-
Notifications
You must be signed in to change notification settings - Fork 43
WebRTC private addresses
Santeri Juslenius edited this page Feb 25, 2022
·
7 revisions
Nodes communicate via WebRTC, which implements the ICE (Interactive Connection Establishment) protocol to open connections through firewalls and NATs via a mechanism relying on IP address probing. By default, WebRTC is allowed to probe private addresses.
This behaviour can trigger false-positives for port scanning detection on some web hosts, e.g. Hetzner. Therefore, you may want to disallow it by setting webrtcDisallowPrivateAddresses: true in your broker config. Note that disallowing private addresses might prevent direct connections between peers using IPv4 addresses on your local network.
For client configuration:
"network": {
"webrtcDisallowPrivateAddresses": true // default false
}
For broker configuration:
"client": {
...
"network": {
"webrtcDisallowPrivateAddresses": true // default false
}
}