Steps to work behind NAT

[qubex22]

The workaround in this doc https://github.com/bigbluebutton/docker/blob/develop/docs/behind-nat.md is outdated or doesn't work.

What I've done to make it work:

1. The variable EXTERNAL_IPv4 in .env should be the private ip of the host. If you put the public ip and port forward in your router when the packets reach bbb they would be searching for your publicIp:port and finally the result would be port unreachable. (the workaround that adds the public ip to the loopback doesn't fully work if you port forward and NAT)

2. Now freeswitch and mediasoup bind to the private ip, because we have port forwarded every needed udp port 16384-32768 there is no problem. The problem now is that Mediasoup have an "announcedIp" variable that sould ALWAYS be the public ip, if not, webrtc won't work

3. To change this, we should edit the docker-compose.yml at these lines:

MS_WEBRTC_LISTEN_IPS: '[{"ip":"${EXTERNAL_IPv4}", "announcedIp":"x.x.x.x"}]'
MS_RTP_LISTEN_IP: '{"ip":"0.0.0.0", "announcedIp":"x.x.x.x"}'

where x.x.x.x is your public ip

EDIT: 04JUL22 4. As indicated in https://github.com/bigbluebutton/bigbluebutton/issues/17134 these 2 variables in the vars.xml of freeswitch should point to the external ip:

<X-PRE-PROCESS cmd="set" data="external_rtp_ip=autonat:EXTERNAL_IP_ADDRESS"/>
<X-PRE-PROCESS cmd="set" data="external_sip_ip=autonat:EXTERNAL_IP_ADDRESS"/>

I think in next releases this could be sorted out having both variables in the .env file like INTERNAL_IPv4 and EXTERNAL_IPv4 only when the setup is behind NAT

Hope this helps :vulcan_salute: