[libnice] Using TURN to enable UDP P2P Communication

[Bryce Allen]

On Fri, 15 Aug 2014 14:05:58 +1000
Scott Richmond <s.t.richmond at gmail.com> wrote:
> 2. Would this work: I use libnice to open UDP ports between two peers
> with the use of a rendezvous server. I then kill the libnice
> process/instance and for the peer that is running the multiplayer
> server I tell it to listen on that port for incoming connections.
> Presumably the remote peer should be able to connect through to the
> listening game server instance with the previously opened ports from
> libnice. Would this be correct?
We used libnice to integrate with an existing application, and closed
the libnice socket and bound to the port it found. This worked fine re
external NAT firewalls, and we were using UDT which already sends
packets to keep the firewall state active.

However we rain afoul of the windows host firewall - if you bind to a
specific port, it pops up a window asking the user if they want to
allow the application to accept incoming connections. This does not
make for a great user experience, since if they say no it won't work
and there is nothing your application can do about it. One solution is
to have the application installer create the firewall rule, so the user
never sees it, but then the installer must run with administrator
permissions. That was an issue for us, so we submitted a patch that
exposes the underlying socket used by libnice
(nice_agent_get_selected_socket), so we could re-use the same socket.
Since libnice binds on any port, it doesn't trigger the windows firewall
in the same way.

For reference:
http://code.google.com/p/chromium/issues/detail?id=116541
http://nice.freedesktop.org/libnice/NiceAgent.html#nice-agent-get-selected-socket

-Bryce
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://lists.freedesktop.org/archives/nice/attachments/20140815/54d36968/attachment.sig>