Using the reverse proxy and TURN server with Infinity Connect and Lync / Skype for Business clients
Infinity Connect clients can connect directly to a Conferencing Node, but this will not provide a mechanism for balancing load between multiple Conferencing Nodes, or failing over in the event of a node failure. In addition, many customers may deploy Conferencing Nodes in a private network but would like to also provide access to external users using the Infinity Connect Web App.
To resolve these issues, a reverse proxy in the DMZ can be used to forward the HTTPS traffic from the browser to the Conferencing Nodes, and a TURN server can be used to forward media from a private network to the public Internet.
When the reverse proxy has been deployed, Infinity Connect users with WebRTC-compatible browsers can access conferences via https://<reverse-proxy>/webapp/, where <reverse-proxy> is the FQDN of the reverse proxy. This mechanism uses HTTPS for accessing the web pages and conference controls, and RTP/RTCP for the media streams (via a TURN server if necessary).
Note that Microsoft Edge browsers (which are WebRTC-compatible) cannot currently use STUN and thus cannot send media to Pexip Infinity via a TURN server.
(If the reverse proxy is not available, Infinity Connect Web App users can connect via https://<node>/webapp/, where <node> is the IP address or URL of the Conferencing Node, providing the Web App can reach the node's IP address directly.)
The Infinity Connect desktop client and Infinity Connect Mobile client work by sending HTTP GET and POST requests to a specific destination address to fetch information about a meeting (such as the participant list) and to send various commands (such as to mute or remove conference participants).
Clients discover the destination address for those HTTP requests through a custom DNS SRV lookup for _pexapp._tcp.<domain>. For instance, if the Infinity Connect desktop client or Infinity Connect Mobile client has been configured with a meeting URI of firstname.lastname@example.org, it will perform a DNS SRV lookup for _pexapp._tcp.example.com.
For more information, see Setting up DNS records for Infinity Connect Mobile client and Infinity Connect desktop client use.
Note that the Infinity Connect Mobile client will keep polling the reverse proxy periodically to update the participant list for a given virtual meeting room for as long as the application is active.
Microsoft Lync and Skype for Business clients can also use the TURN server to relay media to the Conferencing Node. It may also be necessary to configure Pexip Infinity with the address of a separate STUN server, such as stun.l.google.com, so that each Conferencing Node can discover its reflexive address, which is essential for certain Lync / Skype for Business call scenarios to work correctly.