IETF Logo Mail Archive

Re: [MMUSIC] (Rough) Consensus Call - No FQDN support in ice-sip-sdp

Christer Holmberg <christer.holmberg@ericsson.com> Tue, 21 May 2019 11:05 UTC

Return-Path: <christer.holmberg@ericsson.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 082E012012F for <mmusic@ietfa.amsl.com>; Tue, 21 May 2019 04:05:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.01
X-Spam-Level:
X-Spam-Status: No, score=-2.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o2mn1egMxusk for <mmusic@ietfa.amsl.com>; Tue, 21 May 2019 04:05:39 -0700 (PDT)
Received: from EUR03-VE1-obe.outbound.protection.outlook.com (mail-eopbgr50069.outbound.protection.outlook.com [40.107.5.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 08F73120122 for <mmusic@ietf.org>; Tue, 21 May 2019 04:05:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=oAOdTEKpM2/gu7iSxHSe3GIUDFIefaU4nMmUQHBF++4=; b=p0xN7eOENaMOXtFG7J8W9oGgrPqdNDVJeJ3xjmf2djWbrK1YGGpFWAFV/ibuIcUeL2IMfj8VtAW3z7dKXotXOPuKKOwQiNwJ/atdvckUWGXbyhMCCMhdtCjgBKEynuuLoBZeF4rwIgfFAeMiFXxFVAdObX0ILjpnStw/CbeCN3o=
Received: from HE1PR07MB3161.eurprd07.prod.outlook.com (10.170.245.23) by HE1PR07MB3275.eurprd07.prod.outlook.com (10.170.246.30) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1922.8; Tue, 21 May 2019 11:05:35 +0000
Received: from HE1PR07MB3161.eurprd07.prod.outlook.com ([fe80::c999:f848:9abc:d321]) by HE1PR07MB3161.eurprd07.prod.outlook.com ([fe80::c999:f848:9abc:d321%6]) with mapi id 15.20.1922.013; Tue, 21 May 2019 11:05:35 +0000
From: Christer Holmberg <christer.holmberg@ericsson.com>
To: Roman Shpount <roman@telurix.com>, Bernard Aboba <bernard.aboba@gmail.com>
CC: lemming Andreasen <fandreas@cisco.com>, mmusic <mmusic@ietf.org>
Thread-Topic: [MMUSIC] (Rough) Consensus Call - No FQDN support in ice-sip-sdp
Thread-Index: AQHVCT2tPwy1I9GoQ0ibIOLFdr9u/qZogFkAgACByACAC5w8gIAAFLKA///yEYCAABKwAP//9huAgAAUAYCAABwaAIAACskAgAAE3oCAAAepAIAAkysA
Date: Tue, 21 May 2019 11:05:35 +0000
Message-ID: <38ED39A2-A50E-4F6D-8370-F337FEF8042B@ericsson.com>
References: <77400318-1e2c-7d33-ab41-a3b8d0062b00@cisco.com> <CAMRcRGQ0gQ0c-pmBQ2ZOOX-5uGWkfy57Yu0QMuAp9ED2f8drwA@mail.gmail.com> <D7E2876E-E750-40C6-B33E-FC24F9CD0709@ericsson.com> <CAOW+2dsy5_cjH2BJJq7mRu9JaQNmh7oqWxUrFDPqBKaceffJaQ@mail.gmail.com> <2226B494-B058-45C8-901B-1B872218ECE7@ericsson.com> <CAD5OKxs2fvyqxjcNmNbqx+ToSpnaeqj5LyX4qz2rOuqFp3oBow@mail.gmail.com> <710E80DF-8389-4A5E-9DBE-5DF2D20E4F02@ericsson.com> <CAD5OKxtcEWmRvXanh7FsdQAD_fTFRnQc8HhkeLx9mz+-XUX7-Q@mail.gmail.com> <871E99E8-DA8D-4E71-B359-F2388479C38E@ericsson.com> <CAOW+2dvUAed2P-xCOvbcsHJGcs92=ad9T5K63xhpVqdKvjK2fw@mail.gmail.com> <CAD5OKxuU-wio4Af8me1OMo62vanu5y_PnQ3nq=UF6jh6yr1EFg@mail.gmail.com> <CAOW+2dskL5P+02xujeEL-SGVPQ8-Gy85hX_DE10TBDwaE1e2Xw@mail.gmail.com> <CAD5OKxu9zKxVhFFxiBzq6v67A18Msd1fZMhbrpXf1=NQAgceAQ@mail.gmail.com>
In-Reply-To: <CAD5OKxu9zKxVhFFxiBzq6v67A18Msd1fZMhbrpXf1=NQAgceAQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.19.0.190512
authentication-results: spf=none (sender IP is ) smtp.mailfrom=christer.holmberg@ericsson.com;
x-originating-ip: [157.190.0.15]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 498cddcb-cc1f-4a13-155e-08d6dddc401b
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600141)(711020)(4605104)(2017052603328)(7193020); SRVR:HE1PR07MB3275;
x-ms-traffictypediagnostic: HE1PR07MB3275:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <HE1PR07MB327595C5BF5C1C1F0FF9C4A793070@HE1PR07MB3275.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-forefront-prvs: 0044C17179
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(346002)(396003)(366004)(39860400002)(376002)(189003)(199004)(71200400001)(6486002)(83716004)(71190400001)(5660300002)(229853002)(14454004)(508600001)(966005)(6436002)(33656002)(66574012)(3846002)(6116002)(2906002)(53936002)(6306002)(236005)(54896002)(606006)(6246003)(6512007)(25786009)(256004)(14444005)(4326008)(66066001)(561944003)(186003)(102836004)(53546011)(6506007)(446003)(26005)(44832011)(68736007)(11346002)(2616005)(36756003)(76176011)(81166006)(81156014)(8676002)(8936002)(476003)(486006)(76116006)(91956017)(66946007)(66446008)(64756008)(66556008)(66476007)(110136005)(82746002)(316002)(86362001)(73956011)(99286004)(7736002)(58126008)(54906003); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR07MB3275; H:HE1PR07MB3161.eurprd07.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: ericsson.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: lm9e7CvZjtcSolUmazKmf6o47sGkMD6Bhpm3Lb/lU44IrRKT5eUIAPhgtCii8u0gSeu9fJIoPeqaAG3OzYJbgS7aeQDRHVh8Al3wzTMvP6Evs99u6H4TIioio+1D7Wf7hEUWffQfkYNHisWFjZkfmZ7rlhW34ZN6prj8YaenV1ekdtKxD+ZQjKofXn7HcGdgVhqXejTk6WDj7WWyvq4KkPfuCSIycLPqAiytG9yFvQS3c4aHVaoVBdMWNZpEJ6GGtwlUhoFAi3Hy1a5jXUGkucWbt2R+5reqwZbrMhHAnIABPv7+BQP7UDB3VvnTwEQOWBMJg6/gxo9mRiESdPPr5aU+Nr1SuzveUpN7x1co+DQ8ElGKvBk75w6KqSafLhc3tgYeZSOAgC35ykHD22hGOAjOoFb6w6r6ZQxYf6xq9h4=
Content-Type: multipart/alternative; boundary="_000_38ED39A2A50E4F6D8370F337FEF8042Bericssoncom_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 498cddcb-cc1f-4a13-155e-08d6dddc401b
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 May 2019 11:05:35.6374 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: christer.holmberg@ericsson.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB3275
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/0hjQK7HNyoZi4gNN6z3F2FPpK0Q>
Subject: Re: [MMUSIC] (Rough) Consensus Call - No FQDN support in ice-sip-sdp
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 May 2019 11:05:43 -0000

Hi,

> There was a bit of discussion earlier about this and the understanding was that RFC 8445 does not deal with FQDN or DNS resolution.
> RFC 8445 gets a list of candidates with IP Addresses. FQDN resolution as well as the format in which candidates are encoded would
> be a part of some other draft such ice-sip-sdp or an extension.

I agree.

As far as 8445 is concerned, each candidate is associated with an IP address and port. FQDN resolutions, encoding of the candidates etc are outside the scope.

Regards,

Christer


On Mon, May 20, 2019, 22:51 Bernard Aboba <bernard.aboba@gmail.com<mailto:bernard.aboba@gmail.com>> wrote:
I would recommend updating RFC 8445 to require that implementations that do not support FQDNs ignore them.  That way we can assume that implementations including an 'ice2' option will ignore FQDNs if they are unsupported.  Then the MDNS draft can cite RFC 8445.

On Mon, May 20, 2019 at 7:34 PM Roman Shpount <roman@telurix.com<mailto:roman@telurix.com>> wrote:
What do you suggest?

Most of the legacy implementations would fail to parse FQDN in the connection address.
Roman Shpount

On Mon, May 20, 2019, 21:55 Bernard Aboba <bernard.aboba@gmail.com<mailto:bernard.aboba@gmail.com>> wrote:
"If FQDN is allowed but ignored, this will allow "legacy" implementations to interop with ICE implementation which support mDNS or generic FQDN. How FQDN are resolved and how ICE agents specify to each other the these procedures are supported can and should be part of mDNS or generic FQND support draft. If I am missing something and something else is required, mDNS authors should comment."

[BA] Unfortunately, RFC 5245 did not mandate that FQDNs be ignored by implementations that did not choose to support them.  All it says is this:


<connection-address>:  is taken from RFC 4566<https://tools.ietf.org/html/rfc4566> [RFC4566<https://tools.ietf.org/html/rfc4566>].  It is the

      IP address of the candidate, allowing for IPv4 addresses, IPv6

      addresses, and fully qualified domain names (FQDNs).  When parsing

      this field, an agent can differentiate an IPv4 address and an IPv6

      address by presence of a colon in its value - the presence of a

      colon indicates IPv6.  An agent MUST ignore candidate lines that

      include candidates with IP address versions that are not supported

      or recognized.  An IP address SHOULD be used, but an FQDN MAY be

      used in place of an IP address.  In that case, when receiving an

      offer or answer containing an FQDN in an a=candidate attribute,

      the FQDN is looked up in the DNS first using an AAAA record

      (assuming the agent supports IPv6), and if no result is found or

      the agent only supports IPv4, using an A.  If the DNS query

      returns more than one IP address, one is chosen, and then used for

      the remainder of ICE processing.

So while there are good reasons why modern ICE implementations should support FQDNs (e.g. for NAT64 support), "legacy" implementations are by definition not modern.  Given that RFC 5245-compliant implementations were not obligated to either send FQDNs or to correctly handle them if they were not supported, we need to look at what legacy implementations do, not what we would prefer that they do.

Since RFC 5245 did not mandate either FQDN support or even resilient behavior in non-supporting implementations, problems such as the one below (or much worse) are to be expected:
https://bugs.chromium.org/p/webrtc/issues/detail?id=4165

So if were are attempting to interoperate with the vast body of existing implementations, we should assume that we have to contend with legacy implementations have been baked into equipment, or forked to create mobile applications that have not been resync'd in years.  Note that this is a very different circumstance from browser-browser interop where "evergreen" is rapidly becoming the rule among WebRTC-capable browsers.

On Mon, May 20, 2019 at 4:14 PM Christer Holmberg <christer.holmberg@ericsson.com<mailto:christer.holmberg@ericsson.com>> wrote:
Hi,

>If FQDN is allowed but ignored, this will allow "legacy" implementations to interop with ICE implementation which support mDNS or generic FQDN.
>How FQDN are resolved and how ICE agents specify to each other the these procedures are supported can and should be part of mDNS or generic
>FQND support draft. If I am missing something and something else is required, mDNS authors should comment.

I don’t think you are missing anything.

So far this is my proposal for ice-sip-sdp connection address definition which should implement option 2:

><connection-address>: :: is taken from RFC 4566 <<RFC4566>>. It is the IP address of the candidate, allowing for IPv4 addresses, IPv6 addresses, and fully qualified domain names (FQDNs).  When >parsing this field, an agent can differentiate  an IPv4 address and an IPv6 address by presence of a colon in its value - the presence of a colon indicates IPv6.  An agent MUST ignore candidate lines >that include candidates with FQDN or IP address versions that are not supported or recognized.  Handling of FQDN addresses in candidate can be defined in the future specification. If candidate >with FQDN <connection-address> is the default destination/candidate, the the "c=" address type MUST be set the IP address family for the FQDN DNS resolution result and the "c=" connection >address MUST be set to FQDN. Differences in the "c=" line address family and type with FQDN resolution result MUST not cause ICE support verification failure.

Minor change suggestion:

"The procedures for handling FQDN addresses, and for agents to indicate support of such procedures, need to be specified in an extension specification."

Regards,

Christer

v2.23.0 | Report a Bug | By Email