Re: [rtcweb] FW: I-D Action: draft-hutton-rtcweb-nat-firewall-considerations-00.txt

"Reinaldo Penno (repenno)" <repenno@cisco.com> Mon, 11 March 2013 20:14 UTC

Return-Path: <repenno@cisco.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 402D821F8FA5 for <rtcweb@ietfa.amsl.com>; Mon, 11 Mar 2013 13:14:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.443
X-Spam-Level:
X-Spam-Status: No, score=-10.443 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, SUBJECT_FUZZY_TION=0.156]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3l6WoWujnOFG for <rtcweb@ietfa.amsl.com>; Mon, 11 Mar 2013 13:14:25 -0700 (PDT)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) by ietfa.amsl.com (Postfix) with ESMTP id 9E8D021F8FA4 for <rtcweb@ietf.org>; Mon, 11 Mar 2013 13:14:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1202; q=dns/txt; s=iport; t=1363032865; x=1364242465; h=from:to:subject:date:message-id:in-reply-to:content-id: content-transfer-encoding:mime-version; bh=ej7pfv28ypmQm8EedkE2y/iRjf2tSTzDHUDuFV/IPA4=; b=QsaQb6pNSv+k2i4BG/CdLxSVWd9iDnEnlNgWcKhOODDnMDj6lL+0333Y kuYahPJRSJzU//ULpzDkhjwW0Yrptn0HKbP7K181IAOyqK34Gq+OYcA1V ArSwvYRT6bcz673sqAhe3S70brY4cHR9D8q3etnVeah6L5vL52osAFhOa g=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: Av8EAIY5PlGtJXG+/2dsb2JhbABDxGaBXxZ0gikBAQEEOlEBCBgKFEIcCQIEARIIiAu/Xo1DgRo4gl9hA6dKgVSBNoFzNQ
X-IronPort-AV: E=Sophos;i="4.84,825,1355097600"; d="scan'208";a="186223763"
Received: from rcdn-core2-3.cisco.com ([173.37.113.190]) by rcdn-iport-2.cisco.com with ESMTP; 11 Mar 2013 20:14:25 +0000
Received: from xhc-rcd-x15.cisco.com (xhc-rcd-x15.cisco.com [173.37.183.89]) by rcdn-core2-3.cisco.com (8.14.5/8.14.5) with ESMTP id r2BKEPON024070 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Mon, 11 Mar 2013 20:14:25 GMT
Received: from xmb-rcd-x04.cisco.com ([169.254.8.112]) by xhc-rcd-x15.cisco.com ([173.37.183.89]) with mapi id 14.02.0318.004; Mon, 11 Mar 2013 15:14:24 -0500
From: "Reinaldo Penno (repenno)" <repenno@cisco.com>
To: "Hutton, Andrew" <andrew.hutton@siemens-enterprise.com>, Harald Alvestrand <harald@alvestrand.no>, "rtcweb@ietf.org" <rtcweb@ietf.org>
Thread-Topic: [rtcweb] FW: I-D Action: draft-hutton-rtcweb-nat-firewall-considerations-00.txt
Thread-Index: AQHOHoKpVPM3WtZH0EiYxevcVicwOpihPEwA//+PMoA=
Date: Mon, 11 Mar 2013 20:14:24 +0000
Message-ID: <45A697A8FFD7CF48BCF2BE7E106F06040901B8ED@xmb-rcd-x04.cisco.com>
In-Reply-To: <9F33F40F6F2CD847824537F3C4E37DDF06895013@MCHP04MSX.global-ad.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/14.13.0.110805
x-originating-ip: [10.21.116.59]
Content-Type: text/plain; charset="us-ascii"
Content-ID: <C24130C28417504EAFB6E54D9653B31B@cisco.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [rtcweb] FW: I-D Action: draft-hutton-rtcweb-nat-firewall-considerations-00.txt
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Mar 2013 20:14:26 -0000

On 3/11/13 12:58 PM, "Hutton, Andrew"
<andrew.hutton@siemens-enterprise.com> wrote:

>On: 11 March 2013 14:03 Reinaldo Penno (repenno) Wrote:
>
>
>> 
>> I'm sure STUN and TURN servers are not universally deployed ('100%') in
>> ISP networks either.
>
>It is not required for an ISP to deploy a TURN server the webrtc TURN
>server is much more likely to be deployed by the web application provider
>which will instruct the browser to use it when accessing its service.

The line between Application providers and ISPs is very blurry today.
Application provider can be over the top or it can be the ISP itself.


>
>> 
>> But I'm not proposing dropping STUN/TURN in lieu of PCP, but using PCP
>> as
>> an additional technique. Maybe you misunderstood what I was proposing.
>> 
>
>Understood but would need to understand what the benefits of doing so
>would be.


Yes, certainly.

A protocol that allows a host to explicit control FW/NAT mappings/pinholes
(both for incoming and outgoing connections IPv4/IPv6), including
lifetime, knowing when such device restart/reboot, is more deterministic.
Client is always free to use STUN/TURN.


>
>Regards
>Andy