Configure QUANTEEC for eCDN usage

The QUANTEEC plugin can be used to optimize the performance of video distribution within a company, known as an eCDN (enterprise Content Delivery Network). In your QUANTEEC customer area, you can set up one or more eCDN configurations to suit your needs.

Configure sites and eCDN rules

In the Panel

In the next session of the page called List of sites, you can create specific P2P rules for global use cases, sites, and/or subdomains. This configuration gives you precise control over the way data is exchanged within a corporate network, for example, by limiting P2P data exchanges within a single site with the same public IP address.

Here is a simple example of what an eCDN configuration with multiple sites might look like:

If a subnet is set, a public IP is mandatory. If you do not know the public IP, use "0.0.0.0".

In the plugin

By default, the Quanteec Plugin will not try to use the local private IP. In order to activate the local IP retrieving, an option must be added in the configuration:

let quanteecConfig = {
      quanteecKey:"<enter-your-custom-videoID>",
      videoID:"<enter-your-custom-videoID>",
      useSubnets: true
}

Managing mDNS

By default, WebRTC uses a protocol called mDNS (multicast DNS) to hide the private IP. The protocol allows devices on the same local network to resolve hostnames (e.g., my-device.local) to IP addresses without needing a central DNS server. In WebRTC, mDNS is used to enhance privacy by hiding a user’s real local IP address from websites. Instead of exposing private IPs directly during WebRTC sessions, mDNS generates obfuscated ICE candidates (e.g., 12345.local) that are resolved to private IP addresses only within the local network.

Using mDNS in a corporate network can bring some challenges:

• The private IP are hidden, making it impossible for Quanteec to associate the peers with subnet rules.
• The network might block multicast traffic (common in enterprise networks or restrictive environments), and WebRTC peer connections may fail.
• The protocol only works within the same local network, and if users are on different subnets, the obfuscated addresses cannot be resolved.

Because of that, you might need to disable mDNS in the browser in order for the Quanteec Plugin to perform well in your environment.

When is disabling mDNS NOT needed?

Considering your network architecture, it might not be needed to disable mDNS if:

• mDNS is not blocked in the local network
• users are behind the same router

In these scenarios, the Quanteec Plugin should work just fine without any additional configuration. If at least one of the conditions is not respected, the Quanteec Plugin might fail to create connections and offload the network.

How to disable mDNS?

Disabling mDNS in the browsers depends on the browser and the OS used.

How to disable mDNS in Chrome, Chromium, and Edge

In Chrome-based browsers, mDNS must be disabled by using CLI options or policies.

How to Disable mDNS in Chrome-Based Browsers Using CLI Arguments

This guide explains how to disable mDNS in Chrome-based browsers (such as Google Chrome, Microsoft Edge, or Chromium) by using command-line arguments. Instructions are provided for macOS, Linux, and Windows.

Windows

Steps for Windows

1. Close all instances of Chrome or the Chromium-based browser.
2. Open the Command Prompt:

• Press Win + R, type cmd, and press Enter.

3. Run the following command to start Chrome with mDNS disabled:

"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe" --disable-features=WebRtcHideLocalIpsWithMdns

• If you use another Chromium-based browser, update the path to the browser`s executable.

Optional: Modify the Shortcut

To make this change permanent:

1. Locate the browser shortcut on your desktop, taskbar, or start menu.
2. Right-click the shortcut and select Properties.
3. In the Target field, add the following to the end of the path:–disable-features=WebRtcHideLocalIpsWithMdns. Example: “C:\Program Files\Google\Chrome\Application\chrome.exe” –disable-features=WebRtcHideLocalIpsWithMdns
4. Click Apply and OK.
5. Use this shortcut to launch the browser with mDNS disabled.

MacOS

Steps for macOS

1. Open the Terminal application.
2. Run the following command to launch Chrome with mDNS disabled:

   /Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --disable-features=WebRtcHideLocalIpsWithMdns
3. This will start Chrome with the mDNS feature turned off, exposing local IP addresses directly in WebRTC ICE candidates.

Optional: Create a Persistent Shortcut

If you`d like to make this change permanent:

1. Open the Automator app and create a new application.
2. Add a "Run Shell Script" action with the following command:

   /Applications/Google\\ Chrome.app/Contents/MacOS/Google\\ Chrome --disable-features=WebRtcHideLocalIpsWithMdns
3. Save the application as a custom Chrome launcher and use it to start Chrome.

Linux

Steps for Linux

1. Open a terminal.
2. Run the following command to launch Chrome with mDNS disabled:

   google-chrome --disable-features=WebRtcHideLocalIpsWithMdns
   • If youre using a different Chromium-based browser, replace google-chromewith the appropriate executable name (e.g.,chromiumormicrosoft-edge`).

Optional: Modify the Application Launcher

To make this change persistent:

1. Locate the .desktop file for your browser (usually in /usr/share/applications/ or ~/.local/share/applications/).
2. Open the .desktop file in a text editor.
3. Find the Exec line and append the following argument: `–disable-features=WebRtcHideLocalIpsWithMdns``

Example: Exec=/usr/bin/google-chrome-stable %U –disable-features=WebRtcHideLocalIpsWithMdns

4. Save the file and use the application launcher to start the browser with mDNS disabled.

---

How to Disable mDNS in Chrome-Based Browsers Using Policies

More information about the policy can be found here: https://chromeenterprise.google/policies/#WebRtcLocalIpsAllowedUrls

Windows

Using the Group Policy Editor (For Managed Environments)

1. Download Chrome Policy Templates:

   • Visit Chrome Enterprise Policy Templates and download the policy templates ZIP file.
   • Extract the contents of the ZIP file.

2. Install the Policy Template:

   • Copy chrome.admx from the windows/admx folder to:
     • C:\\Windows\\PolicyDefinitions\ (policy file location).
   • Copy chrome.adml (language file) to:
     • C:\\Windows\\PolicyDefinitions\\<your-language-code>\ (e.g., en-US).

3. Configure the Policy:

   • Open the Group Policy Editor (gpedit.msc).
   • Navigate to:

     Computer Configuration -> Administrative Templates -> Google -> Google Chrome -> WebRTC
   • Find the policy "WebRTC ICE candidate URLs for local IPs".
   • Enable the policy and add the allowed URLs (one per line).

4. Apply the Policy:

   • Run the following command in the Command Prompt to force the policy update:

     gpupdate /force

---

For Local Policy (Single User)

If you do not have Group Policy Editor (e.g., on Windows Home), you can edit the registry manually:

1. Open the Registry Editor:

   • Press Win + R, type regedit, and press Enter.

2. Navigate to the Chrome Policies Registry Key:

   • For Chrome:

     HKEY_LOCAL_MACHINE\\Software\\Policies\\Google\\Chrome
   • For Edge (Chromium-based):

     HKEY_LOCAL_MACHINE\\Software\\Policies\\Microsoft\\Edge

3. Create or Modify the Policy:

   • Create a new String Value named WebRTCLocalIpsAllowedUrls.
   • Set the value to the URLs you want to allow, separated by commas. For example:

     https://example.com,https://quanteec.com

4. Restart the Browser:

   • Relaunch Chrome or Edge for the policy to take effect.

MacOS

Using a Configuration Profile on macOS (For Managed Devices)

1. Create a Configuration Profile:

   • Use a tool like ProfileCreator or create a .mobileconfig file with the following content:

     <?xml version="1.0" encoding="UTF-8"?>
     <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
     <plist version="1.0">
     <dict>
         <key>PayloadContent</key>
         <array>
             <dict>
                 <key>PayloadType</key>
                 <string>com.google.Chrome</string>
                 <key>WebRTCLocalIpsAllowedUrls</key>
                 <array>
                     <string>https://example.com</string>
                     <string>https://quanteec.com</string>
                 </array>
             </dict>
         </array>
         <key>PayloadType</key>
         <string>Configuration</string>
         <key>PayloadUUID</key>
         <string>XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX</string>
     </dict>
     </plist>

2. Install the Profile:

   • Use an MDM tool or manually double-click the .mobileconfig file to install it.

---

For Local Configurations

1. Open the Terminal.

2. Add a plist configuration file at /Library/Managed Preferences/com.google.Chrome.plist with the following structure:

   <plist version="1.0">
   <dict>
       <key>WebRTCLocalIpsAllowedUrls</key>
       <array>
           <string>https://example.com</string>
           <string>https://quanteec.com</string>
       </array>
   </dict>
   </plist>

3. Save the file and restart Chrome for the changes to take effect.

Linux

System-Wide Configuration

1. Edit or Create the Chrome Policy File:

   • System-wide policies are located at:

     /etc/opt/chrome/policies/managed/
   • Create a JSON file, e.g., webrtc_policy.json:

     {
         "WebRTCLocalIpsAllowedUrls": [
             "https://example.com",
             "https://quanteec.com"
         ]
     }

2. Restart Chrome:

   • Close all Chrome instances and relaunch the browser.

---

User-Level Configuration

1. Edit the User`s Policy File:

   • User-specific policies are located at:

     ~/.config/chromium/managed_policies/
   • Add the same JSON configuration as above.

2. Restart Chrome to apply the changes.

Mozilla Firefox

In Firefox, mDNS can be deactivated from embedded configurations.

1. Open Firefox Configuration Settings:

   • Open Firefox.
   • In the address bar, type:

     about:config
   • Press Enter.
   • Accept the warning message that says, "Proceed with Caution."

2. Search for the Allowed Domains Setting:

   • In the search bar, type:

     media.peerconnection.ice.obfuscate_host_addresses.whitelist

3. Modify the Setting:

   • This preference allows you to specify domains for which mDNS is disabled.
   • If the preference does not exist:
     • Click the Add button (+ icon).
     • Choose String as the type.
     • Enter the preference name:

       media.peerconnection.ice.obfuscate_host_addresses.whitelist
   • Set its value to a comma-separated list of domains for which you want to disable mDNS:

     example.com,quanteec.com
   • Domains must be entered without http:// or https://.

4. Restart Firefox:

   • Close all Firefox windows and restart the browser for the changes to take effect.