IETF Logo Mail Archive

Re: [tram] Review of dual allocation in TURNbis-11

"Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com> Sun, 04 March 2018 13:31 UTC

Return-Path: <TirumaleswarReddy_Konda@mcafee.com>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 918E81270AC for <tram@ietfa.amsl.com>; Sun, 4 Mar 2018 05:31:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.311
X-Spam-Level:
X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mcafee.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xWWvEy1IpXU9 for <tram@ietfa.amsl.com>; Sun, 4 Mar 2018 05:31:27 -0800 (PST)
Received: from DNVWSMAILOUT1.mcafee.com (dnvwsmailout1.mcafee.com [161.69.31.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7A6961270AB for <tram@ietf.org>; Sun, 4 Mar 2018 05:31:27 -0800 (PST)
X-NAI-Header: Modified by McAfee Email Gateway (5500)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mcafee.com; s=s_mcafee; t=1520170286; h=From: To:Subject:Thread-Topic:Thread-Index:Date: Message-ID:References:In-Reply-To:Accept-Language: Content-Language:X-MS-Has-Attach:X-MS-TNEF-Correlator: dlp-product:dlp-version:dlp-reaction:authentication-results: x-originating-ip:x-ms-publictraffictype:x-microsoft-exchange-diagnostics: x-ms-exchange-antispam-srfa-diagnostics:x-ms-office365-filtering-correlation-id: x-microsoft-antispam:x-ms-traffictypediagnostic: x-microsoft-antispam-prvs:x-exchange-antispam-report-test: x-exchange-antispam-report-cfa-test:x-forefront-prvs: x-forefront-antispam-report:received-spf:x-microsoft-antispam-message-info: spamdiagnosticoutput:spamdiagnosticmetadata: Content-Type:Content-Transfer-Encoding:MIME-Version: X-MS-Exchange-CrossTenant-Network-Message-Id: X-MS-Exchange-CrossTenant-originalarrivaltime: X-MS-Exchange-CrossTenant-fromentityheader: X-MS-Exchange-CrossTenant-id:X-MS-Exchange-Transport-CrossTenantHeadersStamped: X-OriginatorOrg:X-NAI-Spam-Flag:X-NAI-Spam-Level: X-NAI-Spam-Threshold:X-NAI-Spam-Score:X-NAI-Spam-Version; bh=tATePjRhHMUMdtluIwchtW8Pxt0c5wU5igulvo 4LpOc=; b=oR80RojKtk03X+TQue8sUstIw1yWNynUg4xaRZQ7 0AMZBwWd43njO+w6ZMNX8zgEXo90gXwVVNIqbQW92cRRoQYEzM unWyniukmMfK3wbNz5B5azaaBOh9cJTGUKh+ZbGLi7Ebs01qo9 1Hu6W2z+Qx6kDce/JeodpJ9PDhHIcK4=
Received: from DNVEXAPP1N06.corpzone.internalzone.com (unknown [10.44.48.90]) by DNVWSMAILOUT1.mcafee.com with smtp (TLS: TLSv1/SSLv3,256bits,ECDHE-RSA-AES256-SHA384) id 1c87_2776_695c9ad8_bd48_430f_b1a6_c9b7e9a6bb1f; Sun, 04 Mar 2018 07:31:25 -0600
Received: from DNVEXAPP1N06.corpzone.internalzone.com (10.44.48.90) by DNVEXAPP1N06.corpzone.internalzone.com (10.44.48.90) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Sun, 4 Mar 2018 06:30:26 -0700
Received: from DNVEX10N01.corpzone.internalzone.com (10.44.82.192) by DNVEXAPP1N06.corpzone.internalzone.com (10.44.48.90) with Microsoft SMTP Server (TLS) id 15.0.1347.2 via Frontend Transport; Sun, 4 Mar 2018 06:30:26 -0700
Received: from DNVO365EDGE1.corpzone.internalzone.com (10.44.176.66) by DNVEX10N01.corpzone.internalzone.com (10.44.82.192) with Microsoft SMTP Server (TLS) id 14.3.361.1; Sun, 4 Mar 2018 06:30:25 -0700
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (10.44.176.242) by edge.mcafee.com (10.44.176.66) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Sun, 4 Mar 2018 06:30:20 -0700
Received: from BN6PR16MB1425.namprd16.prod.outlook.com (10.172.207.19) by BN6PR16MB1393.namprd16.prod.outlook.com (10.172.207.11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.548.13; Sun, 4 Mar 2018 13:30:24 +0000
Received: from BN6PR16MB1425.namprd16.prod.outlook.com ([10.172.207.19]) by BN6PR16MB1425.namprd16.prod.outlook.com ([10.172.207.19]) with mapi id 15.20.0548.014; Sun, 4 Mar 2018 13:30:24 +0000
From: "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com>
To: Marc Petit-Huguenin <petithug@acm.org>, "tram@ietf.org" <tram@ietf.org>
Thread-Topic: [tram] Review of dual allocation in TURNbis-11
Thread-Index: AQHTRFmkTUXySTsG3EGzRBQMWeAaDaLmPU1QgAnZ7oCArKMPEIAhlH+AgAKYzOA=
Date: Sun, 04 Mar 2018 13:30:23 +0000
Message-ID: <BN6PR16MB142530705DF3F28C07FAC9A2EADB0@BN6PR16MB1425.namprd16.prod.outlook.com>
References: <65c75449-152c-1ce7-7c81-460ca589d9f0@acm.org> <DM5PR16MB17881ABD54B89E14F0291C56EA4C0@DM5PR16MB1788.namprd16.prod.outlook.com> <ea84bcf9-19b6-5492-383b-18e2bc5a93bf@acm.org> <DM5PR16MB178859E2018148DBAD51635EEAF20@DM5PR16MB1788.namprd16.prod.outlook.com> <46fdf931-eb0c-c4fe-9c01-4a066134abfb@acm.org>
In-Reply-To: <46fdf931-eb0c-c4fe-9c01-4a066134abfb@acm.org>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.0.200.100
dlp-reaction: no-action
authentication-results: spf=none (sender IP is ) smtp.mailfrom=TirumaleswarReddy_Konda@McAfee.com;
x-originating-ip: [122.167.17.10]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BN6PR16MB1393; 6:89mHMikyxc6f7ULiZYBkNArU7xOoSkUmjGwvyHRfi1kOqLg0ufS6qNNWDmh1hg6VFGWn2J2Va5sOIlpWp8bTHdvPoqrKV5iUYeX6wPPc6n6phmvPiMNWnEBztU9nmJZMwJ6EPTsZKUHRJiypevo31cr3Eo/LDzJeXeSuUHSRdZCl0t+uCjYBOncPMYc0WrKr5h9eVJVasVXk7LNqALUmfLnESL8U84/LMoP74+vTB1J5+7SNoCtrur4lziEw7or7xvG/JWf4TTZ/bVX4ZrUM7KzNvgFvbtJq6FIO95AFHfpRyejE327Z/L0H244Na+8UNlStVnFmmRBCssIRoHTHXNtZ9R560j+xv8S2eTNauUMIzllDY4xiPBzR1Oc9WNjO; 5:nZJJX7x3/OgcD38EkPc/2oUPqiPLU8AqkUFOWeiwM7EVL3pJiRSW7HF9rcn+fgSbbFG/eojlqil2czXkhJrsmVKNdePJCnkLZHoIiJDZ356+GgXl0C6wWYPyEUBQl9FS8EFhs9gTEL4Iqq7BASO2geWjFU5Y438ozRXpABVTAE0=; 24:IE3tbkyRGjswo5spMkyeVehKsqdQsP72i+KHWbvSoOpT9W7gpjrcJFG3cuB3jawE/PgjtKKGfS9SWJrCNAmIyDdMuLlrWg2PEr5o/EyC8BI=; 7:B3hPf+a7OMIVn/u7QF1SHKOV24FizNNB0skjNKYluFJ6RziW8G0lk3z0b4qn2p6VQ7rXQe1ISVfFz6vwqWlfWKWhCzFLRahCZKOx8a77Lzx8s11LstoOXYHBWebAKeCeKXIEhvkcmJ0QTV2/BhvK2OwuHCKbWEihRnRNrXwEYZmRU14PiK3v9F3IehRnmkyMCi41430L71ll1sqnBvJDw7tZargAEFhpGdUnWf7o9wegN1Js/QO68OuaZLYXX4xL
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: dac69ac6-71ba-443e-2b20-08d581d415bf
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4604075)(3008032)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603307)(7153060)(7193020); SRVR:BN6PR16MB1393;
x-ms-traffictypediagnostic: BN6PR16MB1393:
x-microsoft-antispam-prvs: <BN6PR16MB1393C84C4EC1F7681E9F1342EADB0@BN6PR16MB1393.namprd16.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(128460861657000)(213716511872227)(81160342030619)(123452027830198);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040501)(2401047)(5005006)(8121501046)(10201501046)(3231220)(944501244)(52105095)(3002001)(93006095)(93001095)(6041288)(20161123558120)(20161123562045)(20161123560045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123564045)(6072148)(201708071742011); SRVR:BN6PR16MB1393; BCL:0; PCL:0; RULEID:; SRVR:BN6PR16MB1393;
x-forefront-prvs: 060166847D
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(396003)(39850400004)(39380400002)(346002)(376002)(366004)(13464003)(189003)(199004)(32952001)(252514010)(105586002)(97736004)(3280700002)(80792005)(55016002)(81156014)(3846002)(6116002)(2501003)(305945005)(106356001)(2950100002)(7696005)(229853002)(7736002)(53936002)(5660300001)(99286004)(6246003)(8676002)(316002)(66066001)(86362001)(76176011)(74316002)(81166006)(6436002)(33656002)(186003)(14454004)(93886005)(478600001)(8936002)(966005)(3660700001)(6506007)(53546011)(68736007)(6306002)(2900100001)(72206003)(25786009)(110136005)(102836004)(9686003)(26005)(59450400001)(45080400002)(77096007)(2906002)(85282002); DIR:OUT; SFP:1101; SCL:1; SRVR:BN6PR16MB1393; H:BN6PR16MB1425.namprd16.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: McAfee.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: iH/5qTiXdD2iBi26L+X7ynIUkUuLLzzK6gyPGZFc1Neil4KhyJSG3iRqRlwGXnlkcwqCkuGrs6xwjMw/LwYbRNyi3I6T0qSzTMoe6UbNyluBdonmHedhUYChZzHgWQaibBcsNf6OfcH98krUPJb2e8z32J19ZOFP/VbkWUos26bgRx4HKSXhOiNLMxnrtucTbgcMGGOYRXUGtUOXXmyLzZ4wrk3v/WEKGEOB5yX3Kuxwzdm5XDA/tg7Bs/qSGLvalKK9gBSeEyl9/ddrJaULv1zQC3bruhXQko+KQx1Ghqk4OTCA478HI0TKOLzd7JC5HuEQWLefq5Qp4nZhN1PqHA==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: dac69ac6-71ba-443e-2b20-08d581d415bf
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Mar 2018 13:30:23.8974 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4943e38c-6dd4-428c-886d-24932bc2d5de
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR16MB1393
X-OriginatorOrg: mcafee.com
X-NAI-Spam-Flag: NO
X-NAI-Spam-Level:
X-NAI-Spam-Threshold: 15
X-NAI-Spam-Score: 0.1
X-NAI-Spam-Version: 2.3.0.9418 : core <6234> : inlines <6449> : streams <1780501> : uri <2602170>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tram/D0ePo8F4JTIpnP9u0Bh471zY1YI>
Subject: Re: [tram] Review of dual allocation in TURNbis-11
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 04 Mar 2018 13:31:29 -0000

Hi Marc,

Please see inline

> -----Original Message-----
> From: Marc Petit-Huguenin [mailto:petithug@acm.org]
> Sent: Saturday, March 3, 2018 2:47 AM
> To: Konda, Tirumaleswar Reddy
> <TirumaleswarReddy_Konda@McAfee.com>; tram@ietf.org
> Subject: Re: [tram] Review of dual allocation in TURNbis-11
> 
> As suggested by Brandon, I reviewed turnbis-14 for the modifications agreed
> on below, and found some discrepancies.  See inline.
> 
> On 02/09/2018 04:51 AM, Konda, Tirumaleswar Reddy wrote:
> >> -----Original Message-----
> >> From: Marc Petit-Huguenin [mailto:petithug@acm.org]
> >> Sent: Sunday, October 22, 2017 9:38 PM
> >> To: Konda, Tirumaleswar Reddy
> >> <TirumaleswarReddy_Konda@McAfee.com>; tram@ietf.org
> >> Subject: Re: [tram] Review of dual allocation in TURNbis-11
> >>
> >> Inline.
> >>
> >> On 10/16/2017 07:14 PM, Konda, Tirumaleswar Reddy wrote:
> >>> Thanks Marc for the detailed review, Please see inline
> >>>
> >>>> -----Original Message-----
> >>>> From: tram [mailto:tram-bounces@ietf.org] On Behalf Of Marc Petit-
> >>>> Huguenin
> >>>> Sent: Saturday, October 14, 2017 12:59 AM
> >>>> To: tram@ietf.org
> >>>> Subject: [tram] Review of dual allocation in TURNbis-11
> >>>>
> 
> [snip]
> 
> >>>
> >>>>
> >>>> - Section 6.2
> >>>>
> >>>> I would suggest to make ADDRESS-ERROR-CODE more generic by
> >> renaming
> >>>> it as WARNING-CODE and use the same format than for ERROR-CODE.
> >> Then
> >>>> allocate a new error code for that specific warning.  I would
> >>>> suggest to request the 0x8009 codepoint for that attribute.
> >>>
> >>> I don't understand the need to change ADDRESS-ERROR-CODE !
> >>
> >> To make it more generic and reusable in future specifications.
> >
> > ADDRESS-ERROR-CODE cannot use the same format as ERROR-CODE,
> ADDRESS-ERROR-CODE signals the IP address family for which the warning is
> generated + all the fields in the ERROR-CODE.
> >
> >>
> >>>
> >>>>
> >>>> Also I think we needs two different warnings, one that states that
> >>>> dual allocation is not available in a TURNbis server, but both
> >>>> protocols are available, and another that says that dual allocation
> >>>> failed because one of the two protocols is not available.  This is
> >>>> to let the client know that it is useless to try another allocation
> >>>> for the
> >> missing protocol.
> >>>
> >>> I don't get the reason for two different warnings.
> >>
> >> A server may support both IPv6 and IPv4 allocations and not support
> >> dual allocation, in which case the client can do a second allocation
> >> for the IPv6 relayed address.
> >
> > If the server does not support dual allocation but supports both IPv6 and
> IPv4 allocations, it will only allocate the IPv4 relayed address and not will not
> return ADDRESS-ERROR-CODE in the response, the client will know the
> server does not understand the ADDITIONAL-ADDRESS-FAMILY attribute
> (ADDITIONAL-ADDRESS-FAMILY is a comprehension-optional attribute).
> >
> >>
> >> Alternatively the server may not support IPv6 at all, in which case
> >> the second allocation will fail and was unnecessary.
> >
> > ADDRESS-ERROR-CODE signals both unsupported IP address type (0x02
> (IPv6 address family)) and the reason for failure (440 (unsupported address
> family)).
> >
> > Cheers,
> > -Tiru
> >
> >>
> >> Using two different warnings permits to know if the second allocation
> >> will succeed or not.
> >>
> >>>
> >>>>
> >>>> What is the policy when reserving the next port with the EVEN-PORT
> >>>> attribute in a dual allocation, but one of them fails to find a
> >>>> pair of subsequent ports available?
> >>>
> >>> It's discussed in section 6.1
> >>>
> >>> <snip>
> >>>    Clients MUST NOT
> >>>    include ADDITIONAL-ADDRESS-FAMILY attribute in a Allocate request
> >>>    that contains an EVEN-PORT attribute with the R bit set to 1.
> >>> </snip>
> >>>
> >>>>
> >>>> It is not said that the Allocate successful response must contain
> >>>> two XRAs after a successful dual allocation.
> >>>
> >>> Good point, Updated draft.
> 
> I cannot find this update in turn-14.

This comment is partially addressed in -12 revision, step 9 (in Section 6.2 in -12 revision and Section 7.2 in -14 revision) is updated to discuss dual allocation. 
<snip>
If the server can fully meet
the request, then the server allocates one IPv4 and one IPv6
relay address, and returns an Allocate success response
containing the relayed transport addresses assigned to the dual
allocation.
</snip>

NEW:
If the server can fully meet
the request, then the server allocates one IPv4 and one IPv6
relay address, and returns an Allocate success response
containing the relayed transport addresses assigned to the dual
allocation in two XOR-RELAYED-ADDRESS attributes.

> 
> >>>
> >>>>
> >>>> I would also suggest to add some text that says that when a TURNbis
> >>>> server sends an Allocate success response, it must always send the
> >>>> XRAs in the same order than the RAFs were sent.  So in case the
> >>>> server sends back by mistake two XRAs, the first one matches the
> >>>> one
> >> requested by the client.
> 
> Did not get answer to that and did not see it in turn-14.

I did not get this comment. If a request contains both REQUESTED-ADDRESS-FAMILY and ADDITIONAL-ADDRESS-FAMILY attributes, the request is rejected by the server. Further, only IPv6 address family is allowed in the 
ADDITIONAL-ADDRESS-FAMILY attribute.


> 
> >>>>
> >>>> The bullet list at the end needs also to be fixed for dual allocation.
> >>>
> >>> Agreed, fixed.
> >>>
> >>>>
> >>>> - Section 6.3
> >>>>
> >>>> Here's too, the text needs to be updated for the dual allocation case.
> >>>
> >>>
> >>> Yup, updated.
> >>>
> 
> Same, there is no update since -11 in section 7.3 (formerly 6.3)

This comment is addressed in -12 revision itself, the updated text uses "relayed transport address or addresses" and " address family or families" to discuss the 
dual allocation case.

Cheers,
-Tiru

> 
> --
> Marc Petit-Huguenin
> Email: marc@petit-huguenin.org
> Blog: https://marc.petit-huguenin.org
> Profile: https://www.linkedin.com/in/petithug

v2.23.0 | Report a Bug | By Email