One document matched: draft-ietf-mmusic-trickle-ice-00.xml
<?xml version="1.0" encoding="UTF-8"?>
<?xml-stylesheet type='text/xsl' href='rfc2629.xslt' ?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd">
<rfc category='std' ipr='trust200902'
docName='draft-ietf-mmusic-trickle-ice-00'>
<?rfc toc='yes' ?>
<?rfc symrefs='yes' ?>
<?rfc sortrefs='yes'?>
<?rfc iprnotified='no' ?>
<?rfc strict='yes' ?>
<?rfc compact='yes' ?>
<front>
<title abbrev='Trickle ICE'>
Trickle ICE: Incremental Provisioning of Candidates for the
Interactive Connectivity Establishment (ICE) Protocol
</title>
<author initials='E.' surname='Ivov'
fullname='Emil Ivov'>
<organization abbrev='Jitsi'>Jitsi</organization>
<address>
<postal>
<street></street>
<city>Strasbourg</city>
<code>67000</code>
<country>France</country>
</postal>
<phone>+33 6 72 81 15 55</phone>
<email>emcho@jitsi.org</email>
</address>
</author>
<author fullname="Eric Rescorla" initials="E.K." surname="Rescorla">
<organization>RTFM, Inc.</organization>
<address>
<postal>
<street>2064 Edgewood Drive</street>
<city>Palo Alto</city>
<region>CA</region>
<code>94303</code>
<country>USA</country>
</postal>
<phone>+1 650 678 2350</phone>
<email>ekr@rtfm.com</email>
</address>
</author>
<author fullname="Justin Uberti" initials="J." surname="Uberti">
<organization>Google</organization>
<address>
<postal>
<street>747 6th St S</street>
<city>Kirkland</city>
<region>WA</region>
<code>98033</code>
<country>USA</country>
</postal>
<phone>+1 857 288 8888</phone>
<email>justin@uberti.name</email>
</address>
</author>
<date />
<abstract>
<t>
This document describes an extension to the Interactive
Connectivity Establishment (ICE) protocol that allows ICE agents
to send and receive candidates incrementally rather than
exchanging complete lists. With such incremental provisioning,
ICE agents can begin connectivity checks while they are still
gathering candidates and considerably shorten the time necessary
for ICE processing to complete.
</t>
<t>
The above mechanism is also referred to as "trickle ICE".
</t>
</abstract>
</front>
<middle>
<section title='Introduction'>
<t>
The Interactive Connectivity Establishment (ICE) protocol
<xref target="RFC5245"/> describes mechanisms for gathering,
candidates, prioritizing them, choosing default ones, exchanging
them with the remote party, pairing them and ordering them into
check lists. Once all of the above have been completed, and only
then, the participating agents can begin a phase of connectivity
checks and eventually select the pair of candidates that will be
used in the following session.
</t>
<t>
While the above sequence has the advantage of being relatively
straightforward to implement and debug once deployed, it may
also prove to be rather lengthy. Gathering candidates or
candidate harvesting would often involve things like querying
<xref target="RFC5389">STUN</xref> servers, discovering UPnP
devices, and allocating relayed candidates at
<xref target="RFC5766">TURN</xref> servers. All of these can
be delayed for a noticeable amount of time and while they can be
run in parallel, they still need to respect the pacing
requirements from <xref target="RFC5245"/>, which is likely to
delay them even further. Some or all of the above would also
have to be completed by the remote agent. Both agents would
next perform connectivity checks and only then would they be
ready to begin streaming media.
</t>
<t>
All of the above could lead to relatively lengthy session
establishment times and degraded user experience.
</t>
<t>
The purpose of this document is to define an alternative mode of
operation for ICE implementations, also known as "trickle ICE",
where candidates can be exchanged incrementally. This would
allow ICE agents to exchange host candidates as soon as a
session has been initiated. Connectivity checks for a media
stream would also start as soon as the first candidates for that
stream have become available.
</t>
<t>
Trickle ICE allows reducing session establishment times in cases
where connectivity is confirmed for the first exchanged
candidates (e.g. where the host candidates for one of the agents
are directly reachable from the second agent). Even when this is
not the case, running candidate harvesting for both agents and
connectivity checks all in parallel allows to considerably
reduce ICE processing times.
</t>
<t>
It is worth pointing out that before being introduced to the
IETF, trickle ICE had already been included in specifications
such as <xref target="XEP-0176">XMPP Jingle</xref> and it has
been in use in various implementations and deployments.
</t>
<t>
In addition to the basics of trickle ICE, this document also
describes how support for trickle ICE needs to be discovered,
how regular ICE processing needs to be modified when
building and updating check lists, and how trickle ICE
implementations should interoperate with agents that only
implement <xref target="RFC5245"/> processing.
</t>
<t>
This specification does not define usage of trickle ICE with any
specific signalling protocol, contrary to
<xref target="RFC5245"/> which contains a usage for ICE with
SIP. Such usages would have to be specified in separate
documents such as for example
<xref target="I-D.ivov-mmusic-trickle-ice-sip"/>.
</t>
<t>
Trickle ICE does however reuse and build upon the SDP syntax
defined by vanilla ICE.
</t>
</section>
<section title="Terminology">
<t>
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described
in <xref target="RFC2119"/>.
</t>
<t>
This specification makes use of all terminology defined by the
protocol for Interactive Connectivity Establishment in
<xref target="RFC5245"/>.
</t>
<t>
<list style="hanging">
<t hangText="Vanilla ICE:">
The Interactive Connectivity Establishment protocol as
defined in <xref target="RFC5245"/>.
</t>
<t hangText="Candidate Harvester:">
A module used by an ICE agent to obtain local candidates.
Candidate harvesters use different mechanisms for
discovering local candidates. Some of them would typically
make use of protocols such as STUN or TURN. Others may also
employ techniques that are not referenced within
<xref target="RFC5245"/>. UPnP based port allocation and
XMPP Jingle Relay Nodes <xref target="XEP-0278"/> are among
the possible examples.
</t>
<t hangText="Trickled Candidates:">
Candidates that a trickle ICE agent is sending subsequently
to but within the context defined by an offer or an answer.
Trickled candidates can be sent in parallel with candidate
harvesting and connectivity checks.
</t>
<t hangText="Trickling/Trickle (v.):">
The act of sending trickled candidates.
</t>
<t hangText="Half Trickle:">
A trickle ICE mode of operation where the offerer gathers
its first generation of candidates strictly before creating
and sending the offer. Once sent, that offer can be
processed by vanilla ICE agents and does not require support
for this specification. It also allows trickle ICE capable
answerers to still gather candidates and perform
connectivity checks in a non-blocking way, thus roughly
offering "half" the advantages of trickle ICE. The mechanism
is mostly meant for use in cases where support for trickle
ICE cannot be confirmed prior to sending a first offer.
</t>
<t hangText="Full Trickle:">
Regular mode of operation for trickle ICE agents, used in
opposition to the half trickle mode of operation.
</t>
</list>
</t>
</section>
<section title='Incompatibility with Standard ICE'
anchor='incompat'>
<t>
The ICE protocol was designed to be fairly flexible so that it
would work in and adapt to as many network environments as
possible. It is hence important to point out at least some of
the reasons why, despite its flexibility, the specification in
<xref target="RFC5245"/> would not support trickle ICE.
</t>
<t>
<xref target="RFC5245"/> describes the conditions required to
update check lists and timer states while an ICE agent is in the
Running state. These conditions are verified upon transaction
completion and one of them stipulates that:
</t>
<t>
<list style='empty'>
<t>
If there is not a pair in the valid list for each component
of the media stream, the state of the check list is set to
Failed.
</t>
</list>
</t>
<t>
This could be a problem and cause ICE processing to fail
prematurely in a number of scenarios. Consider the following
case:
</t>
<t>
<list style='symbols'>
<t>
Alice and Bob are both located in different networks with
Network Address Translation (NAT). Alice and Bob themselves
have different address but both networks use the same
<xref target="RFC1918"/> block.
</t>
<t>
Alice sends Bob the candidate 10.0.0.10 which also happens
to correspond to an existing host on Bob's network.
</t>
<t>
Bob creates a check list consisting solely of 10.0.0.10 and
starts checks.
</t>
<t>
These checks reach the host at 10.0.0.10 in Bob's network,
which responds with an ICMP "port unreachable" error and per
<xref target="RFC5245"/> Bob marks the transaction as
Failed.
</t>
</list>
At this point the check list only contains Failed candidates and
the valid list is empty. This causes the media stream and
potentially all ICE processing to Fail.
</t>
<t>
A similar race condition would occur if the initial offer from
Alice only contains candidates that can be determined as
unreachable (per
<xref target="I-D.keranen-mmusic-ice-address-selection"/>) from
any of the candidates that Bob has gathered. This would be the
case if Bob's candidates only contain IPv4 addresses and the
first candidate that he receives from Alice is an IPv6 one.
</t>
<t>
Another potential problem could arise when a non-trickle
ICE implementation sends an offer to a trickle one. Consider the
following case:
<list style='symbols'>
<t>
Alice's client has a non-trickle ICE implementation
</t>
<t>
Bob's client has support for trickle ICE.
</t>
<t>
Alice and Bob are behind NATs with address-dependent
filtering <xref target="RFC4787"/>.
</t>
<t>
Bob has two STUN servers but one of them is currently
unreachable
</t>
</list>
</t>
<t>
After Bob's agent receives Alice's offer it would immediately
start connectivity checks. It would also start gathering
candidates, which would take long because of the unreachable
STUN server. By the time Bob's answer is ready and sent to
Alice, Bob's connectivity checks may well have failed: until
Alice gets Bob's answer, she won't be able to start connectivity
checks and punch holes in her NAT. The NAT would hence be
filtering Bob's checks as originating from an unknown endpoint.
</t>
</section>
<section title='Determining Support for Trickle ICE' anchor="disco">
<t>
According to <xref target="RFC5245"/> every time an agent
supporting trickle ICE generates an offer or an answer, it MUST
include the "trickle" token in the ice-options attribute.
Syntax for this token is defined in <xref target="sdp.offer"/>.
</t>
<t>
Additionally, in order to avoid interoperability problems such
as those described in <xref target="incompat"/>, it is important
that trickle ICE negotiation is only attempted in cases where
the remote party actually supports this specification. Agents
that receive offers or answers can verify support by examining
them for the "trickle" ice-options token. However, agents
that are about to send a first offer, have no immediate way of
doing this. This means that usages of trickle for specific
protocols would need to either:
</t>
<t>
<list style='symbols'>
<t>
Provide a way for agents to verify support of trickle ICE
prior to initiating a session. XMPP's
<xref target="XEP-0030"> Service discovery</xref> is an
example for one such mechanism;
</t>
<t>
Make support for trickle ICE mandatory so that support could
be assumed the agents.
</t>
</list>
</t>
<t>
Alternately, for cases where a protocol provides neither of the
above, agents may either rely on provisioning/configuration, or
use the half trickle procedure described in
<xref target="half-trickle"/>.
</t>
<t>
Note that out-of-band discovery semantics and half trickle are
only necessary prior to session initiation, or in other words,
when sending the initial offer. Once a session is established
and trickle ICE support is confirmed for both parties, either
agent can use full trickle for subsequent offers.
</t>
<section title='Unilateral Use of Trickle ICE (Half Trickle)'
anchor="half-trickle">
<t>
The idea of using half trickle is about having the caller
send a regular, vanilla ICE offer, with a complete set of
candidates. This offer still indicates support for
trickle ice, so the answerer is able to respond with an
incomplete set of candidates and continue trickling the rest.
Half trickle offers will typically contain an
end-of-candidates indication.
</t>
<t>
The mechanism can be used in cases where there is no way for
an agent to verify in advance whether a remote party supports
trickle ice. Because it contains a full set of candidates, its
first offer can thus be handled by a regular vanilla ICE
agent, while still allowing a trickle one to use the
optimisation defined in this specification. This prevents
negotiation from failing in the former case while still giving
roughly half the trickle ICE benefits in the latter (hence the
name of the mechanism).
</t>
<t>
Use of half trickle is only necessary during an initial
offer/answer exchange. Once both parties have received a
session description from their peer, they can each reliably
determine trickle ICE support and use it for all subsequent
offer/answer exchanges.
</t>
<t>
It is worth pointing out that using half trickle may actually
bring more than just half the improvement in terms of user
experience. This can happen in cases where an agent
starts gathering candidates upon user interface cues that a
call is pending, such as activity on a keypad or the phone
going off hook. This would mean a part or all candidate
harvesting could have completed before the agent actually
needs to send the offer. Given that the answerer will be able
to trickle candidates, both agents will be able to start
connectivity checks and complete ICE processing earlier than
with vanilla ICE and potentially even as early as with full
trickle.
</t>
<t>
However, such anticipation is not not always possible. For
example, a multipurpose user agent or a WebRTC web page where
communication is a non-central feature (e.g. calling a support
line in case of a problem with the main features) would not
necessarily have a way of distinguishing between call
intentions and other user activity. Still, even in these
cases, using half trickle would be an improvement over vanilla
ICE as it would optimize performance for answerers.
</t>
</section>
</section>
<section title='Sending the Initial Offer' anchor="initial-offer">
<t>
An agent starts gathering candidates as soon as it has an
indication that communication is imminent (e.g. a user interface
cue or an explicit request to initiate a session). Contrary to
vanilla ICE, implementations of trickle ICE do not need to
gather candidates in a blocking manner. Therefore, unless half
trickle is being used, agents SHOULD generate and transmit their
initial offer as early as possible, in order to allow the remote
party to start gathering and trickling candidates.
</t>
<t>
Trickle ICE agents MAY include any set of candidates in an
offer. This includes the possibility of generating one with no
candidates, or one that contains all the candidates that the
agent is planning on using in the following session.
</t>
<t>
For optimal performance, it is RECOMMENDED that an initial offer
contains host candidates only. This would allow both agents to
start gathering server reflexive, relayed and other non-host
candidates simultaneously, and it would also enable them to
begin connectivity checks.
</t>
<t>
If the privacy implications of revealing host addresses are a
concern, agents MAY generate an offer that contains no
candidates and then only trickle candidates that do not reveal
host addresses (e.g. relayed candidates).
</t>
<t>
Prior to actually sending an initial offer, agents MAY verify if
the remote party supports trickle ICE, where such mechanisms
actually exist. If absence of such support is confirmed agents
MUST fall back to using vanilla ICE or abandon the entire
session.
</t>
<t>
All trickle ICE offers and answers MUST indicate support of this
specification, as explained in <xref target="sdp.offer"/>.
</t>
<t>
Calculating priorities and foundations, as well as determining
redundancy of candidates work the same way they do with vanilla
ICE.
</t>
<section title='Encoding the SDP' anchor="sdp.offer">
<t>
The process of encoding the SDP <xref target="RFC4566"/> is
mostly the same as the one used by vanilla ICE. Still, trickle
ICE does require a few differences described here.
</t>
<t>
Agents MUST indicate support for Trickle ICE by including the
"trickle" token for the "a=ice-options" attribute:
<figure>
<artwork>
<![CDATA[
a=ice-options:trickle
]]>
</artwork>
</figure>
</t>
<t>
As mentioned earlier in this section, Offers and Answers can
contain any set of candidates, which means that a trickle ICE
session description MAY contain no candidates at all. In such
cases the agent would still need to place an address in the
"c=" line(s). If the use of a host address there is
undesirable (e.g. for privacy reasons), the agent MAY set the
connection address to IP6 ::. In this case it MUST also
set the port number to 9 (Discard). There is no need to
include a fictitious candidate for the IP6 :: address when
doing so.
</t>
<t>
It is worth noting that the use of IP6 :: has been selected
over IP4 0.0.0.0, even though <xref target="RFC3264"/> already
gives the latter semantics appropriate for such use. The
reason for this choice is the historic use of 0.0.0.0 as a
means of putting a stream on hold <xref target="RFC2543"/> and
the ambiguity that this may cause with legacy libraries and
applications.
</t>
<t>
It is also worth mentioning that use of IP6 :: here does not
constitute any kind of indication as to the actual use of
IPv6 candidates in a session and it can very well appear in
a negotiation that only involves IPv4 candidates.
</t>
</section>
</section>
<section title='Receiving the Initial Offer' >
<t>
When an agent receives an initial offer, it will first check if
it indicates support for trickle ICE as explained in
<xref target="disco"/>. If this is not the case, the agent MUST
process the offer according to the <xref target="RFC5245"/>
procedures or standard <xref target="RFC3264"/> processing in
case no ICE support is detected at all.
</t>
<t>
It is worth pointing out that in case support for trickle ICE is
confirmed, an agent will automatically assume support for
vanilla ICE as well even if the support verification procedure
in <xref target="RFC5245"/> indicates otherwise. Specifically,
such verification would indicate lack of support when the offer
contains no candidates. The IP6 :: address present in the c=
line in that case would not "appear in a candidate attribute".
Obviously, a fallback to <xref target="RFC3264"/> is not
required when this happens.
</t>
<t>
If, the offer does indicate support for trickle ICE, the agent
will determine its role, start gathering and prioritizing
candidates and, while doing so it will also respond by sending
its own answer, so that both agents can start forming check
lists and begin connectivity checks.
</t>
<section title="Sending the Initial Answer">
<t>
An agent can respond to an initial offer at any point while
gathering candidates. The answer can again contain any set of
candidates including none or all of them. Unless it is
protecting host addresses for privacy reasons, the agent would
typically construct this initial answer including only them,
thus allowing the remote party to also start forming
checklists and performing connectivity checks.
</t>
<t>
The answer MUST indicate support for trickle ICE as described
by <xref target="disco"/>.
</t>
</section>
<section title="Forming check lists and beginning connectivity
checks" anchor="check.lists">
<t>
After exchanging offer and answer, and as soon as they have
obtained local and remote candidates, agents will begin
forming candidate pairs, computing their priorities and
creating check lists according to the vanilla ICE procedures
described in <xref target="RFC5245"/>. Obviously in order for
candidate pairing to be possible, it would be necessary that
both the offer and the answer contained candidates. If this
was not the case agents will still create the check lists (so
that their Active/Frozen state could be monitored and updated)
but they will only populate them once they actually have the
candidates.
</t>
<t>
Initially, all check lists will have their Active/Frozen state
set to Frozen.
</t>
<t>
Trickle ICE agents will then inspect the first check list and
attempt to unfreeze all candidates belonging to the first
component on the first media stream (i.e. the first media
stream that was reported to the ICE implementation from the
using application). If this checklist is still empty however,
agents will hold off further processing until this is no
longer the case.
</t>
<t>
Respecting the order in which lists have been reported to an
ICE implementation, or in other words, the order in which
they appear in SDP, is crucial to the frozen candidates
algorithm and important when making sure that connectivity
checks are performed simultaneously by both agents.
</t>
</section>
<section title='Encoding the SDP' anchor="sdp.answer">
<t>
The process for encoding the SDP at the answerer is identical
to the process followed by the offerer for both full and lite
implementations, as described in <xref target="sdp.offer"/>.
</t>
</section>
</section>
<section title="Receiving the Initial Answer">
<t>
When receiving an answer, agents will follow vanilla ICE
procedures to determine their role and they would then
form check lists (as described in <xref target="check.lists"/>)
and begin connectivity checks .
</t>
</section>
<section title='Performing Connectivity Checks' >
<t>
For the most part, trickle ICE agents perform connectivity
checks following vanilla ICE procedures. Of course, the
asynchronous nature of candidate harvesting in trickle ICE would
impose a number of changes described here.
</t>
<section title="Check List and Timer State Updates"
anchor="state-updates">
<t>
The vanilla ICE specification requires that agents update
check lists and timer states upon completing a connectivity
check transaction. During such an update vanilla ICE agents
would set the state of a check list to Failed if the following
two conditions are satisfied:
</t>
<t>
<list style="symbols">
<t>
all of the pairs in the check list are either in the
Failed or Succeeded state;
</t>
<t>
if at least one of the components of the media stream
has no pairs in its valid list.
</t>
</list>
</t>
<t>
With trickle ICE, the above situation would often occur when
candidate harvesting and trickling are still in progress and
it is perfectly possible that future checks will succeed. For
this reason trickle ICE agents add the following conditions to
the above list:
</t>
<t>
<list style="symbols">
<t>
all candidate harvesters have completed and the agent
is not expecting to learn any new candidates;
</t>
<t>
the remote agent has sent an end-of-candidates indication
for that check list as described in
<xref target="end-of-candidates"/>.
</t>
</list>
</t>
<t>
Vanilla ICE requires that agents then update all other check
lists, placing one pair in each of them into the Waiting
state, effectively unfreezing the check list. Given that
with trickle ICE, other check lists may still be empty at that
point, a trickle ICE agent SHOULD also maintain an explicit
Active/Frozen state for every check list, rather than deducing
it from the state of the pairs it contains. This state should
be set to Active when unfreezing the first pair in a list
or when that couldn't happen because a list was empty.
</t>
</section>
</section>
<section title='Discovering and Sending Additional Local Candidates'
anchor="send-trickling">
<t>
After an offer or an answer have been sent, agents will most
likely continue discovering new local candidates as STUN, TURN
and other non-host candidate harvesting mechanisms begin to
yield results. Whenever an agent discovers such a new candidate
it will compute its priority, type, foundation and component id
according to normal vanilla ICE procedures.
</t>
<t>
The new candidate is then checked for redundancy against the
existing list of local candidates. If its transport address and
base match those of an existing candidate, it will be considered
redundant and will be ignored. This would often happen for
server reflexive candidates that match the host addresses they
were obtained from (e.g. when the latter are public IPv4
addresses). Contrary to vanilla ICE, trickle ICE agents will
consider the new candidate redundant regardless of its priority.
[TODO: is this OK? if not we need to check if the existing
candidate was already used in conn checks, cancel them, and then
restart them with the new candidate ... and in this specific
case there's probably no point to do that].
</t>
<t>
Next the client sends (i.e. trickles) the newly learnt
candidate(s) to the remote agent.
</t>
<t>
One important aspect of Vanilla ICE is that connectivity checks
for a specific foundation and component be attempted
simultaneously by both agents, so that any firewalls or NATs
fronting the agents would whitelist the both endpoints and allow
all except for the first packets to go through. This is also
crucial to unfreezing candidates in the right time.
</t>
<t>
In order to preserve this feature with trickle ICE, agents MUST
respect the order of the components in the Offer or Answer. A
candidate for a specific component MUST NOT be sent prior to
candidates for other components within the same foundation.
</t>
<t>
For example, the following session description contains two
components (RTP and RTCP), and two foundations (host and the
server reflexive):
<figure>
<artwork>
<![CDATA[
v=0
o=jdoe 2890844526 2890842807 IN IP4 10.0.1.1
s=
c=IN IP4 10.0.1.1
t=0 0
a=ice-pwd:asd88fgpdd777uzjYhagZg
a=ice-ufrag:8hhY
m=audio 5000 RTP/AVP 0
a=rtpmap:0 PCMU/8000
a=candidate:1 1 UDP 2130706431 10.0.1.1 5000 typ host
a=candidate:1 2 UDP 2130706431 10.0.1.1 5001 typ host
a=candidate:2 1 UDP 1694498815 192.0.2.3 5000 typ srflx
raddr 10.0.1.1 rport 8998
a=candidate:2 2 UDP 1694498815 192.0.2.3 5001 typ srflx
raddr 10.0.1.1 rport 8998
]]>
</artwork>
</figure>
For this description the RTCP host candidate MUST NOT be sent
prior to the RTP host candidate. Similarly the RTP server
reflexive candidate MUST be sent together with or prior to the
RTCP server reflexive candidate.
</t>
<t>
Note that the order restriction only applies among candidates
that belong to the same foundation.
</t>
<t>
Then, after the candidates have been sent, the agent checks if
any remote candidates are currently known for this same stream.
If this is not the case the new candidate will simply be added
to the list of local candidates.
</t>
<t>
Otherwise, if the agent has already learned of one or more
remote candidates for this stream and component, it will begin
pairing the new local candidates with them and adding the pairs
to the existing check lists according to their priority.
</t>
<section title='Pairing newly learned candidates and updating
check lists'
anchor="cand-pairing">
<t>
Forming candidate pairs will work the way it is described by
the vanilla ICE specification. Actually adding the new pair to
a check list however, will happen according to the rules
described below.
</t>
<t>
If the new pair's local candidate is server reflexive, the
server reflexive candidate MUST be replaced by its base before
adding the pair to the list. Once this is done, the agent
examines the check list looking for another pair that would be
redundant with the new one. If such a pair exists, the newly
formed pair is ignored.
</t>
<t>
For all other pairs, including those with a server reflexive
local candidate that were not found to be redundant:
<list style="symbols">
<t>
if all check lists are empty and in the Frozen state, or
in other words, if this is the first pair the agent is
adding to any check list, both the pair and its containing
check list will be placed in an Active state.
</t>
<t>
if this check list is Frozen then the new pair will
also be assigned a Frozen state.
</t>
<t>
else if the check list is Active and it is either empty or
contains only candidates in the Succeeded and Failed
states, then the new pair's state is set to Waiting.
</t>
<t>
else if the check list is non-empty and Active, then the
new pair state will be set to
<list style="hanging">
<t hangText="Frozen: ">
if there is at least one pair in the list whose
foundation matches the one in the new pair and whose
state is neither Succeeded nor Failed (eventually the
new pair will get unfrozen after the the on-going
check for the existing pair concludes);
</t>
<t hangText="Waiting: ">
if the list contains no pairs with the same foundation
as the new one, or, in case such pairs exist but they
are all in either the Succeeded or Failed states.
</t>
</list>
</t>
</list>
</t>
</section>
<section title="Encoding the SDP for Additional Candidates">
<t>
To facilitate interoperability an ICE agent will encode
additional candidates using the vanilla ICE SDP syntax. For
example:
<figure>
<artwork>
<![CDATA[
a=candidate:2 1 UDP 1658497328 198.51.100.33 5000 typ host
]]>
</artwork>
</figure>
Given that such lines do not provide a relationship between
the candidate and the m line that it relates to, signalling
protocols using trickle ICE MUST establish that relation
themselves using an <xref target="RFC3388">MID</xref>. Such
MIDs use "media stream identification", as defined in
<xref target="RFC3388"/>, to identify a corresponding m-line.
When creating candidate lines usages of trickle ICE MUST use
the MID if possible, or the m-line index if not. Obviously,
agents MUST NOT send individual candidates prior to generating
the corresponding SDP session description.
</t>
<t>
The exact means of transporting additional candidates to a
remote agent is left to the protocols using trickle ICE. It is
important to note, however, that these candidate exchanges are
not part of the offer/answer model.
</t>
</section>
<section title='Announcing End of Candidates'
anchor="end-of-candidates">
<t>
Once all candidate harvesters for a specific media stream
complete, or expire, the agents will generate an
"end-of-candidates" indication for that stream and send it to
the remote agent via the signalling channel. Such indications
are sent in the form of a media-level attribute that has the
following form: end-of-candidates.
<figure>
<artwork>
<![CDATA[
a=end-of-candidates
]]>
</artwork>
</figure>
The end-of-candidates indications can be sent as part of an
offer, which would typically be the case with half trickle
initial offers, they can accompany the last candidate an agent
can send for a stream, and they can also be sent alone (e.g.
after STUN Binding requests or TURN Allocate requests to a
server timeout and the agent has no other active harvesters).
</t>
<t>
Controlled trickle ICE agents SHOULD always send
end-of-candidates indications once harvesting for a media stream
has completed unless ICE processing terminates before they've
had a chance to do so. Sending the indication is necessary in
order to avoid ambiguities and speed up ICE conclusion. This is
necessary in order to avoid ambiguities and speed up ICE
conclusion. Controlling agents on the other hand MAY sometimes
conclude ICE processing prior to sending end-of-candidates
notifications for all streams. This would typically be the case
with aggressive nomination. Yet it is RECOMMENDED that
controlling agents do send such indications whenever possible
for the sake of consistency and keeping middle boxes and
controlled agents up-to-date on the state of ICE processing.
</t>
<t>
When sending end-of-candidates during trickling, rather than as
a part of an offer or an answer, it is the responsibility of the
using protocol to define means that can be used to relate the
indication to one or more specific m-lines.
</t>
<t>
Receiving an end-of-candidates notification allows an agent to
update check list states and, in case valid pairs do not exist
for every component in every media stream, determine that ICE
processing has failed. It also allows agents to speed ICE
conclusion in cases where a candidate pair has been validates
but it involves the use of lower-preference transports such as
TURN. In such situations some implementations may choose to wait
in case higher-priority candidates are received and
end-of-candidates provides an indication that this is not going
to happen.
</t>
<t>
An agent MAY also choose to generate an end-of-candidates
event before candidate harvesting has actually completed, if the
agent determines that harvesting has continued for more than an
acceptable period of time. However, an agent MUST NOT send any
more candidates after it has send an end-of-candidates
notification.
</t>
<t>
When performing half trickle agents SHOULD send
end-of-candidates together with their initial offer unless they
are planning on potentially sending additional candidates in
case the remote party turns out to actually support trickle ICE.
</t>
<t>
When end-of-candidates is sent as part of an offer or an answer
it can appear as a session-level attribute, which would be
equivalent to having it appear in all m-lines.
</t>
<t>
Once an agent sends the end-of-candidates event, it will
update the state of the corresponding check list as explained
in section <xref target="state-updates"/>. Past that point
agents MUST NOT send any new candidates. Once an agent has
received an end-of-candidates indication, it MUST also ignore
any newly received candidates for that media stream. Adding new
candidates to the negotiation is hence only possible through an
ICE restart.
</t>
<t>
It is important to note that This specification does not
override vanilla ICE semantics for concluding ICE processing.
This means that even if end-of-candidates indications are sent
agents will still have to go through pair nomination. Also, if
pairs have been nominated for components and media streams, ICE
processing will still conclude even if end-of-candidate
indications have not been received for all streams.
</t>
</section>
<section title='Receiving an End Of Candidates Notification'
anchor="end-of-candidates.recv">
<t>
When an agent receives an end-of-candidates notification
for a specific check list, they will update its state as per
<xref target="state-updates"/>. In case the list is still in
the Active state after the update, the agent will persist the
the fact that an end-of-candidates notification has been
received for and take it into account in future list updates.
</t>
<t>
[TODO would we like to say anything about nomination? in
general this would be up to implementers but is there a need
for some basic guidelines?]
</t>
</section>
</section>
<section title='Receiving Additional Remote Candidates'
anchor="recv-trickling">
<t>
At any point of ICE processing, a trickle ICE agent may receive
new candidates from the remote agent. When this happens and no
local candidates are currently known for this same stream, the
new remote candidates are simply added to the list of remote
candidates.
</t>
<t>
Otherwise, the new candidates are used for forming candidate
pairs with the pool of local candidates and they are added to
the local check lists as described in
<xref target="cand-pairing"/>.
</t>
<t>
Once the remote agent has completed candidate harvesting, it
will send an end-of-candidates event. Upon receiving such an
event, the local agent MUST update check list states as per
<xref target="state-updates"/>. This may lead to some check
lists being marked as Failed.
</t>
</section>
<section title='Concluding ICE Processing'
anchor="concluding.ice">
<t>
This specification does not directly modify the procedures
ending ICE processing described in Section 8 of
<xref target="RFC5245"/>, and trickle ICE implementations will
follow the same rules.
</t>
<t>
</t>
</section>
<section title='Subsequent Offer/Answer Exchanges'
anchor="subsequent.oa">
<t>
Either agent MAY generate a subsequent offer at any time allowed
by <xref target="RFC3264"/>. When this happens agents will use
<xref target="RFC5245"/> semantics to determine whether or not
the new offer requires an ICE restart. If this is the case then
agents would perform trickle ICE as they would in an initial
offer/answer exchange.
</t>
<t>
The only differences between an ICE restart and a brand new
media session are that:
</t>
<t>
<list style='symbols'>
<t>
during the restart, media can continue to be sent to the
previously validated pair.
</t>
<t>
both agents are already aware whether or not their peer
supports trickle ICE, and there is no longer need for
performing half trickle or confirming support with other
mechanisms.
</t>
</list>
</t>
</section>
<section title='Interaction with ICE Lite'>
<t>
Behaviour of Trickle ICE capable ICE lite agents does not
require any particular rules other than those already defined
in this specification and <xref target="RFC5245"/>. This section
is hence added with an informational purpose only.
</t>
<t>
A Trickle ICE capable ICE Lite agent would generate offers or
answers as per <xref target="RFC5245"/>. Both will indicate
support for trickle ICE (<xref target="sdp.offer"/>) and given
that they will contain a complete set of candidates (the agent's
host candidates) these offers and answers would also be
accompanied with an end-of-candidates notification.
</t>
<t>
When performing full trickle, a full ICE implementation could
send an offer or an answer with no candidates and an IP6 ::
connection line address. After receiving an answer that
identifies the remote agent as an ICE lite implementation, the
offerer may very well choose to not send any additional
candidates. The same is also true in the case when the ICE lite
agent is making the offer and the full ICE one is answering. In
these cases the connectivity checks would be enough for the ICE
lite implementation to discover all potentially useful
candidates as peer reflexive. The following example illustrates
one such ICE session:
</t>
<figure title="Example " anchor="fig-ice-lite">
<artwork>
<![CDATA[
ICE Lite Bob
Agent
| Offer (a=ice-lite a=ice-options:trickle) |
|---------------------------------------------->|
| |no cand
| Answer (a=ice-options:trickle) |trickling
|<----------------------------------------------|
| Connectivity Checks |
|<--------------------------------------------->|
peer rflx| |
cand disco| |
| |
|<=============== MEDIA FLOWS =================>|
]]>
</artwork>
</figure>
<t>
In addition to reducing signaling traffic this approach also
removes the need to discover STUN bindings, or to make TURN or
UPnP allocations which may considerably lighten ICE processing.
</t>
</section>
<section title='Example Flow'>
<t>
A typical successful trickle ICE exchange with an Offer/Answer
protocol would look this way:
</t>
<figure title="Example " anchor="fig-example">
<artwork>
<![CDATA[
Alice Bob
| Offer |
|---------------------------------------------->|
| Additional Candidates |
|---------------------------------------------->|
| |
| Answer |
|<----------------------------------------------|
| Additional Candidates |
|<----------------------------------------------|
| |
| Additional Candidates and Connectivity Checks |
|<--------------------------------------------->|
| |
|<=============== MEDIA FLOWS =================>|
]]>
</artwork>
</figure>
</section>
<section title='Security Considerations'>
<t>
[TODO]
</t>
</section>
<section title='Acknowledgements'>
<t>
The authors would like to thank Bernard Adoba, Christer
Holmberg, Enrico Marocco, Flemming Andreasen, Jonathan Lennox
and Martin Thomson for their reviews and suggestions on
improving this document.
</t>
</section>
</middle>
<back>
<references title='Normative References'>
<?rfc include="reference.RFC.2119"?>
<?rfc include="reference.RFC.3264"?>
<?rfc include="reference.RFC.4566"?>
<?rfc include="reference.RFC.5245"?>
</references>
<references title='Informative References'>
<?rfc include="reference.RFC.1918"?>
<?rfc include="reference.RFC.2543"?>
<?rfc include="reference.RFC.3261"?>
<?rfc include="reference.RFC.3388"?>
<?rfc include="reference.RFC.3840"?>
<?rfc include="reference.RFC.4787"?>
<?rfc include="reference.RFC.5389"?>
<?rfc include="reference.RFC.5766"?>
<?rfc include="reference.I-D.keranen-mmusic-ice-address-selection"?>
<?rfc include="reference.I-D.ivov-mmusic-trickle-ice-sip"?>
<reference anchor="XEP-0176">
<front>
<title>XEP-0176: Jingle ICE-UDP Transport Method</title>
<author initials='J.' surname='Beda' fullname='Joe Beda'>
<organization abbrev='Google'>Google</organization>
</author>
<author initials='S.' surname='Ludwig'
fullname='Scott Ludwig'>
<organization abbrev='Google'>Google</organization>
</author>
<author initials='P.' surname='Saint-Andre'
fullname='Peter Saint-Andre'>
<organization abbrev='Cisco'>Cisco</organization>
</author>
<author initials='J.' surname='Hildebrand'
fullname='Joe Hildebrand'>
<organization abbrev='Cisco'>Cisco</organization>
</author>
<author initials='S.' surname='Egan' fullname='Sean Egan'>
<organization abbrev='Google'>Google </organization>
</author>
<author initials='R.' surname='McQueen'
fullname='Robert McQueen'>
<organization abbrev='Collabora'>Collabora</organization>
</author>
<date month="June" year="2009" />
</front>
<seriesInfo name="XEP" value="XEP-0176" />
</reference>
<reference anchor="XEP-0030">
<front>
<title>XEP-0030: Service Discovery</title>
<author initials='J.' surname='Hildebrand'
fullname='Joe Hildebrand'>
<organization abbrev='Cisco'>Cisco</organization>
</author>
<author initials='P.' surname='Millard'
fullname='Peter Millard'>
</author>
<author initials='R.' surname='Eatmon'
fullname='Ryan Eatmon'>
</author>
<author initials='P.' surname='Saint-Andre'
fullname='Peter Saint-Andre'>
<organization abbrev='Cisco'>Cisco</organization>
</author>
<date month="June" year="2008" />
</front>
<seriesInfo name="XEP" value="XEP-0030" />
</reference>
<reference anchor="XEP-0115">
<front>
<title>XEP-0115: Entity Capabilities</title>
<author initials='J.' surname='Hildebrand'
fullname='Joe Hildebrand'>
<organization abbrev='Cisco'>Cisco</organization>
</author>
<author initials='P.' surname='Saint-Andre'
fullname='Peter Saint-Andre'>
<organization abbrev='Cisco'>Cisco</organization>
</author>
<author initials='R.' surname='Tronçon'
fullname='Remko Tronçon'>
<organization abbrev='Synopsys'>Synopsys</organization>
</author>
<author initials='J.' surname='Konieczny'
fullname='Jacek Konieczny'>
</author>
<date month="February" year="2008" />
</front>
<seriesInfo name="XEP" value="XEP-0115" />
</reference>
<reference anchor="XEP-0278">
<front>
<title>XEP-0278: Jingle Relay Nodes</title>
<author initials='T.' surname='Camargo'
fullname='T. Camargo'>
</author>
<date month="June" year="2011" />
</front>
<seriesInfo name="XEP" value="XEP-0278" />
</reference>
</references>
<section title='Open issues'>
<t>
At the time of writing of this document the authors have no
clear view on how and if the following list of issues should
be addressed.
</t>
<section title="MID/Stream Indices in SDP">
<t>
This specification does not currently define syntax for
candidate-to-stream bindings although it says that they should
be implemented with MID or a stream index. Yet, it is
reasonable to assume that most usages would need to do this
within the SDP and it may make sense to agree on the format.
Here's one possible way to do this:
<figure>
<artwork>
<![CDATA[
a=mid:1
a=candidate:1 1 UDP 1658497328 192.168.100.33 5000 typ host
a=candidate:2 1 UDP 1658497328 96.1.2.3 5000 typ srflx
a=mid:2
a=candidate:2 1 UDP 1658497328 96.1.2.3 5002 typ srflx
a=end-of-candidates
]]>
</artwork>
</figure>
</t>
</section>
<section title='Starting checks'>
<t>
Normally Vanilla ICE implementations would first activate a
check list, validate at least one pair in every component
and only then unfreeze all other checklists. With trickle ICE
this would be suboptimal since, candidates can arrive randomly
and we would be wasting time waiting for a checklist to fill
(almost as if we were doing vanilla ICE). We need to decide if
unfreezing everything solely based on foundation is good
enough.
</t>
</section>
</section>
<section title='Changes From Earlier Versions'>
<t>
Note to the RFC-Editor: please remove this section prior to
publication as an RFC.
</t>
<section title='Changes From draft-ivov-00'>
<t>
<list style='symbols'>
<t>
Specified that end-of-candidates is a media level
attribute which can of course appear as session level,
which is equivalent to having it appear in all m-lines.
Also made end-of-candidates optional for cases such as
aggressive nomination for controlled agents.
</t>
<t>
Added an example for ICE lite and trickle ICE to
illustrate how, when talking to an ICE lite agent doesn't
need to send or even discover any candidates.
</t>
<t>
Added an example for ICE lite and trickle ICE to
illustrate how, when talking to an ICE lite agent doesn't
need to send or even discover any candidates.
</t>
<t>
Added wording that explicitly states ICE lite agents
have to be prepared to receive no candidates over
signalling and that they should not freak out if this
happens. (Closed the corresponding open issue).
</t>
<t>
It is now mandatory to use MID when trickling candidates
and using m-line indexes is no longer allowed.
</t>
<t>
Replaced use of 0.0.0.0 to IP6 :: in order to avoid
potential issues with RFC2543 SDP libraries that interpret
0.0.0.0 as an on-hold operation. Also changed the port
number here from 1 to 9 since it already has a more
appropriate meaning. (Port change suggested by Jonathan
Lennox).
</t>
<t>
Closed the Open Issue about use about what to do with
cands received after end-of-cands. Solution: ignore, do
an ice restart if you want to add something.
</t>
<t>
Added more terminology, including trickling, trickled
candidates, half trickle, full trickle,
</t>
<t>
Added a reference to the SIP usage for trickle ICE as
requested at the Boston interim.
</t>
</list>
</t>
</section>
<section title='Changes From draft-rescorla-01'>
<t>
<list style='symbols'>
<t>
Brought back explicit use of Offer/Answer. There are no
more attempts to try to do this in an O/A independent way.
Also removed the use of ICE Descriptions.
</t>
<t>
Added SDP specification for trickled candidates, the
trickle option and 0.0.0.0 addresses in m-lines, and
end-of-candidates.
</t>
<t>
Support and Discovery. Changed that section to be less
abstract. As discussed in IETF85, the draft now says
implementations and usages need to either determine
support in advance and directly use trickle, or do
half trickle. Removed suggestion about use of discovery in
SIP or about letting implementing protocols do what they
want.
</t>
<t>
Defined Half Trickle. Added a section that says how it
works. Mentioned that it only needs to happen in the first
o/a (not necessary in updates), and added Jonathan's
comment about how it could, in some cases, offer more than
half the improvement if you can pre-gather part or all of
your candidates before the user actually presses the call
button.
</t>
<t>
Added a short section about subsequent offer/answer
exchanges.
</t>
<t>
Added a short section about interactions with ICE Lite
implementations.
</t>
<t>
Added two new entries to the open issues section.
</t>
</list>
</t>
</section>
<section title='Changes From draft-rescorla-00'>
<t>
<list style='symbols'>
<t>
Relaxed requirements about verifying support following
a discussion on MMUSIC.
</t>
<t>
Introduced ICE descriptions in order to remove ambiguous
use of 3264 language and inappropriate references to
offers and answers.
</t>
<t>
Removed inappropriate assumption of adoption by RTCWEB
pointed out by Martin Thomson.
</t>
</list>
</t>
</section>
</section>
</back>
</rfc>
| PAFTECH AB 2003-2026 | 2026-04-24 02:45:26 |