Multiple webrtc servers/workers with 1 port?

mediasoup libraries
1

It is really good to have webrtc server, but it limits to 1 worker/cpu per server/port.
I hope to have multiple workers working on 1 single port.
Then we would listen on 443, with vertical scaling ready.

If it is not supported yet, do we have plan to do so, or it is technically not possible?

2

1 Worker == 1 separate process. Cannot listen in same port (despite its possible in Linux) because connections must be handled by a single Worker and not by anyone.

3

despite its possible in Linux

I guess we need to rewrite most of the things to get it done properly. As I understand, we just need to pass the data around processes, and that could be very difficult with cpp.
I have seen a lot of code being written in rust, if we can completely rebind or rewrite it to rust, would it be easier than cpp to add support for this?

4

Honestly making meriapsup be able to listen on a single UDP and TCP port across different workers/processes is not a goal. mediasoup is efficient thanks to its single thread design, we don’t want to change that just to make it easier for the parent application to handle listening ports. Honestly it’s not that hard to program an application that opens and managed more than one port.

5

Thanks for being clear. More about the idea for this, it is not about parent application to manage more than one port, but:

  • TURN server is needed to support strict NAT users where they can only access port 80, or 443 with TLS. Like a lot of big org or gov have those kinds of strict access rule.
  • Some security certificates like ISO or SOC, are not happy about opening a lot of ports.
6

You can deploy a single TURN server listening in TLS port 443 and make it communicate with N mediasoup workers. This is a common setup.

7

So if I understand correctly, this involves:

  • Configuring mediasoup server-side transports with iceServers
  • Passing the same TURN credentials to the client-side

:small_blue_diamond: Server-side (Node.js with mediasoup)

When creating a WebRTC transport on the server include TURN credentials:

const webRtcTransportOptions = {
  enableTcp: true,
  preferUdp: false,
  initialAvailableOutgoingBitrate: 1000000,

  // Add TURN server(s) here
  iceServers: [
    {
      urls: 'turns:your-domain.com:443?transport=tcp',
      username: 'webrtc',
      credential: 'turnpassword'
    }
  ]
};

Make sure:

  • The TURN server is reachable on port 443 over TCP/TLS

:small_blue_diamond: Client-side (mediasoup-client)

On the client, when creating transports with device.createSendTransport() or device.createRecvTransport(), include the same iceServers:

const transport = device.createSendTransport({
  id,
  iceParameters,
  iceCandidates,
  dtlsParameters,

  // Same TURN config as on the server
  iceServers: [
    {
      urls: 'turns:your-domain.com:443?transport=tcp',
      username: 'webrtc',
      credential: 'turnpassword'
    }
  ]
});
8

Multiple processes listening to a single port with the potential of sniffing and hijacking is never a good idea. Media soup can’t work this way and if it could doesn’t mean it should. These limits are set by operating system and should not even be experimented with.

Cheers.