-
Notifications
You must be signed in to change notification settings - Fork 38
WebRTC private addresses
Paul-Louis Ageneau edited this page Oct 22, 2021
·
5 revisions
Nodes communicate via WebRTC, which implements the ICE (Interactive Connection Establishment) protocol to open connections through firewalls and NATs via a mechanism relying on IP address probing. By default, WebRTC is allowed to probe private addresses.
This behaviour can trigger false-positives for port scanning detection on some web hosts, e.g. Hetzner. Therefore, you may want to disallow it by setting webrtcDisallowPrivateAddresses: true in your broker config. Note that disallowing private addresses might prevent direct connections between peers using IPv4 addresses on your local network.
"network": {
"webRtcDisallowPrivateAddresses": true // default false
}