Re: [MMUSIC] FQDN support in ice-sip-sdp

Christer Holmberg <> Sun, 14 April 2019 08:43 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id B52EF1201A1 for <>; Sun, 14 Apr 2019 01:43:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.002
X-Spam-Status: No, score=-2.002 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id pWKp7WBES176 for <>; Sun, 14 Apr 2019 01:43:24 -0700 (PDT)
Received: from ( []) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 1F4B4120020 for <>; Sun, 14 Apr 2019 01:43:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=nS/fWeRhZFl6EizyEHIX/Tof/7Re9SKFf/e/a5I6oXI=; b=XK6kjeG2i4mAlYLkQcN5ix/1v1BrvgTKCmp/6C1l71K7d2YqekTaPKRqynVfV8Kk8CqMk6jngfEIHAN49lNl2rnXllTnmYEF57s7rcyFAvTNusCtmH3PMv2jVsGZn0ZDNBi4gPEkp9uv2LssabBpNcYtNRRYudtdcZ5r7DzUt/k=
Received: from ( by ( with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1813.9; Sun, 14 Apr 2019 08:43:20 +0000
Received: from ([fe80::747a:900a:3053:2184]) by ([fe80::747a:900a:3053:2184%2]) with mapi id 15.20.1813.009; Sun, 14 Apr 2019 08:43:20 +0000
From: Christer Holmberg <>
To: Roman Shpount <>
CC: Suhas Nandakumar <>, mmusic WG <>, Flemming Andreasen <>
Thread-Topic: [MMUSIC] FQDN support in ice-sip-sdp
Date: Sun, 14 Apr 2019 08:43:20 +0000
Message-ID: <>
References: <> <> <> <> <> <> <> <> <> <>
In-Reply-To: <>
Accept-Language: en-US
Content-Language: en-US
user-agent: Microsoft-MacOutlook/
authentication-results: spf=none (sender IP is );
x-originating-ip: []
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 6e603462-311a-47cf-7c16-08d6c0b53fa2
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600139)(711020)(4605104)(2017052603328)(7193020); SRVR:HE1PR07MB4220;
x-ms-traffictypediagnostic: HE1PR07MB4220:
x-microsoft-antispam-prvs: <>
x-forefront-prvs: 00073DB75F
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(366004)(376002)(346002)(136003)(39860400002)(189003)(199004)(7736002)(36756003)(105586002)(8676002)(11346002)(486006)(305945005)(25786009)(86362001)(4326008)(44832011)(6246003)(106356001)(446003)(58126008)(81166006)(81156014)(8936002)(68736007)(6506007)(316002)(76176011)(102836004)(186003)(2616005)(476003)(26005)(2906002)(54906003)(6436002)(6116002)(83716004)(256004)(71190400001)(71200400001)(3846002)(33656002)(6916009)(82746002)(99286004)(229853002)(97736004)(14444005)(478600001)(6512007)(66066001)(14454004)(53936002)(6486002)(93886005)(5660300002); DIR:OUT; SFP:1101; SCL:1; SRVR:HE1PR07MB4220;; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None ( does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: t9dPbuCVfoY7xrwCj56v7eNscn/XFRQNrvtjIODyoVdibKQJBO47xRr/3h+IOk2i0UsTJhUL9beC5uCnT8lLNQarjZdaNe15WGnoHRgTF408WrAuLvRQ66nxQldrFpHgBqQ7r6qtNFiQFyw7JoPZETtSdxY05rNai4dyyDjZTM+d573Mb1A7yDnSp/ZfZ0tRKv75vQdhcLV9pS3r8g7AIDVWhJ1b1Xhssp5gOSiizRJnYJgxsNNwdAItNN2GhbZf7mIBOrXrVLSncvUWsJ/cSwRe9TEJ9MKD4NlU4lo+G4t4VxSRlEuLMBoA9oZuV63wR4wp5ZugfK/ogKfA/HEZWox8m1CN8JW5UoplA51VyTq7DTJOPp3iymQYRADF3jzvEZu0eaBdqFqd/c4mD5t3BQWDVnNstQZ5qdDJ6PlHXF8=
Content-Type: text/plain; charset="utf-8"
Content-ID: <>
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 6e603462-311a-47cf-7c16-08d6c0b53fa2
X-MS-Exchange-CrossTenant-originalarrivaltime: 14 Apr 2019 08:43:20.7629 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR07MB4220
Archived-At: <>
Subject: Re: [MMUSIC] FQDN support in ice-sip-sdp
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Sun, 14 Apr 2019 08:43:28 -0000


>>>>> I *think* I agree with Suhas that the FQDN handling should be a separate draft – a generic ICE draft produced by the ICE WG. 
>>>>> ice-sip-sdp would then specify how it is implemented in SDP (separate a=candidiate lines etc).
>>>> Perhaps it could be combined with the mDNS draft?
>>> I am not sure if this belongs to a new draft or mDNS draft. We can decide this later. 
>>> What we need to decide now comes down to two choices:
>>> a. Say that FQND is allowed in candidate connection-address but these candidate lines are skipped. 
>>> Handling of FQDN lines is defined in the future specification.
>>> b. Figure out how FQDN is handled. Options written up so far imply either selecting one resolution result
>>> in random or requiring the FQDN resolves to a single address. I think former is broken and later does not 
>>> exist in real life.
>>> I would not like this draft to be released with either option. I think adding address type to candidate brings 
>>> candidate line connection address definition in line with SDP c= line specification and should work, but someone 
>>> needs to review this. I do not think this will require more then 2-3 extra paragraphs in the document which I am 
>>> willing to write. I agree this is scope creep but FQDN were included in RFC 5245 so people expect them to be supported 
>>> by this draft as well.
>>> At the end, this is up to the group to decide. I just need something I can implement. If option a makes people unhappy 
>>> then we will need to find minimal viable option b.
>> As far as the technical solution is concerned (using separate a=candidate lines for each IP version family etc),
>> I think it looks good.
>> As far as documenting is concerned, I think the SDP specifics (separate a= lines etc) could be defined in ice-sip-sdp - but I
>> would not object to having a separate draft.
>> My point is that I don't see FQDN support as SDP-specific, so I would like to have generic ICE FQDN text documented 
>> somewhere, which the SDP-specific procedures then reference.
> I see your point, but I would prefer to avoid creating another dependency which will prevent ice-sip-sdp from 
> being published.

We need to keep in mind why we are doing RFC 8445 ice-sip-sdp in the first place.

Sure, one reason was to separate functionality from protocol.

But, the other reason was to correct issues and unspecified cases found in RFC 5245, and FQDN seems to be one such issue. Unfortunately we didn't detect it before publishing RFC 8445, so any generic ICE FQDN procedures would have to be in a separate draft.

Again, I don't have a strong opinion on whether the SDP specific parts of FQDN are in ice-sip-sdp or in a separate draft.

Keep in mind that we also need to decide on whether ice-pac should be an ice-sip-sdp dependency, in which case the publication may get delayed anyway (eventhough we hope to finalize ice-pac pretty fast).

> Please note, that if we specify that candidate line using FQDN contact-address MUST specify address type and FQDN MUST resolve 
> to a single address per address type, then FQDN handling is trivial: Agent should do a DNS resolution and use the result. 


> Figuring out how to handle multiple results per DNS query certainly warrants a separate draft and should be out of scope. 

We also need to keep in mind that, eventhough a single DNS request only returns a single address, if some kind of load balancing is used different DNS requests may return a different address. Perhaps we need to cover that by saying that an ICE agent must not change the IP address:port associated with a candidate.

> What makes sense for me is:
> a. Define how to specify address type in candidate line. This is certainly an SDP problem and I think is a pre-requisite to using any addresses, such as 
> FQDN, where address type is non-obvious

HOW to define the address type in a candidate lite is for sure an SDP problem. But, the fact that the address type needs to be provided for a candidate is an ICE problem. 

It is very similar to the ICE option. RFC 8445 defines it in an abstract way, and ice-ice-sdp defines how to encode it in SIP/SDP.

> b. Specify that if agent compliant with ice-sip-sdp uses FQDN contact-address, it MUST specify addrtype for the candidate.

Do we know how an existing implementation would process the addrtype? Are there any procedures regarding unsupported candidate properties?

> c. Specify that if FQDN resolves to a single address for the specified family then that this address is used for this candidate. Candidate lines with 
> FQDN returning multiple results per query MUST be ignored until their handling is defined in a future draft
> d. Specify what to do with FQDN without address type specified such as SDP from legacy RFC 5245 implementations. We can go with try AAAA resolution 
> first and use if single address is returned. If nothing is returned from AAAA query, try A query. If single address is returned, used that address, ignore 
> the candidate line otherwise. This matches RFC 5245 language and should work in all the same situations where RFC 5245 implementations were working.

d) works assuming both ICE agents get the same IP address:port from DNS.

> What do you think?

I think you suggestion is good. But, as I have indicated, I would like to have a generic ICE FQDN draft that ice-sip-sdp (or a separate MMUSIC draft) references.

Similarly to ice-pac, I think such draft could be produced relatively fast. It more or less only needs to say that:

1) An ICE agent that uses FQDN needs to provide one candidate per address family, and indicate the addrtype for each of those candidates.
2) Some text regarding backward compatibility. Do we assume some default behavior by existing implementations, or do we require an ICE option?