Sal Ammoniac
First question should be, "how much do you trust Ring"?
By adding this device to your network, the only thing stopping what this device can do is the Ring software on the device or your firewall.
Do you have a firewall between the Ring device and the rest of your private network?
The Ring Device can talk to any IP address and port unless your network prevents it. NAT does not prevent making a new connection out to public Internet.
The app on your phone acts the same out to any IP address and port.
Note that you have no control what is being said by the Ring Server, Ring Device or Ring App.
Initial contact
Ring Device --> WiFi --> Internet --> Ring Server
Phone --> LTE/WiFi --> Internet --> Ring Server
The Ring Server now has an open connection from both and knows the Public IP Address & Port each is using.
Traversal Using Relays around NAT (TURN) just became possible.
Ring Device --> WiFi --> Internet --> Ring Server --> Internet --> LTE/WiFi --> Phone
As for why Ring might what to do it this way.
Ring Device --> WiFi --> Internet --> Ring Server --> Internet --> LTE/WiFi --> Phone1
Ring Server --> Internet --> LTE/WiFi --> Phone2
The bandwidth needed from the Ring Device to Ring Server stays the same for any number of phones while the bandwidth needed from Ring Server to phones increases.
Should also note that there is no problems with NAT. The Phone to Ring Server pipe needs to be open for fast response. The Ring Device could open the connection to the Ring Server when door bell button or motion happens.
Note that only the Port to the Ring Server needs to be open for this.
In an effort to reduce the bandwidth needs and delays the Ring Server causes by this relay, the server could try to use
STUN. The Ring Server just needs to pass the Public IP Address & Port of one connection to the other connection. There are two possible paths for
STUN, Phone -> Ring Device & Ring Device -> Phone.
STUN uses the existing ports that are open. The ports used can change each time the pipe is opened.
There is many ways that NAT software can function. Some allow
STUN which is just a change of the incoming Source IP Address in a packet.
Think of the basics of NAT.
For an out going packet, the source address (Ring Device address & port) are replaced by the NAT router's Public Address & Port. The NAT needs to remember the Ring Device Address, Port & the Public router port so that returning packets get directed properly.
For an in coming packet, The destination address (router's Public Address & Port) are replaced by the remembered Ring Device Address & Port.
Router port forwarding & UPnP or NAT-PMP are just presetting setting the remembered Ring Device Address & Port. Using ether while having access to Ring Server makes a possible security hole.
Great software on the Ring device is critical to prevent local network harm.
So Sal, how big a list do you need to put this in the
"NO it is NOT reasonable!" category?
1. Only good as long as Ring exists.
2. Only as secure as Ring makes it.
3. Bandwidth needs hints that processor is too slow to compress video.
4. Choice of Battery life or motion sense.
5. All other problems listed in this thread.