IETF Logo Mail Archive

Re: [Ice] ICE PAC: When to start the timer waiting for possible peer reflexive candidates?

Nils Ohlmeier <nohlmeier@mozilla.com> Thu, 02 May 2019 19:22 UTC

Return-Path: <nohlmeier@mozilla.com>
X-Original-To: ice@ietfa.amsl.com
Delivered-To: ice@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A6FD1200F8 for <ice@ietfa.amsl.com>; Thu, 2 May 2019 12:22:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mozilla.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PHI7equvvu3x for <ice@ietfa.amsl.com>; Thu, 2 May 2019 12:22:06 -0700 (PDT)
Received: from mail-pg1-x536.google.com (mail-pg1-x536.google.com [IPv6:2607:f8b0:4864:20::536]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 52603120075 for <ice@ietf.org>; Thu, 2 May 2019 12:22:06 -0700 (PDT)
Received: by mail-pg1-x536.google.com with SMTP id k19so1511427pgh.0 for <ice@ietf.org>; Thu, 02 May 2019 12:22:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mozilla.com; s=google; h=from:message-id:mime-version:subject:date:in-reply-to:cc:to :references; bh=IRvLwkEKBwl08nyZdBNPTUEwMMZVH6Szqfg1Wu/+Gqw=; b=ICVZN2KKl8Z5FssFJnhF/dAYA0IdsuDteQvla+iLB0+anOBZ58uZZNyLeaQhXHFRHd lcfUYx89He3uRAJWGm6wBg7Jnv04vAjQ+MAG06FhOAZ7pcA6HcZsZjEMK2stTfyJY18R LmF7ZtwEq/OUsLYZ+AAE3Szz1Xn5KQLCSgEGo=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:message-id:mime-version:subject:date :in-reply-to:cc:to:references; bh=IRvLwkEKBwl08nyZdBNPTUEwMMZVH6Szqfg1Wu/+Gqw=; b=ZZTKf8VNhNYPGtAjKFJhaD/xwl87F9DdA2PtCBKXtygEfSW3EWB4i0DB9BThOQ2cGA RYoAZBdFT/3/stPUpLy56ZW9MnfS8jTKsEfJwaBSDRaa7F+gEaYR+XqbpLwvZT8qwgR1 djUKSkXG0EDNfRaAW2hwZx4cTbUgKmFlPvlT8zlO63ZMKxh0JCJCjX3t2LIAmKYlZEzv YsQOSAwCjxBhGoyC3jMNo1Eo3Tt6JpNSZshYoEDqclIENJkmdCsmJJTHh+YfYg2lFR4J Ej2A14p7mPmdFOyG3yDiZi+HI/V9uej9H8V0hDyOAHQbB/8YF0SqZTnRKPX3BBnab59z aH0A==
X-Gm-Message-State: APjAAAWldYPvHMjquPe04tc5/QdxCc+wBdRTozyXbAe/RHcDQNZQrmVD qh1UzQ3gdr1qcZ+Gzlqaim/+1g==
X-Google-Smtp-Source: APXvYqyHK/5EsdWdUjzeNBhzyoo2OUaUBkoKb1g/BpRnYR/o7NFuYGT/wC3Dkh/wEL3nnaFlE5kxFg==
X-Received: by 2002:aa7:9095:: with SMTP id i21mr6257574pfa.134.1556824925387; Thu, 02 May 2019 12:22:05 -0700 (PDT)
Received: from ?IPv6:2601:647:4600:3f31:2dab:9212:1aa4:b41a? ([2601:647:4600:3f31:2dab:9212:1aa4:b41a]) by smtp.gmail.com with ESMTPSA id l4sm39466pgh.17.2019.05.02.12.22.03 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 02 May 2019 12:22:04 -0700 (PDT)
From: Nils Ohlmeier <nohlmeier@mozilla.com>
Message-Id: <4F57FAE8-7E87-43D4-96CE-2AC21C239BEB@mozilla.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_4554C891-62B6-4E87-BADB-C3A11C0E76DE"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
Date: Thu, 02 May 2019 12:22:02 -0700
In-Reply-To: <CAOJ7v-2RbkeBEGFkTkRUnOMyCK4WcbYJwaCiQc7yj5kSkxNQPA@mail.gmail.com>
Cc: Christer Holmberg <christer.holmberg@ericsson.com>, Roman Shpount <roman@telurix.com>, "ice@ietf.org" <ice@ietf.org>
To: Justin Uberti <juberti@google.com>
References: <3A66B735-03C9-41FF-95AD-500B0D469C80@ericsson.com> <CAD5OKxsMgNTQPNP4Ni72H+yD4iUeyNK+x6CSvdBApGnPTpr_vg@mail.gmail.com> <A4EC3C01-4D7D-45DF-876D-E58706F74866@ericsson.com> <CAD5OKxt8tDemkK=v4X1gjwJGLYrxcd95S7uV53_fsga6grZ_rA@mail.gmail.com> <30518269-CA9D-4F50-8CE3-062A01DBCD7F@mozilla.com> <CAD5OKxvmRK8Xzu4FSRv3Lgdg-VrrufzGhjAdSmfcLLkrm-jtjw@mail.gmail.com> <0AD3077C-74FA-4585-942A-375B83B3A7A0@ericsson.com> <CAD5OKxsgpf7Hv_nxFOZFwfNk7-_xNRzmoPTA2bZCqZo3wzudKQ@mail.gmail.com> <HE1PR07MB316172053751D307F83DE0EB933E0@HE1PR07MB3161.eurprd07.prod.outlook.com> <CAD5OKxu332E8vzdc4dt09NxXGf9Cr2izwECDAQjc7V_YDx3r5w@mail.gmail.com> <HE1PR07MB316189447ED302BEC5021946933F0@HE1PR07MB3161.eurprd07.prod.outlook.com> <CAOJ7v-3Dv4N5j0KykxQf-gHQfvJ9x-VzbTTTcdJyfgYgcdYy5A@mail.gmail.com> <HE1PR07MB3161E4496E7BDC5FF419CCE793390@HE1PR07MB3161.eurprd07.prod.outlook.com> <CAOJ7v-3JkrYnWpghusRytVvTn1u7OibL9J3NyVh+ia9neSyuHA@mail.gmail.com> <46390078-DE3B-456B-87AC-61AE3C3DF035@ericsson.com> <CAOJ7v-202_STNVj6nLv_0pTTuE_=jn_HJusNERv9Yj7=k=86jg@mail.gmail.com> <156839B0-C680-4F8F-8D93-8F6B33FB8F01@ericsson.com> <0928C15F-E7F4-405B-BBBB-2ECD35BD621D@mozilla.com> <CAOJ7v-2RbkeBEGFkTkRUnOMyCK4WcbYJwaCiQc7yj5kSkxNQPA@mail.gmail.com>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/ice/GAFq7LdUGWdnvcbQbyHw11qIVRU>
Subject: Re: [Ice] ICE PAC: When to start the timer waiting for possible peer reflexive candidates?
X-BeenThere: ice@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Interactive Connectivity Establishment \(ICE\)" <ice.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ice>, <mailto:ice-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ice/>
List-Post: <mailto:ice@ietf.org>
List-Help: <mailto:ice-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ice>, <mailto:ice-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 May 2019 19:22:08 -0000


> On May 2, 2019, at 12:13, Justin Uberti <juberti@google.com> wrote:
> 
> 
> 
> On Thu, May 2, 2019 at 10:07 AM Nils Ohlmeier <nohlmeier@mozilla.com <mailto:nohlmeier@mozilla.com>> wrote:
> 
> >> I do think Nils' point is important though, i.e., if we have a bad server it will take a very long time to decide on 'last set of candidates', 
> >> which is probably not helpful. As such I think the potential positions we can take are:
> >> a) Start the timer as soon as we have an answer, regardless of any candidates.
> >> b) a) + receipt of at least one remote candidate (or remote EOC). (This is Nils' suggestion).
> >> c) a) + sending at least one local candidate (or local EOC).
> 
> As we are mostly concerned about the remote side: 1) not providing us with candidates, or 2) providing us with unusable candidates or 3) providing us with candidates really late I don’t see how option c) would help in any of these scenarios.
> From my point of view we should choose either a) or b).
> 
> c) is just a clarification of a), in that you can't expect to receive prflx candidates until you've at least provided the other side with a candidate, so that may be the right time for the timer to start. I don't feel super strongly about this though. 

Ok. I hadn’t looked at it from that angle. So c) being a stronger a) I guess it would be okay.

I guess my only concern is that in Firefox we stopped doing a) because it caused to many problems. With that in mind would it cause interop problems if we leave up to the implementor to choose to implement either b) or c)?

> 
> >> b) has a problem if the remote side doesn't send any candidates, which we want to explicitly allow. 
> > 
> > True. 
> Just to make sure we are all on the same page: b) is only a problem in the scenario where the remote side doesn’t send any candidates but also does not send EOC. 
> 
> The EOC should allow agents which explicitly don’t want to provide candidate to get the timer started soon.
> I think that leaves us with scenarios where the remote doesn’t provide host candidates, and it’s reflexive or relay candidates take for ever because of slow servers.
> 
> Correct, but we can't control which endpoints will send us an EOC or not. So that will always be a possibility. 

Fair enough.

> 
> >> I tend to lean towards a) as the simplest option.
> > 
> > Keep in mind that RFC 8445 is generic, so we need to to define what we mean by "answer". I guess it means some kind of indication that makes the agent assume that the remote peer has been contacted. In ice-sip-sdp we can then map that to an SDP answer.
> 
> Good point. We basically treat the SDP answer here to be something like an beginning of ICE, because we don’t have an explicit signal for that. I think in SDP based worlds there is no need for an extra signal like that. Not sure if other use cases of ICE would benefit from an explicit begin signal.
> 
> The answer in some ways is an explicit begin signal, because it contains the username/password information needed to start ICE checks. 

Yeah I didn’t see your reply before hitting send on mine. Using the availability sounds like a good idea as the minimum gating function/signal.

Best
  Nils

v2.23.0 | Report a Bug | By Email