Re: [pntaw] Real-time media over TCP

Dan Wing <dwing@cisco.com> Tue, 15 October 2013 16:16 UTC

Return-Path: <dwing@cisco.com>
X-Original-To: pntaw@ietfa.amsl.com
Delivered-To: pntaw@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9987E11E818C for <pntaw@ietfa.amsl.com>; Tue, 15 Oct 2013 09:16:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.599
X-Spam-Level:
X-Spam-Status: No, score=-110.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JwF1tPePlh51 for <pntaw@ietfa.amsl.com>; Tue, 15 Oct 2013 09:16:28 -0700 (PDT)
Received: from mtv-iport-1.cisco.com (mtv-iport-1.cisco.com [173.36.130.12]) by ietfa.amsl.com (Postfix) with ESMTP id F327121F9302 for <pntaw@ietf.org>; Tue, 15 Oct 2013 09:15:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3510; q=dns/txt; s=iport; t=1381853758; x=1383063358; h=mime-version:subject:from:in-reply-to:date:cc: content-transfer-encoding:message-id:references:to; bh=eUJ3z57FbB1hA9gAKF5IqiVXDsFE2Bof3RjkpkuQI58=; b=OBTi2flXi9tmos+eymr1PXwpIxiDuLD2HbDQjHuaUjLNs193gR3ug7lI hpFbvjSGKcldJPNLU7ax01v+TV6/jRtPIqlnG+BJvjLFg992Ai1z54ISA iUsSKro1bhP48pOfVwpU+WEBm6oIPpv1bSRtQ8IG3pVdA+wtbMFQAnfpC Y=;
X-IronPort-AV: E=Sophos;i="4.93,500,1378857600"; d="scan'208";a="91484664"
Received: from mtv-core-2.cisco.com ([171.68.58.7]) by mtv-iport-1.cisco.com with ESMTP; 15 Oct 2013 16:15:58 +0000
Received: from dhcp-10-155-136-255.cisco.com (dhcp-10-155-136-255.cisco.com [10.155.136.255]) by mtv-core-2.cisco.com (8.14.5/8.14.5) with ESMTP id r9FGFv5r004004; Tue, 15 Oct 2013 16:15:57 GMT
Content-Type: text/plain; charset=us-ascii
Mime-Version: 1.0 (Mac OS X Mail 6.6 \(1510\))
From: Dan Wing <dwing@cisco.com>
In-Reply-To: <913383AAA69FF945B8F946018B75898A2000EB57@xmb-rcd-x10.cisco.com>
Date: Tue, 15 Oct 2013 09:15:57 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <8F31D947-AB62-431A-875D-FCBAA2D38290@cisco.com>
References: <CAGTXFp92jSzQz05uHngzscz88n=fT_JPbEvQRxgeUUqPVRQUyQ@mail.gmail.com> <52244DD7.1020900@alvestrand.no> <BLU405-EAS183E36A927CA42270B6936D93300@phx.gbl> <522590EE.7070508@alvestrand.no> <C632A223-A55A-47F4-B083-9BDC447DA959@cisco.com> <52262657.3080208@alvestrand.no> <A2C315DB-1882-4BD1-A8C0-E8AF7DEA48F4@cisco.com> <00ca01cec387$f881cae0$e98560a0$@co.in> <BLU406-EAS274696C3D9DFE505F96B8E393130@phx.gbl> <004201cec44f$381a47f0$a84ed7d0$@co.in> <52544E0E.5080405@viagenie.ca> <003b01cec511$27e1abe0$77a503a0$@co.in> <E44893DD4E290745BB608EB23FDDB7620A0D672F@008-AM1MPN1-042.mgdnok.nokia.com> <9E34D50A21D1D1489134B4D770CE039768081AC9@SZXEMA504-MBX.china.huawei.com> <004e01cec5df$cf8daaf0$6ea900d0$@co.in> <E44893DD4E290745BB608EB23FDDB7620A0E2DC6@008-AM1MPN1-043.mgdnok.nokia.com> <9F33F40F6F2CD847824537F3C4E37DDF17BEFB3E@MCHP04MSX.global-ad.net> <BLU402-EAS357ECBFC621A567B9D3A7B4931A0@phx.gbl> <525C148F.8070502@gmail.com> <00d401cec90e$d688d5a0$839a80e0$@co.in> <E44893DD4E2 90745BB608EB23FDDB7620A0E7172@008-AM1MPN1-043.mgdnok.nokia.com> <A51F486D-3BC0-4090-80CD-B4A15AC3EE69@cisco.com> <913383AAA69FF945B8F946018B75898A2000EB57@xmb-rcd-x10.cisco.com>
To: Tirumaleswar Reddy (tireddy) <tireddy@cisco.com>
X-Mailer: Apple Mail (2.1510)
Cc: "pntaw@ietf.org" <pntaw@ietf.org>, "partha@parthasarathi.co.in" <partha@parthasarathi.co.in>, "Markus.Isomaki@nokia.com" <Markus.Isomaki@nokia.com>
Subject: Re: [pntaw] Real-time media over TCP
X-BeenThere: pntaw@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Discussion list for practices related to proxies, NATs, TURN, and WebRTC" <pntaw.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pntaw>, <mailto:pntaw-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pntaw>
List-Post: <mailto:pntaw@ietf.org>
List-Help: <mailto:pntaw-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pntaw>, <mailto:pntaw-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Oct 2013 16:16:38 -0000

On Oct 14, 2013, at 11:02 PM, Tirumaleswar Reddy (tireddy) <tireddy@cisco.com>; wrote:

>> -----Original Message-----
>> From: pntaw-bounces@ietf.org [mailto:pntaw-bounces@ietf.org] On Behalf Of Dan
>> Wing (dwing)
>> Sent: Tuesday, October 15, 2013 5:31 AM
>> To: Markus.Isomaki@nokia.com
>> Cc: pntaw@ietf.org; partha@parthasarathi.co.in
>> Subject: Re: [pntaw] Real-time media over TCP
>> 
>> 
>> On Oct 14, 2013, at 12:06 PM, Markus.Isomaki@nokia.com wrote:
>> 
>>> Hi,
>>> 
>>> In practice I doubt you find many situations where UDP is completely blocked
>> but incoming TCP connections from anywhere are allowed.
>> 
>> Agreed.
>> 
>> But if both ends are trying to communicate with each other, their
>> communications will appear as a TCP simultaneous-open.  That could (in fact,
>> "should") work across a firewall because the firewall will see an outbound SYN
>> to a host/port after which it will see an inbound SYN from that same
>> host/port.
> 
> But firewall TCP inspection causes the inbound SYN from the same host/port to be dropped (Firewalls typically do not permit TCP simultaneous-open). Even with NAT as per the survey results in ICE TCP (http://tools.ietf.org/html/rfc6544#appendix-A) TCP simultaneous-open worked only in roughly 45% of the cases.

If avoiding TURN improves the user experience, and IT policy says TCP is allowed, I expect firewall vendors would make sure TCP simultaneous open works.

-d


> 
> -Tiru.
> 
>> 
>> -d
>> 
>> 
>>> I'm not sure the use cases and requirements document really claims that to
>> be the case, but I agree it is somewhat ambiguous. That means that while
>> direct TCP connection would be better than TCP based relay, its success rate
>> would be very small. I suppose we agree that UDP based relay would still be
>> better than direct TCP for real-time media.
>>> 
>>> Markus
>>> 
>>>> -----Original Message-----
>>>> From: pntaw-bounces@ietf.org [mailto:pntaw-bounces@ietf.org] On Behalf
>>>> Of ext Parthasarathi R
>>>> Sent: 14 October, 2013 21:55
>>>> To: pntaw@ietf.org
>>>> Subject: Re: [pntaw] Real-time media over TCP
>>>> 
>>>> Hi all,
>>>> 
>>>> My point is that the direct media connection has to be given priority over
>>>> TURN based mechanism. In case of ICE-TCP, there is a possibility for the
>>>> direction connection between two browsers involved in the WebRTC session
>>>> and should be given priority over TURN based mechanism. So, 6) TCP based
>>>> candidates (ICE-TCP) - MUST
>>>> 
>>>> There is an assumption in the discussion that the incoming TCP traffic is
>> not
>>>> allowed through firewall. In case it is the problem to be solved, RTCWeb
>>>> usecase and requirement has to be updated. I noticed in
>>>> draft-ietf-rtcweb-use-cases-and-requirements-12 (published today) that
>>>> there is no such requirement. I'll write the mail in RTCWeb WG to get the
>>>> clarity on the requirement in case the firewall forbidding incoming TCP
>> traffic
>>>> is a matter of missing text in the requirement.
>>>> 
>>>> Thanks
>>>> Partha
>>>> 
>>> _______________________________________________
>>> pntaw mailing list
>>> pntaw@ietf.org
>>> https://www.ietf.org/mailman/listinfo/pntaw
>> 
>> _______________________________________________
>> pntaw mailing list
>> pntaw@ietf.org
>> https://www.ietf.org/mailman/listinfo/pntaw