I am writing WebRTC application for windows. My scenario is like:
LAN is default network interface for all applications.
System has more than one network interfaces like LAN and Wifi or usb modem.
WebRTC Signaling should use LAN & media (peer-to-peer connection) should use Wifi network. So that application can get fast network access for media communication.
Question- How to replace the Wifi Ip Address from LAN IP Address for media
communication (peer-to-peer connection)?
My observation is:
It is possible to print Private and Public ICE candidates as per blow code.
pc.onicecandidate = function(evt) {
if (evt.target.iceGatheringState == "complete") {
local.createOffer(function(offer) {
console.log("Offer with ICE candidates: " + offer.sdp);
signalingChannel.send(offer.sdp);
});
This code prints below info in my case.
Private ICE candidate (192.168.1.73:60834) for the peer
Public ICE candidate (50.76.44.100:69834) returned by the STUN server.
Now how to replace the Private ICE conditate (IP Address) to Wifi (IP Address)?
Could you please suggest any solution?
Related
For a WebRTC peer connection between a mobile client and a media server, would we need a TURN server if the media-server has a public IP and is not sitting behind a NAT?
In the WebRTC signalling process, I have to find my own public IP address with my port by doing a request to a STUN server. But does it really need to be this complex?
Couldn't I just send a request to the router of my subnet and get its IP address and the port it opened for me? Or even better, I store directly my public address in my computer and the router notifies me whenever it changes. The browser would give an API to get this public address directly. No need to use a STUN server. Why don't we do this instead?
Thank you for your help.
These are all great questions.
Couldn't I just send a request to the router of my subnet and get its IP address and the port it opened for me?
There's an old protocol called uPnP that will dynamically open a port mapping for you - provided the router supports it. A lot of routers used to support it. Not sure how standard it is now.
Even if routers were intelligent and there was a standard signaling mechanism in place, STUN (or something equivalent for STUN is still needed) for the following scenario.
Carrier NAT is when your ISP is sharing a public IP address with multiple routers. That is, your router's public IP address as configured by the ISP when it starts, is really just another private IP address. Upstream, there's a "bigger router" that is sharing the public IPv4 address with multiple other customers. That is, your PC might think it's IP address is 192.16.1.2, and your router reports that it's own IP address is 10.0.0.2. And the actual public IP address, 1.2.3.4, is shared with other customers. STUN solves this problem because the outbound packet to the public STUN server will go through both NATs - creating port mappings along the way.
Or even better, I store directly my public address in my computer and the router notifies me whenever it changes
Because establishing an effective P2P/WebRTC connection is more than knowing your public IP Address. It also involves knowing what "port" to use as well. While most routers will attempt to preserve the local port of the socket the client PC is using in the mapping (e.g. 10.0.0.2:9876 maps to 1.2.3.4:9876). This isn't always the case - another node could be using port 9876 on your network and/or many NATs just pick a randomly available port for the mapping. At the end of the day, you have to signal to the other side of your P2P/WebRTC connection "which IP" and "which port" to use.
The browser would give an API to get this public address directly.
There are plenty of sites such as whatismyipaddress.com that will tell you your IP address. But if there's a HTTP proxy server involved (explicitly configured on the PC or silently deployed on the network), the web service will only see the proxy IP address. Further HTTP(S) is a TCP based protocol. STUN and WebRTC are UDP based.
I have been able to connect peer to peer device using webrtc. The question in my mind is that the RTCPeerConnection()- here we pass the stun/turn urls. But it is also working when nothing is passed !
I would like to know is it using google stun server internally and if yes why is it not mentioned in any of their documentations.
peerConnection = new RTCPeerConnection();
peerConnection.setRemoteDescription(description)
.then(() => peerConnection.createAnswer())
.then(sdp => peerConnection.setLocalDescription(sdp))
.then(function () {
socket.emit('answer', id, peerConnection.localDescription);
});
peerConnection.ontrack = function(event) {
video.srcObject = event.streams[0];
};
peerConnection.onicecandidate = function(event) {
if (event.candidate) {
socket.emit('candidate', id, event.candidate);
}
1) You don't need STUN server in local network.
2) STUN server is used by device to access own public address. (As both device are on differnet network they can't connect to each other because they don't know each other public IP address. If they know each other public IP address, they can establish P2P connection)
3) TURN server is used as backup server. (When UDP hole punching dosen't work). TURN server traverse whole data because P2P connection cannot be established.
If your testing on local network then there is no need of STUN server.
To use STUN server you do need to specify IP address.
I understand the purpose of STUN and TURN servers and their use in WebRTC, but I don't fully get:
If I as a WebRTC client have already logged in to use the WebRTC service, wouldn't this service already have my public IP address? Why does it need to be found a second time by the STUN server?
Short answer: Because Proxies and NATs.
Lots of reasons:
The web server knows your public IP address for the established TCP connection, but for the subsequent P2P communications over UDP, it doesn't know how your local NAT will map the port (or which port its using).
You could be on a network in which all HTTP/HTTPS traffic goes over a proxy. Hence, the WebRTC service only knows the address of your proxy.
The WebRTC service itself could have a front end load balancer. Hence, it only knows the IP address of the load balancer.
The two endpoints attempting to do a WebRTC session may actually be behind the same NAT. Hence, the public IP address isn't as useful.
But the primary reason is around port prediction as discussed in #1 above. Address exchange over ICE or WebRTC involves not just exchanging IP Addresses, but also, UDP ports as well. Even if the web server knows the client's actual IP address, the web server can not infer what UDP port it will use for media traffic.
I have a WebRTC MCU (kurento) running on a public IP address
serving some clients that only send or only receive audio
So every clients is directly connected with MCU (not with each other ) that has a public IP address .
Q1: Is there still a necessity to use STUN and TURN for NAT traversal ?? if so Why ??
Q2: Is there any hack in WebRTC in browser that would remove the need for STUN and TURN ?
In my opinion : most of client-server architectures do not have any difficulty with clients behind NAT .What's the difference here with webrtc?
Yes ICE is absolutely must for WebRTC.
Q1: Is there still a necessity to use STUN and TURN for NAT traversal
?? if so Why ??
For your scenario you don't need to use STUN or TURN. Let me explain why.
Every client that are in private network is under some kind of NAT which has a public IP address. Outside world doesn't know this client's private IP address and even if they knew they can't connect with the client without knowing that public IP address. STUN server is used to gather this public IP address.
So if your server wants to initiates the connection then it needs the client to send its NAT's public IP. Client will use STUN server to know its public IP and send it to the server. But if client initiates the connection then there is no need to know the NAT's public IP. Client can send packets to the public server to initiate the connection. Server can know the cilents public IP from the clients packet and then they can connect. So no need for STUN.
Your server is doing TURN's role in this scenario. So you don't need TURN server.
Q2: Is there any hack in WebRTC in browser that would remove the need for STUN and TURN ?
There is no hack. Depending on scenarios TURN/STUN is used. For your scenario you don't need. If you wanted to make client-client connection then you would have needed STUN server.
ICE is mandatory
but using any stun and turn server is not.
since you are connecting to a server on a public port, you NEVER need to use a TURN server, but depending the kind of NAT/Firewall your clients are behind, you might need a STUN server
you do not need to modify the browsers at all. The application decides wether to use a stun server or not. if you pass an empty "iceservers" parameter to your peerconnection object at creation, the ICE UA in your browser will only generate host (local) candidates.