[rtcweb] NAT/Firewall considerations (RE: I-D Action: draft-ietf-rtcweb-transports-00.txt)
<Markus.Isomaki@nokia.com> Tue, 27 August 2013 12:53 UTC
Return-Path: <Markus.Isomaki@nokia.com>
X-Original-To: rtcweb@ietfa.amsl.com
Delivered-To: rtcweb@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DB6D311E8319 for <rtcweb@ietfa.amsl.com>; Tue, 27 Aug 2013 05:53:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.164
X-Spam-Level:
X-Spam-Status: No, score=-6.164 tagged_above=-999 required=5 tests=[AWL=0.434, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vgCGFO4ggvNF for <rtcweb@ietfa.amsl.com>; Tue, 27 Aug 2013 05:53:09 -0700 (PDT)
Received: from mgw-da01.nokia.com (smtp.nokia.com [147.243.128.24]) by ietfa.amsl.com (Postfix) with ESMTP id 8E4CB11E8314 for <rtcweb@ietf.org>; Tue, 27 Aug 2013 05:53:08 -0700 (PDT)
Received: from smtp.mgd.nokia.com ([65.54.30.48]) by mgw-da01.nokia.com (Sentrion-MTA-4.2.2/Sentrion-MTA-4.2.2) with ESMTP id r7RCr2mc014582 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=OK); Tue, 27 Aug 2013 15:53:03 +0300
Received: from 008-AM1MPN1-041.mgdnok.nokia.com ([169.254.1.88]) by 008-AM1MMR1-014.mgdnok.nokia.com ([2002:4136:1e30::4136:1e30]) with mapi id 14.03.0136.001; Tue, 27 Aug 2013 12:53:01 +0000
From: Markus.Isomaki@nokia.com
To: bernard_aboba@hotmail.com, andrew.hutton@siemens-enterprise.com, rtcweb@ietf.org, harald@alvestrand.no
Thread-Topic: NAT/Firewall considerations (RE: [rtcweb] I-D Action: draft-ietf-rtcweb-transports-00.txt)
Thread-Index: Ac6jIXGoaQBlwJOrRoChsqyg1FpKEw==
Date: Tue, 27 Aug 2013 12:53:02 +0000
Message-ID: <E44893DD4E290745BB608EB23FDDB7620A0906A4@008-AM1MPN1-041.mgdnok.nokia.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-tituslabs-classifications-30: TLPropertyRoot=Nokia; Confidentiality=Nokia Internal Use Only; Project=None;
x-titus-version: 3.5.9.3
x-headerinfofordlp: None
x-tituslabs-classificationhash-30: 0Ywc1/TmJmZP14okFmB8GNcNPF5bNK1MKjr6gMRid/Uw/582dZdlgZS4RusnaDZzWcB4c/gM3TSOgyGNN1NtpTqH59ZWGJLINWxIPufaZumoiu3sEbGGuw5oA7bqBqM5j0t8yra6znBPmh6vNNfFfh0P8+jJdjd+5Ui+Yy0oP2+dlI4ifUOIJ8NhSzFr5N2ENIFjjf7R7jd6rKtvWHhcZlOee6eRxSeMY1kqpPOLD1E9VrTyyYIZPo7van3jg/VO9cKezA/e9nqR590eXhf0ELDQFPhg+X1agquGoPglWvlKBEno5WqGlmLa+sPU1QY7
x-originating-ip: [10.236.10.104]
Content-Type: multipart/alternative; boundary="_000_E44893DD4E290745BB608EB23FDDB7620A0906A4008AM1MPN1041mg_"
MIME-Version: 1.0
X-Nokia-AV: Clean
Subject: [rtcweb] NAT/Firewall considerations (RE: I-D Action: draft-ietf-rtcweb-transports-00.txt)
X-BeenThere: rtcweb@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Real-Time Communication in WEB-browsers working group list <rtcweb.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtcweb>
List-Post: <mailto:rtcweb@ietf.org>
List-Help: <mailto:rtcweb-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtcweb>, <mailto:rtcweb-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Aug 2013 12:53:15 -0000
Hi, I would support the adoption of the NAT and Firewall considerations (http://tools.ietf.org/html/draft-hutton-rtcweb-nat-firewall-considerations-01) as a WG document. Or to be more precise, I very much agree with the requirements summarized in Section 5. Especially this one seems important to me: o connect to a TURN server via a HTTP proxy using the HTTP connect method, If we want WebRTC to work from many corporate networks I'm aware of, it would not be possible without this as a fallback capability. Markus From: rtcweb-bounces@ietf.org [mailto:rtcweb-bounces@ietf.org] On Behalf Of ext Bernard Aboba Sent: 21 August, 2013 00:44 To: Hutton, Andrew; rtcweb@ietf.org; Harald Alvestrand Subject: Re: [rtcweb] I-D Action: draft-ietf-rtcweb-transports-00.txt The NAT/Firewall considerations document does go into detail on the various traversal scenarios, which helps inform the discussion of what should or should not be supported in terms of transport. Section 5 summarizes the recommendations as follows: 5<http://tools.ietf.org/html/draft-hutton-rtcweb-nat-firewall-considerations-01#section-5>. Requirements for RTCWEB-enabled browsers For the purpose of relaying RTCWEB media streams or data channels a browser needs to be able to o connect to a TURN server via UDP, TCP and TLS, o connect to a TURN server via a HTTP proxy using the HTTP connect method, o connect to a TURN server via the HTTP(s) ports 80/443 instead of the default STUN ports 3478/5349, o upgrade the HTTP proxy-relayed connection to the TURN server to use TLS, o use the same proxy selection procedure for TURN as currently done for HTTP, o switch the usage of the HTTP proxy-relayed connection with the TURN server from HTTP to STUN/TURN, o use a preconfigured or standardized port range for UDP-based media streams or data channels, o learn from the proxy configuration script about the presence of a local TURN server and use it for sending UDP traffic to the internet, o support ICE-TCP for TCP-based direct media connection to the RTCWEB peer. > From: andrew.hutton@siemens-enterprise.com<mailto:andrew.hutton@siemens-enterprise.com> > To: rtcweb@ietf.org<mailto:rtcweb@ietf.org>; harald@alvestrand.no<mailto:harald@alvestrand.no> > Date: Tue, 20 Aug 2013 16:31:28 +0000 > Subject: Re: [rtcweb] I-D Action: draft-ietf-rtcweb-transports-00.txt > > Section 2.2 "Middle Box Related Functions" should also I assume cover the case of using a HTTP Proxy or an enterprise TURN server and reference http://tools.ietf.org/html/draft-hutton-rtcweb-nat-firewall-considerations-01 assuming we can get this adopted. > > Regards > Andy
- [rtcweb] NAT/Firewall considerations (RE: I-D Act… Markus.Isomaki
- Re: [rtcweb] NAT/Firewall considerations (RE: I-D… Emil Ivov
- Re: [rtcweb] NAT/Firewall considerations (RE: I-D… Victor Pascual
- Re: [rtcweb] NAT/Firewall considerations (RE: I-D… Mary Barnes
- Re: [rtcweb] NAT/Firewall considerations (RE: I-D… Sergio Garcia Murillo
- Re: [rtcweb] NAT/Firewall considerations (RE: I-D… Salvatore Loreto
- Re: [rtcweb] NAT/Firewall considerations (RE: I-D… Alan Johnston
- Re: [rtcweb] NAT/Firewall considerations (RE: I-D… Avasarala, Ranjit (NSN - IN/Bangalore)
- Re: [rtcweb] NAT/Firewall considerations (RE: I-D… cb.list6
- Re: [rtcweb] NAT/Firewall considerations (RE: I-D… Cullen Jennings (fluffy)
- Re: [rtcweb] NAT/Firewall considerations (RE: I-D… Mary Barnes
- Re: [rtcweb] NAT/Firewall considerations (RE: I-D… Cullen Jennings (fluffy)
- Re: [rtcweb] NAT/Firewall considerations (RE: I-D… Mary Barnes
- Re: [rtcweb] NAT/Firewall considerations (RE: I-D… Martin Thomson
- Re: [rtcweb] NAT/Firewall considerations and draf… Cullen Jennings (fluffy)
- Re: [rtcweb] NAT/Firewall considerations (RE: I-D… Tirumaleswar Reddy (tireddy)
- Re: [rtcweb] NAT/Firewall considerations (RE: I-D… Hutton, Andrew
- Re: [rtcweb] NAT/Firewall considerations (RE: I-D… Cullen Jennings (fluffy)
- Re: [rtcweb] NAT/Firewall considerations (RE: I-D… Hutton, Andrew
- Re: [rtcweb] NAT/Firewall considerations (RE: I-D… Mary Barnes
- Re: [rtcweb] NAT/Firewall considerations (RE: I-D… Hutton, Andrew
- Re: [rtcweb] NAT/Firewall considerations (RE: I-D… Mary Barnes
- Re: [rtcweb] NAT/Firewall considerations (RE: I-D… Bernard Aboba
- Re: [rtcweb] NAT/Firewall considerations (RE: I-D… Magnus Westerlund