Re: [rtcweb] comments on draft-ietf-rtcweb-transports-01
Harald Alvestrand <harald@alvestrand.no> Mon, 16 December 2013 15:57 UTC
Return-Path: <harald@alvestrand.no>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E61361AE36A for <rtcweb@ietfa.amsl.com>; Mon, 16 Dec 2013 07:57:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.438
X-Spam-Level:
X-Spam-Status: No, score=-7.438 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.538] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NokHRLr-wjjk for <rtcweb@ietfa.amsl.com>; Mon, 16 Dec 2013 07:57:56 -0800 (PST)
Received: from eikenes.alvestrand.no (eikenes.alvestrand.no [158.38.152.233]) by ietfa.amsl.com (Postfix) with ESMTP id 3BE321AE367 for <rtcweb@ietf.org>; Mon, 16 Dec 2013 07:57:56 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by eikenes.alvestrand.no (Postfix) with ESMTP id AAD0C39E3B1 for <rtcweb@ietf.org>; Mon, 16 Dec 2013 16:57:58 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at eikenes.alvestrand.no
Received: from eikenes.alvestrand.no ([127.0.0.1]) by localhost (eikenes.alvestrand.no [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f347yBu3aYWa for <rtcweb@ietf.org>; Mon, 16 Dec 2013 16:57:56 +0100 (CET)
Received: from [192.168.1.17] (unknown [188.113.88.47]) by eikenes.alvestrand.no (Postfix) with ESMTPSA id D195D39E062 for <rtcweb@ietf.org>; Mon, 16 Dec 2013 16:57:56 +0100 (CET)
Message-ID: <52AF230E.4020202@alvestrand.no>
Date: Mon, 16 Dec 2013 16:58:06 +0100
From: Harald Alvestrand <harald@alvestrand.no>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.1.1
MIME-Version: 1.0
To: rtcweb@ietf.org
References: <8F9E4453-BAD3-4ADD-9548-B0727E263F7F@cisco.com>
In-Reply-To: <8F9E4453-BAD3-4ADD-9548-B0727E263F7F@cisco.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [rtcweb] comments on draft-ietf-rtcweb-transports-01
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Dec 2013 15:57:59 -0000
On 12/12/2013 06:20 PM, Dan Wing wrote:
> This document does not explain why the media and data need to share the same 5-tuple. For inspiration I re-read the introduction to draft-ietf-mmusic-sdp-bundle-negotiation, but it also does not explain the reason it multiplexes everything onto one port.
The primary reason is reduced call setup failure frequency
We (Google Talk Video at the time) saw a pretty massive fall in failure
rates when we switched on RTCP bundling (going from 4 ports to 2 ports)
because of the reduced number of failures of the ICE setup - we see no
reason to suspect that the reduction in failures going from 2 ports to 1
port should be negligible.
> Is there a citation to why this multiplexing is necessary?
No, we did not publish this result.
> I ask because draft-ietf-rtcweb-transports makes a slight acknowledgement that per-packet DSCP marking is not always possible, but draft-ietf-rtcweb-transports does not provide much guidance for when using the same 5-tuple is harmful or is helpful or is necessary. It seems draft-ietf-rtcweb-transports is a good place for the guidance between reduced call setup time (which I understand is the primary motivation, but again I don't know where that was written down) versus getting the OS to permit setting per-packet DSCP versus getting the network to assist with 5-tuple prioritization.
>
> Other comments:
>
>
> Section 2.1:
> If DSCP code points can only be set on a per-socket basis, not per-
> packet, one loses the ability to have the network discriminate
> reliably between classes of traffic sent over the same transport, but
> this does not prevent communication.
>
> In the case where per-packet DSCP cannot be set (due to OS limitations, I suppose?), should the I-D encourage the endpoint to perhaps avoid bundling, or explain trade-offs of multiplexing everything to one port versus using separate ports?
I don't know that we have data to push this in one direction or the other.
>
>
> Section 2.2:
> In order to deal with firewalls that block all UDP traffic, TURN
> using TCP between the client and the server MUST be supported, and
> TURN using TLS between the client and the server MUST be supported.
>
> The "using TCP between the client and the server" is confusing. How about just "In order to deal with firewalls that block all UDP traffic, TURN-TCP [RFC6062] MUST be supported, and ..." <continue with rest of sentence>.
Actually the language mirrors RFC 5766 section 4, but tightens the
restrictions:
To ensure interoperability, a TURN server MUST support the use of UDP
transport between the client and the server, and SHOULD support the
use of TCP and TLS transport.
The "server" in this case is the TURN server in both documents, I think.
This could be made clearer.
>
>
> Section 2.2:
> ICE TCP candidates [RFC6062] MAY be supported; this may allow
> applications to achieve peer-to-peer communication across UDP-
> blocking firewalls, but this also requires use of the SRTP/AVPF/TCP
> profile of RTP.
>
> It doesn't require SRTP/AVPF/TCP profile, see http://tools.ietf.org/html/rfc6544#section-4.3 and the last paragraph of page 11 http://tools.ietf.org/html/rfc6544#page-11 specifically "If an agent is utilizing SRTP [RFC3711], it MAY include a mix of UDP and TCP candidates. "
I'm happy that it doesn't!
>
>
> Section 2.2:
> The following specifications MUST be supported:
>
> o ICE [RFC5245]
>
> o TURN, including TURN over TCP[RFC5766].
>
> could be improved by clarifying ICE full implementation is necessary, and tightening TURN. I suggest:
>
> "o Full implementation of ICE [RFC5245]
> o TURN [RFC5766], except that TURN over TLS MAY be supported
> o TURN over TCP [RFC6062]"
>
>
> Section 2.2:
> TURN over TLS [RFC5766] over TCP MAY be supported. (QUESTION: SHOULD? MUST?)
>
> Remove that sentence and fold it into the MUST in the previous sentence, because TURN-over-TLS is defined in the main TURN RFC (RFC5766).
RFC 5766 has TLS as SHOULD (see quote above). We already strengthened
TCP from RFC 5766's SHOULD to MUST; I'm still uncertain if we should do
the same for TLS, but MAY is weakening 5766, and I don't think we should.
>
>
> Section 2.2:
> For referring to STUN and TURN servers, this specification depends on
> the STUN URI, [I-D.nandakumar-rtcweb-stun-uri].
>
> Does that sentence need RFC2119 language? It think it also needs to cite TURN URI, RFC5928.
Yep, and use RFC numbers for both.
>
>
> Section 2.3:
> RTCWEB implementations MUST support multiplexing of DTLS and RTP over
> the same port pair, as described in the DTLS_SRTP specification
> [RFC5764], section 5.1.2. Further separation of the DTLS traffic
> into SCTP and "other" is described in <need reference>.
>
> I would just pull the demultiplexing algorithm into this I-D, as this I-D is where all of these protocols are brought together. For reference, RFC5764 shows:
>
> +----------------+
> | 127 < B < 192 -+--> forward to RTP
> | |
> packet --> | 19 < B < 64 -+--> forward to DTLS
> | |
> | B < 2 -+--> forward to STUN
> +----------------+
>
>
> so to add SCTP it would be something like:
>
> +----------------+
> | 127 < B < 192 -+--> forward to RTP
> | |
> packet --> | B < 2 -+--> forward to STUN
> | |
> | 19 < B < 64 -+--> forward to DTLS
> +----------------+ |
> V
> +-------------------------+
> SCTP<--+- C-T = application_data |
> | |
> DTLS<--+- C-T = <other> |
> +-------------------------+
>
>
> Where "C-T" is the TLS ContentType.
>
>
>
> Related to this demultiplexing, it seems this document is best place to describe using ALPN for the DTLS session (see http://tools.ietf.org/html/draft-thomson-rtcweb-consent-00#section-3).
If we agree that this is what we should do, we can either include a
reference or simply incorporate Martin's text here. So far, I haven't
seen a consensus around this draft (but that's the chairs' job to
determine).
>
> -d
>
>
>
>
> _______________________________________________
> rtcweb mailing list
> rtcweb@ietf.org
> https://www.ietf.org/mailman/listinfo/rtcweb
- Re: [rtcweb] comments on draft-ietf-rtcweb-transp… Harald Alvestrand
- [rtcweb] comments on draft-ietf-rtcweb-transports… Dan Wing
- Re: [rtcweb] comments on draft-ietf-rtcweb-transp… Wesley Eddy
- Re: [rtcweb] comments on draft-ietf-rtcweb-transp… Chenxin (Xin)
- Re: [rtcweb] comments on draft-ietf-rtcweb-transp… Eggert, Lars
- Re: [rtcweb] comments on draft-ietf-rtcweb-transp… Pal Martinsen (palmarti)
- Re: [rtcweb] comments on draft-ietf-rtcweb-transp… Harald Alvestrand
- Re: [rtcweb] comments on draft-ietf-rtcweb-transp… Dan Wing
- Re: [rtcweb] comments on draft-ietf-rtcweb-transp… Wesley Eddy
- Re: [rtcweb] comments on draft-ietf-rtcweb-transp… Harald Alvestrand
- Re: [rtcweb] comments on draft-ietf-rtcweb-transp… Dave Taht
- Re: [rtcweb] comments on draft-ietf-rtcweb-transp… Dan Wing