IETF Logo Mail Archive

Re: [AVT] draft-ietf-avt-ports-for-ucast-mcast-rtp-04: Review Comments [csp]

"Ali C. Begen (abegen)" <abegen@cisco.com> Thu, 02 December 2010 17:46 UTC

Return-Path: <abegen@cisco.com>
X-Original-To: avt@core3.amsl.com
Delivered-To: avt@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 80DF23A6998 for <avt@core3.amsl.com>; Thu, 2 Dec 2010 09:46:41 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.364
X-Spam-Level:
X-Spam-Status: No, score=-10.364 tagged_above=-999 required=5 tests=[AWL=0.235, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZN0wWsChkNAr for <avt@core3.amsl.com>; Thu, 2 Dec 2010 09:46:40 -0800 (PST)
Received: from sj-iport-6.cisco.com (sj-iport-6.cisco.com [171.71.176.117]) by core3.amsl.com (Postfix) with ESMTP id 67F193A6979 for <avt@ietf.org>; Thu, 2 Dec 2010 09:46:40 -0800 (PST)
Authentication-Results: sj-iport-6.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AvsEANpq90yrRN+J/2dsb2JhbACjI3GnZ5sjAoVFBIReiR8
X-IronPort-AV: E=Sophos;i="4.59,289,1288569600"; d="scan'208";a="629634537"
Received: from sj-core-3.cisco.com ([171.68.223.137]) by sj-iport-6.cisco.com with ESMTP; 02 Dec 2010 17:47:56 +0000
Received: from xbh-sjc-231.amer.cisco.com (xbh-sjc-231.cisco.com [128.107.191.100]) by sj-core-3.cisco.com (8.13.8/8.14.3) with ESMTP id oB2HluR3007467; Thu, 2 Dec 2010 17:47:56 GMT
Received: from xmb-sjc-215.amer.cisco.com ([171.70.151.169]) by xbh-sjc-231.amer.cisco.com with Microsoft SMTPSVC(6.0.3790.4675); Thu, 2 Dec 2010 09:47:56 -0800
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable
Date: Thu, 02 Dec 2010 09:47:54 -0800
Message-ID: <04CAD96D4C5A3D48B1919248A8FE0D540DC93D22@xmb-sjc-215.amer.cisco.com>
In-Reply-To: <4CF7D54A.5000900@ericsson.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [AVT] draft-ietf-avt-ports-for-ucast-mcast-rtp-04: Review Comments [csp]
Thread-Index: AcuSRS7lxNs0rTKeS5yDK3BNtPorKAAArhcQ
References: <4CF3BAB3.2000501@ericsson.com> <04CAD96D4C5A3D48B1919248A8FE0D540DC93041@xmb-sjc-215.amer.cisco.com> <EDC0A1AE77C57744B664A310A0B23AE21E36365E@FRMRSSXCHMBSC3.dc-m.alcatel-lucent.com> <396D3FC7-9DA5-416E-9883-7FABD7234652@csperkins.org> <04CAD96D4C5A3D48B1919248A8FE0D540DC93B87@xmb-sjc-215.amer.cisco.com> <4CF7A62A.808@ericsson.com> <04CAD96D4C5A3D48B1919248A8FE0D540DC93C63@xmb-sjc-215.amer.cisco.com> <4CF7D54A.5000900@ericsson.com>
From: "Ali C. Begen (abegen)" <abegen@cisco.com>
To: Magnus Westerlund <magnus.westerlund@ericsson.com>
X-OriginalArrivalTime: 02 Dec 2010 17:47:56.0269 (UTC) FILETIME=[0D3EF9D0:01CB9249]
Cc: Colin Perkins <csp@csperkins.org>, IETF AVT WG <avt@ietf.org>
Subject: Re: [AVT] draft-ietf-avt-ports-for-ucast-mcast-rtp-04: Review Comments [csp]
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Audio/Video Transport Working Group <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/avt>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Dec 2010 17:46:41 -0000

> >> - Reusing a unicast session for different multimedia session, which I
> >> think implies having them share the FTap.
> >
> > This is not a problematic case, either.
> 
> I am not agreeing fully. There need to be some consideration here for
> it. Because you need to know which session the incomming UDP data
> relates to. For example if one has an ongoing RAMS burst for one channel
> and then sends a NACK request or another RAMS request and request to use
> the same unicast session it is not obvious that the data is
> distinguishable from one channel to the other. Thus clearly
> consideration should be done here. like alternating between two
> different unicast sessions with RAMS requests to avoid overlap.

Such considerations are discussed in the RAMS draft. If the (feedback) port on the server is shared among multiple RTP sessions, then the client has to know the SSRC of the media stream(s) it wants to acquire. If SSRCs are not available in the SDP, that port cannot be shared.

I don't think that discussion belongs in here.
 
> >> - Reuse over time of the port for different services. (which is the one
> >> I think Colin was going after).
> >
> > OK, this is interesting. Lets discuss it. Remember that the PT port (server side) is advertised in the SDP at media or session
> level.
> >
> > If advertised at the media level, PT is the port where the clients (who plan to start that particular unicast session with the
> server) send their token request message. This is illustrated in the SDP example in the draft.
> >
> > If advertised at the session level, PT will be the port for obtaining a Token for any unicast session that is run between the
> server(s) and clients. Recall that existence of the 'portmapping-req' attribute indicates that a Token is required for all unicast
> sessions. Note that different unicast session may have different server addresses, the attribute above only indicates the
> common port for them.
> >
> 
> Yes, I agree that all the tools are available for getting things to
> work. However, there needs text to point out when a client should use
> new local ports to create new unicast sessions to an server. This

The local port management is a client issue. The client follows the conventional rules of using the same port for different RTP sessions. If there is a risk that the traffic will still leak, it has naturally to use a different local port.

> becomes more or less important dependent on how much co-locating is
> happening on the server side when it comes to the RTCP feedback port.
> Preferably none.

Server ports are declarative and it does not matter what the client does on its own side.
 
> I also feel that you are missing the issue with time. If a service exist
> for 2 hours on friday between 18-20. Then another service is started at
> 21.00 on friday and happens to reuse the port numbers, but is actually
> another service instance. Then the token from service one may or may not
> still be valid depending if service 1 and 2 share token generator and
> key or not.

It is simple. If it is a new service and the server wants the client to get a new token, it will reject the current one. Or, the server could have issued the token in such a way that it would  expire by 6pm.

> In this case it would be best if the token generation for service one is
> set so that the token will not last beyond the service it intends to
> service.

Indeed. Added this.
 
> There is also a security perspective, if one expect clients to be of a
> non all ways on kind, then a particular IP address may first used by
> host A and later by host B. Thus potentially allowing A to DoS host B
> unless the token is short lived. But I think I brought this up otherwise.

Indeed and I think we covered this sufficiently.

Thanks.
-acbegen
 
> Cheers
> 
> Magnus Westerlund
> 
> ----------------------------------------------------------------------
> Multimedia Technologies, Ericsson Research EAB/TVM
> ----------------------------------------------------------------------
> Ericsson AB                | Phone  +46 10 7148287
> Färögatan 6                | Mobile +46 73 0949079
> SE-164 80 Stockholm, Sweden| mailto: magnus.westerlund@ericsson.com
> ----------------------------------------------------------------------

v2.23.0 | Report a Bug | By Email