-tcp.tls.certresolver=leresolver"