IETF Logo Mail Archive

Re: [AVTCORE] Working Group Last Call on "Multiplexing Scheme Updates for QUIC"

Jonathan Lennox <jonathan.lennox@8x8.com> Fri, 20 May 2022 20:18 UTC

Return-Path: <jonathan.lennox@8x8.com>
X-Original-To: avt@ietfa.amsl.com
Delivered-To: avt@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 080B0C1D5ABE for <avt@ietfa.amsl.com>; Fri, 20 May 2022 13:18:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=8x8.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BzAzrtBc2ojK for <avt@ietfa.amsl.com>; Fri, 20 May 2022 13:18:24 -0700 (PDT)
Received: from mail-qk1-x730.google.com (mail-qk1-x730.google.com [IPv6:2607:f8b0:4864:20::730]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 48127C1D5ABB for <avt@ietf.org>; Fri, 20 May 2022 13:18:24 -0700 (PDT)
Received: by mail-qk1-x730.google.com with SMTP id i68so7029333qke.11 for <avt@ietf.org>; Fri, 20 May 2022 13:18:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=8x8.com; s=googlemail; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=bTnSdjnzrYtWx1Vu9GR1jQU0Py/A9mc+9TlD0nYzFn0=; b=S3Lmrz0LI73UPrkWbes+15QG6DxStkrSdvUhKMelRxHQGjYcCztds7iVajGZ2sz8Oa Mihy6nvOeg5RSMkpJ3A/sJfAx23igFiQGKQiuuW8R9ZgLCscgugo3cFF5F9vqMAB+GC3 w77/shl1lw4GSmADafoOM95cmY4bOIbOZSzXI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=bTnSdjnzrYtWx1Vu9GR1jQU0Py/A9mc+9TlD0nYzFn0=; b=MUlxXijhx+qC/bubh8P7rN1JYxrXtXgiExQdVn7LqOzU3IaBd8DZmVakqrklk55HIG 0HjWKxZPDwkBD44G7VIevGRZgUEufIc0iU33WieTVaE3oFGbs37jg6MtYqTDlB40O2BC sHFvnNOLb5qDg7abCBdidQYCzEj8d4NwpTr6YHeEObLaeLRO9lw41Oyqn4/J08P2e3sD +RaSv8PR3jt7jGlLSjJFnqjjP45UcMTRLG5Vwf21b3Tm71UOnnQpIwB0ZfUZkx4Zwam6 v2+i7ZkEA8X8Qae8OJ9gY9WSkcJ5zBPtWyiqsODMoXKsfPdZBr0mYAeZ2TQbhpDkOTCK 3oVg==
X-Gm-Message-State: AOAM530gjXvLQOghTI/xsPSIv9Jct1uwgjiQ7GmwjYWGwZnUjjuxIDGN MgPy8OsJ8hBixZVn1RaOkHDHbg==
X-Google-Smtp-Source: ABdhPJzSHWQvO1exa8zrndwJylWwV/IrYKQ7/qVq682Utk0GLLZj0GmN78SUPBbY2LFmCqXl5QHFJA==
X-Received: by 2002:a05:620a:40c2:b0:6a0:2b1b:2b86 with SMTP id g2-20020a05620a40c200b006a02b1b2b86mr7534383qko.80.1653077902886; Fri, 20 May 2022 13:18:22 -0700 (PDT)
Received: from smtpclient.apple ([2601:86:101:11e0:2045:b9cd:6f:58d1]) by smtp.gmail.com with ESMTPSA id j20-20020a37ef14000000b0069fc13ce1d6sm257462qkk.7.2022.05.20.13.18.22 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 20 May 2022 13:18:22 -0700 (PDT)
From: Jonathan Lennox <jonathan.lennox@8x8.com>
Message-Id: <656630C8-2F85-408D-A60C-13CB9D9833B7@8x8.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_3B98A5FE-B07B-4C60-BF6E-489D9DE76832"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.80.82.1.1\))
Date: Fri, 20 May 2022 16:18:21 -0400
In-Reply-To: <CAPDSy+7rE9au4OgBeu-XNiig7Nf1E7uj8EpcmG+wRL4K7D8jKw@mail.gmail.com>
Cc: Bernard Aboba <bernard.aboba@gmail.com>, IETF AVTCore WG <avt@ietf.org>, Martin Thomson <mt@lowentropy.net>
To: David Schinazi <dschinazi.ietf@gmail.com>
References: <36F82EF4-B129-410D-9C4B-C629F055E530@8x8.com> <70F58D73-75F0-4E26-BF43-0E173F794D04@8x8.com> <CAPDSy+5NNMmnpT2vraoAR_hVwSGMN0qnBYYikHpJ5PJAHhMUdQ@mail.gmail.com> <CAOW+2dsZ3-+erjc+bHAKzM_LvU26VCZW78UODYrKnp=EktppfA@mail.gmail.com> <CAPDSy+7rE9au4OgBeu-XNiig7Nf1E7uj8EpcmG+wRL4K7D8jKw@mail.gmail.com>
X-Mailer: Apple Mail (2.3696.80.82.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/avt/OgSKxwa_XmhYadzAqsKPvCwSEv8>
Subject: Re: [AVTCORE] Working Group Last Call on "Multiplexing Scheme Updates for QUIC"
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Audio/Video Transport Core Maintenance <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/avt/>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 20 May 2022 20:18:28 -0000

I’m not sure ambiguity between QUIC and TURN channels should be a concern.

TURN channel packets should only ever be received from a TURN server, and a TURN client knows whether it sent TURN allocation requests, and channel-binding requests, to a server.  A TURN client needs to be able to disambiguate STUN (i.e. regular TURN) packets from TURN channel packets, but packets from a TURN server can be disambiguated from packets from a peer based on the source IP and port.

Thus, this document needs to describe how to disambiguate within the set {QUIC, DTLS, RTP, RTCP, STUN, ZRTP}, and separately within the set {STUN, TURN channel}; but these two sets shouldn’t ever be overlapping.

> On May 20, 2022, at 4:10 PM, David Schinazi <dschinazi.ietf@gmail.com> wrote:
> 
> Thanks Bernard.
> 
> Another option could be to say that 64-79 is ambiguous between QUIC and TURN,
> so it's best to avoid running both on the same socket. However, if both are in use
> then the best algorithm is to pass the packet to QUIC and if it fails to decrypt then
> pass it to TURN. This works in QUICv1 and QUICv2 because for those versions,
> all QUIC short header packets are encrypted with forward secure keys. It might not
> work for some future versions of QUIC but we can note that as a warning.
> 
> David
> 
> On Fri, May 20, 2022 at 11:15 AM Bernard Aboba <bernard.aboba@gmail.com <mailto:bernard.aboba@gmail.com>> wrote:
> David --
> 
> Thank you for your comments. I will make the changes you recommend with respect to bit greasing. 
> 
> The TURN channel conflict issue will require some WG discussion. 
> 
> TURN channels are not supported in WebRTC, so the potential conflict between TURN channels and QUIC short header packets would not occur in a situation where the STUN/TURN/RTP/RTCP implementation is webrtc-based.  While ICE traffic will be exchanged prior to exchange of P2P QUIC packets, I believe that TURN channel traffic can overlap in time with QUIC short header packets, and since there is overlap in their first octet range with TURN channels and QUIC short header packets, the only solution might be to say "don't use TURN channels".   Anyone see an issue with that? 
> 
> Even though the P2P QUIC trial in Chromium only. allowed a single connection between endpoints, the WG has discussed the potential need for more than one P2P QUIC connection between endpoints. So we probably want to avoid assumptions about a single connection between peers, if possible. 
> 
> On Fri, May 20, 2022 at 10:23 AM David Schinazi <dschinazi.ietf@gmail.com <mailto:dschinazi.ietf@gmail.com>> wrote:
> [ QUIC to BCC ]
> 
> Thanks for the ping Jonathan.
> 
> I've read the document and overall it looks good, it's clear and
> well-written, however I found a couple issues:
> 
> First issue is on QUIC bit greasing; the draft currently says:
> 
>    However, it is not compatible with QUIC Bit
>    greasing, as defined in [I-D.ietf-quic-bit-grease].  Therefore, in
>    situations where multiplexing is desired, QUIC Bit greasing MUST NOT
>    be negotiated.
> 
> but that doesn't reflect how QUIC bit grease works: every endpoint indicates
> it is willing to accept grease - you don't need both endpoints to agree to receive
> grease for grease to be enabled in the other direction. So I'd rephrase it as such:
> 
>    However, it is not compatible with QUIC Bit
>    greasing, as defined in [I-D.ietf-quic-bit-grease].  Therefore,
>    endpoints that wish to use multiplexing on their socket MUST
>    NOT send the grease_quic_bit transport parameter.
> 
> Similarly, I'd remove any mention of "negotiating QUIC bit greasing" in other
> parts of the document since the use of "negotiation" is unclear.
> 
> Also, typo "demultplexed"
> 
> Second issue is on the demultiplexing algorithm; draft currently says:
> 
>    If the value is
>    between 64 and 79 inclusive, then if a packet has been previously
>    forwarded that is in the range of 192 and 255, then the packet is
>    QUIC, otherwise it is TURN Channel.
> 
> It's unclear to me what the scope of "if a packet has been previously
> forwarded" is. In particular, how far back does "previously" go? If it
> means "since this socket has been opened", then this only works if
> there is only one QUIC connection on this socket. Also, is this a
> listening socket (3-tuple) or a connected socket (5-tuple)? One
> more point about this: relying on the fact that connections start
> with long headers is dangerous: QUICv1 behaves that way but the
> QUIC invariants on RFC8999 specify that other versions of QUIC
> might change that.
> 
> David
> 
> 
> On Fri, May 20, 2022 at 9:46 AM Jonathan Lennox <jonathan.lennox@8x8.com <mailto:jonathan.lennox@8x8.com>> wrote:
> The AVTCore working group is holding a Working Group Last Call on its document “Multiplexing Scheme Updates for QUIC”.
> 
> We would appreciate review by subject matter experts in QUIC.  Please comment on the avt@ietf.org <mailto:avt@ietf.org> mailing list.
> 
> For background, the abstract of this document is:
> 
>    This document defines how QUIC, Datagram Transport Layer Security
>    (DTLS), Real-time Transport Protocol (RTP), RTP Control Protocol
>    (RTCP), Session Traversal Utilities for NAT (STUN), Traversal Using
>    Relays around NAT (TURN), and ZRTP packets are multiplexed on a
>    single receiving socket.
> 
>    This document updates RFC 7983 and RFC 5764.
> 
>> Begin forwarded message:
>> 
>> From: Jonathan Lennox <jonathan.lennox@8x8.com <mailto:jonathan.lennox@8x8.com>>
>> Subject: Working Group Last Call on "Multiplexing Scheme Updates for QUIC"
>> Date: May 20, 2022 at 12:40:06 PM EDT
>> To: avt@ietf.org <mailto:avt@ietf.org>
>> 
>> This is an announcement of Working Group Last Call (WGLC) on "Multiplexing Scheme Updates for QUIC”.
>> 
>> The document is available for inspection here: https://datatracker.ietf.org/doc/draft-ietf-avtcore-rfc7983bis/ <https://datatracker.ietf.org/doc/draft-ietf-avtcore-rfc7983bis/>
>> 
>> WGLC will last until Monday, June 6, 2022, midnight Pacific Time.
>> 
>> In response, please reply with one of the following:
>>    * I support publication of the document as is.
>>    * I support publication of the document, but have comments (please include details)
>>    * I object to publication of the document, based on the following issues (please include details),
>> 
>> Jonathan
>> For the AVTCore Chairs
>> 
> 
> _______________________________________________
> Audio/Video Transport Core Maintenance
> avt@ietf.org <mailto:avt@ietf.org>
> https://www.ietf.org/mailman/listinfo/avt <https://www.ietf.org/mailman/listinfo/avt>

v2.23.0 | Report a Bug | By Email