Hacker News new | ask | show | jobs
by caio1982 4461 days ago
While I think WebRTC is so fantastic it's nearly magical, I find it incredible how people using/creating it overlook networks' topologies problems that SIP and other VoIP folks already had to deal with (and went crazy doing so) a whole decade ago. NAT issues, STUN, all that is long known and yet I've never seen a fully working solution for peer-to-peer communication that won't be stopped by the simplest firewalls. Does anyone know any other "fix" for these kind of scenario as described in the post?
3 comments
rdtsc 4461 days ago
Because of low barrier to entry people who didn't learn about jitter, network latencies, BSD sockets, etc.

That is the promise of WebRTC -- just a few lines of JS and you've got yourself Google- Hangouts.

One can argue this happens in web frameworks and other technologies that make it easy to get started with, which is a good thing.

But unfortunately a lot of these easy abstractions can't completely abstract away things like speed of light latencies, limitation of network bandwidth, funky NAT setups and so on.

So far there are very few peer peer technologies that work reliably and are successful.

link
cpncrunch 4461 days ago
The problem is that peer-to-peer isn't a very efficient way of doing group video chat to begin with...much better and simpler to just use a central server in that case.
link
makomk 4460 days ago
Yeah. Sadly, in order to protect users against servers MITMing their video chats, the WebRTC spec was crippled to require that the central server in a group video chat have the keys required to MITM it.

I'm unfortunately not joking. The original spec allowed Javascript to directly provide an encryption key; this was removed because someone working for one of the browser vendors argued it would allow companies to MITM video chat (I think it was Google?) In order to make group video chat feasible, this was then replaced with a new feature where the central server sent out a copy of the encryption key over the encrypted RTP channel, meaning it now needed to have the keys to decrypt all the video passing through it.

link
sktrdie 4461 days ago
I think that's the whole point of firewalls, to control incoming and outgoing connections. So peer-to-peer sometimes is simply impossible. TURN actually is just a proxy as far as I know so it's not p2p.

That's why BitTorrent asks to open specific ports in your router, because otherwise you simply can't do p2p.

link