I have a jitsi meet server setup with multiple video bridges. Jitsi meet server goes through our external firewall and 1:1 NATd. Generally, everything is working just fine. However I have noticed in packet captures that the user machines are attempting to communicate to the private interface of the video bridges (and failing, obviously) prior to communicating with the public NAT interface.
setup (obfuscated IPs… etcc):
jitsi meet server -
- local. 10.0.0.1 / public 184.108.40.206
- firewall rule - allow tcp 443 from outside -> inside
jitsi video bridge -
- local. 10.0.0.2 / public 220.127.116.11
- firewall rule - allow udp 10000 from outside -> inside
I’ve seen some other people that have noted similar behavior but I have not seen a resolution to it yet. Is this a normal process? Or, should the user machines only be trying to connect to the public front-end and not see traffic trying the local interface first?
Video sessions work and don’t get kicked off or anything, this just seems odd. Am I missing anything?