Jitsi-Meet with NAT, port-mapping and dynamic IP

Hi,

I’m currently trying to install jitsi-meet on a fresh installed ubuntu 18 VM. I followed the quick-install guide without any extra webserver like nginx.

I have the following setup: My VM is behind a NAT and I only have a dynamic IP address (actually the public IP is changing with every reconnect during night)

I’m not able to directly forward the ports through my router, because some of them are already used and I typically only forward alias ports (lets say 55522 instead of 22). The only standard ports that are allowed from outside are 80 and 443 to a dedicated VM that handles the letsencrypt stuff. Every other VM (like nextcloud) grabs the certificate from there.

So what I’m trying to setup is something like
Normal ports for jitsi vm: 443, 4443, 10000
Mapped to external ports like 55443, 55444, 55000
And I need to setup something like the NAT_HARVESTER_PUBLIC_ADDRESS to my public DNS Hostname. Or if only an IP address is possible, it would be ok to switch this by script every night and restart the service.

What I could not find is a guide that describes how to setup non-standard ports. Or should I also change the ports for jitsi to the 55xxx ports?

Thanks in advance
Kai

When changing 443 make sure you change the bosh setting to have port in config.js. You can change jvb to advertise different ports the doc you need is: https://github.com/jitsi/ice4j/blob/master/doc/configuration.md

Hi Kai,

I am facing the same problem. Jitis behind NAT with a dynamic IP. Could you find a solution for the changing IP?

Greetings
FreeWilly

Hi all,

I’m too getting a new IP every night. When using a dynamic DNS Service like DynDNS or similar this script may help - I run it via cronjob at 05:00 - far from realtime but sufficient for my family&friends setup.

#!/bin/bash
DNSNAME=“yourhostname.anydns.info”

#clear config
sed -i ‘/NAT_HARVESTER_PUBLIC_ADDRESS/d’ /etc/jitsi/videobridge/sip-communicator.properties

#get IP and renew line
echo org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=$(host -tA $DNSNAME 8.8.8.8 | grep address | cut -d " " -f4 ) >> /etc/jitsi/videobridge/sip-communicator.properties

#restart services
service jicofo restart
service jigasi restart
service jitsi-videobridge2 restart

Greetings,
Tim

1 Like

Sorry, didn’t recognize the language.

The script can be run more often.

But I would extend it, so that the current IP is grabbed from the config and compare it with the Internet resolv result. If they differ, we replace the config and restart the services. If not, it simply exits.
One can run it every 5 minutes. In most cases the scrips says “IP not changed” and goes to sleep.

Here is the script derived from my VPN-Gateway (it resolves the IP only once).

DNSNAME="my.hostname.tld"

# get the actual IP from the Internet
IPint=$(host -tA $DNSNAME 8.8.8.8 | grep address | cut -d " " -f4 )

# get the configured IP of Jitsi
IPjitsi=$(grep 'NAT_HARVESTER_PUBLIC_ADDRESS' /etc/jitsi/videobridge/sip-communicator.properties |  grep -oE "[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+")

if [ "$IPjitsi" == "$IPint" ]
then
        echo "IP has not been changed!"
        exit 0
fi

#clear config
sed -i '/NAT_HARVESTER_PUBLIC_ADDRESS/d' /etc/jitsi/videobridge/sip-communicator.properties

#get IP and renew line
echo org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=$IPint >> /etc/jitsi/videobridge/sip-communicator.properties

#restart services
service jicofo restart
#service jigasi restart
service jitsi-videobridge2 restart

Have no running jigasi, therefore it is commented out. If it is to chatty, comment out echo “IP has not been changed!” .
First tests worked fine: for changed and unchanged IP as well… hope that helps.

Hi I wrote a python script for that problem.

you can download it here so you can try it.

It looks for a changed ip and if needed changes the ip in the `sip-communicator.properties.

https://file.mottec.de/sharing/YJ9AxGX08

greets

mmo