UDP is preferred over TCP

UDP is preferred over TCP because it will lower the latency of the package transmission that is caused by the differences between both protocols.

Proxies and Package Inspection

No browser supports UDP using Proxies which means that the data needs to bypass the proxy if you want to use UDP. Package Inspection comes with the cost of a higher Latency. Often the Latency is so high, while using package inspection, that it prevents video calls from being established.

WebRTC Terms

STUN Server
A STUN server performs a very simple job, it tells the client what its actual public IP address and Port behind a Network Address Translation (NAT) service. Using a STUN server we can infer if the client accepts Peer to Peer connections from other clients on the Internet.

TURN Server

A TURN server provides a fallback solution for clients that cannot establish a Peer to Peer connection and acts as a media server proxy between the two peers.

Signaling

Signaling is used for the initiation of the video and audio streams between the clients. In xAssist signaling for normal Calls is done via the Frontline Command Center and in case of a Conference Call via the Selective Forwarding Unit.

Interactive Connectivity Establishment (ICE)

WebRTC uses ICE to try and find the best way for the clients (Web and Smart Glasses) to communicate with each other in a call: Peer-to-peer, peer-to-peer with Network Address Translation (NAT) taking place between the clients (with the help of a STUN server), or relayed with the help of a TURN Server.

In the case of normal calls (not conference), the clients' (Smart Glass and Expert via Web-UI) first option is to directly connect peer-to-peer. This option is called HOST.

The next option is to establish a peer-to-peer connection with Network Address Translation (NAT) taking place between the clients. This option is called REFLEXIVE. Therefore, the STUN Server will try to find public IP and port of the Clients that allows peer-to-peer communication between their different local Networks.

The last option is to use a TURN Server that would relay the video and audio streams. This option is called RELAYED.

If the HOST or REFLEXIVE option is available then the video and audio streams are peer-to-peer (with End-to-End Encryption in place) and only very limited communication with the STUN/TURN server should have taken place, to gather the different candidates for the three options.

If neither of the first two options is available (due to symmetric NAT, Firewall, or other issues), the clients will use RELAYED communication via the TURN Server (still with End-to-End Encryption in place).

Selective Forwarding Unit (SFU)

In case of a conference call, each client communicates with the SFU instead of the other clients. The SFU then sends the streams to all other clients that take part in the conference call. As with a normal 1-to-1 call, the communication option to the SFU will be HOST, REFLEXIVE or RELAYED, and the video and audio streams will be End-to-End encrypted between each client and the SFU. That means that the SFU will decrypt the incoming streams and send new encrypted streams to the clients. Therefore the encryption between the client is not end-to-end, rather hop-by-hop encrypted.

Updated on: 14/03/2023