NAT ; firewall rules ; Sizzle

Install & Config
1

Hi,

To start I present my network, using NAT :

diagram :
Internet ====> PUBLIC_IP ====>443 ; 4443 ; 10000UDP ====>LOCAL_IP of jitsi
LAN ====>LOCAL_IP of jitsi

** sip properties **
org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=LOCAL_IP
org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=PUBLIC_IP

DNS
Host A : PUBLIC_IP MEET.Mydomain.tld in my public DNS zone
Host A : LOCAL_IP MEET.Mydomain.tld in my private DNS zone (yes I manage it inside domain to make some service simply available)

Config
100 MB <> internet connection
VM 4 CPU 8GB RAM

My problem
When I start a room from inside LAN, and take a look at logs of my Firewall to PUBLIC_IP and LOCAL_IP of my jitsi server, I see my personal_IP make a connection like that :
Personal_IP to LOCAL_IP of jitsi ==> 443 ===> PASSED : ** ok normal **
Personal_IP to LOCAL_IP of jitsi ==> 10000 ===> PASSED : ** ok normal **
Personal_IP to PUBLIC_IP of jitsi ==> 10000 ===> BLOCK : ok normal it’s block but **Why using PUBLIC_IP ? ** I d’ont want to autorize it cause it will become a hairpin nat…

Is there a way to tell to jitsi “everything’coming from WAN, use PUBLIC_IP and everything’s coming from LAN use LOCAL_IP” ?

Moreover, I don’t know if it is a link with that but when I start a room with 2, 3, 4… I have some lags, and robotic voices somes times, with hash and sizzle.

2

Precision
With P2P, everything work good.
More than 2 I begin to have some lags, vidéo and audio

3

Am I the only one with this kind of problem ?

I try to disable IPV6 like @damencho said il another post but it don’t change …

jvb log I see some things like this :

020-04-01 07:49:32.177 INFOS: [18] Health.doRun#294: Performed a successful health check in 6ms. Sticky failure: false
2020-04-01 07:49:42.177 INFOS: [18] Videobridge.createConference#326: create_conf, id=44b07f312ed0c52e gid=null logging=false
2020-04-01 07:49:42.182 INFOS: [18] Health.doRun#294: Performed a successful health check in 5ms. Sticky failure: false

please someone can save me :slight_smile:

4

Seems it comes from disk usage …
Jitsi is on VM on a standalone VMWARE with hard disk 10K/mn

I will try with a standard PC with Corei5 8Go RAM et 128 SSD… Hope it will be better…

Hope my tests will help some people cause I’m a bit alone here :slight_smile: