WebRTC private addresses

Nodes communicate via WebRTC, which implements the ICE (Interactive Connection Establishment) protocol to open connections through firewalls and NATs via a mechanism relying on IP address probing. By default, WebRTC is allowed to probe private addresses.

This behaviour can trigger false-positives for port scanning detection on some web hosts, e.g. Hetzner. Therefore, you may want to disallow it by setting webrtcDisallowPrivateAddresses: true in your broker config. Note that disallowing private addresses might prevent direct connections between peers using IPv4 addresses on your local network.

"network": {
    "webrtcDisallowPrivateAddresses": true // default false
}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

WebRTC private addresses

Uh oh!

Uh oh!

Clone this wiki locally