Re: [pntaw] Real-time media over TCP
Harald Alvestrand <harald@alvestrand.no> Sat, 09 November 2013 22:22 UTC
Return-Path: <harald@alvestrand.no>
X-Original-To: pntaw@ietfa.amsl.com
Delivered-To: pntaw@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6C38911E819C for <pntaw@ietfa.amsl.com>; Sat, 9 Nov 2013 14:22:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.598
X-Spam-Level:
X-Spam-Status: No, score=-110.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iwCxrGjZ7fmI for <pntaw@ietfa.amsl.com>; Sat, 9 Nov 2013 14:22:32 -0800 (PST)
Received: from eikenes.alvestrand.no (eikenes.alvestrand.no [158.38.152.233]) by ietfa.amsl.com (Postfix) with ESMTP id 0628611E8189 for <pntaw@ietf.org>; Sat, 9 Nov 2013 14:22:32 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by eikenes.alvestrand.no (Postfix) with ESMTP id 17F2539E474; Sat, 9 Nov 2013 23:22:30 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at eikenes.alvestrand.no
Received: from eikenes.alvestrand.no ([127.0.0.1]) by localhost (eikenes.alvestrand.no [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2uyulc-ZSGBb; Sat, 9 Nov 2013 23:22:27 +0100 (CET)
Received: from [10.199.3.179] (209-82-80-116.dedicated.allstream.net [209.82.80.116]) by eikenes.alvestrand.no (Postfix) with ESMTPSA id 543A639E062; Sat, 9 Nov 2013 23:22:26 +0100 (CET)
Message-ID: <527EB59F.5060108@alvestrand.no>
Date: Sat, 09 Nov 2013 23:22:23 +0100
From: Harald Alvestrand <harald@alvestrand.no>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.1.0
MIME-Version: 1.0
To: Parthasarathi R <partha@parthasarathi.co.in>, 'Justin Uberti' <juberti@google.com>, Markus.Isomaki@nokia.com
References: <CAGTXFp92jSzQz05uHngzscz88n=fT_JPbEvQRxgeUUqPVRQUyQ@mail.gmail.com> <9E34D50A21D1D1489134B4D770CE039768081AC9@SZXEMA504-MBX.china.huawei.com> <004e01cec5df$cf8daaf0$6ea900d0$@co.in> <E44893DD4E290745BB608EB23FDDB7620A0E2DC6@008-AM1MPN1-043.mgdnok.nokia.com> <9F33F40F6F2CD847824537F3C4E37DDF17BEFB3E@MCHP04MSX.global-ad.net> <BLU402-EAS357ECBFC621A567B9D3A7B4931A0@phx.gbl> <525C148F.8070502@gmail.com> <00d401cec90e$d688d5a0$839a80e0$@co.in> <A51F486D-3BC0-4090-80CD-B4A15AC3EE69@cisco.com> <913383AAA69FF945B8F946018B75898A2000EB57@xmb-rcd-x10.cisco.com> <8F31D947-AB62-431A-875D-FCBAA2D38290@cisco.com> <525E806B.5060401@alvestrand.no> <000801cecdae$f6713160$e3539420$@co.in> <CAOJ7v-3W7Kj_Bn7pTPs+ =-wPZRSvC1DzAHB9=2cnK8 JiAoK3ug@mail.gmail.com> <E44893DD4E290745BB608EB23FDDB7620A10CA55@008-AM1MPN1-041.mgdnok.nokia.com> <CAOJ7v-3E8a9ayfbvk1tN6pqBn-U1tjQ=id1MtYaESB1BnH+sGQ@mail.gmail.com> <008801cedd31$e0031f00$a0095d00$@co.in>
In-Reply-To: <008801cedd31$e0031f00$a0095d00$@co.in>
X-Enigmail-Version: 1.6
Content-Type: multipart/alternative; boundary="------------070501060308050002060300"
Cc: pntaw@ietf.org
Subject: Re: [pntaw] Real-time media over TCP
X-BeenThere: pntaw@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Discussion list for practices related to proxies, NATs, TURN, and WebRTC" <pntaw.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pntaw>, <mailto:pntaw-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pntaw>
List-Post: <mailto:pntaw@ietf.org>
List-Help: <mailto:pntaw-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pntaw>, <mailto:pntaw-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Nov 2013 22:22:37 -0000
On 11/09/2013 10:55 AM, Parthasarathi R wrote: > > Hi Justin, Markus & all, > > > > It is good to know that conference server usecase as well for ICE-TCP > usage. I think that it is better to request for adding conference/IVR > Server/Gateway with firewall usecases explicitly in the RTCWeb usecase > & requirement document in case there is no other objection in this > mail thread. > Section 3.4.3 "Video conferencing system with central server" seems to already cover this case. In particular (from -12): Note: This use-case adds requirements on ..... ability to traverse very restrictive FWs. > > > Thanks > > Partha > > > > *From:*pntaw-bounces@ietf.org [mailto:pntaw-bounces@ietf.org] *On > Behalf Of *Justin Uberti > *Sent:* Saturday, November 09, 2013 7:27 AM > *To:* Markus.Isomaki@nokia.com > *Cc:* Harald Tveit Alvestrand; pntaw@ietf.org; Parthasarathi R > *Subject:* Re: [pntaw] Real-time media over TCP > > > > > > > > On Fri, Nov 8, 2013 at 3:58 PM, <Markus.Isomaki@nokia.com > <mailto:Markus.Isomaki@nokia.com>> wrote: > > Hi Justin, > > > > It’s great to hear that at least one browser will be able to do > ICE-TCP. It is an optimization, but definitely a useful one for > certain central server and gateway situations. I have heard also from > other service/gateway providers that they want to avoid the TURN-TCP > “hop” for the same reasons you state. After listening to them, I’d say > ICE-TCP ought to be rather a “SHOULD” instead of “MAY” in the RTCWeb > NAT traversal framework. > > > > Sounds good. > > > > I suppose that when real-time media runs over TCP, it is in > general best to avoid bundling, but to run the different medias > over separate TCP connections. That way a single lost packet only > affects the rate of one of the medias instead of the aggregate. > > > > That is an interesting idea, but I think it is probably difficult to > make work because the BUNDLE decision happens separately from ICE > candidate pair selection. > > > > I think what we really want is some sort of multi-TCP transport, where > we can open several simultaneous TCP connections and rotate between > them. Or maybe a Minion TCP-based approach. These would have their own > issues, but be conceptually simpler. > > > > I wonder if you already have a plan in Chrome if and how to deal > with HTTP (and TLS) restricted firewalls. Are you OK with the idea > of connecting to a TURN server with HTTP CONNECT, or do you see > some issues with that? > > > > We already use HTTP CONNECT with ICE-TCP, TURN-TCP, and TURN-TLS. It > works. > > > > Markus > > > > > > *From:*pntaw-bounces@ietf.org <mailto:pntaw-bounces@ietf.org> > [mailto:pntaw-bounces@ietf.org <mailto:pntaw-bounces@ietf.org>] > *On Behalf Of *ext Justin Uberti > *Sent:* 09 November, 2013 01:33 > *To:* Parthasarathi R > *Cc:* Harald Alvestrand; pntaw@ietf.org <mailto:pntaw@ietf.org> > > > *Subject:* Re: [pntaw] Real-time media over TCP > > > > FWIW: we use ICE-TCP to connect to a conferencing server, instead > of TURN-TCP, to avoid the extra TURN hop and the whole TURN > credentials business. It's an optimization for sure, but a useful one. > > > > I don't think ICE-TCP will be all that useful for P2P connectivity > in the near future. The scenarios that require ICE-TCP are the > exact ones where simultaneous open will probably be impossible. > > > > On Sun, Oct 20, 2013 at 9:10 AM, Parthasarathi R > <partha@parthasarathi.co.in <mailto:partha@parthasarathi.co.in>> > wrote: > > Hi Harald & all, > > I agree that ICE-TCP qualifies for "MAY" requirement in case both > browsers > are behind firewall. ICE-TCP is good for usecase wherein only one > of the > browsers is behind firewall. Existing WebRTC usecase namely FedEx > call is > good example for only one browser behind firewall wherein IVR is > not going > to be behind UDP blocking firewall. In those usecases, ICE-TCP > candidates > has merits over TURN relay candidates. IMO, ICE-TCP MUST be > considered. > > The current WebRTC FW usecase is (accidentially) inline with one > of the > browser behind firewall scenario as mentioned in sec 3.3.2.1 of > draft-ietf-rtcweb-use-cases-and-requirements-12: > > > "The difference is that one of the users is behind a NAT that > blocks UDP > traffic." > > Thanks > Partha > > > > -----Original Message----- > > From: pntaw-bounces@ietf.org <mailto:pntaw-bounces@ietf.org> > [mailto:pntaw-bounces@ietf.org <mailto:pntaw-bounces@ietf.org>] On > Behalf > > > Of Harald Alvestrand > > Sent: Wednesday, October 16, 2013 5:33 PM > > To: pntaw@ietf.org <mailto:pntaw@ietf.org> > > Subject: Re: [pntaw] Real-time media over TCP > > > > On 10/15/2013 06:15 PM, Dan Wing wrote: > > > On Oct 14, 2013, at 11:02 PM, Tirumaleswar Reddy (tireddy) > > <tireddy@cisco.com <mailto:tireddy@cisco.com>> wrote: > > > > > >>> -----Original Message----- > > >>> From: pntaw-bounces@ietf.org <mailto:pntaw-bounces@ietf.org> > [mailto:pntaw-bounces@ietf.org <mailto:pntaw-bounces@ietf.org>] On > > Behalf Of Dan > > >>> Wing (dwing) > > >>> Sent: Tuesday, October 15, 2013 5:31 AM > > >>> To: Markus.Isomaki@nokia.com <mailto:Markus.Isomaki@nokia.com> > > >>> Cc: pntaw@ietf.org <mailto:pntaw@ietf.org>; > partha@parthasarathi.co.in <mailto:partha@parthasarathi.co.in> > > >>> Subject: Re: [pntaw] Real-time media over TCP > > >>> > > >>> > > >>> On Oct 14, 2013, at 12:06 PM, Markus.Isomaki@nokia.com > <mailto:Markus.Isomaki@nokia.com> wrote: > > >>> > > >>>> Hi, > > >>>> > > >>>> In practice I doubt you find many situations where UDP is > > completely blocked > > >>> but incoming TCP connections from anywhere are allowed. > > >>> > > >>> Agreed. > > >>> > > >>> But if both ends are trying to communicate with each other, > their > > >>> communications will appear as a TCP simultaneous-open. That > could > > (in fact, > > >>> "should") work across a firewall because the firewall will > see an > > outbound SYN > > >>> to a host/port after which it will see an inbound SYN from that > > same > > >>> host/port. > > >> But firewall TCP inspection causes the inbound SYN from the same > > host/port to be dropped (Firewalls typically do not permit TCP > > simultaneous-open). Even with NAT as per the survey results in > ICE TCP > > (http://tools.ietf.org/html/rfc6544#appendix-A) TCP > simultaneous-open > > worked only in roughly 45% of the cases. > > > If avoiding TURN improves the user experience, and IT policy > says TCP > > is allowed, I expect firewall vendors would make sure TCP > simultaneous > > open works. > > > > > > > > If something improves the user experience if it is possible to > do it, > > but the basic functionality works without it, and it's unclear > whether > > the special circumstances under which it's going to improve the user > > experience in fact exist in the field, I think that's perfect > for a MAY > > implement. > > > > _______________________________________________ > > pntaw mailing list > > pntaw@ietf.org <mailto:pntaw@ietf.org> > > https://www.ietf.org/mailman/listinfo/pntaw > > _______________________________________________ > pntaw mailing list > pntaw@ietf.org <mailto:pntaw@ietf.org> > https://www.ietf.org/mailman/listinfo/pntaw > > > > > -- Surveillance is pervasive. Go Dark.
- [pntaw] Real-time media over TCP Victor Pascual Avila
- Re: [pntaw] Real-time media over TCP Harald Alvestrand
- Re: [pntaw] Real-time media over TCP Bernard Aboba
- Re: [pntaw] Real-time media over TCP Bernard Aboba
- Re: [pntaw] Real-time media over TCP Harald Alvestrand
- Re: [pntaw] Real-time media over TCP Dan Wing
- Re: [pntaw] Real-time media over TCP Harald Alvestrand
- Re: [pntaw] Real-time media over TCP Dan Wing
- Re: [pntaw] Real-time media over TCP Parthasarathi R
- Re: [pntaw] Real-time media over TCP Bernard Aboba
- Re: [pntaw] Real-time media over TCP Dan Wing
- Re: [pntaw] Real-time media over TCP Michael Tuexen
- Re: [pntaw] Real-time media over TCP Dan Wing
- Re: [pntaw] Real-time media over TCP Harald Alvestrand
- Re: [pntaw] Real-time media over TCP Harald Alvestrand
- Re: [pntaw] Real-time media over TCP Michael Tuexen
- Re: [pntaw] Real-time media over TCP Dan Wing
- Re: [pntaw] Real-time media over TCP Parthasarathi R
- Re: [pntaw] Real-time media over TCP Simon Perreault
- Re: [pntaw] Real-time media over TCP Paul Kyzivat
- Re: [pntaw] Real-time media over TCP Parthasarathi R
- Re: [pntaw] Real-time media over TCP Markus.Isomaki
- Re: [pntaw] Real-time media over TCP Markus.Isomaki
- Re: [pntaw] Real-time media over TCP Paul Kyzivat
- Re: [pntaw] Real-time media over TCP Chenxin (Xin)
- Re: [pntaw] Real-time media over TCP Parthasarathi R
- Re: [pntaw] Real-time media over TCP Chenxin (Xin)
- Re: [pntaw] Real-time media over TCP Markus.Isomaki
- Re: [pntaw] Real-time media over TCP Hutton, Andrew
- Re: [pntaw] Real-time media over TCP Bernard Aboba
- Re: [pntaw] Real-time media over TCP Sergio Garcia Murillo
- Re: [pntaw] Real-time media over TCP Parthasarathi R
- Re: [pntaw] Real-time media over TCP Parthasarathi R
- Re: [pntaw] Real-time media over TCP Markus.Isomaki
- Re: [pntaw] Real-time media over TCP Paul Kyzivat
- Re: [pntaw] Real-time media over TCP Dan Wing
- Re: [pntaw] Real-time media over TCP Dan Wing
- Re: [pntaw] Real-time media over TCP Ted Hardie
- Re: [pntaw] Real-time media over TCP Dan Wing
- Re: [pntaw] Real-time media over TCP Tirumaleswar Reddy (tireddy)
- Re: [pntaw] Real-time media over TCP Dan Wing
- Re: [pntaw] Real-time media over TCP Harald Alvestrand
- Re: [pntaw] Real-time media over TCP Parthasarathi R
- Re: [pntaw] Real-time media over TCP Justin Uberti
- Re: [pntaw] Real-time media over TCP Markus.Isomaki
- Re: [pntaw] Real-time media over TCP Justin Uberti
- Re: [pntaw] Real-time media over TCP Parthasarathi R
- Re: [pntaw] Real-time media over TCP Harald Alvestrand
- Re: [pntaw] Real-time media over TCP Ravindran, Parthasarathi (NSN - IN/Bangalore)
- Re: [pntaw] Real-time media over TCP Harald Alvestrand
- Re: [pntaw] Real-time media over TCP Ravindran, Parthasarathi (NSN - IN/Bangalore)
- Re: [pntaw] Real-time media over TCP Markus.Isomaki
- Re: [pntaw] Real-time media over TCP Justin Uberti