Follow

WebRTC not working in Google Chrome over local network (mDNS)

UPDATE For Chrome versions 86 and Newer (Oct. 2020)

Beginning, with Chrome 86, you must navigate to "chrome://flags" and enable the option "Temporarily unexpire M85 flags" before the option to disable mDNS (described below) will become available.

Orchid Core VMS 2.16.0 is scheduled for release in December 2020 and will include a bundled local STUN server that will eliminate the need to make settings changes in Chrome to correct this issue.

Background

Orchid Core VMS uses WebRTC in order to securely transfer video directly to a client web browser.  As part of the WebRTC protocol, the web browser and Orchid Core VMS negotiate with each other in order to determine the best way to send and receive video.  Part this negotiation includes both parties sending each other a list of all the IP addresses over which they can communicate -- this includes any configured WAN connection, local network connections, WiFi connections, etc.

Through this negotiation process, an Orchid Core VMS server behind a corporate firewall would tell a client web browser accessing from the internet about its local, private IP address(es) -- which is seen by some security experts as a potential vulnerability.  In order to prevent internal IP addresses from "leaking" to web browsers on the internet, newer versions of Google Chrome require that WebRTC servers use anonymized addresses (i.e., mDNS hostnames) only.

Under this scheme, WebRTC servers (like Orchid Core VMS) are required to use mDNS hostnames instead of local IP addresses.  For example, instead of telling Orchid Core VMS that it can send video to address 192.168.103.221, Google Chrome would instead give the address as 1bbabc05-80d2-4386-8e39-9666b53900d0.local.  This ".local" address will resolve to 192.168.103.221, but only for systems on the same local subnet, and only on operating systems which support the mDNS protocol.  Because the mDNS protocol registers addresses only on local networks, these random ".local" addresses reveal no information over the internet and are only meaningful when both the server (Orchid Core VMS) and client (web browser) are on the same local network.

 

When mDNS (and WebRTC) Doesn't Work

In summary, mDNS (and WebRTC) will not work under the following scenarios:

  • Your Orchid Core VMS server and web browser are on different local subnets.  For example, 192.168.1.15/24, and 192.168.20.12/24.  
  • Your Operating System does not support mDNS, or requires a separate package for mDNS support and that package is not installed.  For example, Windows 7 does not natively support mDNS.

Solution

The simplest solution for mDNS problems is to disable mDNS in Google Chrome.  From your client web browser, navigate to the URL "chrome://flags", search for "Temporarily unexpire M85 flags" and verify that the setting is marked enabled.  Relaunch Chrome, and again navigate to "chrome://flags".  Now search for the setting "mDNS", and verify that the setting is marked "Disabled":

QC59ho.png

Relaunch Chrome after verifying that this flag is disabled.

Was this article helpful?
2 out of 2 found this helpful
Have more questions? Submit a request

Comments