IETF Logo Mail Archive

Re: [MMUSIC] Question about draft-ietf-rtcweb-mdns-ice-candidates

Roman Shpount <roman@telurix.com> Tue, 15 December 2020 17:43 UTC

Return-Path: <roman@telurix.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7BC0A3A1280 for <mmusic@ietfa.amsl.com>; Tue, 15 Dec 2020 09:43:09 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=telurix-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ow9XTddURkIm for <mmusic@ietfa.amsl.com>; Tue, 15 Dec 2020 09:43:07 -0800 (PST)
Received: from mail-oi1-x22c.google.com (mail-oi1-x22c.google.com [IPv6:2607:f8b0:4864:20::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 56A723A0EF2 for <mmusic@ietf.org>; Tue, 15 Dec 2020 09:43:07 -0800 (PST)
Received: by mail-oi1-x22c.google.com with SMTP id 15so24233677oix.8 for <mmusic@ietf.org>; Tue, 15 Dec 2020 09:43:07 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telurix-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=zinXKVwoIQr2vgexqqev3bZ7vjhHDz0lmmN32AI3M9Y=; b=Jhwo0G/9Ev6RG/MUucRJ949jqvj1w0H+xyAEFL9CasAlTjfS63gvzojDOZKk48pYSR c1aJUpge5rH746luPej4uYISCGns+50Z9V2hgctxZsNiT2O3dpliyGLdJx+oItD/IMDK +ZHCZZvy7pD6rKRJGaQc84KdVYseZC+917hgTn0yNAqPbuaK7NTUetuYDX92D4Dpvb1l 8olKFN8j9m4z2WpXInIhYSJSiyk9g56uBAkyu1yzLUFtM7CEuOgrm2b3H5pkwRxPKfwJ BDpg/KEPK35eLVVO3WTJSJfeby3wHEKKmC9IMS5q+gi2Vvrk3Drf2uD6s8UQR5tKulnF lkRg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=zinXKVwoIQr2vgexqqev3bZ7vjhHDz0lmmN32AI3M9Y=; b=NmIdDTgxz6mPYVule++RQ2N6AyPsxSbMrx11immVzYC/eECJf1FL/v89XK8bdMxjmR F+dtv38TBwEir0zN6XKscjI5elTuj978McKitZw517T8rCENk58ttswT9AU/Bdn+m/Bd EcQ5ZH7F5eKRWjhqLpEb9MdTY8c9li6kKkWOWEU95qlxkf7UADJd5UR8zjY+8XW6XvD8 P3IC7z7dTvkBQDkcgU9tDTNSUhKzyo9riHFztpsiOiZcael4kaeP1XXCnx63jcbbctKe fusMGYYzlroMZt2++yUCa/3MFejdk+Yck70aSh2HiA4fZLoBvlGBBl0jhFJ/rm40lXic jgmA==
X-Gm-Message-State: AOAM532ePtFqhUwUeB8diGVfMX1Nkq/jjI9YE7Y1UOYXqYhCZRAYpnu5 1N+H7jj6kVpgN18FdVHrFGGXH+DTNkWY3A==
X-Google-Smtp-Source: ABdhPJx5o0PJvoeTQqVRSSvWEyjqcgY4ih2I1M30v0Txog/qzEx5g9jY+IKxPaRxx8Gb4I+CNCy8cw==
X-Received: by 2002:aca:2301:: with SMTP id e1mr17185oie.22.1608054186166; Tue, 15 Dec 2020 09:43:06 -0800 (PST)
Received: from mail-ot1-f44.google.com (mail-ot1-f44.google.com. [209.85.210.44]) by smtp.gmail.com with ESMTPSA id 63sm567729otx.2.2020.12.15.09.43.05 for <mmusic@ietf.org> (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Tue, 15 Dec 2020 09:43:05 -0800 (PST)
Received: by mail-ot1-f44.google.com with SMTP id b24so2697451otj.0 for <mmusic@ietf.org>; Tue, 15 Dec 2020 09:43:05 -0800 (PST)
X-Received: by 2002:a9d:650e:: with SMTP id i14mr5931561otl.19.1608054185009; Tue, 15 Dec 2020 09:43:05 -0800 (PST)
MIME-Version: 1.0
References: <CAOJ7v-1VEsXobYaq0UdOkaGLGbnNH40srDX+tg+OYZivGRVhNw@mail.gmail.com> <c13a7ebd-73d3-4429-3f0c-77071dda62c6@cisco.com> <1509C133-A893-4F44-9859-541B1F31F95B@apple.com> <CA+m752+V5r+-CB=4-ckhTWRUdHy+2Ap1UxRk-2mafDOhFhtGnA@mail.gmail.com> <8f1951af-d0a3-1f05-c3a8-a2a907a8320c@cisco.com> <CAOJ7v-1Aj2jSxPqFzVqvDZz1CP9=KpVGUxpAg16i+63iT5gsNg@mail.gmail.com> <CAOJ7v-3OQDEy_OYnDeU0KWw88m6W0pR_or9CYPiEJuAnEX0W-w@mail.gmail.com> <e14ba43d-ba21-609f-223e-d1f703fb9770@cisco.com> <CA+m752LWz=SkCHGwzBXzMkEyWb3R5A20OVAsjGiGbE8g=6dciA@mail.gmail.com> <7111cec3-35de-7067-6d4f-b62063224d53@cisco.com> <597A03E6-DBD1-4EA1-BFE3-F24FCF028CFC@apple.com> <dde99284-53ba-12fd-af69-62798a811ec3@cisco.com> <CAD5OKxv6f0GeL5xqaVuCtzFLE0Rkzse6LdiSty-4zxYqBm_YFQ@mail.gmail.com> <CAOJ7v-2c7p6+K6aZfyeBNB71X-1aBNFCZtnfb1A-TCtb3ma7-A@mail.gmail.com> <a489fb7e-1d70-e79a-d4a9-683f43b7e691@cisco.com> <CAOJ7v-2tEZkzrdFyQ_64bY+O8XXGkPRUk75Ejnwn36P=KHv+Hw@mail.gmail.com> <4a30a974-fbef-5b79-d91d-43f0ab3abca9@cisco.com> <8C5F94F4-5226-4875-AE25-07D0551566B8@apple.com> <AM0PR07MB386020B236D6C7676DBB150193C70@AM0PR07MB3860.eurprd07.prod.outlook.com> <CAD5OKxuznrD2JtWSo3rKpQFAOhzLpy=HjMvsCs5UVsRi9EDZ4g@mail.gmail.com> <CAD5OKxuKx=-grwDkXSFrboXdkbO4KOZBh85aHJaLr+fTyNM48w@mail.gmail.com> <CA+m752+GzWqVQHVELVkGbyRH4y0cR7o0TjL3+PvKUZwhYJX0jA@mail.gmail.com> <CAD5OKxvJSkroHR36r3tkh9Z6mduWn8ZXyN9Pzi8migdh9Dd3UQ@mail.gmail.com> <7AE9B4D4-294D-4CDC-8AE9-DD1A73B8CB0B@apple.com>
In-Reply-To: <7AE9B4D4-294D-4CDC-8AE9-DD1A73B8CB0B@apple.com>
From: Roman Shpount <roman@telurix.com>
Date: Tue, 15 Dec 2020 12:42:53 -0500
X-Gmail-Original-Message-ID: <CAD5OKxvsOwUE=f7rhHumM2PokL86uqPqC00K-RynsV9xqYAocQ@mail.gmail.com>
Message-ID: <CAD5OKxvsOwUE=f7rhHumM2PokL86uqPqC00K-RynsV9xqYAocQ@mail.gmail.com>
To: Youenn Fablet <youenn@apple.com>
Cc: Qingsi Wang <qingsi@google.com>, Justin Uberti <juberti@google.com>, mmusic WG <mmusic@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000007a28fa05b6844a89"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/6-6-eEx9DMtZr4WgR7j6-uUu0GU>
Subject: Re: [MMUSIC] Question about draft-ietf-rtcweb-mdns-ice-candidates
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Dec 2020 17:43:10 -0000

I understand what you are saying, but my point is, this draft would need to
specify procedures for MDNS allocation (it already does so) and resolution,
which ensures that each MDNS FQDN is resolved to only one address. I am
trying to figure out if local DNS proxy in CLAT would affect MDNS
resolution, especially if implemented as a part of the DNS resolution
library, and I cannot definitively see that.
_____________
Roman Shpount


On Tue, Dec 15, 2020 at 5:50 AM Youenn Fablet <youenn@apple.com> wrote:

> A few thoughts from looking at the solution you are proposing.
>
> In general, the fact that the candidate priority is affected might not
> prevent the connection to happen.
> I am not sure a change of the candidate priority warrants adding the
> expected address type.
>
> If an ICE agent gets multiple IP addresses from resolving a FQDN
> candidate, the ICE agent might either drop the candidate or select an IP
> address from an unexpected address type.
> This might affect connection establishment.
> As Qingsi said, the draft contains mitigations so that this situation
> should not happen for mDNS candidates.
> This could potentially happen for non mDNS FQDN candidates but is outside
> the scope of the mDNS draft.
>
> On 15 Dec 2020, at 06:25, Roman Shpount <roman@telurix.com> wrote:
>
> Based on this, do you assume that the ICE agent will directly resolve MDNS
> candidates without using any third-party libraries or going through DNS
> proxies?
>
> My concern is that DNS proxy running in the CLAT in the mobile device can
> translate IPv4 address to IPv6 address. I was looking for an implementation
> where CLAT is located on the device is running in combination with MDNS but
> could not find anything. I think DNS translation is done in the client
> library on Android when 464XLAT is used, but I might be wrong since I don't
> directly deal with this.
> _____________
> Roman Shpount
>
>
> On Mon, Dec 14, 2020 at 3:40 PM Qingsi Wang <qingsi@google.com> wrote:
>
>> > Is it possible for an IPv4 MDNS name allocated by one end-point to be
>> resolved as IPv6 address by another end-point, or visa-versa (IPv6 MDNS
>> name be resolved as IPv4)?
>>
>> I don't think so given the requirement in the draft and also available
>> implementation options of mDNS responder in an ICE agent. The draft
>> requires an ICE agent to expose different mDNS names for each address if it
>> uses an interface with both IPv4 and IPv6 addresses. As a result, even if
>> there is caching in the subnet by other endpoints and another endpoint
>> tries to reply to a query for the name, the resolution should be
>> consistent. As an implementation strategy, the ICE agent can 1) set the
>> cache-flush bit in their response (and/or announcement) per RFC 6762 to
>> indicate this is not a shared record type and purge inconsistency in the
>> subnet, and 2) attach a NSEC record in the additional section of the
>> response to indicate the sole existence of either A or quar-A record of a
>> name. This is admittedly all based on the assumption that there is no rogue
>> endpoint that tries to mess the local messages, which is a different story
>> outside the scope of this draft.
>>
>> > I specifically would like to know if something like 464XLAT can cause
>> MDNS resolution results to be converted to a different IP address type.
>>
>> I don't recall behaviors like this in 464XLAT or NAT (not expecting them
>> to change the packet payload).
>>
>> On Mon, Dec 14, 2020 at 12:06 PM Roman Shpount <roman@telurix.com> wrote:
>>
>>> I have a general question about MDNS that will affect the
>>> mdns-ice-candidate draft:
>>>
>>> Is it possible for an IPv4 MDNS name allocated by one end-point to be
>>> resolved as IPv6 address by another end-point, or visa-versa (IPv6 MDNS
>>> name be resolved as IPv4)?
>>>
>>> I specifically would like to know if something like 464XLAT can cause
>>> MDNS resolution results to be converted to a different IP address type.
>>>
>>> If this can happen, then the MDNS candidate can generate more than one
>>> local candidate or a candidate of a different address type, affecting
>>> candidate priority. I think the stability of the FQDN candidate resolution,
>>> including the MDNS candidate resolution, can improve if the expected
>>> address type is specified for each candidate as a candidate extension.
>>> _____________
>>> Roman Shpount
>>> _______________________________________________
>>> mmusic mailing list
>>> mmusic@ietf.org
>>> https://www.ietf.org/mailman/listinfo/mmusic
>>>
>>
>

v2.23.0 | Report a Bug | By Email