IETF Logo Mail Archive

Re: [MMUSIC] (Rough) Consensus Call - No FQDN support in ice-sip-sdp

Suhas Nandakumar <suhasietf@gmail.com> Tue, 21 May 2019 05:02 UTC

Return-Path: <suhasietf@gmail.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 734B71200DB for <mmusic@ietfa.amsl.com>; Mon, 20 May 2019 22:02:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ez4E68LrVczX for <mmusic@ietfa.amsl.com>; Mon, 20 May 2019 22:02:00 -0700 (PDT)
Received: from mail-vk1-xa2d.google.com (mail-vk1-xa2d.google.com [IPv6:2607:f8b0:4864:20::a2d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8124012004B for <mmusic@ietf.org>; Mon, 20 May 2019 22:02:00 -0700 (PDT)
Received: by mail-vk1-xa2d.google.com with SMTP id k1so4475501vkb.2 for <mmusic@ietf.org>; Mon, 20 May 2019 22:02:00 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=pzEWUjp/+Fb4/zEYwI8xEI25fn1+Opdrc2pIGxLshVw=; b=p8FPZut71MahCKy4hbZxBUCyK54YJSOnj34h+pHbdjuPRTIfYlsSdEVIIoZYF4YUCy ScZmeCQ6r+7R/IMjGEBia3pTzarCZ5WbXCs6D8gOX3902CDfkLUwZbZJYYkbmo0/pY6r Vbit+D2qvH4K4jupyxWFATlq8dCGH1WxiSl6RZYkmFdFemYytTeGSmIN3tr+T1XjTCMR wXxxNuQlWrxBAmz3bGjQc0Ti08QEck21S7aTXVQ2YxOVKxLPPK9Qs20AfSuzvVjnF0Kq OauMoW2uBs+1UbSazz8X7ONuX4TUlcZw7mpeW9fAdHb2rUTYTcvZQDIZFFEzxM4W1Prn BNyg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=pzEWUjp/+Fb4/zEYwI8xEI25fn1+Opdrc2pIGxLshVw=; b=d9i7gzgUFlLAGHpvJldR7kV0G/cNJCXI4VKoufHFWcwaFyhRwq47H4VYdAxwF5U6nB uuIJHCkiOtl2SM1xYLRaknVV2jEK/tIf5VFBUUZbKYOAiREprhhbytUBWairwJ+PUPxY XVccJm0Jb5Vy05/LsKlMXYm0p8QvSitR0GzqKYaP7C36c5jCShHRqfMUJpvwPbOgTWY0 q5Mm2caQOpVUfWaqqZ2wwFFZ8u+XBfw1/jdvq47/BjWi1R1cc7LS/BpcpxUTQmeUycfX kMcSVgNNtJzJfdb28Ove5ftIwnv+0Dd0ehKnbQ9twvHRx5FLOK13GsgfeclL4pPltruk 42Aw==
X-Gm-Message-State: APjAAAXuzmM5hApDTJMJJeZ+k8NZKxoAKVKOu0gHA3Gm3KyInU0xwUEi TEGLT8tdPCs8z5YVwK1o3ZimszSEeR/AfursY3Q=
X-Google-Smtp-Source: APXvYqzcXbBOvyzeqksa94tScjt/kzQ3XuWvJwpIlkrTfENwse7sorv0pm9x5K7lf40hL6abXqgZZ9hb2wUVxmU8wlE=
X-Received: by 2002:a1f:a611:: with SMTP id p17mr11141642vke.50.1558414919543; Mon, 20 May 2019 22:01:59 -0700 (PDT)
MIME-Version: 1.0
References: <77400318-1e2c-7d33-ab41-a3b8d0062b00@cisco.com> <CAMRcRGQ0gQ0c-pmBQ2ZOOX-5uGWkfy57Yu0QMuAp9ED2f8drwA@mail.gmail.com> <D7E2876E-E750-40C6-B33E-FC24F9CD0709@ericsson.com> <CAOW+2dsy5_cjH2BJJq7mRu9JaQNmh7oqWxUrFDPqBKaceffJaQ@mail.gmail.com> <2226B494-B058-45C8-901B-1B872218ECE7@ericsson.com> <CAD5OKxs2fvyqxjcNmNbqx+ToSpnaeqj5LyX4qz2rOuqFp3oBow@mail.gmail.com> <710E80DF-8389-4A5E-9DBE-5DF2D20E4F02@ericsson.com> <CAD5OKxtcEWmRvXanh7FsdQAD_fTFRnQc8HhkeLx9mz+-XUX7-Q@mail.gmail.com> <871E99E8-DA8D-4E71-B359-F2388479C38E@ericsson.com> <CAOW+2dvUAed2P-xCOvbcsHJGcs92=ad9T5K63xhpVqdKvjK2fw@mail.gmail.com> <CAD5OKxuU-wio4Af8me1OMo62vanu5y_PnQ3nq=UF6jh6yr1EFg@mail.gmail.com> <CAOW+2dskL5P+02xujeEL-SGVPQ8-Gy85hX_DE10TBDwaE1e2Xw@mail.gmail.com> <CAD5OKxu9zKxVhFFxiBzq6v67A18Msd1fZMhbrpXf1=NQAgceAQ@mail.gmail.com>
In-Reply-To: <CAD5OKxu9zKxVhFFxiBzq6v67A18Msd1fZMhbrpXf1=NQAgceAQ@mail.gmail.com>
From: Suhas Nandakumar <suhasietf@gmail.com>
Date: Mon, 20 May 2019 22:01:48 -0700
Message-ID: <CAMRcRGTKJmPCr4MZsK613csJ2yXHZzoDFzMtDujui4-NVZkH1A@mail.gmail.com>
To: Roman Shpount <roman@telurix.com>
Cc: Bernard Aboba <bernard.aboba@gmail.com>, Christer Holmberg <christer.holmberg@ericsson.com>, lemming Andreasen <fandreas@cisco.com>, mmusic <mmusic@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000b1300e05895ebf86"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/1l0tcrZoFMU2e007fAQEN4H-2L8>
Subject: Re: [MMUSIC] (Rough) Consensus Call - No FQDN support in ice-sip-sdp
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 May 2019 05:02:03 -0000

On Mon, May 20, 2019 at 8:19 PM Roman Shpount <roman@telurix.com> wrote:

> There was a bit of discussion earlier about this and the understanding was
> that RFC 8445 does not deal with FQDN or DNS resolution. RFC 8445 gets a
> list of candidates with IP Addresses. FQDN resolution as well as the format
> in which candidates are encoded would be a part of some other draft such
> ice-sip-sdp or an extension.
>

[suhas] .. I don’t understand why FQDN resolution should be scoped in
ice-sip-sdp whose main purposes is offer / answer negotiation and yes
encoding provided candidates. I agree with Bernard and vote to move fqdn
resolution outside ice-sip-sdp into a new draft



>
> Also, using ice2 option does not help much since offer with FQDN in
> connection address would have to be generated before agent knows if remote
> party supports ice2. Bottom line is if remote party fails to parse FQDN
> there is nothing that can be done to generate an offer that will be
> compatible (except for putting FQDN in candidate extension). If FQDN is
> ignored or handled according to RFC 5245 procedure then it is safe to
> insert FQDN in contact address since either behavior would no worse then
> candidate pair connectivity check failing.
>
> Roman Shpount
>
> On Mon, May 20, 2019, 22:51 Bernard Aboba <bernard.aboba@gmail.com> wrote:
>
>> I would recommend updating RFC 8445 to require that implementations that
>> do not support FQDNs ignore them.  That way we can assume that
>> implementations including an 'ice2' option will ignore FQDNs if they are
>> unsupported.  Then the MDNS draft can cite RFC 8445.
>>
>> On Mon, May 20, 2019 at 7:34 PM Roman Shpount <roman@telurix.com> wrote:
>>
>>> What do you suggest?
>>>
>>> Most of the legacy implementations would fail to parse FQDN in the
>>> connection address.
>>>
>>> Roman Shpount
>>>
>>> On Mon, May 20, 2019, 21:55 Bernard Aboba <bernard.aboba@gmail.com>
>>> wrote:
>>>
>>>> "If FQDN is allowed but ignored, this will allow "legacy"
>>>> implementations to interop with ICE implementation which support mDNS or
>>>> generic FQDN. How FQDN are resolved and how ICE agents specify to each
>>>> other the these procedures are supported can and should be part of mDNS or
>>>> generic FQND support draft. If I am missing something and something else is
>>>> required, mDNS authors should comment."
>>>>
>>>> [BA] Unfortunately, RFC 5245 did not mandate that FQDNs be ignored by
>>>> implementations that did not choose to support them.  All it says is this:
>>>>
>>>> <connection-address>:  is taken from RFC 4566 <https://tools.ietf.org/html/rfc4566> [RFC4566 <https://tools.ietf.org/html/rfc4566>].  It is the
>>>>       IP address of the candidate, allowing for IPv4 addresses, IPv6
>>>>       addresses, and fully qualified domain names (FQDNs).  When parsing
>>>>       this field, an agent can differentiate an IPv4 address and an IPv6
>>>>
>>>>       address by presence of a colon in its value - the presence of a
>>>>       colon indicates IPv6.  An agent MUST ignore candidate lines that
>>>>       include candidates with IP address versions that are not supported
>>>>       or recognized.  An IP address SHOULD be used, but an FQDN MAY be
>>>>       used in place of an IP address.  In that case, when receiving an
>>>>       offer or answer containing an FQDN in an a=candidate attribute,
>>>>       the FQDN is looked up in the DNS first using an AAAA record
>>>>       (assuming the agent supports IPv6), and if no result is found or
>>>>       the agent only supports IPv4, using an A.  If the DNS query
>>>>       returns more than one IP address, one is chosen, and then used for
>>>>       the remainder of ICE processing.
>>>>
>>>>
>>>> So while there are good reasons why modern ICE implementations should
>>>> support FQDNs (e.g. for NAT64 support), "legacy" implementations are by
>>>> definition not modern.  Given that RFC 5245-compliant implementations were
>>>> not obligated to either send FQDNs or to correctly handle them if they were
>>>> not supported, we need to look at what legacy implementations do, not what
>>>> we would prefer that they do.
>>>>
>>>> Since RFC 5245 did not mandate either FQDN support or even resilient
>>>> behavior in non-supporting implementations, problems such as the one below
>>>> (or much worse) are to be expected:
>>>> https://bugs.chromium.org/p/webrtc/issues/detail?id=4165
>>>>
>>>> So if were are attempting to interoperate with the vast body of
>>>> existing implementations, we should assume that we have to contend with
>>>> legacy implementations have been baked into equipment, or forked to create
>>>> mobile applications that have not been resync'd in years.  Note that this
>>>> is a very different circumstance from browser-browser interop where
>>>> "evergreen" is rapidly becoming the rule among WebRTC-capable browsers.
>>>>
>>>> On Mon, May 20, 2019 at 4:14 PM Christer Holmberg <
>>>> christer.holmberg@ericsson.com> wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>> >If FQDN is allowed but ignored, this will allow "legacy"
>>>>> implementations to interop with ICE implementation which support mDNS or
>>>>> generic FQDN.
>>>>> >How FQDN are resolved and how ICE agents specify to each other the
>>>>> these procedures are supported can and should be part of mDNS or generic
>>>>> >FQND support draft. If I am missing something and something else is
>>>>> required, mDNS authors should comment.
>>>>>
>>>>> I don’t think you are missing anything.
>>>>>
>>>>> So far this is my proposal for ice-sip-sdp connection address
>>>>> definition which should implement option 2:
>>>>>
>>>>> ><connection-address>: :: is taken from RFC 4566 <<RFC4566>>. It is
>>>>> the IP address of the candidate, allowing for IPv4 addresses, IPv6
>>>>> addresses, and fully qualified domain names (FQDNs).  When >parsing this
>>>>> field, an agent can differentiate  an IPv4 address and an IPv6 address by
>>>>> presence of a colon in its value - the presence of a colon indicates IPv6.
>>>>> An agent MUST ignore candidate lines >that include candidates with FQDN or
>>>>> IP address versions that are not supported or recognized.  Handling of FQDN
>>>>> addresses in candidate can be defined in the future specification. If
>>>>> candidate >with FQDN <connection-address> is the default
>>>>> destination/candidate, the the "c=" address type MUST be set the IP address
>>>>> family for the FQDN DNS resolution result and the "c=" connection >address
>>>>> MUST be set to FQDN. Differences in the "c=" line address family and type
>>>>> with FQDN resolution result MUST not cause ICE support verification failure.
>>>>>
>>>>> Minor change suggestion:
>>>>>
>>>>> "The procedures for handling FQDN addresses, and for agents to
>>>>> indicate support of such procedures, need to be specified in an extension
>>>>> specification."
>>>>>
>>>>> Regards,
>>>>>
>>>>> Christer
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
> mmusic mailing list
> mmusic@ietf.org
> https://www.ietf.org/mailman/listinfo/mmusic
>

v2.23.0 | Report a Bug | By Email