[libnice] Sharing/Reusing UDP ports for ICE candidates?

Olivier Crête olivier.crete at collabora.com
Fri Feb 28 19:28:04 UTC 2020


Hi,
There is no such thing in libnice. I don't think it's very valuable to do that, opening UDP ports in a firewall costs nothing, and really has no added risk, especially if you target a specific computer. If you were to re-use the port, you'd have to do the filtering in userspace and waste quite a bit of CPU resources.
The one real reason to have multiple connections negotiated from the same local socket is to be able to do SIP call forking, but I haven't seen anyone implement that with ICE.
Olivier
On Fri, 2020-02-28 at 10:43 -0800, Gary Bartlett wrote:
> I'm wondering whether libnice supports the notion of sharing/reusing UDP ports for its ICE candidates, so that only a single (or small set of) UDP ports can be opened up for it in a firewall?
> 
> It sounds like if I reduce the range of available UDP ports by calling nice_agent_set_port_range, then this will limit the number of active sessions, but if the ports were reusable (e.g. using SO_REUSEADDR or SO_REUSEPORT), do you think libnice could handle multiple concurrent connectivity checks and WebRTC sessions on this single (or reduced set of) local port(s)?
> 
> Thanks,
> Gary
> 
> 
> _______________________________________________nice mailing listnice at lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/nice
-- 
Olivier Crête
olivier.crete at collabora.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/nice/attachments/20200228/3f8ba142/attachment.htm>


More information about the nice mailing list