Hi Greg, >> I have run two Chrome browsers each behind their own Linux NAT. I have >> then tried to instruct them to establish a P2P connection with each >> other using WebRTC. WebRTC is a standard framework that allows P2P >> communication between browsers and which is available from JavaScript. >> >> It turned out that the two browsers were not able to establish a P2P >> connection. > We use WebRTC extensively in our product and it *requires* ICE/TURN for this > exact reason. With standard outbound NAT / masquerading this works as-is. > Not sure why you are not doing that..? Thank you for confirming that TURN is needed in order to have two clients behind two standard Linux NATs communicate with WebRTC. TURN is expensive in terms of bandwidth and server resource usage because TURN tunnels all the traffic between the two clients through a server. And it seems to me that this is only needed due to a somewhat odd behavior of the Linux NAT as demonstrated in my message... Best, Christian -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
