IETF Logo Mail Archive

Re: [AVT] draft-ietf-avt-ports-for-ucast-mcast-rtp-04: Review Comments [csp]

Colin Perkins <csp@csperkins.org> Thu, 02 December 2010 21:22 UTC

Return-Path: <csp@csperkins.org>
X-Original-To: avt@core3.amsl.com
Delivered-To: avt@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C03B53A6358 for <avt@core3.amsl.com>; Thu, 2 Dec 2010 13:22:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.599
X-Spam-Level:
X-Spam-Status: No, score=-103.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KlecxneVo3sc for <avt@core3.amsl.com>; Thu, 2 Dec 2010 13:22:15 -0800 (PST)
Received: from lon1-msapost-2.mail.demon.net (lon1-msapost-2.mail.demon.net [195.173.77.181]) by core3.amsl.com (Postfix) with ESMTP id 67FD83A6765 for <avt@ietf.org>; Thu, 2 Dec 2010 13:22:14 -0800 (PST)
Received: from starkperkins.demon.co.uk ([80.176.158.71] helo=[192.168.0.22]) by lon1-post-2.mail.demon.net with esmtpsa (AUTH csperkins-dwh) (TLSv1:AES128-SHA:128) (Exim 4.69) id 1POGcj-0001aA-cW; Thu, 02 Dec 2010 21:23:30 +0000
Mime-Version: 1.0 (Apple Message framework v1082)
Content-Type: text/plain; charset="iso-8859-1"
From: Colin Perkins <csp@csperkins.org>
In-Reply-To: <04CAD96D4C5A3D48B1919248A8FE0D540DC93D22@xmb-sjc-215.amer.cisco.com>
Date: Thu, 02 Dec 2010 21:23:28 +0000
Content-Transfer-Encoding: quoted-printable
Message-Id: <37011BA4-DDBF-465B-AE54-523E2F2A124F@csperkins.org>
References: <4CF3BAB3.2000501@ericsson.com> <04CAD96D4C5A3D48B1919248A8FE0D540DC93041@xmb-sjc-215.amer.cisco.com> <EDC0A1AE77C57744B664A310A0B23AE21E36365E@FRMRSSXCHMBSC3.dc-m.alcatel-lucent.com> <396D3FC7-9DA5-416E-9883-7FABD7234652@csperkins.org> <04CAD96D4C5A3D48B1919248A8FE0D540DC93B87@xmb-sjc-215.amer.cisco.com> <4CF7A62A.808@ericsson.com> <04CAD96D4C5A3D48B1919248A8FE0D540DC93C63@xmb-sjc-215.amer.cisco.com> <4CF7D54A.5000900@ericsson.com> <04CAD96D4C5A3D48B1919248A8FE0D540DC93D22@xmb-sjc-215.amer.cisco.com>
To: "Ali C. Begen" <abegen@cisco.com>
X-Mailer: Apple Mail (2.1082)
Cc: Magnus Westerlund <magnus.westerlund@ericsson.com>, IETF AVT WG <avt@ietf.org>
Subject: Re: [AVT] draft-ietf-avt-ports-for-ucast-mcast-rtp-04: Review Comments [csp]
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Audio/Video Transport Working Group <avt.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/avt>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Dec 2010 21:22:17 -0000

Most of my comments have been covered in the discussion. Just some minor points inline.

Colin


On 2 Dec 2010, at 17:47, Ali C. Begen (abegen) wrote:
>>>> - Reusing a unicast session for different multimedia session, which I think implies having them share the FTap.
>>> 
>>> This is not a problematic case, either.
>> 
>> I am not agreeing fully. There need to be some consideration here for it. Because you need to know which session the incomming UDP data relates to. For example if one has an ongoing RAMS burst for one channel and then sends a NACK request or another RAMS request and request to use the same unicast session it is not obvious that the data is distinguishable from one channel to the other. Thus clearly consideration should be done here. like alternating between two different unicast sessions with RAMS requests to avoid overlap.
> 
> Such considerations are discussed in the RAMS draft. If the (feedback) port on the server is shared among multiple RTP sessions, then the client has to know the SSRC of the media stream(s) it wants to acquire. If SSRCs are not available in the SDP, that port cannot be shared.
> 
> I don't think that discussion belongs in here.

I suspect this can happen with services other than RAMS, so the general issue should be highlighted.

>>>> - Reuse over time of the port for different services. (which is the one I think Colin was going after).
>>> 
>>> OK, this is interesting. Lets discuss it. Remember that the PT port (server side) is advertised in the SDP at media or session level.
>>> 
>>> If advertised at the media level, PT is the port where the clients (who plan to start that particular unicast session with the server) send their token request message. This is illustrated in the SDP example in the draft.
>>> 
>>> If advertised at the session level, PT will be the port for obtaining a Token for any unicast session that is run between the server(s) and clients. Recall that existence of the 'portmapping-req' attribute indicates that a Token is required for all unicast sessions. Note that different unicast session may have different server addresses, the attribute above only indicates the common port for them.
>> 
>> Yes, I agree that all the tools are available for getting things to work. However, there needs text to point out when a client should use new local ports to create new unicast sessions to a server. This
> 
> The local port management is a client issue. The client follows the conventional rules of using the same port for different RTP sessions. If there is a risk that the traffic will still leak, it has naturally to use a different local port.
> 
>> becomes more or less important dependent on how much co-locating is
>> happening on the server side when it comes to the RTCP feedback port.
>> Preferably none.
> 
> Server ports are declarative and it does not matter what the client does on its own side.
> 
>> I also feel that you are missing the issue with time. If a service exist for 2 hours on friday between 18-20. Then another service is started at 21.00 on friday and happens to reuse the port numbers, but is actually another service instance. Then the token from service one may or may not still be valid depending if service 1 and 2 share token generator and key or not.
> 
> It is simple. If it is a new service and the server wants the client to get a new token, it will reject the current one. Or, the server could have issued the token in such a way that it would  expire by 6pm.

Sure, but the draft needs to say this.

>> In this case it would be best if the token generation for service one is set so that the token will not last beyond the service it intends to service.
> 
> Indeed. Added this.
> 
>> There is also a security perspective, if one expect clients to be of a non all ways on kind, then a particular IP address may first used by host A and later by host B. Thus potentially allowing A to DoS host B unless the token is short lived. But I think I brought this up otherwise.
> 
> Indeed and I think we covered this sufficiently.
> 
> Thanks.
> -acbegen
> 
>> Cheers
>> 
>> Magnus Westerlund
>> 
>> ----------------------------------------------------------------------
>> Multimedia Technologies, Ericsson Research EAB/TVM
>> ----------------------------------------------------------------------
>> Ericsson AB                | Phone  +46 10 7148287
>> Färögatan 6                | Mobile +46 73 0949079
>> SE-164 80 Stockholm, Sweden| mailto: magnus.westerlund@ericsson.com
>> ----------------------------------------------------------------------
> _______________________________________________
> Audio/Video Transport Working Group
> avt@ietf.org
> https://www.ietf.org/mailman/listinfo/avt



-- 
Colin Perkins
http://csperkins.org/

v2.23.0 | Report a Bug | By Email