Why it is needed to open TCP, UDP ports, given in rtcMinPort, rtcMaxPort, to make call.

I am using 49152 - 65535 ports in rtcMinPort, rtcMaxPort. I was talking to the server guy and he said that this is not recommended to open so much ports to public, as it cause security issues.

So I wanted to know why it is needed to open all these ports to make call work. Is it designed that way or I am missing something? Kindly guide.

Previously I was working on a headless-browser based MCU approach and we didn’t open any ports to make call work.

We’ll refactor mediasoup because that server guy said that opening many ports is a security risk.

Please read the docs.

hmmm. Can you please point me in the docs where this is mentioned? I couldn’t find it in docs.

For enterprise usage theres things like TURN relay to workaround firewalls. A quick search around the subject will show you how.

Yes that can be way to go but TURN will cause extra delays which might not be best way to go with for my use case. Was looking for something which is mentioned in this thread:

He’s right in the sense that if you’re exposing many ports that probably means you’re exposing many different services, each with their own risk of a vulnerability.

Mediasoup is just one service, however, that happens to use many ports. There’s no more or less risk than if it was binding to one port.