Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ICE connectivity checks are made for deselected network types #2782

Closed
adriancable opened this issue Jun 3, 2024 · 4 comments · Fixed by pion/ice#722 or pion/ice#723
Closed

ICE connectivity checks are made for deselected network types #2782

adriancable opened this issue Jun 3, 2024 · 4 comments · Fixed by pion/ice#722 or pion/ice#723

Comments

@adriancable
Copy link
Contributor

adriancable commented Jun 3, 2024
edited
Loading

Example - I set things up like this:

s.SetNetworkTypes([]webrtc.NetworkType{webrtc.NetworkTypeUDP4, webrtc.NetworkTypeTCP4})

But then see things like this:

ice TRACE: 20:07:56.026763 agent.go:895: Ping STUN from tcp6 host [2601:646:c200:7e:4705:3093:5b99:bb99]:41033 (resolved: [2601:646:c200:7e:4705:3093:5b99:bb99]:41033) to tcp6 host [2607:f8b0:4004:1001::7f]:19305 (resolved: [2607:f8b0:4004:1001::7f]:19305)
...
ice TRACE: 20:07:56.097495 selection.go:138: Inbound STUN (SuccessResponse) from tcp6 host [2607:f8b0:4004:1001::7f]:19305 (resolved: [2607:f8b0:4004:1001::7f]:19305) to tcp6 host [2601:646:c200:7e:4705:3093:5b99:bb99]:41033 (resolved: [2601:646:c200:7e:4705:3093:5b99:bb99]:41033)

As expected, the TCP6 candidate pairs never get nominated. But why are we even doing connectivity checks on them when we are excluding TCP6 via SetNetworkTypes?

Edit to add: I think there is a logic error in addRemotePassiveTCPCandidate in ice/agent.go. Right now it has:

func (a *Agent) addRemotePassiveTCPCandidate(remoteCandidate Candidate) {
	_, localIPs, err := localInterfaces(a.net, a.interfaceFilter, a.ipFilter, []NetworkType{remoteCandidate.NetworkType()}, a.includeLoopback)

But this doesn't check that remoteCandidate.NetworkType() is in a.networkTypes. So we probably want to add something like this at the beginning of addRemotePassiveTCPCandidate:

	found := false
	for _, v := range a.networkTypes {
		if v == remoteCandidate.NetworkType() {
			found = true
			break
		}
	}

	if !found {
		a.log.Warnf("Remote candidate ignored as network type excluded in local agent configuration: %s", remoteCandidate)
		return
	}
@Sean-Der
Copy link
Member

I am not sure how this happened! We have a check that matches your exact logic here

Sean-Der added a commit to pion/ice that referenced this issue Aug 14, 2024
@Sean-Der
Add test that NetworkTypes is respected
b559a79 
Assert that a remote Passive TCP candidate doesn't cause a TCP
connection to be started.

Resolves pion/webrtc#2782
@Sean-Der Sean-Der mentioned this issue Aug 14, 2024
Merged
Sean-Der added a commit to pion/ice that referenced this issue Aug 14, 2024
@Sean-Der
Add test that NetworkTypes is respected
5dfb91f 
Assert that a remote Passive TCP candidate doesn't cause a TCP
connection to be started.

Resolves pion/webrtc#2782
@adriancable
Copy link
Contributor Author

adriancable commented Aug 14, 2024
edited
Loading

@Sean-Der - the issue, I think, is that the logic doesn't differentiate between TCP4 and TCP6 candidates. So for example, if only TCP4 is enabled in the network types, we still end up generating TCP6 local candidates and doing connectivity checks on them if the remote answers with TCP6 candidates, even though we (correctly) never nominate them. Does this make sense?

@adriancable adriancable reopened this Aug 14, 2024
Sean-Der added a commit to pion/ice that referenced this issue Aug 14, 2024
@Sean-Der
Take TCP Family into account before connecting
60f8b70 
Before if a user disabled TCPv6 (but enabled TCPv4) we would incorrectly
start TCP connections over TCPv6 still.

Resolves pion/webrtc#2782
@Sean-Der Sean-Der mentioned this issue Aug 14, 2024
Merged
@Sean-Der
Copy link
Member

@adriancable oof I missed that detail. I was able to reproduce with a test, merging now!

@adriancable
Copy link
Contributor Author

@Sean-Der - great! Your change looks good to me.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
2 participants
@Sean-Der @adriancable