Re: [tram] Multiple allocations SV: I-D Action: draft-ietf-tram-turnbis-15.txt

"Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com> Wed, 21 March 2018 15:24 UTC

Return-Path: <TirumaleswarReddy_Konda@mcafee.com>
X-Original-To: tram@ietfa.amsl.com
Delivered-To: tram@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 91CC51275F4 for <tram@ietfa.amsl.com>; Wed, 21 Mar 2018 08:24:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.33
X-Spam-Level:
X-Spam-Status: No, score=-4.33 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mcafee.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UcA3wcLwYa3g for <tram@ietfa.amsl.com>; Wed, 21 Mar 2018 08:24:04 -0700 (PDT)
Received: from DNVWSMAILOUT1.mcafee.com (dnvwsmailout1.mcafee.com [161.69.31.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 90BB41242F5 for <tram@ietf.org>; Wed, 21 Mar 2018 08:24:04 -0700 (PDT)
X-NAI-Header: Modified by McAfee Email Gateway (5500)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mcafee.com; s=s_mcafee; t=1521645843; h=From: To:CC:Subject:Thread-Topic:Thread-Index:Date: Message-ID:References:In-Reply-To:Accept-Language: Content-Language:X-MS-Has-Attach:X-MS-TNEF-Correlator: dlp-product:dlp-version:dlp-reaction:authentication-results: x-originating-ip:x-ms-publictraffictype:x-microsoft-exchange-diagnostics: x-ms-exchange-antispam-srfa-diagnostics:x-ms-office365-filtering-correlation-id: x-microsoft-antispam:x-ms-traffictypediagnostic: x-microsoft-antispam-prvs:x-exchange-antispam-report-test: x-exchange-antispam-report-cfa-test:x-forefront-prvs: x-forefront-antispam-report:received-spf:x-microsoft-antispam-message-info: spamdiagnosticoutput:spamdiagnosticmetadata: Content-Type:Content-Transfer-Encoding:MIME-Version: X-MS-Exchange-CrossTenant-Network-Message-Id: X-MS-Exchange-CrossTenant-originalarrivaltime: X-MS-Exchange-CrossTenant-fromentityheader: X-MS-Exchange-CrossTenant-id:X-MS-Exchange-Transport-CrossTenantHeadersStamped: X-OriginatorOrg:X-NAI-Spam-Flag:X-NAI-Spam-Threshold: X-NAI-Spam-Score:X-NAI-Spam-Version; bh=A 2rFaRG/W6PKtXY8UwN/yjO6wI9dffw0tuutWcjUqI Q=; b=JyLOzOd9Qbf6nk6mgpg8qfe6BvvpMmqozLLptorPXnC2 JWKKhqJUVnYmhYz++73m+TaiOclBREbhc/jPLGCi7Ib/bsXYNl oKRrfzC5q+TTloYn55U6PTrHgoZV00reOVb93UP3OK8e+FqwUO yRvpfbW3hCfyr/C31sxSdJY8Zd0=
Received: from DNVEXAPP1N05.corpzone.internalzone.com (unknown [10.44.48.89]) by DNVWSMAILOUT1.mcafee.com with smtp (TLS: TLSv1/SSLv3,256bits,ECDHE-RSA-AES256-SHA384) id 213e_7af8_b182043a_7ae5_40ee_9c1e_8e2bbefdffd1; Wed, 21 Mar 2018 10:24:02 -0500
Received: from DNVEXUSR1N11.corpzone.internalzone.com (10.44.48.84) by DNVEXAPP1N05.corpzone.internalzone.com (10.44.48.89) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Wed, 21 Mar 2018 09:23:07 -0600
Received: from DNVEXUSR1N08.corpzone.internalzone.com (10.44.48.81) by DNVEXUSR1N11.corpzone.internalzone.com (10.44.48.84) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Wed, 21 Mar 2018 09:23:06 -0600
Received: from DNVO365EDGE2.corpzone.internalzone.com (10.44.176.74) by DNVEXUSR1N08.corpzone.internalzone.com (10.44.48.81) with Microsoft SMTP Server (TLS) id 15.0.1347.2 via Frontend Transport; Wed, 21 Mar 2018 09:23:06 -0600
Received: from NAM03-DM3-obe.outbound.protection.outlook.com (10.44.176.240) by edge.mcafee.com (10.44.176.74) with Microsoft SMTP Server (TLS) id 15.0.1347.2; Wed, 21 Mar 2018 09:23:03 -0600
Received: from BN6PR16MB1425.namprd16.prod.outlook.com (10.172.207.19) by BN6PR16MB1699.namprd16.prod.outlook.com (10.172.28.12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.609.10; Wed, 21 Mar 2018 15:23:02 +0000
Received: from BN6PR16MB1425.namprd16.prod.outlook.com ([fe80::b9d0:eb7e:fb41:137d]) by BN6PR16MB1425.namprd16.prod.outlook.com ([fe80::b9d0:eb7e:fb41:137d%2]) with mapi id 15.20.0609.010; Wed, 21 Mar 2018 15:23:02 +0000
From: "Konda, Tirumaleswar Reddy" <TirumaleswarReddy_Konda@McAfee.com>
To: "Olle E. Johansson" <oej@edvina.net>, Karl Stahl <karl.stahl@ingate.com>
CC: "tram@ietf.org" <tram@ietf.org>
Thread-Topic: Multiple allocations SV: [tram] I-D Action: draft-ietf-tram-turnbis-15.txt
Thread-Index: AQHTwIr66qpogqxcHEaAWopQQtB26KPaif/Q
Date: Wed, 21 Mar 2018 15:23:01 +0000
Message-ID: <BN6PR16MB1425327E5CD094CF18A040F2EAAA0@BN6PR16MB1425.namprd16.prod.outlook.com>
References: <152136260256.18150.10551009018364033510@ietfa.amsl.com> <BN6PR16MB1425D61744AC7480972C800AEAD50@BN6PR16MB1425.namprd16.prod.outlook.com> <031e01d3c085$5f581db0$1e085910$@stahl@ingate.com> <BEC020EA-C973-48E5-A918-EF2D25953E33@edvina.net>
In-Reply-To: <BEC020EA-C973-48E5-A918-EF2D25953E33@edvina.net>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
dlp-product: dlpe-windows
dlp-version: 11.0.200.100
dlp-reaction: no-action
authentication-results: spf=none (sender IP is ) smtp.mailfrom=TirumaleswarReddy_Konda@McAfee.com;
x-originating-ip: [161.69.163.25]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BN6PR16MB1699; 7:FpM/+GDWavG649pS1lkj4XnhkOJ8DHOXcCrlj6oXIiBQF98SosK0U9D1S/HsxwnZsI4mrcdorbLsNcZUTJV/F8mwhIBQ/zt9zUrycy4gpO4ZcmvduzDDZH3eZFLVxjG81rCetxMsMeD39hmP6lpb60bVZXTip1YiQRdEDSNtVpKC8YjQqsux9rbaE/LuRtc1ceQzopd+lqvdiVpYC5jYZoYiV1tp+JM40ErpacfcqP8+U2F+9RKzBJ89HLIqHznj
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-ms-office365-filtering-correlation-id: d690aa04-be50-4b7a-5052-08d58f3fa2e3
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4604075)(3008032)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:BN6PR16MB1699;
x-ms-traffictypediagnostic: BN6PR16MB1699:
x-microsoft-antispam-prvs: <BN6PR16MB1699F0F2368D2B3BE6A63E9AEAAA0@BN6PR16MB1699.namprd16.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(158342451672863)(120809045254105)(213716511872227)(123452027830198);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3002001)(10201501046)(93006095)(93001095)(3231221)(944501244)(52105095)(6041310)(20161123562045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123560045)(20161123564045)(20161123558120)(6072148)(201708071742011); SRVR:BN6PR16MB1699; BCL:0; PCL:0; RULEID:; SRVR:BN6PR16MB1699;
x-forefront-prvs: 0618E4E7E1
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(979002)(396003)(39380400002)(376002)(346002)(39860400002)(366004)(377424004)(38534002)(52084003)(13464003)(32952001)(189003)(199004)(68736007)(81156014)(81166006)(8676002)(93886005)(8936002)(7696005)(6116002)(3846002)(76176011)(3280700002)(72206003)(53546011)(105586002)(59450400001)(53936002)(7736002)(26005)(305945005)(6436002)(9686003)(6306002)(6506007)(55016002)(97736004)(86362001)(4326008)(6246003)(5250100002)(229853002)(2906002)(5660300001)(74316002)(966005)(3660700001)(186003)(14454004)(316002)(80792005)(110136005)(2950100002)(25786009)(478600001)(2900100001)(102836004)(99286004)(106356001)(33656002)(66066001)(21314002)(85282002)(969003)(989001)(999001)(1009001)(1019001); DIR:OUT; SFP:1101; SCL:1; SRVR:BN6PR16MB1699; H:BN6PR16MB1425.namprd16.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: McAfee.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: W/XGIEQ49lwuiFHhfBxqr5GqvSOWqB/q7+m5+u6BoLGfwKMRdI9q/3nYahOEDSxsw3PS2mik5zaGPwZ1N7aHN+pRtZaBAkoE3LNVRNsk5GSQcmT8qWUrJV4xHEF16imYc6rVJRd9IWDcavy6IFKzaEUUXkwc63DSoMJyeFrSelYq2H0gX6dbqp+UpeDTWRhJz/xB3TmtpVPPGya4tdedE7f7P5lh1HpQ5ceV6HMv5ulNIKMP5HIe4wSEAusn7op3CtDUwcRMFuYflcRth6w7uNMwaM4NyZgvhoAiLcw0LjIw08mee/mBcWWbQ7dlVkkzbQGFpuUybP4GtAM646o1bQ==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: d690aa04-be50-4b7a-5052-08d58f3fa2e3
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Mar 2018 15:23:02.0373 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 4943e38c-6dd4-428c-886d-24932bc2d5de
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN6PR16MB1699
X-OriginatorOrg: mcafee.com
X-NAI-Spam-Flag: NO
X-NAI-Spam-Threshold: 15
X-NAI-Spam-Score: 0
X-NAI-Spam-Version: 2.3.0.9418 : core <6247> : inlines <6510> : streams <1781849> : uri <2612277>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tram/JTuFEZddmq9xDKjHg5Ck5qMZ2bQ>
Subject: Re: [tram] Multiple allocations SV: I-D Action: draft-ietf-tram-turnbis-15.txt
X-BeenThere: tram@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Discussing the creation of a Turn Revised And Modernized \(TRAM\) WG, which goal is to consolidate the various initiatives to update TURN and STUN." <tram.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tram>, <mailto:tram-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tram/>
List-Post: <mailto:tram@ietf.org>
List-Help: <mailto:tram-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tram>, <mailto:tram-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Mar 2018 15:24:07 -0000

> -----Original Message-----
> From: Olle E. Johansson [mailto:oej@edvina.net]
> Sent: Tuesday, March 20, 2018 8:35 PM
> To: Karl Stahl <karl.stahl@ingate.com>
> Cc: Olle E Johansson <oej@edvina.net>; Konda, Tirumaleswar Reddy
> <TirumaleswarReddy_Konda@McAfee.com>; tram@ietf.org
> Subject: Re: Multiple allocations SV: [tram] I-D Action: draft-ietf-tram-turnbis-
> 15.txt
> 
> 
> > On 20 Mar 2018, at 20:55, Karl Stahl <karl.stahl@ingate.com> wrote:
> >
> >> This revision addresses comments from Mark, Karl and Noriyuki Torii.
> > My comment about need for multiple allocations is NOT addressed.
> >
> > Let me explain more clearly why multiple allocations is needed:
> >
> > ICE is about finding all/many paths for the media, e.g. with the help
> > of TURN servers.
> > Those paths are not over ONE IPv4 network, over ONE IPv6 network or
> > EXACTLY ONE OF EACH.
> > If fact, it is more common that you have several IPv4 networks paths.
> >
> > Now that we have network provided TURN servers, you only ask for
> > Allocation once (contrary to application provided TURN servers, where
> > you can be directed to Allocate several times.) and thus we need all
> > relay addresses in one allocation request.
> 
> I agree with Karl here, for network-provided turn servers (which is not defined in
> the terminology section here on in 8155) I think there are use cases for multiple
> addresses in multiple families.

The WG has only agreed on dual allocation, this is a new requirement for a specific deployment scenario. 
You may want to submit a new draft (just like we did for RFC8155). 

-Tiru

> 
> I also understand that this will make the draft more complex. Consider the case
> where a turn server have two IPv4 networks and one IPv6 and have run out of
> possible allocations on one IPv4 network - should it send what’s available or
> send an error message and fail completely?
> 
> Regardless, this is a good time to fix this.
> 
> /O
> 
> 
> >
> > Wasn't that the reason dual allocation was requested? The need for
> > multiple allocation is stronger!
> >
> > Please address this, e.g. like below (seems you are almost there).
> >
> > /Karl
> >
> >
> > ******************* Previous *******************
> >
> > Allowing a turn allocation to return multiple relayed transport
> > addresses, beyond ONE IPv4 and ONE IPv6 (which may sit on the same or
> > on different interfaces/network segments), seems like very small step
> > now when the dual allocation was put in place in this draft. We
> > certainly need it (some reasons below) if TURN is going to be used
> > where needed and we cannot wait for any additional draft.
> >
> > Seems like it is sufficient to extent this table (found in draft 14)
> > with 3 new values (as shown):
> >
> > 16.  STUN Attributes
> >
> >   This STUN extension defines the following attributes:
> >
> >     0x000C: CHANNEL-NUMBER
> >     0x000D: LIFETIME
> >     0x0010: Reserved (was BANDWIDTH)
> >     0x0012: XOR-PEER-ADDRESS
> >     0x0013: DATA
> >     0x0016: XOR-RELAYED-ADDRESS
> >     0x0017: REQUESTED-ADDRESS-FAMILY
> >     0x0018: EVEN-PORT
> >     0x0019: REQUESTED-TRANSPORT
> >     0x001A: DONT-FRAGMENT
> >     0x0021: Reserved (was TIMER-VAL)
> >     0x0022: RESERVATION-TOKEN
> >     TBD-CA: ADDITIONAL-ADDRESS-FAMILY
> > ADDITIONAL-ADDRESS-ALL
> > ADDITIONAL-ADDRESS-ALLV4
> > ADDITIONAL-ADDRESS-ALLV6
> >     TBD-CA: ADDRESS-ERROR-CODE
> >     TBD-CA: ICMP
> >
> > Actually, browsing through the draft for ADDITIONAL-ADDRESS-FAMILY,
> > very little text seems to be added for generalization to  ADDITIONAL-
> ADDRESS-xxx.
> > Almost everything applies to ADDITIONAL-ADDRESS-xxx and can be reused.
> >
> > ADDITIONAL-ADDRESS-ALL should be the default for any modern TURN client.
> >
> > Check! - We need this now.
> >
> > Thanks,
> > Karl
> >
> >> -----Original Message-----
> >> From: Karl Stahl [mailto:karl.stahl@ingate.com]
> >> Sent: Sunday, March 4, 2018 10:36 PM
> >> To: 'Marc Petit-Huguenin' <petithug@acm.org>; Konda, Tirumaleswar
> >> Reddy <TirumaleswarReddy_Konda@McAfee.com>; tram@ietf.org
> >> Subject: SV: [tram] Review of dual allocation in TURNbis-11
> >>
> >> Hi,
> >>
> >> When we now have "dual allocation" into this draft (I see on page 26:
> >> "If
> > the
> >> client wishes to obtain one IPv6 and one IPv4 relayed transport
> >> address
> > then
> >> it includes an ADDITIONAL-ADDRESS-FAMILY transport address then it")
> >> can we not generalize that further and allow MORE THAN ONE relayed
> >> transport address (of any family) in response to an allocation?
> >>
> >> I mean that a TURN server could have several relay interfaces at
> >> different
> > IP-
> >> addresses into different networks - not just the Internet, but also a
> >> VoIP (higher quality) network e.g. by some triple play service
> >> provider, an IMS network or some branch office network.
> >>
> >> I think this is specifically important for network provided/auto
> > discovered
> >> turn servers (application provided turn servers could instead just
> >> list
> > several
> >> turn servers).
> >>
> >> I saw someone snipped this about "SINGLE relayed transport address
> >> per allocation request"
> >>>> https://tools.ietf.org/html/rfc6156#section-3
> >>>> <snip>
> >>>>
> >>>>   TURN servers allocate a single relayed transport address per
> >>>>   allocation request.  Therefore, Allocate requests cannot carry more
> >>>>   than one REQUESTED-ADDRESS-FAMILY attribute.  Consequently, a
> >> client
> >>>>   that wishes to allocate more than one relayed transport address
> >>>> at
> > a
> >>>>   TURN server (e.g., an IPv4 and an IPv6 address) needs to perform
> >>>>   several allocation requests (one allocation request per relayed
> >>>>   transport address).
> >>>> </snip>
> >>
> >> but if that is remedied now, it seems like a small step to generalize
> >> so
> > we can
> >> get multiple relayed transport addresses from one allocate request?
> >>
> >> /Karl
> >
> >
> > -----Ursprungligt meddelande-----
> > Från: tram [mailto:tram-bounces@ietf.org] För Konda, Tirumaleswar
> > Reddy
> > Skickat: den 18 mars 2018 09:51
> > Till: tram@ietf.org
> > Ämne: Re: [tram] I-D Action: draft-ietf-tram-turnbis-15.txt
> >
> > This revision addresses comments from Mark, Karl and Noriyuki Torii.
> >
> > -Tiru
> >
> >> -----Original Message-----
> >> From: tram [mailto:tram-bounces@ietf.org] On Behalf Of internet-
> >> drafts@ietf.org
> >> Sent: Sunday, March 18, 2018 8:43 AM
> >> To: i-d-announce@ietf.org
> >> Cc: tram@ietf.org
> >> Subject: [tram] I-D Action: draft-ietf-tram-turnbis-15.txt
> >>
> >>
> >> A New Internet-Draft is available from the on-line Internet-Drafts
> > directories.
> >> This draft is a work item of the TURN Revised and Modernized WG of
> >> the IETF.
> >>
> >>        Title           : Traversal Using Relays around NAT (TURN): Relay
> > Extensions
> >> to Session Traversal Utilities for NAT (STUN)
> >>        Authors         : Tirumaleswar Reddy
> >>                          Alan Johnston
> >>                          Philip Matthews
> >>                          Jonathan Rosenberg
> >> 	Filename        : draft-ietf-tram-turnbis-15.txt
> >> 	Pages           : 84
> >> 	Date            : 2018-03-18
> >>
> >> Abstract:
> >>   If a host is located behind a NAT, then in certain situations it can
> >>   be impossible for that host to communicate directly with other hosts
> >>   (peers).  In these situations, it is necessary for the host to use
> >>   the services of an intermediate node that acts as a communication
> >>   relay.  This specification defines a protocol, called TURN (Traversal
> >>   Using Relays around NAT), that allows the host to control the
> >>   operation of the relay and to exchange packets with its peers using
> >>   the relay.  TURN differs from some other relay control protocols in
> >>   that it allows a client to communicate with multiple peers using a
> >>   single relay address.
> >>
> >>   The TURN protocol was designed to be used as part of the ICE
> >>   (Interactive Connectivity Establishment) approach to NAT traversal,
> >>   though it also can be used without ICE.
> >>
> >>   This document obsoletes RFC 5766 and RFC 6156.
> >>
> >>
> >> The IETF datatracker status page for this draft is:
> >> https://datatracker.ietf.org/doc/draft-ietf-tram-turnbis/
> >>
> >> There are also htmlized versions available at:
> >> https://tools.ietf.org/html/draft-ietf-tram-turnbis-15
> >> https://datatracker.ietf.org/doc/html/draft-ietf-tram-turnbis-15
> >>
> >> A diff from the previous version is available at:
> >> https://www.ietf.org/rfcdiff?url2=draft-ietf-tram-turnbis-15
> >>
> >>
> >> Please note that it may take a couple of minutes from the time of
> > submission
> >> until the htmlized version and diff are available at tools.ietf.org.
> >>
> >> Internet-Drafts are also available by anonymous FTP at:
> >> ftp://ftp.ietf.org/internet-drafts/
> >>
> >> _______________________________________________
> >> tram mailing list
> >> tram@ietf.org
> >> https://www.ietf.org/mailman/listinfo/tram
> >
> > _______________________________________________
> > tram mailing list
> > tram@ietf.org
> > https://www.ietf.org/mailman/listinfo/tram
> >