Hope there’s a good soul who could point me in the right direction to understand if problems are expected to block deployment or not.
- Sizing; 2-5 users (family & friends)
- Utilization - rare (one or two calls a day, not long) - hence rare use.
- JItsi to be placed as docker image on the SystemA
- SystemA is behind router (local IP, but port forwarding not an issue).
- ClientA will be browser sitting on SystemA
- Other clients will be remote over WAN/Internet.
a) STUN might get confused as ClientA will have LAN IP.
b) considering Jitsi would be in docker maybe having ports mapped and not bridged/host networking - could help (TBC).
c) because of A, call might be pushed to TURN.
d) with 1o1 call - not much of a problem re bandwidth.
e) biggest question is how connections will work in terms of call with i.e. 3 participants (where one of them is ClientA - on same system as SystemA/Jitsi in docker).
Did my RTFM but probably (hope not) not enough, i.e.
Expectation is that STUN will fail in case if ClientA is involved, but will all participants get audio/video via TURN or only to/from ClientA? This is where I’m confused the most.
Understanding is that in case of a call without ClientA - STUN will work and no TURN will be in use (assuming these clients have all requirements in terms of NAT, etc. to allow use of STUN).
From networking side the idea is to somehow enforce hairpinning (as on GCNAT) with use of iptables, i.e. by user initiating session, to SNAT packets with destination to local IP, etc. biggest problem am seeing is that it is all on the very same system, so the only option might be to use pre-routing chain (not sure if possible at all, even if multiple IPs would be used on single interface - it will be still same IP stack on localhost).
The need is to avoid setting up Jitsi in thirdparty location or on separate system from SystemA.
Context: SystemA function is to literally run Jitsi “server” and browser in kiosk mode to be connected to call upon a trigger.
Any ideas are more than welcome on how to set it up.