IETF Logo Mail Archive

Re: [MMUSIC] (Rough) Consensus Call - No FQDN support in ice-sip-sdp

Bernard Aboba <bernard.aboba@gmail.com> Tue, 21 May 2019 01:55 UTC

Return-Path: <bernard.aboba@gmail.com>
X-Original-To: mmusic@ietfa.amsl.com
Delivered-To: mmusic@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5613120119 for <mmusic@ietfa.amsl.com>; Mon, 20 May 2019 18:55:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 899yUQ8LBoCh for <mmusic@ietfa.amsl.com>; Mon, 20 May 2019 18:55:37 -0700 (PDT)
Received: from mail-vs1-xe2a.google.com (mail-vs1-xe2a.google.com [IPv6:2607:f8b0:4864:20::e2a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4349312024B for <mmusic@ietf.org>; Mon, 20 May 2019 18:55:37 -0700 (PDT)
Received: by mail-vs1-xe2a.google.com with SMTP id l20so10193768vsp.3 for <mmusic@ietf.org>; Mon, 20 May 2019 18:55:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=q0M/9EjXMonhD04QzHvFmFfifm/TpwbJKq6xdoiNnJc=; b=jBhgTR3GOo3mC5UdwmY1/XQCFMN2kkpp4/1YIANhpEP6bo7x8r+54fyZ13Zdi5+g+r HZ/ujiHapjWrroV8MR8C5zpxOTEjcpT8wKL31LWflMg0VI5Ca0IEAGV3haTuCgVF0+yO j+IEjjKx+rHDa1i47fWsncawJH9wQoLAIibKhoLM2FQu7gQgLrRgOxk+4xPOmEHMZHvo z2P0KaDndppG88N4BMhtsq/x5ayDqmawXZGDvYZikyWs6qJBAWCPE5iA179PC5mc26PI GH9uI56A7O9L/ZtjKMsfRftx4wzd2/6vHVUFnadU8Qkg4qkxUwos/ewXyk6aiySzrYT2 lT/A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=q0M/9EjXMonhD04QzHvFmFfifm/TpwbJKq6xdoiNnJc=; b=W5pdCZ6zRdEyth0yMIRLeLUm3utfMLjFApUESVtLX/mZBwbegivcnMKeuPWcKFhzdC KtZjuzTHIrZYnIwe+fNwpVS8ZMtW9HdAnuLi2dp6Ftdt+Eagmc/AVjmHA9y0P9l+r9aN QWYKJX5IBXQ1Mst7v0u7DRdCFihdl+21pDjL/BHAtFrBfQFORHMVZz92G+GDoNySpVoG 1yyJbwOkdMHdDIZC90mjyChxh4Qnp7GVGrh1p8Ou82ljE5aJZoZ1vp8hPnFUxBrvJp1l i+NyHifLXHp+DhWhQF2FkC1wHbbWCW7oTE3dGpxpcHBP0kw8aHActTLFz3FHQ5ubT7x8 4eKw==
X-Gm-Message-State: APjAAAVF6fmsmZ93ZZ0iT0/a2CWIG6Ra7ekp0F4hQ1GRBqakVQtY5Pes zg+EfNyPdedh2Zf36XVEu2lcIoqTvGopbunIbJM=
X-Google-Smtp-Source: APXvYqzAiQUws38PPtkOob7Q4tSXnafRu2A/WO6znuRUMI2SCy66dTQPVHR2u8AQKVRHhXnUg41t+Mko4nxDs048MMU=
X-Received: by 2002:a05:6102:105:: with SMTP id z5mr15184998vsq.127.1558403735770; Mon, 20 May 2019 18:55:35 -0700 (PDT)
MIME-Version: 1.0
References: <77400318-1e2c-7d33-ab41-a3b8d0062b00@cisco.com> <CAMRcRGQ0gQ0c-pmBQ2ZOOX-5uGWkfy57Yu0QMuAp9ED2f8drwA@mail.gmail.com> <D7E2876E-E750-40C6-B33E-FC24F9CD0709@ericsson.com> <CAOW+2dsy5_cjH2BJJq7mRu9JaQNmh7oqWxUrFDPqBKaceffJaQ@mail.gmail.com> <2226B494-B058-45C8-901B-1B872218ECE7@ericsson.com> <CAD5OKxs2fvyqxjcNmNbqx+ToSpnaeqj5LyX4qz2rOuqFp3oBow@mail.gmail.com> <710E80DF-8389-4A5E-9DBE-5DF2D20E4F02@ericsson.com> <CAD5OKxtcEWmRvXanh7FsdQAD_fTFRnQc8HhkeLx9mz+-XUX7-Q@mail.gmail.com> <871E99E8-DA8D-4E71-B359-F2388479C38E@ericsson.com>
In-Reply-To: <871E99E8-DA8D-4E71-B359-F2388479C38E@ericsson.com>
From: Bernard Aboba <bernard.aboba@gmail.com>
Date: Mon, 20 May 2019 18:55:24 -0700
Message-ID: <CAOW+2dvUAed2P-xCOvbcsHJGcs92=ad9T5K63xhpVqdKvjK2fw@mail.gmail.com>
To: Christer Holmberg <christer.holmberg@ericsson.com>
Cc: Roman Shpount <roman@telurix.com>, Flemming Andreasen <fandreas@cisco.com>, mmusic <mmusic@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000165f0905895c25d7"
Archived-At: <https://mailarchive.ietf.org/arch/msg/mmusic/Zl6CzQ3I9a_YW--5FIcLYs_ktss>
Subject: Re: [MMUSIC] (Rough) Consensus Call - No FQDN support in ice-sip-sdp
X-BeenThere: mmusic@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiparty Multimedia Session Control Working Group <mmusic.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mmusic>, <mailto:mmusic-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mmusic/>
List-Post: <mailto:mmusic@ietf.org>
List-Help: <mailto:mmusic-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mmusic>, <mailto:mmusic-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 21 May 2019 01:55:41 -0000

"If FQDN is allowed but ignored, this will allow "legacy" implementations
to interop with ICE implementation which support mDNS or generic FQDN. How
FQDN are resolved and how ICE agents specify to each other the these
procedures are supported can and should be part of mDNS or generic FQND
support draft. If I am missing something and something else is required,
mDNS authors should comment."

[BA] Unfortunately, RFC 5245 did not mandate that FQDNs be ignored by
implementations that did not choose to support them.  All it says is this:

<connection-address>:  is taken from RFC 4566
<https://tools.ietf.org/html/rfc4566> [RFC4566
<https://tools.ietf.org/html/rfc4566>].  It is the
      IP address of the candidate, allowing for IPv4 addresses, IPv6
      addresses, and fully qualified domain names (FQDNs).  When parsing
      this field, an agent can differentiate an IPv4 address and an IPv6

      address by presence of a colon in its value - the presence of a
      colon indicates IPv6.  An agent MUST ignore candidate lines that
      include candidates with IP address versions that are not supported
      or recognized.  An IP address SHOULD be used, but an FQDN MAY be
      used in place of an IP address.  In that case, when receiving an
      offer or answer containing an FQDN in an a=candidate attribute,
      the FQDN is looked up in the DNS first using an AAAA record
      (assuming the agent supports IPv6), and if no result is found or
      the agent only supports IPv4, using an A.  If the DNS query
      returns more than one IP address, one is chosen, and then used for
      the remainder of ICE processing.


So while there are good reasons why modern ICE implementations should
support FQDNs (e.g. for NAT64 support), "legacy" implementations are by
definition not modern.  Given that RFC 5245-compliant implementations were
not obligated to either send FQDNs or to correctly handle them if they were
not supported, we need to look at what legacy implementations do, not what
we would prefer that they do.

Since RFC 5245 did not mandate either FQDN support or even resilient
behavior in non-supporting implementations, problems such as the one below
(or much worse) are to be expected:
https://bugs.chromium.org/p/webrtc/issues/detail?id=4165

So if were are attempting to interoperate with the vast body of existing
implementations, we should assume that we have to contend with legacy
implementations have been baked into equipment, or forked to create mobile
applications that have not been resync'd in years.  Note that this is a
very different circumstance from browser-browser interop where "evergreen"
is rapidly becoming the rule among WebRTC-capable browsers.

On Mon, May 20, 2019 at 4:14 PM Christer Holmberg <
christer.holmberg@ericsson.com> wrote:

> Hi,
>
> >If FQDN is allowed but ignored, this will allow "legacy" implementations
> to interop with ICE implementation which support mDNS or generic FQDN.
> >How FQDN are resolved and how ICE agents specify to each other the these
> procedures are supported can and should be part of mDNS or generic
> >FQND support draft. If I am missing something and something else is
> required, mDNS authors should comment.
>
> I don’t think you are missing anything.
>
> So far this is my proposal for ice-sip-sdp connection address definition
> which should implement option 2:
>
> ><connection-address>: :: is taken from RFC 4566 <<RFC4566>>. It is the IP
> address of the candidate, allowing for IPv4 addresses, IPv6 addresses, and
> fully qualified domain names (FQDNs).  When >parsing this field, an agent
> can differentiate  an IPv4 address and an IPv6 address by presence of a
> colon in its value - the presence of a colon indicates IPv6.  An agent MUST
> ignore candidate lines >that include candidates with FQDN or IP address
> versions that are not supported or recognized.  Handling of FQDN addresses
> in candidate can be defined in the future specification. If candidate >with
> FQDN <connection-address> is the default destination/candidate, the the
> "c=" address type MUST be set the IP address family for the FQDN DNS
> resolution result and the "c=" connection >address MUST be set to FQDN.
> Differences in the "c=" line address family and type with FQDN resolution
> result MUST not cause ICE support verification failure.
>
> Minor change suggestion:
>
> "The procedures for handling FQDN addresses, and for agents to indicate
> support of such procedures, need to be specified in an extension
> specification."
>
> Regards,
>
> Christer
>
>
>
>

v2.23.0 | Report a Bug | By Email