IETF Logo Mail Archive

Re: [Ice] Should teredo type preference be relayed or host?

Bernard Aboba <bernard.aboba@gmail.com> Fri, 27 October 2017 17:25 UTC

Return-Path: <bernard.aboba@gmail.com>
X-Original-To: ice@ietfa.amsl.com
Delivered-To: ice@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0328E13F407 for <ice@ietfa.amsl.com>; Fri, 27 Oct 2017 10:25:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fu7ZQjNOVGBN for <ice@ietfa.amsl.com>; Fri, 27 Oct 2017 10:25:31 -0700 (PDT)
Received: from mail-vk0-x22d.google.com (mail-vk0-x22d.google.com [IPv6:2607:f8b0:400c:c05::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 48D7C139059 for <ice@ietf.org>; Fri, 27 Oct 2017 10:25:31 -0700 (PDT)
Received: by mail-vk0-x22d.google.com with SMTP id n70so4606565vkf.11 for <ice@ietf.org>; Fri, 27 Oct 2017 10:25:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=0bGWQn28i1ROWNOjj8NEG0sUIUbqmu4TmtAHwY3HFzY=; b=OcBxIg11t7TxuUnGqMO247W1pMH+8d6aoiWy5OjD/CqxFGHu/uUAWghoMUN630I1bv o3yZEAtBuIcEGigUB+XBJR2hKLK5IWalqo77Pe+uVeDNdc5pIwF342V7gNTcK90qOGf8 Lm0G3Mxk7ILGml/YxlyX8RXiSfTDA82jW+NuLHmlQYGP0WFtHGThQgoQGko2vYHOvtUo +9JuTjWDoRxVaj8GRflEHG49O9sdMbam+zo5BsHMZ4/FDN6dhsnVsumh94sxlwjbjkLF Ou0w421SI9AXEGS8tZY9K9bUepA2FVdK9ZBp9pd1VyX/JDJ9lKdUexhnYqUybbC0hwti JHiQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=0bGWQn28i1ROWNOjj8NEG0sUIUbqmu4TmtAHwY3HFzY=; b=l+4qswTi3263hFq+iBKaEECiD/Gswm6syOTARG7cVsbFvWMKgXriUXC5Trxk/avrP9 /QXr/Sjlfohxb/ShXRRNaFLfSJXQcFfWg2bzgTvT2fXnYqPZYqOtrfo1bD4joAMeNNwY Eowyj1YjReddx+RGtN5SVU5j+h9mFOAF2aJP9BiANibqDD/PwgPRG4fM+2yjyyZyQaar 1yK9piiZ8zEJtIcQbdrlVTqoNgZxy7dZYB0T08p3FXited+hBC9CTzasClHK/xuFEa6C K7Ki6Wt4mei90NvvztnEkHVXuI+6hgBmumjIO8MMdFg7gdnSLF+S6270GlKvV6kcFvfI hrPA==
X-Gm-Message-State: AMCzsaUmMxyqcwNXSdVtFfWN5recRMPbZVJ15N80NZ2QLx00jhdep6XW yZpvajOlPxuW3YrrezfRaWzS8H3MYCkBpOmFUTs=
X-Google-Smtp-Source: ABhQp+TeO56+yhLmA/kKYuvW9THPC6//d9FrBiHiu7DcwvYm8fG9LTc+cpzCTYqRrskfMC4wj3BiVQHCdO/XOxl+POI=
X-Received: by 10.31.82.194 with SMTP id g185mr946181vkb.76.1509125130129; Fri, 27 Oct 2017 10:25:30 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.159.38.130 with HTTP; Fri, 27 Oct 2017 10:25:09 -0700 (PDT)
In-Reply-To: <CAJrXDUHDqXyG_Xbcv0WEJmGoCvNxYND6-2Q1RLZNHZpabiXYtg@mail.gmail.com>
References: <ba81bd75-ef65-7900-0fab-cc00c26f681c@niif.hu> <CAJrXDUGNW4e9KyTJJcscE6M6Gxu0ExHWu8n_gij-57hLeqyE_A@mail.gmail.com> <25383ed9-e932-b192-6573-31071946f71d@niif.hu> <CAJrXDUHHWodAbB3vYCuYGKOf6Jv9F23shCpsnDUKOYh=B3BkAQ@mail.gmail.com> <CAOW+2duO26=nLsk0GPZUmOpz61yhG+m1W_bgSYh65v2gM_4Skg@mail.gmail.com> <81cd71c2-f1b0-dbab-8b1c-eb726d3c847d@niif.hu> <CAOW+2dvF2bqJ0Nn8HVKw1Vru4P9u1v=2EJyfuwiTbOccRHjhUA@mail.gmail.com> <CAJrXDUHDqXyG_Xbcv0WEJmGoCvNxYND6-2Q1RLZNHZpabiXYtg@mail.gmail.com>
From: Bernard Aboba <bernard.aboba@gmail.com>
Date: Fri, 27 Oct 2017 10:25:09 -0700
Message-ID: <CAOW+2dseOFajxTSewK7KOqa50JbATsemarjS0cfsHuUoA5z7sQ@mail.gmail.com>
To: Peter Thatcher <pthatcher@google.com>
Cc: Mészáros Mihály <misi@niif.hu>, ICE WG <ice@ietf.org>
Content-Type: multipart/alternative; boundary="001a114f76c44d9582055c8a93c9"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ice/9zBvXJyZv5phlEdg129SNC8Ezzo>
Subject: Re: [Ice] Should teredo type preference be relayed or host?
X-BeenThere: ice@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Interactive Connectivity Establishment \(ICE\)" <ice.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ice>, <mailto:ice-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ice/>
List-Post: <mailto:ice@ietf.org>
List-Help: <mailto:ice-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ice>, <mailto:ice-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Oct 2017 17:25:34 -0000

Agreed.

On Fri, Oct 27, 2017 at 8:36 AM, Peter Thatcher <pthatcher@google.com>
wrote:

> Seems like we've reached the conclusion that the reference to dual stack
> is sufficient and we don't need to make any changes to the draft.
>
> On Wed, Oct 4, 2017 at 2:55 PM Bernard Aboba <bernard.aboba@gmail.com>
> wrote:
>
>> We have found that Teredo candidates are rarely optimal, and often have
>> high failure rates on checks, so that the "unreliable  connectiv
>> ity" advice in the dual stack document applies well to them.
>>
>>
>> On Oct 3, 2017 9:08 PM, "Mészáros Mihály" <misi@niif.hu> wrote:
>>
>> The application should make decision based on the gathered IP address,
>> and if it has prefix 2001::/32 then consider it as TEREDO address and so
>> "unreliable connectivity"?
>>
>> Am I understand you correctly?
>> On 2017-10-03 18:09, Bernard Aboba wrote:
>>
>> Peter said:
>>
>> "It sounds like this is more similar to host candidates on a VPN network
>> interface.  Is that correct?"
>>
>> [BA] There have been problems with Teredo relay routability, so the
>> following snippets from https://tools.ietf.org/html/
>> draft-ietf-ice-dualstack-fairness apply:
>>
>>    Applications should take special care to deprioritize network
>>    interfaces known to provide unreliable connectivity when operating in
>>    a multihomed environment.  For example, certain tunnel services might
>>    provide unreliable connectivity.  Doing so will ensure a more fair
>>    distribution of the connectivity checks across available network
>>    interfaces on the device.  The simple guidelines presented here
>>    describe how to deprioritize interfaces known by the application to
>>    provide unreliable connectivity...
>>
>>    Candidates with IP addresses from an unreliable interface should be
>>    ordered at the end of the checklist, i.e., not intermingled as the
>>    dual-stack candidates.
>>
>>
>> On Mon, Oct 2, 2017 at 10:05 PM, Peter Thatcher <pthatcher@google.com>
>> wrote:
>>
>>> Ah, I misunderstood TEREDO.  I thought you were saying that there was a
>>> server giving out candidates (in which case I thought it could just mark
>>> it's candidates as relay).
>>>
>>> It sounds like this is more similar to host candidates on a VPN network
>>> interface.  Is that correct?
>>>
>>> On Mon, Oct 2, 2017 at 9:57 PM Mészáros Mihály <misi@niif.hu> wrote:
>>>
>>>> Hi Peter et al.
>>>>
>>>>
>>>>
>>>> Why wouldn't TEREDO endpoints just say the candidates are relayed if
>>>> they think it's wise?
>>>>
>>>> I assume "TEREDO endpoint" in your terminology is the "Teredo client".
>>>> Teredo Client setups a new interface (Teredo Tunneling
>>>> Pseudo-Interface) on windows with an IPv6 address
>>>> It seems to be a host candidate, because it setups local
>>>> adapter/interface with IPv6 address.
>>>>
>>>> ICE will detect it as host candidate.
>>>> It seems host candidate, but it is tunneled and relayed, and so in my
>>>> opinion it should be treated as relayed.
>>>>
>>>> e.g.
>>>> Chrome: 57.0.2987.133
>>>>
>>>> sdpMid: audio, sdpMLineIndex: 0, candidate: candidate:3123958951 <%28312%29%20395-8951> 1 udp 212225510 2001::5ef5:79fd:2c57:21fb:3e1e:c8bb 54819 typ host generation 1 ufrag D02B network-id 1 network-cost 50
>>>>
>>>>
>>>>
>>>>
>>>> Why does this need to be in the ICE spec?
>>>>
>>>> TEREDO is an IPv6 smooth transition technology, that is a tunnel and
>>>> relay very similarly to TURN in many aspects,
>>>> but it is  treated as host candidate IMHO that is not optimal.
>>>>
>>>> ICE spec defines:
>>>>
>>>>    - host candidates
>>>>
>>>>    Host candidates are obtained by binding to ports on an IP address
>>>>    attached to an interface (physical or virtual, including VPN
>>>>    interfaces) on the host.
>>>>
>>>>    - type preferences.
>>>>
>>>> 4.1.2.2.  Guidelines for Choosing Type and Local Preferences
>>>>
>>>>    The RECOMMENDED values for type preferences are 126 for host
>>>>    candidates, 110 for peer reflexive candidates, 100 for server
>>>>    reflexive candidates, and 0 for relayed candidates.
>>>>
>>>>
>>>> The Spec recommends, type preference for host candidates, and TEREDO
>>>> according current spec definition is a "host candidate".
>>>> According these, Teredo as it is local host IPv6 address, it is a "host
>>>> candidate" with the highest type preference.
>>>> VS.
>>>> Relayed with type preference 0.
>>>>
>>>> IMHO spec should address this edge case where it seems to be host
>>>> candidate but it is more related to tunneled/relayed.
>>>>
>>>>
>>>> Thanks,
>>>> Misi
>>>>
>>>>
>>>> On 2017-10-03 00:49, Peter Thatcher wrote:
>>>>
>>>> Why wouldn't TEREDO endpoints just say the candidates are relayed if
>>>> they think it's wise?  Why does this need to be in the ICE spec?
>>>>
>>>> On Mon, Oct 2, 2017 at 3:44 PM Mészáros Mihály <misi@niif.hu> wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>> Please correct me if I totally misunderstand the situation, but
>>>>>
>>>>> AFAIU Teredo is considered according ICE as a host candidate and
>>>>> according it, we have to use the host local type preference for it.
>>>>>
>>>>> (That seems to be logical because it is on the host interface.)
>>>>>
>>>>>
>>>>> IMHO that is not the right behavior, because TEREDO is doing also
>>>>> relaying,
>>>>> and should be not considered as host candidate type rather consider it
>>>>> as relayed type.
>>>>>
>>>>> I can configure a very close TURN relay in WebRTC UA, but in the other
>>>>> hand I can not set the TEREDO relay location,
>>>>> because it depends on the network provider BGP. (anycast BGP 2001::/32)
>>>>>
>>>>> Many endpoints is doing TEREDO.
>>>>> On Windows AFAIK TEREDO is enabled by default, and all such home users
>>>>> with ipv4 only + nat box has TEREDO IPv6 address configured.
>>>>>
>>>>> My experience was that my peers are located in Hungary and I set a very
>>>>> close Hungarian TURN server, surprisingly the media use TEREDO relay in
>>>>> UK.... :-(
>>>>>
>>>>> If TURN and TEREDO both do relaying, then I think TEREDO should also
>>>>> considered as relayed candidate..
>>>>>
>>>>> If I have very close nice low latency TURN service, that is close to
>>>>> the
>>>>> communication peers, than I don't want to prefer so much the TEREDO
>>>>> relay.
>>>>>
>>>>> Actually according to the actual ICE behavior, because Teredo
>>>>> considered
>>>>> as host address,
>>>>> ICE will definitely choose and use TEREDO relay, even if it will be
>>>>> also
>>>>> relayed like TURN, and may even adds more latency than the TURN.
>>>>>
>>>>>
>>>>> All in all, I think the new 5254-bis rfc should clarify this case, and
>>>>> because TEREDO is also relaying, so I propose to define in the text an
>>>>> exception for this case.
>>>>> Consider TEREDO candidate type preference even if it is discovered on
>>>>> the host interface, as relay and not as host.
>>>>>
>>>>> Please comment/correct my thoughts.
>>>>>
>>>>> Thanks,
>>>>>
>>>>> Misi
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> Ice mailing list
>>>>> Ice@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/ice
>>>>>
>>>>
>>>>
>>> _______________________________________________
>>> Ice mailing list
>>> Ice@ietf.org
>>> https://www.ietf.org/mailman/listinfo/ice
>>>
>>>
>>
>>
>>

v2.23.0 | Report a Bug | By Email