Introduction
WebRTC (Web Real-Time Communication) enables direct peer-to-peer communication in web browsers and mobile applications without requiring plugins or external software. By 2026, WebRTC powers billions of video calls, live streaming sessions, and real-time applications worldwide.
This comprehensive guide covers WebRTC architecture, the protocols that make it work (ICE, STUN, TURN, RTP, SDP), implementation patterns, and production considerations. Understanding WebRTC is essential for developers building real-time communication applications.
What is WebRTC?
WebRTC is a collection of protocols and APIs that enable real-time audio, video, and data sharing between peers. It provides a standardized way to exchange media streams and arbitrary data directly between browsers and applications.
Core Components
Media Stream API: Access camera and microphone.
RTCPeerConnection: Manage peer-to-peer connections.
RTCDataChannel: Send arbitrary data between peers.
GetUserMedia: Access device media streams.
Key Capabilities
- Peer-to-peer audio and video calls
- Screen sharing
- File transfer
- Data streaming
- Mesh, SFU, and MCU architectures
Architecture Overview
Protocol Stack
Application Layer
|
WebRTC API (JavaScript)
|
Signaling (WebSocket/HTTP)
|
SDP (Session Description)
|
ICE (Interactive Connectivity)
|
STUN / TURN
|
DTLS (Datagram Transport Layer)
|
SRTP (Secure RTP)
|
ICE/UDP or ICE/TCP
Connection Flow
Peer A Signaling Peer B
| | |
|------ Offer (SDP) ---->| |
| |------ Offer (SDP) --->|
| | |
|<--- Answer (SDP) -------| |
|<--- Answer (SDP) -------| |
| | |
|======= ICE Candidates ==|<==== ICE Candidates ==|
| | |
|========= DTLS Handshake ========================|
| | |
|<====== Media Streams (SRTP) ====================>|
| | |
|========== Data Channel ========================>|
Session Description Protocol (SDP)
SDP describes multimedia sessions for negotiation between peers.
SDP Structure
v=0
o=- 7027864585432175469 2 IN IP4 127.0.0.1
s=-
t=0 0
a=group:BUNDLE 0 1 2
a=extmap-allow-mixed
a=msid-semantic: WMS *
m=audio 9 UDP/TLS/RTP/SAVPF 111 103 104 9 0 8 106 105 13 110 112 126 97 98
c=IN IP4 0.0.0.0
a=rtcp:9 IN IP4 0.0.0.0
a=ice-ufrag:xyz123
a=ice-pwd:abcdefghijklmnopqrstuvwxyz
a=rtpmap:111 opus/48000/2
a=rtcp-fb:111 transport-cc
a=fmtp:111 minptime=10;useinbandfec=1
Key Attributes
o= (Origin): Session identifier and version.
m= (Media Description): Media type, port, transport, codecs.
c= (Connection): Network connection information.
a= (Attributes): Media attributes, encryption, etc.
Creating Offer/Answer
// Create offer
const offer = await peerConnection.createOffer({
offerToReceiveAudio: true,
offerToReceiveVideo: true
});
await peerConnection.setLocalDescription(offer);
// Send offer to peer via signaling
// Receive answer
await peerConnection.setRemoteDescription(answer);
Interactive Connectivity Establishment (ICE)
ICE is the protocol that enables peers to discover and establish direct network paths.
ICE Candidates
a=candidate:1 1 UDP 2130706431 192.168.1.100 49170 typ host
a=candidate:2 1 UDP 1694498815 203.0.113.50 49171 typ srflx raddr 192.168.1.100 rport 49170
a=candidate:3 1 UDP 847250719 10.0.0.50 49172 typ relay raddr 203.0.113.50 rport 49173
Candidate Types
host: Local network address (highest priority).
srflx (Server Reflexive): Public address from STUN.
prflx (Peer Reflexive): Public address learned from peer.
relay: Address from TURN server (lowest priority).
ICE Process
const pc = new RTCPeerConnection({
iceServers: [
{ urls: 'stun:stun.example.com:3478' },
{ urls: 'turn:turn.example.com:3478', username: 'user', credential: 'pass' }
]
});
// ICE candidate events
pc.onicecandidate = (event) => {
if (event.candidate) {
sendToPeer({ type: 'candidate', candidate: event.candidate });
}
};
pc.addIceCandidate(candidate);
STUN Protocol
STUN (Session Traversal Utilities for NAT) helps peers discover their public IP addresses.
STUN Request/Response
Client STUN Server
| |
|--- Binding Request ----->|
| (transaction ID) |
| |
|<-- Binding Response -----|
| (mapped address) |
| (source address) |
Python STUN Client
import socket
STUN_SERVER = 'stun.l.google.com'
STUN_PORT = 19302
def get_public_ip():
transact_id = b'\x00\x12\x00\x00'
magic_cookie = b'\x21\x12\xa4\x42'
request = transact_id + magic_cookie
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
sock.sendto(request, (STUN_SERVER, STUN_PORT))
response, _ = sock.recvfrom(512)
return response
# Parse XOR-MAPPED-ADDRESS from response
TURN Protocol
TURN (Traversal Using Relays around NAT) provides relay servers when direct connection is impossible.
When TURN is Needed
- Symmetric NAT
- Both peers behind NAT
- Firewall blocks UDP
- Enterprise proxy scenarios
TURN Server Setup
# Using pyturn library
from pyturn.server import TurnServer
server = TurnServer(
listening_port=3478,
listening_ip='0.0.0.0',
auth_callback=check_credentials,
realm='myrealm'
)
server.run()
RTP and SRTP
RTP (Real-time Transport Protocol) carries media streams. SRTP secures them.
RTP Packet Format
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|V=2|P|X| CC |M| PT | Sequence Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Timestamp |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Synchronization Source (SSRC) identifier |
+---------------------------------------------------------------+
| Payload |
+---------------------------------------------------------------+
WebRTC SRTP
// WebRTC uses SRTP by default
const pc = new RTCPeerConnection({
// SRTP is negotiated automatically
});
Implementation Examples
Basic Video Call
const pc = new RTCPeerConnection({
iceServers: [{ urls: 'stun:stun.l.google.com:19302' }]
});
const localStream = await navigator.mediaDevices.getUserMedia({
video: true,
audio: true
});
localStream.getTracks().forEach(track => {
pc.addTrack(track, localStream);
});
pc.ontrack = (event) => {
remoteVideo.srcObject = event.streams[0];
};
const offer = await pc.createOffer();
await pc.setLocalDescription(offer);
sendToSignaling(offer);
Data Channel
const dataChannel = pc.createDataChannel('myData', {
ordered: false,
maxRetransmits: 0
});
dataChannel.onopen = () => {
dataChannel.send('Hello!');
};
dataChannel.onmessage = (event) => {
console.log('Received:', event.data);
};
Security Considerations
DTLS Handshake
pc.oniceconnectionstatechange = () => {
console.log('ICE State:', pc.iceConnectionState);
};
const fingerprint = pc.getRemoteCertificates()[0].fingerprint;
Best Practices
- Verify ICE candidates from authorized sources
- Limit data channel message sizes
- Use authentication for data channels
Scalability Architectures
Mesh (P2P)
Each peer connects to every other peer. Good for small groups (2-4).
SFU (Selective Forwarding Unit)
Central server forwards streams. Very scalable (10-100+ participants).
MCU (Multipoint Control Unit)
Central server mixes streams. Provides composite output.
Best Practices
- Use TURN for production reliability
- Implement connection quality monitoring
- Use simulcast for video calls
- Implement bandwidth adaptation
- Handle network transitions gracefully
Conclusion
WebRTC has matured into the standard for real-time communication on the web. Its collection of protocolsโICE for connectivity, STUN for NAT traversal, TURN for relay, RTP for media, and DTLS for securityโwork together to enable peer-to-peer communication in challenging network environments. Understanding these protocols enables developers to build robust real-time applications.
Comments