Re: [Ice] 5245bis: STUN/TURN transaction timeout timer
Ari Keränen <ari.keranen@ericsson.com> Thu, 01 March 2018 07:47 UTC
Return-Path: <ari.keranen@ericsson.com>
X-Original-To: ice@ietfa.amsl.com
Delivered-To: ice@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EA1B11205D3 for <ice@ietfa.amsl.com>; Wed, 28 Feb 2018 23:47:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.32
X-Spam-Level:
X-Spam-Status: No, score=-4.32 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YpK7BZqBJg90 for <ice@ietfa.amsl.com>; Wed, 28 Feb 2018 23:47:35 -0800 (PST)
Received: from sesbmg23.ericsson.net (sesbmg23.ericsson.net [193.180.251.37]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2CE9712D7F5 for <ice@ietf.org>; Wed, 28 Feb 2018 23:47:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; d=ericsson.com; s=mailgw201801; c=relaxed/simple; q=dns/txt; i=@ericsson.com; t=1519890452; h=From:Sender:Reply-To:Subject:Date:Message-ID:To:CC:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=c9v4vTQdfMpx7DyXKJrDB+xMfdKAfSNTG9CaeoSTuwg=; b=AYyKIzUAF6bqBb5ZyBHBzC7dI0RpMM84pURXJp/gBCMKM7eT4WNZBmX2B0T1enfi PjeZ1czfMc7syFdOZ0ElwmJaIHXxImWpuk7URuEHYVPuO5Y70ScV29kUY/01LqH4 9DR14GkcylNRQOloImf9UbMSwqN0jO0eZL+fXCzFzpU=;
X-AuditID: c1b4fb25-083ff70000002d5f-8e-5a97b0141d2c
Received: from ESESSHC014.ericsson.se (Unknown_Domain [153.88.183.60]) by sesbmg23.ericsson.net (Symantec Mail Security) with SMTP id 2A.76.11615.410B79A5; Thu, 1 Mar 2018 08:47:32 +0100 (CET)
Received: from ESESSMB109.ericsson.se ([169.254.9.82]) by ESESSHC014.ericsson.se ([153.88.183.60]) with mapi id 14.03.0352.000; Thu, 1 Mar 2018 08:47:32 +0100
From: Ari Keränen <ari.keranen@ericsson.com>
To: Christer Holmberg <christer.holmberg@ericsson.com>, "Black, David" <David.Black@dell.com>, "ice@ietf.org" <ice@ietf.org>, "jri@google.com" <jri@google.com>, Nils Ohlmeier <nohlmeier@mozilla.com>
CC: "draft-ietf-ice-rfc5245bis@ietf.org" <draft-ietf-ice-rfc5245bis@ietf.org>, "ice-chairs@ietf.org" <ice-chairs@ietf.org>
Thread-Topic: [Ice] 5245bis: STUN/TURN transaction timeout timer
Thread-Index: AdOuOI+oEAiBXZOTQm+Dl/LRxGi/pAA0o/rgAAMPdYAAAXfKMAACL39QAAosVoAAACltgAACbt+AAHQHYYA=
Date: Thu, 01 Mar 2018 07:47:31 +0000
Message-ID: <748F125A-EE65-49B9-99D9-C64AB428CD3A@ericsson.com>
References: <7594FB04B1934943A5C02806D1A2204B6C19C90C@ESESSMB109.ericsson.se> <CE03DB3D7B45C245BCA0D2432779493630022D46@MX307CL04.corp.emc.com> <D6B9E77B.2BA3D%christer.holmberg@ericsson.com> <CE03DB3D7B45C245BCA0D2432779493630022F21@MX307CL04.corp.emc.com> <7594FB04B1934943A5C02806D1A2204B6C1A8CC5@ESESSMB109.ericsson.se> <143496D8-1304-49C3-B12F-5EF3A116E1BD@mozilla.com> <CE03DB3D7B45C245BCA0D2432779493630024378@MX307CL04.corp.emc.com> <1A521409-0DF9-42B7-B1D9-0F8FB6FA7008@mozilla.com>
In-Reply-To: <1A521409-0DF9-42B7-B1D9-0F8FB6FA7008@mozilla.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [193.234.218.122]
Content-Type: multipart/signed; boundary="Apple-Mail=_21942CC5-508B-4B31-A609-D2CC0206CC7C"; protocol="application/pkcs7-signature"; micalg="sha1"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFjrDIsWRmVeSWpSXmKPExsUyM2K7ja7IhulRBnv2q1p8nLWYxWL+yevM FhdnTWaz+Hah1mLS0YUsFtfnTWZ0YPOYNHMGs8eCTaUeS5b8ZPLoO9DFGsASxWWTkpqTWZZa pG+XwJWx+OZxloJHURWTPzYyNTD2BXYxcnJICJhI3O97wwxiCwkcZpR4flG4i5ELyF7EKDFp xh9WkASbgK3Ek9Z9rCAJEYFTjBJXvm1hB0kwC9RIXLu7H6xbWMBeYsWENkYQW0TAQeLBngYm CDtJYubJGWA1LAIqEjd617GA2LxA9btWb2GF2PaTWeLy9HawBk6gxPlLx8AGMQqISXw/tYYJ Ypm4xK0n85kgzhaReHjxNBuELSrx8vE/VghbWWLdgyeMIEOZBaYwSmzpmMsGsU1Q4uTMJywT GEVmIZk1C1ndLCR1EEXaEssWvmaGsDUl9ncvh4qbSrw++pERwraWmPHrIBuErSgxpfsh+wJG jlWMosWpxUm56UbGeqlFmcnFxfl5enmpJZsYgfF6cMtv1R2Ml984HmIU4GBU4uFVXzo9Sog1 say4MvcQowrQnEcbVl9glGLJy89LVRLhPb19WpQQb0piZVVqUX58UWlOavEhRmkOFiVx3jnC 7VFCAumJJanZqakFqUUwWSYOTqkGxljfyZ+eX0lviHFXTL72696id2/3l5XqtEisFYx55/f+ X2huwtY7nb0f55mUe2asmJXvoizhvmRO+X7b5MXP/TijHqwV0lnyeOPzJwXveSZP7OVZbyAw +fuRxze8nL6LLK65d3+W54Q7H3+tbmv8ePRdRuOy0xMkrpQFPF+o681gznrhTCRb4XolluKM REMt5qLiRAACMJWv3wIAAA==
Archived-At: <https://mailarchive.ietf.org/arch/msg/ice/h5vE337Bo4Wcxe6KtywEvvTTxGk>
Subject: Re: [Ice] 5245bis: STUN/TURN transaction timeout timer
X-BeenThere: ice@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Interactive Connectivity Establishment \(ICE\)" <ice.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ice>, <mailto:ice-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ice/>
List-Post: <mailto:ice@ietf.org>
List-Help: <mailto:ice-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ice>, <mailto:ice-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Mar 2018 07:47:37 -0000
Hi, I had a look at the Ti timer in 5389 (https://tools.ietf.org/search/rfc5389#section-7.2.2) and it seems that it is defined to be in line with the time it takes for (UDP) STUN transaction that includes all re-transmissions to timeout: > Reliability of STUN over TCP and TLS-over-TCP is handled by TCP > itself, and there are no retransmissions at the STUN protocol level. > However, for a request/response transaction, if the client has not > received a response by Ti seconds after it sent the SYN to establish > the connection, it considers the transaction to have timed out. However the HTO timer is for transaction pacing and is roughly what one successful connectivity check should take (2*RTT). Therefore these are two different things and I don't think it make sense to mention Ti here at all. I suggest we remove the note completely. Cheers, Ari (hat off) > On 27 Feb 2018, at 2.25, Nils Ohlmeier <nohlmeier@mozilla.com> wrote: > > Yes you are right. Somehow I managed to read Christer’s Note the opposite way of what I now think he intends to point out. > > Sorry for the confusion. > > Nils > > >> On Feb 26, 2018, at 15:15, Black, David <David.Black@dell.com> wrote: >> >> Isn’t it the other way around – ICE HTO is much shorter than STUN or TURN Ti? >> >> Thanks, --David >> >> From: Nils Ohlmeier [mailto:nohlmeier@mozilla.com] >> Sent: Monday, February 26, 2018 6:11 PM >> To: Christer Holmberg <christer.holmberg@ericsson.com> >> Cc: Black, David <david.black@emc.com>; ice@ietf.org; draft-ietf-ice-rfc5245bis@ietf.org; ice-chairs@ietf.org; jri@google.com >> Subject: Re: [Ice] 5245bis: STUN/TURN transaction timeout timer >> >> >> On Feb 26, 2018, at 07:48, Christer Holmberg <christer.holmberg@ericsson.com> wrote: >> >> Maybe adding the following note to the existing Timer HTO definition: >> >> Timer HTO: The timeout timer for a given STUN or TURN transaction. >> >> “NOTE: When STUN and TURN are used with ICE, timer HTO is used instead of timer Ti [RFC5389] as transaction timeout timer.” >> >> My initial thought was: yes sounds good. >> >> But one of the side effects know from real world deployments is that results in the end-of-candidates indication coming in after a long time if one of the STUN or TURN servers is not reachable. >> I don’t want to make this a last minute change, but your indication that Ti explicitly got made shorter made me wonder if everyone in WG is aware of this usage of the long HTO value. >> >> Best >> Nils Ohlmeier >> >> >> >> Regards, >> >> Christer >> >> From: Black, David [mailto:David.Black@dell.com] >> Sent: 26 February 2018 16:54 >> To: Christer Holmberg <christer.holmberg@ericsson.com>;ice@ietf.org; draft-ietf-ice-rfc5245bis@ietf.org; ice-chairs@ietf.org >> Cc: jri@google.com; Black, David <David.Black@dell.com> >> Subject: RE: 5245bis: STUN/TURN transaction timeout timer >> >> That would be a fine thing to do, Thanks, --David >> >> From: Christer Holmberg [mailto:christer.holmberg@ericsson.com] >> Sent: Monday, February 26, 2018 9:22 AM >> To: Black, David <david.black@emc.com>; ice@ietf.org; draft-ietf-ice-rfc5245bis@ietf.org; ice-chairs@ietf.org >> Cc: jri@google.com >> Subject: Re: 5245bis: STUN/TURN transaction timeout timer >> >> Hi, >> >> >> But, still, is there a reason we couldn’t use ‘Ti’ also in 5245bis, and point out the big value difference when used with ICE? >> > >> >Given the nearly 2-orders-of-magnitude difference in the time periods, I’d be concerned that using the same name risks leaving an incorrect impression on an implementer who >> >is familiar with one protocol, but new to the other. Different names may also improve clarity in other documents that describe how STUN and ICE work together. >> >> Fair enough. But, should we then point out that Ti isn’t used with ICE? >> >> Regards, >> >> Christer >> >> >> >> From: Christer Holmberg [mailto:christer.holmberg@ericsson.com] >> Sent: Sunday, February 25, 2018 8:00 AM >> To: ice@ietf.org; draft-ietf-ice-rfc5245bis@ietf.org; ice-chairs@ietf.org >> Cc: Black, David <david.black@emc.com>; jri@google.com >> Subject: 5245bis: STUN/TURN transaction timeout timer >> >> Hi, >> >> In draft-5245bis, the name of the STUN/TURN transaction timeout timer is ‘HTO’. >> >> As part of the IESG review, I have been asked what the ‘H’ stands for. After some digging in the mail archives (2016-09-14), I figured out it stands for “handshake”: >> >> https://www.ietf.org/mail-archive/web/ice/current/msg00378.html >> >> “2. A timeout for request packets, call it handshake timeout or HTO which SHOULD be 2*RTT if the RTT is known and 500ms otherwise.” >> >> Now, in RFC 5389, the transaction timeout timer is called ‘Ti’. However, the default value for that SHOULD be 39,5 seconds – which is quite different from 500ms. >> >> But, still, is there a reason we couldn’t use ‘Ti’ also in 5245bis, and point out the big value difference when used with ICE? >> >> Regards, >> >> Christer >> _______________________________________________ >> Ice mailing list >> Ice@ietf.org >> https://www.ietf.org/mailman/listinfo/ice >
- [Ice] 5245bis: STUN/TURN transaction timeout timer Christer Holmberg
- Re: [Ice] 5245bis: STUN/TURN transaction timeout … Black, David
- Re: [Ice] 5245bis: STUN/TURN transaction timeout … Christer Holmberg
- Re: [Ice] 5245bis: STUN/TURN transaction timeout … Black, David
- Re: [Ice] 5245bis: STUN/TURN transaction timeout … Christer Holmberg
- Re: [Ice] 5245bis: STUN/TURN transaction timeout … Nils Ohlmeier
- Re: [Ice] 5245bis: STUN/TURN transaction timeout … Black, David
- Re: [Ice] 5245bis: STUN/TURN transaction timeout … Nils Ohlmeier
- Re: [Ice] 5245bis: STUN/TURN transaction timeout … Ari Keränen
- Re: [Ice] 5245bis: STUN/TURN transaction timeout … Christer Holmberg
- Re: [Ice] 5245bis: STUN/TURN transaction timeout … Christer Holmberg
- Re: [Ice] 5245bis: STUN/TURN transaction timeout … Christer Holmberg