IETF Logo Mail Archive

Re: [MMUSIC] Generalizing the aggressive nomination bugfix

Dan Wing <dwing@cisco.com> Wed, 12 March 2014 16:35 UTC

Return-Path: <dwing@cisco.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0D3EC1A078C for <mmusic@ietfa.amsl.com>; Wed, 12 Mar 2014 09:35:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.047
X-Spam-Level:
X-Spam-Status: No, score=-10.047 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.547, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Hv-Xu1vNIVhX for <mmusic@ietfa.amsl.com>; Wed, 12 Mar 2014 09:35:45 -0700 (PDT)
Received: from alln-iport-6.cisco.com (alln-iport-6.cisco.com [173.37.142.93]) by ietfa.amsl.com (Postfix) with ESMTP id 6F2121A0745 for <mmusic@ietf.org>; Wed, 12 Mar 2014 09:35:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=10743; q=dns/txt; s=iport; t=1394642137; x=1395851737; h=mime-version:subject:from:in-reply-to:date:cc:message-id: references:to; bh=7m1eevfSlY1Q4Ye+ETiKncdMoveApvZs+jtFfrzUyMU=; b=Ajv7hegY9rkyyhOzoKgoU95DOECNXQnAsNl7Yx9axdfF15ZL1CkKMp8x +CjQwgN+DhZ/zv20zGZfcIjYggMAb1ZqNuTU45j7Tt5qVTtJuZ1f8lkuq AxS2xwraJNT0gWfR7SGV/CjtVtJlvzbij3WyJB3soKUKO3gh67Bd8rINm E=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgkFANiLIFOrRDoG/2dsb2JhbABagwbCZoEdFnSCJQEBAQMBeRALDgouVwYTG4dWB9IXF45cB4MkgRQEiVGOdIZMi2GDTR0
X-IronPort-AV: E=Sophos; i="4.97,639,1389744000"; d="scan'208,217"; a="26914467"
Received: from mtv-core-1.cisco.com ([171.68.58.6]) by alln-iport-6.cisco.com with ESMTP; 12 Mar 2014 16:35:36 +0000
Received: from [10.21.79.5] ([10.21.79.5]) by mtv-core-1.cisco.com (8.14.5/8.14.5) with ESMTP id s2CGZZJa028882; Wed, 12 Mar 2014 16:35:36 GMT
Content-Type: multipart/alternative; boundary="Apple-Mail=_3BFCC0D3-8204-43A9-A153-22AA041C67DE"
Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\))
From: Dan Wing <dwing@cisco.com>
In-Reply-To: <CAOJ7v-0d1bng-LHkdZ+J3Swdoic+zOF73JVfK464N0n4fY9=fw@mail.gmail.com>
Date: Wed, 12 Mar 2014 09:35:35 -0700
Message-Id: <9450C3A0-9509-4D1E-8C6C-54B884086B38@cisco.com>
References: <CAOJ7v-3oi-Qtsk6qiPVsAUfzEQsvgt4h6RhgfKDNUv_-47wpOA@mail.gmail.com> <BFFAE2A7-089D-452F-867E-BEF622BEFB77@cisco.com> <CAOJ7v-0d1bng-LHkdZ+J3Swdoic+zOF73JVfK464N0n4fY9=fw@mail.gmail.com>
To: Justin Uberti <juberti@google.com>
X-Mailer: Apple Mail (2.1510)
Archived-At: http://mailarchive.ietf.org/arch/msg/mmusic/WySkPvRVXM5Xuff7lPz6L1ltK2g
Cc: "mmusic@ietf.org" <mmusic@ietf.org>
Subject: Re: [MMUSIC] Generalizing the aggressive nomination bugfix
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Mar 2014 16:35:51 -0000

On Mar 12, 2014, at 9:27 AM, Justin Uberti <juberti@google.com> wrote:

> 
> 
> 
> On Tue, Mar 11, 2014 at 4:49 PM, Dan Wing <dwing@cisco.com> wrote:
> 
> On Mar 10, 2014, at 6:21 AM, Justin Uberti <juberti@google.com> wrote:
> 
>> In the WG session on Monday, Ari mentioned that the aggressive nomination bug of controller and controlled not agreeing on the candidate pair to use could be rectified by having the controlled side switch its preferred candidate pair to be the one that it received secure media on (or if not using controlled media, when the controlling side’s ICE checks finally got through).
>> 
>> I think there is an opportunity here to improve the overall flexibility of ICE. Currently, Regular Nomination allows the controller to have a fair amount of discretion in choosing which candidate pair it wants to pick; it could use metrics such as RTT, or perhaps one of the values mentioned in DISCUSS to make its selection, instead of using the static PRIORITY value. Aggressive Nomination, while faster in initially establishing media, does not afford this same discretion; according to 5245, S 8.1.1.2, ICE uses the highest PRIORITY candidate pair. So it would be great if there was a way to allow the controller have the same discretion for choosing the selected candidate pair, while also doing Aggressive Nomination.
>> 
>> I think this can easily be done using Ari’s solution in a general way. In short, any time secure media packets are received by the controlled side, it should use that candidate pair to send its own media. (Secure media is needed to prevent an attacker from tricking the controlled side into sending media to an arbitrary address.) If secure media is not used, the controller could include a new attribute, something like a new PREFERRED-CANDIDATE attribute (or perhaps an updated PRIORITY attribute, set to the max ICE priority), to tell the controlled side which candidate pair should be used.
>> 
> 
> That all sounds good.
> 
>> This would allow the controller to do periodic RTT checks, perhaps using the ICE consent mechanism, and dynamically change the media path as needed.
>> 
> 
> I think we need additional signaling to switch interfaces, because each endpoint needs to participate in the decision (e.g., draft-wing-mmusic-ice-mobility).  For example, the controlling endpoint might have unmetered Internet access, whereas the other endpoint has fast metered Internet (e.g., LTE) and slower unmetered Internet (e.g., DSL) -- but if the controlling endpoint effectively ignores the ICE priorities in favor of round trip time calculations, the controlled endpoint will use LTE.  ICE priorities allows both ends to indicate their preferences.  We might need something more than ICE priorities, too, or a way to strongly say an interface is not preferred (because that interface is metered).
> 
> 5245 seems to indicate that the controlling endpoint is in the driver's seat, as explained in S 2.6:
> 
> 
>    More fundamentally, however, the prioritization
>    defined by this specification may not yield "optimal" results.  As an
>    example, if the aim is to select low-latency media paths, usage of a
>    relay is a hint that latencies may be higher, but it is nothing more
>    than a hint.  An actual round-trip time (RTT) measurement could be
>    made, and it might demonstrate that a pair with lower priority is
>    actually better than one with higher priority.
> 
> 
>    Consequently, ICE assigns one of the agents in the role of the
>    CONTROLLING AGENT, and the other of the CONTROLLED AGENT.  The
>    controlling agent gets to nominate which candidate pairs will get
>    used for media amongst the ones that are valid.
> 
> I agree it would be useful to allow the controlled side to give some hints to the controlling side though. 

I agree the controlling side is controlling.  But it needs to be influenced by the controlled side, or else users will have to manually toggle their interfaces on/off to avoid overage charges.  That toggling is a p.i.t.a.

-d

v2.23.0 | Report a Bug | By Email