Re: [MMUSIC] (Rough) Consensus Call - No FQDN support in ice-sip-sdp
Suhas Nandakumar <suhasietf@gmail.com> Tue, 21 May 2019 14:58 UTC
Return-Path: <suhasietf@gmail.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E488A120177 for <mmusic@ietfa.amsl.com>; Tue, 21 May 2019 07:58:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e4wSETr3SKMq for <mmusic@ietfa.amsl.com>; Tue, 21 May 2019 07:58:17 -0700 (PDT)
Received: from mail-ua1-x930.google.com (mail-ua1-x930.google.com [IPv6:2607:f8b0:4864:20::930]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 55692120154 for <mmusic@ietf.org>; Tue, 21 May 2019 07:58:15 -0700 (PDT)
Received: by mail-ua1-x930.google.com with SMTP id l14so1979491uah.8 for <mmusic@ietf.org>; Tue, 21 May 2019 07:58:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Lo9NgwHLVgtIAomh5uWxmAxCDT5WpiGNCDkaNhF23vM=; b=VUU1709oN87h8hfNP1r4qxBYLT7VhW8oRBJhrrv8PucAiIm/BX47wJ9BLLeKXqyC4k g7Aw8+KYewlOo9VfBUdHorwYLnsvirohu3SGAIPMTQYo/doWMNiEpHp7JbC6qoQedvxK pNbksL8X5ikwp0T0zZRNO/2Ksgng8bTcSIEOJSZgHfEv8Gx765DKWqt2wgGrHyzZfXBZ 4TZPkeEPJyl0dYbB7CAX9BFDl1ad0u4DzQi8xeEZ/g0ShK0CiD1thHQ9EGwG5uyXVj3X nEeW97Lu7K280qz48WYJfR9A9OcPfonK2oshWkYkrAiDogYe48m6a4eqJB4xiClUIAtL Y5Fg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Lo9NgwHLVgtIAomh5uWxmAxCDT5WpiGNCDkaNhF23vM=; b=PvIljz2pmnSvsv/4lTy7EQh/4BuKVcKq7qW3WPvFCCTuOuwVo+89iXNKP4SlQLPHGo Pilgm2rTcaSi9ryujPt12u4fUmPBRSZsVKWpN0PsW2dOpwxyTr8KUwDWIJUOpLlEC042 W0iqSfKBmcxPn2lQcjdD6G5T5RUjPvG8LbPBLlxYRVyuzFy8zDPlGac/pXCgHE82wmrY KLeTLaa4Ua41Vrf0SXVZPp7T2+nznOUOKL0aAz7FTnKm36DY18JKrbFgyZmG3glZJrus wolTjLkWBCN0tBx9iNdcFKkjRch96EKlPmUhMXPPIUgibmiI3q5iDkcbmwWnkNylugen 1aDQ==
X-Gm-Message-State: APjAAAUdbbj61AzlmPGkgoVXF64Yq8n4hoDLwEOg2jvV0qMLgdtSB6QH wC62llXNxYzP7VNS/+uPZsjsVF06CzRR5Y2+vwg=
X-Google-Smtp-Source: APXvYqxTgR/bFc6W2hbw5JH9u4MDBkF2jlG+00pDAcfiDz+sswgDk8pan4l83rg3dF2pz+MjbbZZmDHOZhcV7JDEJ+k=
X-Received: by 2002:ab0:7019:: with SMTP id k25mr17728708ual.49.1558450694365; Tue, 21 May 2019 07:58:14 -0700 (PDT)
MIME-Version: 1.0
References: <77400318-1e2c-7d33-ab41-a3b8d0062b00@cisco.com> <CAMRcRGQ0gQ0c-pmBQ2ZOOX-5uGWkfy57Yu0QMuAp9ED2f8drwA@mail.gmail.com> <D7E2876E-E750-40C6-B33E-FC24F9CD0709@ericsson.com> <CAOW+2dsy5_cjH2BJJq7mRu9JaQNmh7oqWxUrFDPqBKaceffJaQ@mail.gmail.com> <2226B494-B058-45C8-901B-1B872218ECE7@ericsson.com> <CAD5OKxs2fvyqxjcNmNbqx+ToSpnaeqj5LyX4qz2rOuqFp3oBow@mail.gmail.com> <710E80DF-8389-4A5E-9DBE-5DF2D20E4F02@ericsson.com> <CAD5OKxtcEWmRvXanh7FsdQAD_fTFRnQc8HhkeLx9mz+-XUX7-Q@mail.gmail.com> <871E99E8-DA8D-4E71-B359-F2388479C38E@ericsson.com> <CAOW+2dvUAed2P-xCOvbcsHJGcs92=ad9T5K63xhpVqdKvjK2fw@mail.gmail.com> <CAD5OKxuU-wio4Af8me1OMo62vanu5y_PnQ3nq=UF6jh6yr1EFg@mail.gmail.com> <CAOW+2dskL5P+02xujeEL-SGVPQ8-Gy85hX_DE10TBDwaE1e2Xw@mail.gmail.com> <CAD5OKxu9zKxVhFFxiBzq6v67A18Msd1fZMhbrpXf1=NQAgceAQ@mail.gmail.com> <CAMRcRGTKJmPCr4MZsK613csJ2yXHZzoDFzMtDujui4-NVZkH1A@mail.gmail.com> <c3a3dccf-6398-e47b-79ba-34aaea410f33@cisco.com> <4E9FD8D0-2443-4504-8362-211ED5522C6F@ericsson.com>
In-Reply-To: <4E9FD8D0-2443-4504-8362-211ED5522C6F@ericsson.com>
From: Suhas Nandakumar <suhasietf@gmail.com>
Date: Tue, 21 May 2019 07:58:03 -0700
Message-ID: <CAMRcRGRdMYfzj0naYsY8wdzjPq0MuCwfL2C2G=oOHC+ZPqiyBQ@mail.gmail.com>
To: Christer Holmberg <christer.holmberg@ericsson.com>
Cc: Flemming Andreasen <fandreas@cisco.com>, Roman Shpount <roman@telurix.com>, mmusic <mmusic@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000009a7430589671462"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/Wc9kOzpqfpZraWsSsLBfwiAWTVs>
Subject: Re: [MMUSIC] (Rough) Consensus Call - No FQDN support in ice-sip-sdp
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 May 2019 14:58:21 -0000
On Tue, May 21, 2019 at 7:36 AM Christer Holmberg < christer.holmberg@ericsson.com> wrote: > Hi, > > > > Roman suggested text yesterday, and with my change suggestion it would > look like: > > > > <connection-address>: :: is taken from RFC 4566 <<RFC4566>>. It is the IP > address of the candidate, allowing for IPv4 addresses, IPv6 addresses, > > and fully qualified domain names (FQDNs). When parsing this field, an > agent can differentiate an IPv4 address and an IPv6 address by presence > > of a colon in its value - the presence of a colon indicates IPv6. *An > agent processing remote candidates MUST ignore candidate lines that include > * > > *candidates with FQDN or IP address versions that are not supported or > recognized. The procedures for handling FQDN candidates, and for agents * > > *to indicate support of such procedures, need to be specified in an > extension specification.* If candidate with FQDN <connection-address> is > the > > default destination/candidate, the "c=" address type MUST be set the IP > address family for the FQDN DNS resolution result and the "c=" connection > > address MUST be set to FQDN. Differences in the "c=" line address family > and type with FQDN resolution result MUST not cause ICE support > verification failure. > > The text in bold covers the > must-ignore-FQDN-and-will-be-specified-in-an-extension-specification part. > [Suhas] Doesn't must ignore is a new behavior we are adding . I wonder what does this mean to legacy issues that Bernard referred to ? > > > Now, I have some difficulties to understand the last sentence. It seems to > indicate that some FQDN DNS resolution is performed, and that the IP family > is set according to the result. But, what if the result contains both IPv6 > and IPv4? > > > > Also, I assume that the procedures in the last sentence is related to the > provider of the candidates. If so, it needs to be more clear. > > > > Regards, > > > > Christer > > > > *From: *mmusic <mmusic-bounces@ietf.org> on behalf of Flemming Andreasen < > fandreas@cisco.com> > *Date: *Tuesday, 21 May 2019 at 14.40 > *To: *Suhas Nandakumar <suhasietf@gmail.com>, Roman Shpount < > roman@telurix.com> > *Cc: *Christer Holmberg <christer.holmberg@ericsson.com>, "mmusic@ietf.org" > <mmusic@ietf.org> > *Subject: *Re: [MMUSIC] (Rough) Consensus Call - No FQDN support in > ice-sip-sdp > > > > > > On 5/21/19 1:01 AM, Suhas Nandakumar wrote: > > > > > > On Mon, May 20, 2019 at 8:19 PM Roman Shpount <roman@telurix.com> wrote: > > There was a bit of discussion earlier about this and the understanding was > that RFC 8445 does not deal with FQDN or DNS resolution. RFC 8445 gets a > list of candidates with IP Addresses. FQDN resolution as well as the format > in which candidates are encoded would be a part of some other draft such > ice-sip-sdp or an extension. > > > > [suhas] .. I don’t understand why FQDN resolution should be scoped in > ice-sip-sdp whose main purposes is offer / answer negotiation and yes > encoding provided candidates. I agree with Bernard and vote to move fqdn > resolution outside ice-sip-sdp into a new draft > > > > I'm leaning towards that as well. Trying to rush an FQDN solution into > ice-sip-sdp does not seem like a good idea, and we need to move this draft > forward. > > Thanks > > -- Flemming (as individual) > > > > > > > > Also, using ice2 option does not help much since offer with FQDN in > connection address would have to be generated before agent knows if remote > party supports ice2. Bottom line is if remote party fails to parse FQDN > there is nothing that can be done to generate an offer that will be > compatible (except for putting FQDN in candidate extension). If FQDN is > ignored or handled according to RFC 5245 procedure then it is safe to > insert FQDN in contact address since either behavior would no worse then > candidate pair connectivity check failing. > > > > Roman Shpount > > > > On Mon, May 20, 2019, 22:51 Bernard Aboba <bernard.aboba@gmail.com> wrote: > > I would recommend updating RFC 8445 to require that implementations that > do not support FQDNs ignore them. That way we can assume that > implementations including an 'ice2' option will ignore FQDNs if they are > unsupported. Then the MDNS draft can cite RFC 8445. > > > > On Mon, May 20, 2019 at 7:34 PM Roman Shpount <roman@telurix.com> wrote: > > What do you suggest? > > > > Most of the legacy implementations would fail to parse FQDN in the > connection address. > > Roman Shpount > > > > On Mon, May 20, 2019, 21:55 Bernard Aboba <bernard.aboba@gmail.com> wrote: > > "If FQDN is allowed but ignored, this will allow "legacy" implementations > to interop with ICE implementation which support mDNS or generic FQDN. How > FQDN are resolved and how ICE agents specify to each other the these > procedures are supported can and should be part of mDNS or generic FQND > support draft. If I am missing something and something else is required, > mDNS authors should comment." > > > > [BA] Unfortunately, RFC 5245 did not mandate that FQDNs be ignored by > implementations that did not choose to support them. All it says is this: > > > > <connection-address>: is taken from RFC 4566 <https://tools.ietf.org/html/rfc4566> [RFC4566 <https://tools.ietf.org/html/rfc4566>]. It is the > > IP address of the candidate, allowing for IPv4 addresses, IPv6 > > addresses, and fully qualified domain names (FQDNs). When parsing > > this field, an agent can differentiate an IPv4 address and an IPv6 > > address by presence of a colon in its value - the presence of a > > colon indicates IPv6. An agent MUST ignore candidate lines that > > include candidates with IP address versions that are not supported > > or recognized. An IP address SHOULD be used, but an FQDN MAY be > > used in place of an IP address. In that case, when receiving an > > offer or answer containing an FQDN in an a=candidate attribute, > > the FQDN is looked up in the DNS first using an AAAA record > > (assuming the agent supports IPv6), and if no result is found or > > the agent only supports IPv4, using an A. If the DNS query > > returns more than one IP address, one is chosen, and then used for > > the remainder of ICE processing. > > > > So while there are good reasons why modern ICE implementations should > support FQDNs (e.g. for NAT64 support), "legacy" implementations are by > definition not modern. Given that RFC 5245-compliant implementations were > not obligated to either send FQDNs or to correctly handle them if they were > not supported, we need to look at what legacy implementations do, not what > we would prefer that they do. > > > > Since RFC 5245 did not mandate either FQDN support or even resilient > behavior in non-supporting implementations, problems such as the one below > (or much worse) are to be expected: > > https://bugs.chromium.org/p/webrtc/issues/detail?id=4165 > > > > So if were are attempting to interoperate with the vast body of existing > implementations, we should assume that we have to contend with legacy > implementations have been baked into equipment, or forked to create mobile > applications that have not been resync'd in years. Note that this is a > very different circumstance from browser-browser interop where "evergreen" > is rapidly becoming the rule among WebRTC-capable browsers. > > > > On Mon, May 20, 2019 at 4:14 PM Christer Holmberg < > christer.holmberg@ericsson.com> wrote: > > Hi, > > >If FQDN is allowed but ignored, this will allow "legacy" implementations > to interop with ICE implementation which support mDNS or generic FQDN. > >How FQDN are resolved and how ICE agents specify to each other the these > procedures are supported can and should be part of mDNS or generic > >FQND support draft. If I am missing something and something else is > required, mDNS authors should comment. > > I don’t think you are missing anything. > > So far this is my proposal for ice-sip-sdp connection address definition > which should implement option 2: > > ><connection-address>: :: is taken from RFC 4566 <<RFC4566>>. It is the IP > address of the candidate, allowing for IPv4 addresses, IPv6 addresses, and > fully qualified domain names (FQDNs). When >parsing this field, an agent > can differentiate an IPv4 address and an IPv6 address by presence of a > colon in its value - the presence of a colon indicates IPv6. An agent MUST > ignore candidate lines >that include candidates with FQDN or IP address > versions that are not supported or recognized. Handling of FQDN addresses > in candidate can be defined in the future specification. If candidate >with > FQDN <connection-address> is the default destination/candidate, the the > "c=" address type MUST be set the IP address family for the FQDN DNS > resolution result and the "c=" connection >address MUST be set to FQDN. > Differences in the "c=" line address family and type with FQDN resolution > result MUST not cause ICE support verification failure. > > Minor change suggestion: > > "The procedures for handling FQDN addresses, and for agents to indicate > support of such procedures, need to be specified in an extension > specification." > > Regards, > > Christer > > > > _______________________________________________ > mmusic mailing list > mmusic@ietf.org > https://www.ietf.org/mailman/listinfo/mmusic > > > >
- [MMUSIC] (Rough) Consensus Call - No FQDN support… Flemming Andreasen
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Suhas Nandakumar
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Christer Holmberg
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Roman Shpount
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Christer Holmberg
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Roman Shpount
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Bernard Aboba
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Christer Holmberg
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Roman Shpount
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Christer Holmberg
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Roman Shpount
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Christer Holmberg
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Bernard Aboba
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Roman Shpount
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Bernard Aboba
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Roman Shpount
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Suhas Nandakumar
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Christer Holmberg
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Flemming Andreasen
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Christer Holmberg
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Suhas Nandakumar
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Roman Shpount
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Roman Shpount
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Roman Shpount
- Re: [MMUSIC] (Rough) Consensus Call - No FQDN sup… Roman Shpount