IETF Logo Mail Archive

Re: [P2PSIP] Choice of STUN peer or TURN peer

"Bruce Lowekamp" <lowekamp@sipeerior.com> Wed, 23 January 2008 14:31 UTC

Return-path: <p2psip-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1JHgdH-0006Bv-Fo; Wed, 23 Jan 2008 09:31:15 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1JHgdG-00066O-D5 for p2psip@ietf.org; Wed, 23 Jan 2008 09:31:14 -0500
Received: from nz-out-0506.google.com ([64.233.162.224]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1JHgdF-0000NT-SB for p2psip@ietf.org; Wed, 23 Jan 2008 09:31:14 -0500
Received: by nz-out-0506.google.com with SMTP id n1so1696701nzf.4 for <p2psip@ietf.org>; Wed, 23 Jan 2008 06:31:13 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; bh=euPpeCr5BdyiiD/4WSBaXY9KJrECu23XU9i+EyeOeBo=; b=sfHwbXP/Tc47gb492Aed9U/dFsE65imDCmNAF5bXP8MpoJrqdGmpyI8ldLf7A3SAqvPcpuZeeTArkLeTrlu9meu/q4/CBdNrcj86a5YoPWzTF1uxsUtqqOuv/CV+7d8lwySN1Xw/GX0VeJ0WsV/zHLzXTSAZC/IxUloBi87Tb0Q=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=t89TY+j1gmbGtIGtc/86/eooXmsm7pw6YWLblntaZlzqvIUyhOiabtzZ14h4b6qhCis7H9E0x+b7nH1ms90FHnewPK6xtQM3Ggoa/nc/LmOhLGdGkjpRWC6jDp1EN2X48MjcnT9EyjnajUd+NIbO0Fbh0BtxqaLb9OCz3eEMQp0=
Received: by 10.115.79.1 with SMTP id g1mr882016wal.2.1201098673143; Wed, 23 Jan 2008 06:31:13 -0800 (PST)
Received: by 10.114.209.13 with HTTP; Wed, 23 Jan 2008 06:31:13 -0800 (PST)
Message-ID: <20d2bdfb0801230631h4b40a4dbr1d03fae14f8852ea@mail.gmail.com>
Date: Wed, 23 Jan 2008 09:31:13 -0500
From: Bruce Lowekamp <lowekamp@sipeerior.com>
To: JiangXingFeng <jiang.x.f@huawei.com>
Subject: Re: [P2PSIP] Choice of STUN peer or TURN peer
In-Reply-To: <005601c85da6$8d2314e0$2d09a40a@china.huawei.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <4b8701c85d97$bc072990$c3f0200a@cisco.com> <005601c85da6$8d2314e0$2d09a40a@china.huawei.com>
X-Google-Sender-Auth: 014508d1170c5ab9
X-Spam-Score: 0.0 (/)
X-Scan-Signature: b7b9551d71acde901886cc48bfc088a6
Cc: P2PSIP Mailing List <p2psip@ietf.org>
X-BeenThere: p2psip@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Peer-to-Peer SIP working group discussion list <p2psip.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/p2psip>
List-Post: <mailto:p2psip@ietf.org>
List-Help: <mailto:p2psip-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/p2psip>, <mailto:p2psip-request@ietf.org?subject=subscribe>
Errors-To: p2psip-bounces@ietf.org

On Jan 23, 2008 4:58 AM, JiangXingFeng <jiang.x.f@huawei.com> wrote:
> > From: Dan Wing [mailto:dwing@cisco.com]
> > Sent: Wednesday, January 23, 2008 4:13 PM
> > To: 'JiangXingFeng'; 'P2PSIP Mailing List'
> > Subject: RE: [P2PSIP] Choice of STUN peer or TURN peer
> >
> >
> >
> > > -----Original Message-----
> > > From: JiangXingFeng [mailto:jiang.x.f@huawei.com]
> > > Sent: Tuesday, January 22, 2008 8:40 PM
> > > To: 'Dan Wing'; 'P2PSIP Mailing List'
> > > Subject: RE: [P2PSIP] Choice of STUN peer or TURN peer
> > > ICE does support multiple servers. But I guess ICE has not considered
> > > whether STUN server or TURN server is behind NAT. (Is my understanding
> > > right?) So if STUN server or TURN server behind NAT are
> > > involved, the ICE
> > > connectivity procedure will take more time to complete.
> > > I am not sure how longer it is.

A STUN server being behind a NAT is irrelevant from the view of the
STUN client (assuming it knows how to contact the STUN server).  The
NAT in front of the STUN server doesn't change the address of an
incoming request from another client.

Similarly, a TURN server being behind a NAT is irrelevant as long as
both peers can contact it.  A peer that wishes to be a TURN server but
is behind a bad NAT is probably better off not being a TURN server,
but that is about it.

What matters is the kind of NATs the client (A and B in your example) is behind.

> >
> > There are two variables:
> >
> >   1. how many candidates you could gather
> >   2. how quickly your peer can send connectivity checks
> >      to those candidates
> >
> > To the first point, in the diagram you provided in your earlier email,
> there
> > are only three candidate addresses:  one from the local interface, one
> from
> > the STUN server that is behind the same NAT you're behind, and another
> from a
> > STUN server on the Internet.  Are there network topologies where more
> > candidate addresses would be learned?
>
> Even if there are enough candidates who could be learned by using enough
> servers, how could ICE sort the candidate pairs in the order so that the
> workable pairs could be considered as soon as possible?

The reload-02 section I pointed you to describes this very briefly,
but let me try to provide more details. In almost all cases, A and B
will be behind friendly NATs.  In your particular example, no matter
how many STUN servers B uses, it will know two candidate addresses.
In A's case, it will know two or maybe three if it has C in its list
of STUN servers.

Two points to note here.  First, for peer protocol connections, there
is no need to gather candidate addresses when you wish to establish a
new connection because you can do that over time.  Second, reload-02
suggests that you maintain sets of peers grouped according to the
reflexive address they return, then make one query to each when you
gather candidates for media connections (or refresh your peer protocol
addresses).

Now the less common, but important case, is when A or B is behind a
p2p unfriendly NAT.  Any of your NAT1, NAT2, NAT3 could be unfriendly.
 In this case, what will happen is that A or B will discover that as
they make connections with new peers, the number of different
reflexive addresses that they see grows.  In B's case, it will
probably grow infinitely large.  In A's case, assuming there is more
than Peer C behind NAT 2 with it, if NAT 2 is the unfriendly NAT A may
observe several peers reporting the same reflexive address because
they are also behind NAT2.  In these cases, A and B should provide
addresses they see repeated as ICE candidates, but there's unlikely to
be any point in providing a list of every reflexive address ever seen.

In any event, when ordering the candidates for an ice offer, start
with the local address and list the learned addresses in the order of
their frequency.  That will very rarely be more than two.

Bruce

_______________________________________________
P2PSIP mailing list
P2PSIP@ietf.org
https://www1.ietf.org/mailman/listinfo/p2psip

v2.23.0 | Report a Bug | By Email