I’ve deployed the Jitsi on my backend server and it worked as expected. Basically I just open the port 10000 and bind the port 443 to the port 6443, then I can create and join a video meeting successfully. In other words, I use the port 6443 to create the TLS connection and use the port 10000 to accept the UDP streams.
Now, I use another machine as my gateway, in which deployed a gateway component Envoy. My goal is to make all of requests and data stream pass by the gateway.
Here is the config of my Envoy:
- name: listener_jitsi_https
- name: envoy.filters.network.http_connection_manager
- upgrade_type: websocket
* name: envoy.filters.http.router
* name: local_service
- name: listener_jitsi_udp
- name: envoy.access_loggers.file
- name: envoy.filters.udp_listener.udp_proxy
- name: cluster_jitsi_https
- name: cluster_jitsi_udp
As you see, I route HTTPS(supporting WSS) request from IP_Gateway:6443 toxxx:6443, and I route the UDP request from IP_Gateway:10000 to xxx:10000. (xxx is the domain name of my backend server.)
Here is how my configuration looks like:
client:6443 —> gateway:6443 —> Jitsi:6443(443)
client:10000 —> gateway:10000 —> Jitsi:10000
Now, I could make a meeting but the video streams DON’T pass by the gateway. The client and the Jitsi service still communicate directly with each other.
Then, I add a new line in the file /etc/hosts on my client machine:
IP_Gateway xxx so that all of requests to
xxx will be redirected to my Gateway machine.
But still, the client and the Jitsi service still communicate directly with each other.
It seems that after Jitsi service getting the IP of the client, they two start to communicate with each other directly.
Can someone help me? Is it possible to make all of requests and responses pass by my gateway? Need I change the source code of Jitsi if I want to do so?