Re: [MMUSIC] ICE candidate address selection update draft

"Dan Wing" <> Wed, 08 August 2012 16:05 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 2035C21F86EB for <>; Wed, 8 Aug 2012 09:05:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -110.497
X-Spam-Status: No, score=-110.497 tagged_above=-999 required=5 tests=[AWL=0.102, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id BJzZlZYr15QW for <>; Wed, 8 Aug 2012 09:05:15 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id BE10521F86F1 for <>; Wed, 8 Aug 2012 09:05:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;;; l=4667; q=dns/txt; s=iport; t=1344441915; x=1345651515; h=from:to:cc:references:in-reply-to:subject:date: message-id:mime-version:content-transfer-encoding; bh=wiFXNJPYTozMgFwBc/QFXcHC/2odtILn+wqQTtMoqTw=; b=ImapeAjW7tsxNsNOLmBFWNzMwGFpzcwYBH7mcZrCVCsAYAqwli26E8+c sESZy1P0gUaBFhnzrceN57S1wfhSpWpDG2dRa921tg84P0fKzapYPIrY2 KO5mUBXfOOvj3dPSjfzwymRBthKshUQD5DDirPPx5X4EF3yw0ivqk+RmC s=;
X-IronPort-AV: E=Sophos;i="4.77,733,1336348800"; d="scan'208";a="51333947"
Received: from ([]) by with ESMTP; 08 Aug 2012 16:05:14 +0000
Received: from dwingWS ( []) by (8.14.5/8.14.5) with ESMTP id q78G5EAt017360; Wed, 8 Aug 2012 16:05:14 GMT
From: Dan Wing <>
To: "'Pal Martinsen (palmarti)'" <>, 'Jonathan Lennox' <>
References: <> <> <> <> <> <> <> <> <> <C3759687E4991243A1A0BD44EAC823034DF5B10A45@BE235.mail.lan> <092c01cd746c$5e7c8040$1b7580c0$@com> <C3759687E4991243A1A0BD44EAC823034DF5B10A86@BE235.mail.lan> <>
In-Reply-To: <>
Date: Wed, 08 Aug 2012 09:05:14 -0700
Message-ID: <0e2801cd757f$98a72680$c9f57380$@com>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Office Outlook 12.0
Content-Language: en-us
Subject: Re: [MMUSIC] ICE candidate address selection update draft
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Wed, 08 Aug 2012 16:05:21 -0000

> -----Original Message-----
> From: Pal Martinsen (palmarti) []
> Sent: Tuesday, August 07, 2012 11:30 AM
> To: Jonathan Lennox
> Cc: Dan Wing (dwing); Ari Keranen;
> Subject: Re: [MMUSIC] ICE candidate address selection update draft
> On Aug 7, 2012, at 11:53 AM, Jonathan Lennox <>
> wrote:
> > On Tuesday, August 7 2012, "Dan Wing" wrote to "'Jonathan Lennox',
> 'Ari Keranen'," saying:
> >
> >> Mine would be to take the list of IPv6 and IPv4 addresses and try
> them
> >> in the order described by ICE (which currently recommends following
> >> the OS's default, which is sometimes hard to get depending on the
> OS).
> From a ICE multi platform library developer that is somewhat of a
> nightmare.
> Guess it can be solved by having a reasonable interface that the
> application
> that uses the library can fill in the defaults. Having reasonable
> default values
> is important as some platforms might not be able to set the values.
> >>
> >> But if the first IPv6 candidate didn't return a connectivity checks
> >> quickly (let's say, 150ms), initiate a connectivity check on the
> >> highest priority IPv4 address next.  In that 150ms, based on ICE's
> >> pacing, many IPv6 addresses will have been tried.  150ms gives
> plenty
> >> of time for IPv6 to 'win', before using an IPv4 resource that is
> >> likely shared with IPv4-only devices.
> >
> > Can't this result in the endpoints getting out of sync with the order
> of the checklist?  If one side has started IPv4 while the other hasn't,
> you won't have the outbound packets coming from one side to create the
> port bindings.
> >
> It can at least potentially introduce more "kamikaze" packets and delay
> the result. The STUN transaction have 10 retransmits and would timeout
> long after the checklist is empty.
> To maintain the speed of ICE negotiation and keep call setup times low
> I think we should consider looking at the pacing of the conn checks.
> The rationale behind the pacing was not to overwhelm the NATs.

Yes.  And also to reduce the concern that ICE connectivity checks 
could flood a link.

> Have the
> world move slightly towards better NATs? Looking from the perspective
> of an endpoint sending 1080p60 video streams the pacing seem a bit
> conservative?

The problem, even at the time, was not pps or bandwidth throughput of
the NATs.  Rather, it was that NATs would not create new mappings
quick enough and drop the STUN Binding Request.  This would be re-
transmitted and make it through the NAT, but that retransmit was 
obviously harmful for call setup times.  As all the connectivity
checks are supposed to be sent from the same source address and
port on the client, a new mapping is only necessary for NATs which
have "address dependent mapping" or "address and port dependent
mapping" behavior.

I just checked, and couldn't find a test of UDP mapping speed
draft-jennings-behave-test-results, or  Perhaps there
are tests available somewhere else.

> And how does the different paths (IPv4, IPv6, multi
> homed) impact the pacing? Could we do more in parallel without
> overwhelm the NATs?

I'm sure we could.

We could also be more aggressive with STUN retransmissions, and
less aggressive at trying new candidates.  That depends on our 
confidence that the candidates are in the proper order, and if
we can move a connection to a new candidate.  RTP can be moved
pretty easily; TCP cannot.  Before ICE completes, we could move
RTP sessions around without draft-wing-mmusic-ice-mobility.

It is probably worth backing up and enumerating the problem(s) we 
have with ICE, and then deciding what we want to solve.

> I am wondering if we could do something smart with prioritising the
> checklist and triggered checks to make sure IPv6 wins if there is
> connectivity? I have to little understanding if IPv6 and all the
> different addresses to clearly formulate the idea at the moment.
> (Hoping this may trigger something for someone.)

ICE was written before there was wide acceptance that the IPv6 path
is sometimes broken.  Tweaking ICE to better accommodate that reality
seems worthwhile.


> .-.
> Pål-Erik
> > --
> > Jonathan Lennox
> >
> > _______________________________________________
> > mmusic mailing list
> >
> >