In the last couple of releases of Slideshow, we have been slowly rolling out a new feature: communication between multiple devices. Using this feature it is possible to do light management and monitoring of multiple devices running Slideshow app, even if they are not on the same local network. But how can two devices communicate with each other if they are not on the same network and without any cloud server? If you are interested in the technical details, this article is for you.
Peer-to-Peer explained
Peer-to-peer (or P2P) communication is a concept in computer networks where the devices (or “peers”) talk directly to each other. It differs from client-server communication, where there is a publicly available server and all clients are talking to the server. In the client-server concept the clients don’t communicate with each other directly.
In peer-to-peer communication, each device can directly communicate with every other device. If one device goes offline (for example it is powered off or there is some network problem), all other devices can still exchange messages with each other.
We have used the peer-to-peer concept in Slideshow app to allow exchange of information between multiple Android devices running Slideshow.
Establishing communication
In order for two devices with Slideshow app to communicate with each other, they first have to discover each other, so they know where (to which IP address and network port) they should send messages. Slideshow automatically sends out an introduction message as a multicast packet, which is delivered to all devices on the same local network (unless it is blocked by router or WiFi). Another device running Slideshow receives this multicast packet, checks if it was sent by a device with the same group code and if yes, they establish a direct communication channel. This method with multicast packets is similar to Bonjour and SSDP protocols.
However, if the devices are not on the same local network, they can’t receive each other’s introduction multicast packet and there is no way for them to directly find out each other’s network address.
In order to solve this, we are hosting a small service on our public servers called tracker. It receives addresses and hashed group codes from individual devices with Slideshow and if the tracker finds that two or more devices have the same group code, it lets them know each other’s addresses. The devices can then establish direct communication using those addresses and they pass the data without using the tracker as a middle man. Thanks to this, the tracker service can be really tiny and doesn’t require many resources on the server, so we can offer it without asking for any kind of payment.
In 99% of the cases the Android devices with Slideshow are behind a router with NAT (Network Address Translation). Establishing direct communication (after they discover! each other’s addresses thanks to the tracker) usually requires a special step to let the router (on at least one side) to pass the traffic without blocking. Slideshow tries to do this using two methods:
- Universal Plug and Play (UPnP) – Slideshow contacts router to allow outside connection to its IP address and port.
- Hole punching – both devices tries to contact each other multiple times, in order to establish entries in the router’s translation table, until one of the routers lets the packet pass,
Remote operations
After the communication between is established, Slideshow automatically informs the other device about its basic state every couple of minutes (this can be used as a light monitoring). There is also the possibility to send basic commands, for example pause/resume content, go to the next media or reload the app.
If the devices are on different networks, we also enabled a special feature called Tunnel web interface. It creates a network tunnel between the two devices, using which a web browser on your computer can access the web interface of Slideshow installed on the remote device. This tunnel uses UDP protocol (as required for the Hole punching method mentioned above) and its transfer speed is usually much lower than the regular network speed. As Slideshow’s web interface is quite lightweight, the tunnel is still fast enough to provide access to all management features.
Security
Allowing a remote connection to any local device is always security-sensitive, that’s why we implemented several security measures:
- Introduction messages are always signed and Slideshow doesn’t respond to any introduction message that was not signed correctly
- Any message from a device that hasn’t introduced itself is ignored
- All data messages are encrypted using public-key cryptography
Thanks to these measures, only devices with the same group code can communicate with each other. You should always keep this group code secret. Additionally, messages to tracker, UPnP and Hole punching are enabled only if you explicitly enable setting “Enable device discovery on the internet”.