[sipcore] comments on draft-ietf-sipcore-dns-dual-stack-02
🔓Dan Wing <dwing@cisco.com> Tue, 09 June 2015 02:56 UTC
Return-Path: <dwing@cisco.com>
X-Original-To: sipcore@ietfa.amsl.com
Delivered-To: sipcore@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E6B0D1A8A0E for <sipcore@ietfa.amsl.com>; Mon, 8 Jun 2015 19:56:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -11.511
X-Spam-Level:
X-Spam-Status: No, score=-11.511 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 18TpaMTICo0F for <sipcore@ietfa.amsl.com>; Mon, 8 Jun 2015 19:56:07 -0700 (PDT)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EC7151A89F9 for <sipcore@ietf.org>; Mon, 8 Jun 2015 19:56:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4222; q=dns/txt; s=iport; t=1433818567; x=1435028167; h=from:content-transfer-encoding:subject:message-id:date: to:mime-version; bh=OiWWJzNiADQhFfx/Qyqx4Tgxvavm+kIcrYFmVsZB0w4=; b=UCTD2WNX4qFw+S6JAGkFBbdhLDitU7J5UvZ8SbdbmEO7Nsluk+WwGYJt ngFKIPrZ1/ICyahYG+gPIyKtQRx17invKdQ7H8X/DF78cxD+XCQjyThYV 0+ZQiwNLjm5vQBQl8/MO74Pfq9XwX9Lnh7u/k5/nIeVxVP5Yzcs9l86dl k=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0BjBACkVHZV/4kNJK1cgxABwAcJgVKHOzgUAQEBAQEBAYEKhGMNgh6IE5pnlHefCQEfikGFPYNpgRYFi2ZskhoBiAmPWySEGB6CeAEBAQ
X-IronPort-AV: E=Sophos;i="5.13,577,1427760000"; d="scan'208";a="5619284"
Received: from alln-core-4.cisco.com ([173.36.13.137]) by rcdn-iport-2.cisco.com with ESMTP; 09 Jun 2015 02:56:06 +0000
Received: from [10.24.113.88] ([10.24.113.88]) by alln-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id t592u5SZ007481 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <sipcore@ietf.org>; Tue, 9 Jun 2015 02:56:06 GMT
From: 🔓Dan Wing <dwing@cisco.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Message-Id: <E56B3AF7-6874-4A66-8426-78A98DA435B4@cisco.com>
Date: Mon, 08 Jun 2015 19:41:04 -0700
To: sipcore@ietf.org
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2098\))
X-Mailer: Apple Mail (2.2098)
Archived-At: <http://mailarchive.ietf.org/arch/msg/sipcore/LRdKLi9X2bn8bePrddQ4Feh5Ie0>
Subject: [sipcore] comments on draft-ietf-sipcore-dns-dual-stack-02
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sipcore/>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Jun 2015 02:56:09 -0000
Adam encouraged me to look at draft-ietf-sipcore-dns-dual-stack-02, and I had a few suggestions.
Towards the end of the Introduction, it says:
The procedures described herein
are such that a dual-stack client SHOULD look up both A and AAAA
records in DNS and then select the best way to set up a network flow.
The details of how the latter is done is considered out of scope for
this document.
I guess "network flow" means the SIP communications to the SIP server? Is there a better term than "network flow" that could be used, so that nobody can confuse the "network flow" with the RTP session?
Section 4.1 says:
Happy Eyeballs [RFC6555] has proven that looking up the "A or AAAA
record" is not an effective practice for dual-stack clients and that
it can add significant connection delay and greatly degrade user
experience.
What we know is that 30 second long TCP connection timeouts are harmful to user experience. Happy Eyeballs is but one pragmatic solution. I do not agree that Happy Eyeballs proved there is a connection delay problem due to A lookups or with AAAA lookups. What I think draft-ietf-sipcore-dns-dual-stack is trying to say is perhaps something like this:
"Happy Eyeballs [RFC6555] works around connectivity delays to the OS's preferred address family (usually IPv6), so that the client suffers a connectivity delay that is only slightly worse than an single-stack host. Without Happy Eyeballs, a client could suffer a 30 second delay to its preferred address family."
I noted that draft-ietf-sipcore-dns-dual-stack does not actually resolve this connectivity problem in its normative text; it seems solely worried about DNS lookups. I admit that I haven't been following draft-ietf-sipcore-dns-dual-stack, but was it a conscious design or scoping decision to not worry about the IPv6 or IPv4 path to the SIP server, and just worry about DNS answers?
The actual recommendation at end of section 4.1 only says:
The dual-stack client SHOULD perform an A and AAAA record lookup
of the domain name and add the respective IPv4/IPv6 addresses to
the list of IP addresses to be contacted.
but it doesn't say if A or AAAA should be placed at the beginning of the list, end of the list, or scattered randomly. It probably matters, especially if we envision a long list of AAAA and long list of A records, and we also envision an outage of one address family.
I noticed that sections 4.1 and 4.2 make no recommendation for how quickly attempts should be made to contact the SIP server over IPv4 or IPv6, and does not discuss the harm -- or lack of harm -- of a server receiving identical SIP messages during that time. I expect nothing harmful happens if an implementation decided to be really aggressive with its use of IPv6 and IPv4, but it would be good to remind implementors of harm or non-harm of sending messages (aggressively) which might be received multiple times. Happy Eyeballs (RFC6555) doesn't worry about that problem because Happy Eyeballs is just concerned with TCP connection establishment time. With SIP signaling over UDP, we don't get a 'connection' first. Should draft-ietf-sipcore-dns-dual-stack discuss UDP and TCP separately, and should implementations do something more like RFC6555 if they are doing SIP over TCP, and something different if doing SIP over UDP?
Section 4.2 says:
When indicating address family preference through SRV, IPv4-only and/
or IPv6-only clients should be prepared to handle SRV record sets
that don't resolve into an ip address in the address family used by
that client.
I believe the "should" should be RFC2119 capitalized (so that it is normative), and I also believe it needs to be MUST, because failure to handle multiple SRV record sets will cause interoperability problems, won't it?
Next sentence of Section 4.2 says:
In such a case, the client should simply proceed to the
next priority and try the hostnames in the alternate address family.
s/alternate address family/supported address family/
-d