idnits 2.17.1 draft-ietf-ice-pac-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- -- The draft header indicates that this document updates RFC8445, but the abstract doesn't seem to mention this, which it should. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Using lowercase 'not' together with uppercase 'MUST', 'SHALL', 'SHOULD', or 'RECOMMENDED' is not an accepted usage according to RFC 2119. Please use uppercase 'NOT' together with RFC 2119 keywords (if that is what you mean). Found 'MUST not' in this paragraph: While the timer is running, if a checklist has no pairs left to check, i.e., there are no pairs that are not in the failed state, the agent MUST not conclude that ICE processing has failed, and MUST wait for the timer to elapse before doing so. -- The document date (April 17, 2019) is 1835 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) No issues found here. Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 ICE Working Group C. Holmberg 3 Internet-Draft Ericsson 4 Updates: 8445 (if approved) J. Uberti 5 Intended status: Standards Track Google 6 Expires: October 19, 2019 April 17, 2019 8 Interactive Connectivity Establishment Patiently Awaiting Connectivity 9 (ICE PAC) 10 draft-ietf-ice-pac-01 12 Abstract 14 During the process of creating a peer-to-peer connection, ICE agents 15 can encounter situations where they have no candidate pairs to check, 16 and, as a result, conclude that ICE processing has failed. However, 17 because additional candidate pairs can be discovered during ICE 18 processing, declaring failure at this point may be premature. This 19 document discusses when these situations can occur and proposes a way 20 to avoid premature failure. 22 Status of This Memo 24 This Internet-Draft is submitted in full conformance with the 25 provisions of BCP 78 and BCP 79. 27 Internet-Drafts are working documents of the Internet Engineering 28 Task Force (IETF). Note that other groups may also distribute 29 working documents as Internet-Drafts. The list of current Internet- 30 Drafts is at http://datatracker.ietf.org/drafts/current/. 32 Internet-Drafts are draft documents valid for a maximum of six months 33 and may be updated, replaced, or obsoleted by other documents at any 34 time. It is inappropriate to use Internet-Drafts as reference 35 material or to cite them other than as "work in progress." 37 This Internet-Draft will expire on October 19, 2019. 39 Copyright Notice 41 Copyright (c) 2019 IETF Trust and the persons identified as the 42 document authors. All rights reserved. 44 This document is subject to BCP 78 and the IETF Trust's Legal 45 Provisions Relating to IETF Documents 46 (http://trustee.ietf.org/license-info) in effect on the date of 47 publication of this document. Please review these documents 48 carefully, as they describe your rights and restrictions with respect 49 to this document. Code Components extracted from this document must 50 include Simplified BSD License text as described in Section 4.e of 51 the Trust Legal Provisions and are provided without warranty as 52 described in the Simplified BSD License. 54 Table of Contents 56 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 57 2. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3 58 3. Relevant Scenarios . . . . . . . . . . . . . . . . . . . . . 3 59 3.1. No Candidates From Peer . . . . . . . . . . . . . . . . . 3 60 3.2. All Candidates Discarded . . . . . . . . . . . . . . . . 3 61 3.3. Immediate Candidate Pair Failure . . . . . . . . . . . . 4 62 4. Update to RFC 8445 . . . . . . . . . . . . . . . . . . . . . 4 63 5. Security Considerations . . . . . . . . . . . . . . . . . . . 5 64 6. IANA considerations . . . . . . . . . . . . . . . . . . . . . 5 65 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 5 66 8. Normative References . . . . . . . . . . . . . . . . . . . . 5 67 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 5 69 1. Introduction 71 [RFC8445] describes a protocol, Interactive Connectivity 72 Establishment (ICE), for Network Address Translator (NAT) traversal 73 for UDP-based communication. 75 Typically, when using ICE, ICE agents will exchange candidate 76 addresses, form a list of candidate pairs, and then test each 77 candidate pair to see if connectivity can be established. If the 78 test for a given pair fails, it is marked accordingly, and if all 79 pairs have failed, the overall ICE process is considered to have 80 failed. 82 During the process of connectivity checks, additional candidates may 83 be created as a result of successful inbound checks from the peer 84 agent. Such candidates are referred to as peer-reflexive candidates, 85 and once discovered, will be used to form new candidate pairs which 86 will be tested like any other. However, there is an inherent race 87 condition here; if, before learning about any peer-reflexive 88 candidates, an agent runs out of candidate pairs to check, either 89 because it has none, or it considers them all to have failed, it will 90 prematurely declare failure and terminate ICE processing. This race 91 condition can occur in many common situations. 93 This specification updates [RFC8445], by simply requiring that an 94 agent wait a minimum amount of time before declaring ICE failure, 95 even if there are no candidate pairs to check, or if all candidate 96 pairs have failed. This delay provides enough time for the discovery 97 of peer-reflexive candidates, which may eventually lead to ICE 98 processing completing successfully. 100 2. Conventions 102 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 103 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 104 "OPTIONAL" in this document are to be interpreted as described in BCP 105 14 [RFC2119] [RFC8174] when, and only when, they appear in all 106 capitals, as shown here. 108 3. Relevant Scenarios 110 As noted above, the core problem this specification attempts to 111 address is the situation where even after local gathering and remote 112 candidate signaling has completed, the ICE agent immediately ends up 113 with no valid pairs and no candidate pairs left to check, resulting 114 in a premature ICE failure. This failure is premature because not 115 enough time has elapsed to allow for discovery of peer-reflexive 116 candidates from inbound connectivity checks; if discovered, these 117 candidates are very likely to result in a valid pair. 119 In most ICE scenarios, the lengthy timeouts for connectivity check 120 transactions, typically tens of seconds, will prevent this problem 121 from occuring. However, there are certain specific cases where this 122 problem will frequently occur. 124 3.1. No Candidates From Peer 126 It is entirely legal for an ICE agent to provide zero candidates of 127 its own. If the agent somehow knows that the peer agent is directly 128 reachable, gathering local candidates is unnecessary and will only 129 cause delays; the peer agent can discover the appropriate local 130 candidate via connectivity checks. 132 However, following the procedures from [RFC8445] strictly will result 133 in immediate ICE failure, since the checklist at the peer agent will 134 be empty. 136 3.2. All Candidates Discarded 138 Even if the ICE agent provides candidates, they may be discarded by 139 the peer agent if it does not know what to do with them. For 140 example, candidates may use an address family that the peer agent 141 does not support, (e.g., a host candidate with an IPv6 address in a 142 NAT64 scenario), or may not be usable for some other reason (e.g., a 143 candidate that contains a FQDN that fails to resolve). 145 In these scenarios, when the candidates are discarded, the checklist 146 at the peer agent will once again be empty, leading to immediate ICE 147 failure. 149 3.3. Immediate Candidate Pair Failure 151 Section 7.2.5.2 of [RFC8445] describes several situations in which a 152 candidate pair will be considered to have failed, well before the 153 connectivity check transaction timeout. 155 As a result, even if the ICE agent provides usable candidates, the 156 pairs created by the peer agent may fail immediately when checked, 157 e.g., a check to a non-routable address that receives an immediate 158 ICMP error. 160 In this situation, the checklist at the peer agent may contain only 161 failed pairs, resulting in immediate ICE failure. 163 4. Update to RFC 8445 165 In order to avoid the problem raised by this document, the ICE agent 166 needs to wait enough time to allow peer-reflexive candidates to be 167 discovered. Accordingly, when full ICE implementations begin their 168 ICE processing, as described in [RFC8445], Section 6.1, the agent 169 MUST set a timer, and its duration SHOULD be equal to the agent's 170 connectivity check transaction timeout. 172 This timeout value is chosen to roughly coincide with the maximum 173 possible duration of ICE connectivity checks from the peer agent, 174 which, if successful, could create peer-reflexive candidates. 175 Because the agent doesn't know the exact number of candidate pairs 176 and pacing interval in use by the peer agent, this timeout value is 177 simply a guess, albeit an educated one. Regardless, for this 178 particular problem, the desired benefits will be realized as long as 179 the agent waits some reasonable amount of time. 181 While the timer is running, if a checklist has no pairs left to 182 check, i.e., there are no pairs that are not in the failed state, the 183 agent MUST not conclude that ICE processing has failed, and MUST wait 184 for the timer to elapse before doing so. 186 One consequence of this behavior is that in cases where ICE should 187 fail, e.g., where both sides provide candidates with unresolvable 188 FQDNs ICE will no longer fail immediately, and only fail when the 189 aforementioned timer expires. However, because most ICE scenarios 190 require an extended period of time to determine failure, the fact 191 that some specific scenarios no longer fail fast should have minimal 192 application impact, if any. 194 5. Security Considerations 196 The security considerations for ICE are defined in [RFC8445]. This 197 specification only recommends ICE agents to wait for a certain time 198 of period before they declare ICE failure, and does not introduce new 199 security considerations. 201 6. IANA considerations 203 This specification makes no requests to IANA. 205 7. Acknowledgements 207 8. Normative References 209 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 210 Requirement Levels", BCP 14, RFC 2119, 211 DOI 10.17487/RFC2119, March 1997, . 214 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 215 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 216 May 2017, . 218 [RFC8445] Keranen, A., Holmberg, C., and J. Rosenberg, "Interactive 219 Connectivity Establishment (ICE): A Protocol for Network 220 Address Translator (NAT) Traversal", RFC 8445, 221 DOI 10.17487/RFC8445, July 2018, . 224 Authors' Addresses 226 Christer Holmberg 227 Ericsson 228 Hirsalantie 11 229 Jorvas 02420 230 Finland 232 Email: christer.holmberg@ericsson.com 234 Justin Uberti 235 Google 236 747 6th St W 237 Kirkland 98033 238 USA 240 Email: justin@uberti.name