IETF Logo Mail Archive

Re: [sipcore] draft-ietf-sipcore-keep-04 - Paul's comments on symmetric path

Paul Kyzivat <pkyzivat@cisco.com> Tue, 03 August 2010 15:50 UTC

Return-Path: <pkyzivat@cisco.com>
X-Original-To: sipcore@core3.amsl.com
Delivered-To: sipcore@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 10DB33A685B for <sipcore@core3.amsl.com>; Tue, 3 Aug 2010 08:50:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.173
X-Spam-Level:
X-Spam-Status: No, score=-10.173 tagged_above=-999 required=5 tests=[AWL=-0.174, BAYES_00=-2.599, J_CHICKENPOX_47=0.6, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0KIr-p7VlWkj for <sipcore@core3.amsl.com>; Tue, 3 Aug 2010 08:50:15 -0700 (PDT)
Received: from rtp-iport-1.cisco.com (rtp-iport-1.cisco.com [64.102.122.148]) by core3.amsl.com (Postfix) with ESMTP id 638E73A6A28 for <sipcore@ietf.org>; Tue, 3 Aug 2010 08:50:14 -0700 (PDT)
Authentication-Results: rtp-iport-1.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AvsEAIbXV0xAZnwN/2dsb2JhbACgEXGoK5tThTkEiQ4
X-IronPort-AV: E=Sophos;i="4.55,309,1278288000"; d="scan'208";a="142766847"
Received: from rtp-core-2.cisco.com ([64.102.124.13]) by rtp-iport-1.cisco.com with ESMTP; 03 Aug 2010 15:50:37 +0000
Received: from [10.86.245.127] ([10.86.245.127]) by rtp-core-2.cisco.com (8.13.8/8.14.3) with ESMTP id o73Foa6q013010; Tue, 3 Aug 2010 15:50:37 GMT
Message-ID: <4C583ACC.30902@cisco.com>
Date: Tue, 03 Aug 2010 11:50:36 -0400
From: Paul Kyzivat <pkyzivat@cisco.com>
User-Agent: Thunderbird 2.0.0.24 (Windows/20100228)
MIME-Version: 1.0
To: Christer Holmberg <christer.holmberg@ericsson.com>
References: <7F2072F1E0DE894DA4B517B93C6A05850B5C22@ESESSCMS0356.eemea.ericsson.se>, <4C56DD2F.9060508@cisco.com> <7F2072F1E0DE894DA4B517B93C6A05850B5C32@ESESSCMS0356.eemea.ericsson.se> <7F2072F1E0DE894DA4B517B93C6A05850CA5A9@ESESSCMS0356.eemea.ericsson.se>, <4C582539.6050606@cisco.com> <7F2072F1E0DE894DA4B517B93C6A05850B5C3C@ESESSCMS0356.eemea.ericsson.se>
In-Reply-To: <7F2072F1E0DE894DA4B517B93C6A05850B5C3C@ESESSCMS0356.eemea.ericsson.se>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: SIPCORE <sipcore@ietf.org>
Subject: Re: [sipcore] draft-ietf-sipcore-keep-04 - Paul's comments on symmetric path
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sipcore>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Aug 2010 15:50:19 -0000

Christer Holmberg wrote:
> Hi Paul,
> 
>>> Some proposed new text based on your comment regarding symmetric path.
>> I think the statements you have added below seem reasonable as far as
>> they go, but they only go half way. They say nothing about what the
>> *recipient* of keepalives must do when sending requests. 
> 
> That is meant to be covered by the text I suggetsed for section 4.4. It says that the receiver of keep-alives must send messages towards the sender of those keep-alives using the address and port from where the keep-alives arrived.

I don't think that is sufficient for TCP. AFAIK it actually has to be on 
the same connection. So for instance, if it attempted to open a new 
connection in the reverse direction to the same address and port, it 
would quite probably fail.

>> And I have a strong suspicion this is pretty far along toward reinventing -outbound-.
> 
> I don't agree. Symmetric routing wasn't invented by Outbound. It is used in NAT scenarios even if you don't use Outbound, in order to ensure that messages pass NATs. 
> 
> For example, entities providing NAT traversal using anchoring/latching use symmetric routing.
> 
> We also already have mechanisms like rport to request symmetric response routing.

In the case of TCP this comes down to connection reuse, which is covered 
by outbound on the edge, and by the connection-reuse draft elsewhere.

I think you are talking about much the same, unless you are restricting 
to UDP.

	Thanks,
	Paul

> Regards,
> 
> Christer
> 
> 
> 
>> -----------------
>>
>>>>>> Section 4.2.2:
>>>>>>
>>>>>> IIUC, the keepalive is associated with a flow as defined in 5626.
>>>>>> Hence it isn't appropriate to use this negotiation mechanism on a
>>>>>> registration that doesn't specify a flow. I don't see that stated anywhere.
>>>>>>
>>>>>> (If there was no flow, what would the keepalive state be associated
>>>>>> *with*?)
>>>>> The second paragraph describes the case when outbound is
>>>>> used, and when you do have flows.
>>>>>
>>>>> The generic procedure is described in the first paragraph
>>>>> of the section, and it does not talk about flows - it talks
>>>>> about registrations.
>>>> I don't see how that works (in the non-outbound case):
>>>>
>>>> The purpose of these keepalives is to keep a nat binding open.
>>>> But that is only useful if the neighboring node then uses
>>>> that path to send outbound requests. What is there in the keep draft that even
>>>> *talks* about that?
>>>>
>>>> If the keepalives are sent via TCP, then the neighbor will
>>>> have to use that same TCP connection for outbound requests in order to gain any
>>>> benefit from the keepalive. If the keepalives are send via UDP, then
>>>> the neighbor will have to send requests symmetrically from the
>>>> address/port on which the keepalives are received.
>>> That's a good point.
>>>
>>> I have probably been assuming that the symmetric path usage
>>> is part of the keep-alive mechanism itself, defined in
>>> outbound, so there is no need to repeat that.
>>>
>>> But, I guess that it is actually part of the outbound
>>> mechanism, so we would need to say that it applies also to
>>> entities that are willing to send and/or receive keep-alives.
>>>
>>> -----------------
>>>
>>>> If you were to specify that, wouldn't it begin to duplicate outbound?
>>> It would duplicate that specific requirement of Outbound, yes.
>>>
>>> But, it's still not a duplication of the whole Outbound
>>> mechanism. For example, registrar support is still not required.
>>>
>>> And, the keep mechanism can be used between any two SIP entities.
>> For section 4.3, I suggest the following text:
>>
>>       "A SIP entity that has negotiated sending of keep-alives associated with a registration (registration flow if Outbound is used) MUST be prepared to receive
>>       SIP messages (requests and responses) associated with the registration from the receiver of the keep-alives on the same IP port:address
>>       from where the keep-alives are sent. Likewise, a SIP entity that has negotiated sending of keep-alives associated with a dialog
>>       MUST be prepared to receive SIP messages associated with the dialog from the receiver of the keep-alives on the same IP port:address from
>>       where the keep-alives are sent."
>>
>> For section 4.4, I suggest the following text:
>>
>>       "A SIP entity that has negotiated receiving of keep-alives associated with a registration (registration flow if Outbound is used) MUST
>>       send SIP messages (requests and responses)  associated with the registration towards the sender of the keep-alives using the IP address:port
>>       from where the keep-alives where received. Likewise, a SIP entity that has negotiated receiving of keep-alives associated with a dialog MUST
>>       send SIP messages associated with the dialog towards the sender of the keep-alives using the IP address:port from where the keep-alives where received."
>>
>> Regards,
>>
>> Christer

v2.23.0 | Report a Bug | By Email