[Solved] Help with configuration extra bridges

Hey Guys

I installed my jitsi meet server, configured auth with ldap. Server is behind NAT. My Firewall forwards ports : 80 (for lets encrypt), 443 and 10000. I wanted to add extra videobridges because there is possibility that I will run out of resources on one server.

I made configuration from that link :

My servers config looks like that :
rg.ice4j.ice.harvest.DISABLE_AWS_HARVESTER=true
org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES= deleted this as new user can write only 2 links :slight_smile:
org.jitsi.videobridge.ENABLE_STATISTICS=true
org.jitsi.videobridge.STATISTICS_TRANSPORT=muc
org.jitsi.videobridge.xmpp.user.shard.HOSTNAME=MY_DOMAIN_SERVER_FULL_FQDN
org.jitsi.videobridge.xmpp.user.shard.DOMAIN=auth.FULL.DOMAIN_FQDN
org.jitsi.videobridge.xmpp.user.shard.USERNAME=jvb
org.jitsi.videobridge.xmpp.user.shard.PASSWORD=s6EjCE8O
org.jitsi.videobridge.xmpp.user.shard.MUC_JIDS=JvbBrewery@internal.auth.FULL_DOMAIN_FQDN
org.jitsi.videobridge.xmpp.user.shard.MUC_NICKNAME=65312d6c-4b17-4378-b76f-9b9ea840a0d2
org.jitsi.videobridge.xmpp.user.shard.DISABLE_CERTIFICATE_VERIFICATION=true
org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=<192.168.18.2>
org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=

My extra videobridge config :
rg.ice4j.ice.harvest.DISABLE_AWS_HARVESTER=true
org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES=meet-jit-si-turnrelay.jitsi.net:443
org.jitsi.videobridge.ENABLE_STATISTICS=true
org.jitsi.videobridge.STATISTICS_TRANSPORT=muc
org.jitsi.videobridge.xmpp.user.shard.HOSTNAME=FULL_DOMAIN_FQDN
org.jitsi.videobridge.xmpp.user.shard.DOMAIN=auth.FULL_DOMAIN_FQDN
org.jitsi.videobridge.xmpp.user.shard.USERNAME=jvb
org.jitsi.videobridge.xmpp.user.shard.PASSWORD=s6EjCE8O
org.jitsi.videobridge.xmpp.user.shard.MUC_JIDS=JvbBrewery@internal.auth.FULL_DOMAIN_FQDN
org.jitsi.videobridge.xmpp.user.shard.MUC_NICKNAME=65312d6c-4b17-4378-b76f-9b9ea840a0d2
org.jitsi.videobridge.xmpp.user.shard.DISABLE_CERTIFICATE_VERIFICATION=true
org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=<192.168.18.2>
org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=

I watched logs, and it looks like service is started.

When I shutdown jitsi videobridge2 service on Jitsi Meet server, my connections goes with extra videobridge (I see that in connection details). It use my local IP (I test it from same network) and UDP 10002. When I try to connect for example with mobile by LTE, I have problem with audio and video. All I see on mobile is my camera and connected users (only info about them). On desktop, connection from mobile is also empty…

What did I missed : I forwarded 10002 port for that host (virtual IP)

Thank You for help

How did you set UDP/10002 for the second JVB?

The current issue is not related in this but IIRC, MUC_NICKNAME must be different.

My fault, I pasted wrong config.
Here is extra videobridge config

org.ice4j.ice.harvest.DISABLE_TCP_HARVESTER=true
org.jitsi.videobridge.ENABLE_STATISTICS=true
org.jitsi.videobridge.STATISTICS_TRANSPORT=muc
org.jitsi.videobridge.xmpp.user.shard.HOSTNAME=FULL DOMAIN FQDN
org.jitsi.videobridge.xmpp.user.shard.DOMAIN=auth.DOMAIN_FQDN
org.jitsi.videobridge.xmpp.user.shard.USERNAME=jvb
org.jitsi.videobridge.xmpp.user.shard.PASSWORD=s6EjCE8O
org.jitsi.videobridge.xmpp.user.shard.MUC_JIDS=JvbBrewery@internal.auth.DOMAIN_FQDN
org.jitsi.videobridge.xmpp.user.shard.MUC_NICKNAME=43e61240-4d19-4055-bd3e-572717e1f1dc
org.jitsi.videobridge.xmpp.user.shard.DISABLE_CERTIFICATE_VERIFICATION=true
org.jitsi.videobridge.SINGLE_PORT_HARVESTER_PORT=10002
org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=<192.168.18.4>
org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=

Could you check the output IP and the resolved IP? Are they same?
I mean

curl ifconfig.me

host YOUR_DOMAIN_FQDN

I can confirm that my server and extra videobridge shows same IP. I used this script:ifconfig.co (IP address match my host FQDN).

When I join rooms, I do that from internet side (accesing web page published on internet and then join…only locals works)

Does it work for the external users when the NAT_HARVESTER lines are disabled and the STUN line is enabled?

#org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=192.168.18.4
#org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=...
org.ice4j.ice.harvest.DISABLE_AWS_HARVESTER=true
org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES=...

what I should place here ? my public IP ?
Stun…You mean in prosody ? in p2p and line other ?
Now I get it,I have this line :
org.ice4j.ice.harvest.STUN_MAPPING_HARVESTER_ADDRESSES=meet-jit-si-turnrelay.jitsi.net:443

From what I saw in jvb.log it fails

What is the log?

Sorry for long Time I responds, but I wanted to get those logs yesterday and I launched conference and all started to work. Problem was some security profiles on UTM. Now every thing works like it should. We looked into logs on UTM before and there was nothing wrong. I asked security member to disable all security profiles because IP check script didnt worked… And then this happend. So problem is solved. Thank You for Your responds