IETF Logo Mail Archive

Re: [rtcweb] UDP transport problem

Harald Alvestrand <harald@alvestrand.no> Thu, 13 February 2014 22:44 UTC

Return-Path: <harald@alvestrand.no>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0C2BB1A0079 for <rtcweb@ietfa.amsl.com>; Thu, 13 Feb 2014 14:44:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.448
X-Spam-Level:
X-Spam-Status: No, score=-2.448 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.548] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Xxgh4QwA-_x2 for <rtcweb@ietfa.amsl.com>; Thu, 13 Feb 2014 14:44:46 -0800 (PST)
Received: from mork.alvestrand.no (mork.alvestrand.no [158.38.152.117]) by ietfa.amsl.com (Postfix) with ESMTP id 989FE1A0018 for <rtcweb@ietf.org>; Thu, 13 Feb 2014 14:44:46 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mork.alvestrand.no (Postfix) with ESMTP id E73557C4CB8; Thu, 13 Feb 2014 23:44:44 +0100 (CET)
Received: from mork.alvestrand.no ([127.0.0.1]) by localhost (mork.alvestrand.no [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E1uVDnNXBUUr; Thu, 13 Feb 2014 23:44:44 +0100 (CET)
Received: from [172.19.7.138] (unknown [216.239.45.74]) by mork.alvestrand.no (Postfix) with ESMTPSA id 37A047C4B69; Thu, 13 Feb 2014 23:44:44 +0100 (CET)
Message-ID: <52FD4AD9.7080204@alvestrand.no>
Date: Thu, 13 Feb 2014 23:44:41 +0100
From: Harald Alvestrand <harald@alvestrand.no>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: Cb B <cb.list6@gmail.com>
References: <CAD6AjGRiQ1UF5n3JG9HPRQFM+TD54Xz-dpTn5u9bX+__BMfesQ@mail.gmail.com> <CABkgnnVbZp7yBvpY1ARuaBXS=TOipY=BhXzrd=h5DY-76oF9Pw@mail.gmail.com> <CAD6AjGSxS4jNRGotsE_no0XhewvDqcVZ+Kmx1aMW9qorqSKR+w@mail.gmail.com> <52FD2FA4.8040701@alvestrand.no> <CAD6AjGTbSJEV2cJj5QyLktyZPv8SJa7h-QHKVtdUXnF3K6xwHA@mail.gmail.com>
In-Reply-To: <CAD6AjGTbSJEV2cJj5QyLktyZPv8SJa7h-QHKVtdUXnF3K6xwHA@mail.gmail.com>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/rtcweb/Q-iJjUbL4aI4bif0QccV39u3UTQ
Cc: "rtcweb@ietf.org" <rtcweb@ietf.org>
Subject: Re: [rtcweb] UDP transport problem
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb/>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Feb 2014 22:44:51 -0000

On 02/13/2014 10:20 PM, Cb B wrote:
> On Thu, Feb 13, 2014 at 12:48 PM, Harald Alvestrand
> <harald@alvestrand.no> wrote:
>> On 02/13/2014 06:56 PM, Cb B wrote:
>>> On Thu, Feb 13, 2014 at 9:47 AM, Martin Thomson
>>> <martin.thomson@gmail.com> wrote:
>>>> On 12 February 2014 22:06, Cb B <cb.list6@gmail.com> wrote:
>>>>> For about a year now, i have been very concerned about IPv4 UDP.  It
>>>>> has been increasingly associated with DDoS traffic [1],
>>>> Is your concern that WebRTC will increase the potential for DoS (which
>>>> would presume the DoS mitigation measures in ICE [RFC 5245] are
>>>> insufficient), or is it just that UDP is so toxic to network operators
>>>> that you predict it will be turned off?
>>> My concern is that IPv4 UDP is so toxic it will be blocked.  It may be
>>> wise to start SCTP in the standard from the start.
>> The bad guys will follow wherever the ports are open (and are usually
>> faster at writing code than the standards guys are at writing specs); so
>> will the traversal artists.
>>
> Harald, the issue is not open ports. The issue is the entire transport
> type is polluted.

And I think that notion is bogus. Faced with the choice of dealing with
the devil they know (UDP) and the devil they don't have a clue about
(SCTP), firewall operators are going to stick with building out the
rulesets around UDP, and continuing to refuse all the "new stuff".

So I don't think the plan has legs - adding SCTP without the UDP wrapper
to our options will not help anyone do anything.

But this is trying to forecast the thinking and action of humans that
are not me, which is something I frequently get wrong - so other
opinions would be welcome.

>
>> WebRTC over port 53, anyone?
>>
>> (DNS is the one UDP-based service that's so important to the Internet,
>> it *cannot* be turned off unconditionally - so I expect that if UDP in
>> general gets blocked, port 53 will be the port 80 of UDP-land.)
>>
> DNS runs over TCP as well.

For AXFR, yes. For daily lookups .... better not tell any root DNS
operator you're advocating that they should have all their lookups over
TCP; you wouldn't like the expletives that result.

>
> But that's not the point.  The question is can we include native SCTP
> as an option in  draft-ietf-rtcweb-transports?  What is the downside?
>

Clutter.

v2.23.0 | Report a Bug | By Email