IETF Logo Mail Archive

Re: [Ice] ICE PAC: When to start the timer waiting for possible peer reflexive candidates?

Justin Uberti <juberti@google.com> Thu, 02 May 2019 16:57 UTC

Return-Path: <juberti@google.com>
X-Original-To: ice@ietfa.amsl.com
Delivered-To: ice@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 78AC912012A for <ice@ietfa.amsl.com>; Thu, 2 May 2019 09:57:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.5
X-Spam-Level:
X-Spam-Status: No, score=-17.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0tiH7E3yZbnW for <ice@ietfa.amsl.com>; Thu, 2 May 2019 09:57:18 -0700 (PDT)
Received: from mail-io1-xd2b.google.com (mail-io1-xd2b.google.com [IPv6:2607:f8b0:4864:20::d2b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D441712008B for <ice@ietf.org>; Thu, 2 May 2019 09:57:17 -0700 (PDT)
Received: by mail-io1-xd2b.google.com with SMTP id r71so2782737iod.11 for <ice@ietf.org>; Thu, 02 May 2019 09:57:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=a3Dd+UTIhz+VIe9GC8NZcwsom7p4cB3vVrXK6f3KRdU=; b=GBWqIFT6A4xz3Eq6xN8lfusTGPHsK8KFJZA7PYqCiZ8xHzuZ47LE3ltvARy84ZDRN3 keWRRJKddcXAUfRZ5Nzzzos4TXxP/f7nlcXnbRa8bi2+f6x+qSBgB6IMDlErwrgv1MOb haHoLCvNzhm1eZMuN9fKaAaLHcETRHMsf8A2TbMeEBn6s5Q8lHC5P7aQE2RWPdPtarXB t56tbwtBeyLDUGNq7gbz1oTCPJiKAbuuKeg9tjZvk4Ey13IL4Pktdbyc5RHqz7LQP88R IaV99aFRE65641L7T158DQ9STcLDWpp1AsVUS8NMiPcIhHojPc1iuYCklORfj+AusSKc mCDA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=a3Dd+UTIhz+VIe9GC8NZcwsom7p4cB3vVrXK6f3KRdU=; b=jQ/J31fgvZESmRbrpXFr14B77LbCPyheayWPqb1oQZHNL94E051WSv7ePvrtZKh23k s2d4rGnunENXxIWcUQqrIXuQVKsliebp98mVeOlg5u6diY6sh3xGCWG4dyQyTppgTLHQ 7ZtV1HR+BOUzAIg+vRz16eId3y8XMVgTmWsikr3WN19GCC25eeCUmugx+PG3mLDOhinF b0280LiI9cQ6GNeVV+fjx98J7FahkA68UGGUPh+bHoffvspAItKcsOIIzR4LK9Odph43 P4tKh+Rn+cflKGpe6HY1W4PkULsIOn6u6+dR8pDOIVNeNtEUPVEjnEfVon14e2+PktkL /76A==
X-Gm-Message-State: APjAAAUa/oxpocr9B1fFAC4j5gLdVUu3RulonPt/DJVJPw4Tc7w47vzF 5qqDWNTAaZdYQ/CJI4x8TBS/RS2NalYM8hIBlJ9x4g==
X-Google-Smtp-Source: APXvYqxrrhiCtG3QrpljmkNVqAHOB5NTOf9VfKNQyX6vGo5toz+2VECXnR6y8Y9XrhEVVZiOl+KPiPiv7vA2+i/SuhQ=
X-Received: by 2002:a5e:cb41:: with SMTP id h1mr3042055iok.95.1556816236693; Thu, 02 May 2019 09:57:16 -0700 (PDT)
MIME-Version: 1.0
References: <3A66B735-03C9-41FF-95AD-500B0D469C80@ericsson.com> <CAD5OKxsMgNTQPNP4Ni72H+yD4iUeyNK+x6CSvdBApGnPTpr_vg@mail.gmail.com> <A4EC3C01-4D7D-45DF-876D-E58706F74866@ericsson.com> <CAD5OKxt8tDemkK=v4X1gjwJGLYrxcd95S7uV53_fsga6grZ_rA@mail.gmail.com> <30518269-CA9D-4F50-8CE3-062A01DBCD7F@mozilla.com> <CAD5OKxvmRK8Xzu4FSRv3Lgdg-VrrufzGhjAdSmfcLLkrm-jtjw@mail.gmail.com> <0AD3077C-74FA-4585-942A-375B83B3A7A0@ericsson.com> <CAD5OKxsgpf7Hv_nxFOZFwfNk7-_xNRzmoPTA2bZCqZo3wzudKQ@mail.gmail.com> <HE1PR07MB316172053751D307F83DE0EB933E0@HE1PR07MB3161.eurprd07.prod.outlook.com> <CAD5OKxu332E8vzdc4dt09NxXGf9Cr2izwECDAQjc7V_YDx3r5w@mail.gmail.com> <HE1PR07MB316189447ED302BEC5021946933F0@HE1PR07MB3161.eurprd07.prod.outlook.com> <CAOJ7v-3Dv4N5j0KykxQf-gHQfvJ9x-VzbTTTcdJyfgYgcdYy5A@mail.gmail.com> <HE1PR07MB3161E4496E7BDC5FF419CCE793390@HE1PR07MB3161.eurprd07.prod.outlook.com> <CAOJ7v-3JkrYnWpghusRytVvTn1u7OibL9J3NyVh+ia9neSyuHA@mail.gmail.com> <46390078-DE3B-456B-87AC-61AE3C3DF035@ericsson.com> <CAOJ7v-202_STNVj6nLv_0pTTuE_=jn_HJusNERv9Yj7=k=86jg@mail.gmail.com> <156839B0-C680-4F8F-8D93-8F6B33FB8F01@ericsson.com>
In-Reply-To: <156839B0-C680-4F8F-8D93-8F6B33FB8F01@ericsson.com>
From: Justin Uberti <juberti@google.com>
Date: Thu, 02 May 2019 09:57:04 -0700
Message-ID: <CAOJ7v-0WeX0eN8EVtDf0AXTdL3XkYGEhOMKWNtFBeFGf1tR4hw@mail.gmail.com>
To: Christer Holmberg <christer.holmberg@ericsson.com>
Cc: Roman Shpount <roman@telurix.com>, Nils Ohlmeier <nohlmeier@mozilla.com>, "ice@ietf.org" <ice@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000c531640587ea8676"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ice/5yqi8rjdAanAJ-mhNpX6CpHhqQ4>
Subject: Re: [Ice] ICE PAC: When to start the timer waiting for possible peer reflexive candidates?
X-BeenThere: ice@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Interactive Connectivity Establishment \(ICE\)" <ice.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ice>, <mailto:ice-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ice/>
List-Post: <mailto:ice@ietf.org>
List-Help: <mailto:ice-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ice>, <mailto:ice-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 May 2019 16:57:20 -0000

On Thu, May 2, 2019 at 3:42 AM Christer Holmberg <
christer.holmberg@ericsson.com> wrote:

> Hi,
>
> >>>> Overall I think the Firefox approach makes the most sense - the PAC
> timer
> >>>> starts when you have either a local or remote candidate.
> >>>
> >>> That would mean that PAC becomes a the-maximum-time-to-run-ICE timer.
> If that's what people want, fine.
> >>
> >> Maybe this is what you meant, but I think it's a
> "minimum-time-to-run-ICE" timer.
> >
> > I guess so, yes.
> >
> > However, as I said before, I think an agent shall still be allowed to
> stop earlier, and not be required to wait for peer reflexive candidates, if
> it already has working pairs.
> >
> > Sure, this is not a point of contention, but a SHOULD-level directive
> may make sense here.
>
> If the agent does have working pairs, I think waiting for a additional
> peer reflexive candidates should only be a MAY. Using working pairs doesn't
> break anything, and waiting for peer reflexive candidates even if you have
> working pairs is just going to delay the nomination. But, if an agent only
> have "bad" working pairs (e.g., relayed) it MAY wait for additional peer
> reflexive candidates.
>
> What we want to do is to prevent that an agent declares failure too early
> if it does NOT have working candidates.
>

As stated earlier, I think that is only one part of the problem. But that's
largely separate from the discussion here about when to start the timer.

>
> ...
>
> >> What about starting the timer after the agent has sent its last set of
> candidates? That would cover both trickle and non-trickle:
> >> in non-trickle there is only one set of candidates, and in trickle it
> doesn't matter how long it takes to provide all candidates since
> >> the timer doesn’t start until the last set of candidates have been sent?
> >
> > That's basically the same thing I was proposing in 2), with the
> clarification that the candidates were also actually transmitted.
>
> Correct.
>
> > I do think Nils' point is important though, i.e., if we have a bad
> server it will take a very long time to decide on 'last set of candidates',
> > which is probably not helpful. As such I think the potential positions
> we can take are:
> > a) Start the timer as soon as we have an answer, regardless of any
> candidates.
> > b) a) + receipt of at least one remote candidate (or remote EOC). (This
> is Nils' suggestion).
> > c) a) + sending at least one local candidate (or local EOC).
> >
> > b) has a problem if the remote side doesn't send any candidates, which
> we want to explicitly allow.
>
> True.
>
> >I tend to lean towards a) as the simplest option.
>
> Keep in mind that RFC 8445 is generic, so we need to to define what we
> mean by "answer". I guess it means some kind of indication that makes the
> agent assume that the remote peer has been contacted. In ice-sip-sdp we can
> then map that to an SDP answer.
>
>
Yes, good point. We can start ICE processing (sending checks) as soon as we
have the remote username/password, so we could reframe it in those terms.

v2.23.0 | Report a Bug | By Email