Re: [rtcweb] Is rtcweb the right place for draft-ietf-rtcweb-mdns-ice-candidates?
Roman Shpount <roman@telurix.com> Thu, 04 July 2019 18:47 UTC
Return-Path: <roman@telurix.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 32732120167 for <rtcweb@ietfa.amsl.com>; Thu, 4 Jul 2019 11:47:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.887
X-Spam-Level:
X-Spam-Status: No, score=-1.887 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=telurix-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id gh6iXJFPWr8a for <rtcweb@ietfa.amsl.com>; Thu, 4 Jul 2019 11:47:10 -0700 (PDT)
Received: from mail-pl1-x62d.google.com (mail-pl1-x62d.google.com [IPv6:2607:f8b0:4864:20::62d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B4DE5120141 for <rtcweb@ietf.org>; Thu, 4 Jul 2019 11:47:10 -0700 (PDT)
Received: by mail-pl1-x62d.google.com with SMTP id b7so3448705pls.6 for <rtcweb@ietf.org>; Thu, 04 Jul 2019 11:47:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=telurix-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=IMEiTCU6RPYS/MJZvjUQw/512UONGY5mRxFsRS/M47o=; b=vIeWQK6QTEOJX+77vcDbPTf/ugYwguSmX+c4F9fAL6d0Nle/KeMJXFeKWxrzV6cm5y sbGydZkPRj8j7HwdXIOEhCzk180gUo+gsykixNxhy7h7Bwg147a4GRdX+SQa9mk3Kxw8 9DMNcZyn4hpMmrh4USrRPVoxosQyCeYlslNo6kJ2uaUG18hpIS1rzeFgp7DDNN/kleNi xuubol/qmPigPPDiBPN4Ilk/3YwIYa6cSP6Q+st+kbFB08eijd31PgI8IjpV/nunccQt olMJH0cXhksYE6+cCT58K8RStovrQR8zWoEGlBHhduAPxBlACv4Zvnt74D7bmtE/T2gb ZGFA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=IMEiTCU6RPYS/MJZvjUQw/512UONGY5mRxFsRS/M47o=; b=bHt2vz8TF10aXw9lF2BqjpTr0/t9/c23mdOoCBKrjoT4Qne3eQqEbtUgD9Te8vQgF+ In/fxRAauWa6+AyxEGbUNUp+ALexWtjdO63A4IsPjVSOfeAWzeoX0+3cvKAD6XCDlw8i 6OIr1Gs+1pnupyfDP/bm5/EU6ndFTAGSPLJ6BIeJP5aUdexh5duVrrQevXFJ6Rv2WeqZ CF3+XONz8KZ1mU6kgxxwINucC3CpmuHkVy7DzqlVDH8W1l884zEpEfIgPvX0WOEI/PGa AWfdgFKVc/GgCBOqXRGoQtBmcD7CjuYF7GRl9vEGtw+fuO8gl9ebIqn3h1u57UCAOZHT rFiA==
X-Gm-Message-State: APjAAAVIL0GNUBnpDAl5ANBwuKQD+/CX0cWTktgDzOpZyERBNpdhHT6A 6RR9NpDVjsnm6bxXcRODPCoO6ASCrd8=
X-Google-Smtp-Source: APXvYqyNnxbfBksbhmMriT9ZOTilc4ACl3AlF1piiGhxWEizfDn0Si38VY3FrPXMFic550jrJzf/EA==
X-Received: by 2002:a17:902:da4:: with SMTP id 33mr46624678plv.209.1562266029480; Thu, 04 Jul 2019 11:47:09 -0700 (PDT)
Received: from mail-pl1-f171.google.com (mail-pl1-f171.google.com. [209.85.214.171]) by smtp.gmail.com with ESMTPSA id v184sm6900691pfb.82.2019.07.04.11.47.08 for <rtcweb@ietf.org> (version=TLS1_3 cipher=AEAD-AES128-GCM-SHA256 bits=128/128); Thu, 04 Jul 2019 11:47:08 -0700 (PDT)
Received: by mail-pl1-f171.google.com with SMTP id w24so3441913plp.2 for <rtcweb@ietf.org>; Thu, 04 Jul 2019 11:47:08 -0700 (PDT)
X-Received: by 2002:a17:902:20c8:: with SMTP id v8mr51005856plg.284.1562266028068; Thu, 04 Jul 2019 11:47:08 -0700 (PDT)
MIME-Version: 1.0
References: <b03853a4-1006-4da0-d52f-9e7462a2cd0c@alvestrand.no> <D80CECAF-B520-40A2-BFBB-E39B73BA943D@sn3rd.com> <CAD5OKxsd-SE8VpwFgto3DLbabs+9O+cHMucy1+Cep7tCJQR6+w@mail.gmail.com> <CAOJ7v-2XrND6YWqo2tEiDbs7TZpEoiP+MGBAk2aF7hfoMiGk0Q@mail.gmail.com> <CAD5OKxtSzOfnN8WrV-duwwfmwa+VJX_3HACiXU43Xeym25GQaQ@mail.gmail.com> <CAOJ7v-1pKuvNfuPVqJQKj1d0U8Z7JH9aqNU0DkNDMYvec7jyUQ@mail.gmail.com> <40E6F158-7AA1-42AD-9D18-1B4C335ECD64@mozilla.com> <CAOJ7v-2CWAX0W02qdRes3G-_5hiWGhWEdLhregO-nb1m2EDZZQ@mail.gmail.com>
In-Reply-To: <CAOJ7v-2CWAX0W02qdRes3G-_5hiWGhWEdLhregO-nb1m2EDZZQ@mail.gmail.com>
From: Roman Shpount <roman@telurix.com>
Date: Thu, 04 Jul 2019 14:46:59 -0400
X-Gmail-Original-Message-ID: <CAD5OKxu3sCBaN3MmWmeawuYB-sPqfZt6TqF=dSfs6Q0QdXNYKg@mail.gmail.com>
Message-ID: <CAD5OKxu3sCBaN3MmWmeawuYB-sPqfZt6TqF=dSfs6Q0QdXNYKg@mail.gmail.com>
To: Justin Uberti <juberti@google.com>
Cc: Nils Ohlmeier <nohlmeier@mozilla.com>, "rtcweb@ietf.org" <rtcweb@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000a5d44d058cdf6742"
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtcweb/L2P051Vv4sr8RzZ_oih4yLBtes4>
Subject: Re: [rtcweb] Is rtcweb the right place for draft-ietf-rtcweb-mdns-ice-candidates?
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Jul 2019 18:47:13 -0000
The FQDN in c= line and candidate address where in specs for a really long time (RFC 4566 and RFC 5245 both define them). This being said, FQDN in c= line was very infrequently used and FQDN in ICE candidate was never used. FQDN in ICE candidate was badly under defined and due to limited use there is no established practice on how it should work. Using FQDN for mDNS ICE candidates, as far as I know, is the first wide spread use of FQDN in ICE candidates. Almost every ICE implementation outside of Chrome was never tested against FQDN in c= lines and ICE candidates and likely would have issues. As it stands, ice-sip-sdp does not contradict using FQDN in ICE candidates, but is specifically leaves a big hole in the document regarding how exactly offers with FQDN are generated and how FQDN candidates are supposed to be processed. The only thing current draft defines is absolute minimum of what end point needs to do when receiving a session description with FQDN candidates and safely ignoring them.Things like FQDN resolution procedures, procedures for adding resolution results to the candidate list, and what is supposed to go into the c= line for FQDN default candidate were deliberately left out for the future document. If anybody wants to use FQDN in ICE candidates, these things need to be defined and verified to cause minimal disruption when deployed against existing end points. Since ICE and ICE session description related issues are normally discussed in mmusic, it probably should happen there to reach the proper audience. I understand that running experiments before proposing a solution is probably a good thing and this is what Chrome was doing up until this point. At the same time, rolling this feature into production before at least documenting it, will definitely cause interop problems. What we have now is a fairly major feature with a fairly outdated specification where all the interop issues weren't considered. As far as connectivity impact of Chrome experiment goes, we do see it causing issues with at least two scenarios: 1. Listen only connections to SBC/Media servers on public IP: We have a set of services which run SBC or Media Servers on public IPs with ICE TCP enabled. These services did not use STUN or TURN servers, since all the communications are between the browser end point and the server on public IP. In cases when microphone is not present on the client computer or client denies microphone access, client is still offered to connect in listen only mode. In this scenario, we ended up with FQDN in the c= line and only FQDN based candidates. As a quick work around we added STUN server, but this, in addition to slowing down the connection time, still prevented connections from hosts where UDP was blocked. We had to update software used to run our hosted services to support FQDN in c= line and ICE candidates (which was actually done as a regex replacement). Our software which is installed at client premises is still not updated and will likely take our clients another 6 months to a year to update. As far as we could see, before update, 2-3% of all listen only connections where affected. This is not a huge number but caused customer complaints from clients who were able to connect before the experiment started. 2. Peer-to-peer connections within enterprise: We are working with a peer-to-peer web casting solution for webinars. We see the connectivity rate reduction within large enterprises, where IP based connection between two private IP is allowed but client browsers are not withing the same broadcast domain. In this case mDNS connectivity check fails when direct IP connectivity check would succeed. In these cases webcast client switches to streaming from the server, so this does no result in total failure but does decrease the P2P network efficiency. Having an ability to ask for Peer-to-Peer connectivity permission would really help in this case. Best Regards, _____________ Roman Shpount On Thu, Jul 4, 2019 at 1:41 AM Justin Uberti <juberti@google.com> wrote: > As I understand it, mdns in the c= line will only occur in edge cases, > i.e., when there are no other candidates. As such I don’t see this as a > showstopper. > > We have measured the connectivity impact of this change in significant > detail and feel increasingly confident there are no egregious latent issues. > > On Wed, Jul 3, 2019 at 9:50 PM Nils Ohlmeier <nohlmeier@mozilla.com> > wrote: > >> Probably not the ideal forum to point this out, but I hope the Chrome >> team is aware that rolling out this feature, assuming it includes using >> mDNS in the connection line, will break interop with Firefox. >> So I have to concur that rolling this out appears to be premature to me. >> >> Best >> Nils Ohlmeier >> >> On 3Jul, 2019, at 17:58, Justin Uberti < >> juberti=40google.com@dmarc.ietf.org> wrote: >> >> Hmm, that's unfortunate. I think this is a mistake, given that we are >> about to throw the switch to enable mDNS for 100% of Chrome endpoints; >> Chrome (and soon all browsers) will have to ignore ice-sip-sdp until this >> extension spec is written. >> >> ice-sip-sdp isn't published yet, so it seems an update to that document >> could still be a possibility. If that's not an option, putting forth #1 as >> a specific extension that allows FQDN candidates to be generated in certain >> situations seems like the right path. >> >> >> >> On Wed, Jul 3, 2019 at 5:40 PM Roman Shpount <roman@telurix.com> wrote: >> >>> Part of the problem is that mmusic have decided to punt on the FQDN >>> support. In the current mmusic-ice-sip-sdp the final language that was >>> included: >>> >>> <connection-address>: is taken from RFC 4566 [RFC4566]. It is the IP >>> address of the candidate, allowing for IPv4 addresses, IPv6 addresses, and >>> fully qualified domain names (FQDNs). When parsing this field, an agent >>> can differentiate an IPv4 address and an IPv6 address by presence of a >>> colon in its value - the presence of a colon indicates IPv6. *An agent >>> generating local candidates MUST NOT use FQDN addresses. An agent >>> processing remote candidates MUST ignore candidate lines that include >>> candidates with FQDN *or IP address versions that are not supported or >>> recognized. *The procedures for generation and handling of FQDN >>> candidates, as well as, how agents indicate support for such procedures, >>> need to be specified in an extension specification.* >>> >>> So, at this point we have two options: >>> 1. draft-ietf-rtcweb-mdns-ice-candidates can update ice-sip-sdp and >>> define how FQDN candidates generated by mdns are handled >>> 2. write a new draft in mmusic which defines FQDN handling >>> >>> In any case some sort of mmusic discussion is needed to reconcile this. >>> >>> Best Regards, >>> _____________ >>> Roman Shpount >>> >>> >>> On Wed, Jul 3, 2019 at 8:28 PM Justin Uberti <juberti@google.com> wrote: >>> >>>> The problem this draft is trying to solve is fairly RTCWEB-specific. If >>>> there are individual issues to resolve, we can send them out to mmusic for >>>> discussion, but AFAIK no changes to existing ICE specs are needed. >>>> >>>> On Wed, Jul 3, 2019 at 4:26 PM Roman Shpount <roman@telurix.com> wrote: >>>> >>>>> Hi All, >>>>> >>>>> Is rtcweb the right place for draft-ietf-rtcweb-mdns-ice-candidates? >>>>> This entire draft seems to be ICE/SDP specific and not limited to rtcweb. >>>>> Also, there are significant interop implications for this draft >>>>> between browser and non-browser end points which probably warrant larger >>>>> discussion outside of rtcweb group. I would think mmusic would be a much >>>>> better place for this draft. I know there is an incentive to complete this >>>>> draft quickly but this has a potential to break a lot of things (it already >>>>> did break interop with almost every existing ICE implementation). >>>>> >>>>> Regards, >>>>> _____________ >>>>> Roman Shpount >>>>> _______________________________________________ >>>>> rtcweb mailing list >>>>> rtcweb@ietf.org >>>>> https://www.ietf.org/mailman/listinfo/rtcweb >>>>> >>>> _______________________________________________ >> rtcweb mailing list >> rtcweb@ietf.org >> https://www.ietf.org/mailman/listinfo/rtcweb >> >> >>
- [rtcweb] Request for status update Harald Alvestrand
- Re: [rtcweb] Request for status update Sean Turner
- [rtcweb] Is rtcweb the right place for draft-ietf… Roman Shpount
- Re: [rtcweb] Is rtcweb the right place for draft-… Justin Uberti
- Re: [rtcweb] Is rtcweb the right place for draft-… Roman Shpount
- Re: [rtcweb] Is rtcweb the right place for draft-… Justin Uberti
- Re: [rtcweb] Is rtcweb the right place for draft-… Roman Shpount
- Re: [rtcweb] Is rtcweb the right place for draft-… Bernard Aboba
- Re: [rtcweb] Is rtcweb the right place for draft-… Justin Uberti
- Re: [rtcweb] Is rtcweb the right place for draft-… Nils Ohlmeier
- Re: [rtcweb] Is rtcweb the right place for draft-… Justin Uberti
- Re: [rtcweb] Is rtcweb the right place for draft-… Bernard Aboba
- Re: [rtcweb] Request for status update Harald Alvestrand
- Re: [rtcweb] Is rtcweb the right place for draft-… Justin Uberti
- Re: [rtcweb] Is rtcweb the right place for draft-… Roman Shpount
- Re: [rtcweb] Is rtcweb the right place for draft-… Harald Alvestrand
- Re: [rtcweb] Is rtcweb the right place for draft-… Philipp Hancke
- Re: [rtcweb] Is rtcweb the right place for draft-… Roman Shpount
- Re: [rtcweb] Is rtcweb the right place for draft-… Harald Alvestrand
- Re: [rtcweb] Request for status update Adam Roach
- Re: [rtcweb] Request for status update Colin Perkins
- Re: [rtcweb] Is rtcweb the right place for draft-… Roman Shpount
- Re: [rtcweb] Is rtcweb the right place for draft-… Justin Uberti
- Re: [rtcweb] Is rtcweb the right place for draft-… Adam Roach
- Re: [rtcweb] Is rtcweb the right place for draft-… Roman Shpount
- Re: [rtcweb] Is rtcweb the right place for draft-… Christer Holmberg