附录B. Design Motivations【设计意图】

原文链接：https://datatracker.ietf.org/doc/html/rfc8445#appendix-B

附录B. Design Motivations【设计意图】

ICE contains a number of normative behaviors that may themselves be simple but derive from complicated or non-obvious thinking or use cases that merit further discussion.
ICE 包含许多规范行为，这些行为本身可能很简单，但源自复杂或不明显的想法或值得进一步讨论的用例。

Since these design motivations are not necessary to understand for purposes of implementation, they are discussed here. This appendix is non-normative.
由于这些设计动机不是为了实现目的而必须理解的，因此在这里对其进行讨论。 本附录是非规范性的。

B.1. Pacing of STUN Transactions【STUN事务的速度】

STUN transactions used to gather candidates and to verify connectivity are paced out at an approximate rate of one new transaction every Ta milliseconds.
用于收集候选和验证连接性的 STUN 事务以大约每 Ta 毫秒一个新事务的速率进行。

Each transaction, in turn, has a retransmission timer RTO that is a function of Ta as well.
反过来，每个事务都有一个重传计时器 RTO，它也是 Ta 的函数。

Why are these transactions paced, and why are these formulas used?
为什么这些交易是有节奏的，为什么要使用这些公式？

Sending of these STUN requests will often have the effect of creating bindings on NAT devices between the client and the STUN servers.
发送这些 STUN 请求通常会在客户端和 STUN 服务器之间的 NAT 设备上创建绑定。

Experience has shown that many NAT devices have upper limits on the rate at which they will create new bindings.
经验表明，许多 NAT 设备对它们创建新绑定的速率都有上限。

Discussions in the IETF ICE WG during the work on this specification concluded that once every 5 ms is well supported. This is why Ta has a lower bound of 5 ms.
IETF ICE WG 在本规范工作期间的讨论得出结论，每 5 ms 一次得到很好的支持。 这就是 Ta 的下限为 5 ms 的原因。

Furthermore, transmission of these packets on the network makes use of bandwidth and needs to be rate limited by the ICE agent.
此外，这些数据包在网络上的传输会占用带宽，并且需要由 ICE 代理进行速率限制。

Deployments based on earlier draft versions of [RFC5245] tended to overload rate-constrained access links and perform poorly overall, in addition to negatively impacting the network.
基于 [RFC5245] 早期草案版本的部署往往会使速率受限的接入链路过载并且总体性能不佳，此外还会对网络产生负面影响。

As a consequence, the pacing ensures that the NAT device does not get overloaded and that traffic is kept at a reasonable rate.
因此，调步可确保 NAT 设备不会过载，并将流量保持在合理的速率。

The definition of a “reasonable” rate is that STUN MUST NOT use more bandwidth than the RTP itself will use, once data starts flowing.
“合理”速率的定义是 STUN 使用的带宽不得超过 RTP 本身使用的带宽，一旦数据开始流动。

The formula for Ta is designed so that, if a STUN packet were sent every Ta seconds, it would consume the same amount of bandwidth as RTP packets, summed across all data streams.
Ta 的公式是这样设计的，如果每 Ta 秒发送一个 STUN 数据包，它将消耗与 RTP 数据包相同数量的带宽，所有数据流的总和。

Of course, STUN has retransmits, and the desire is to pace those as well.
当然，STUN 有重传，并且希望也能调整它们的速度。

For this reason, RTO is set such that the first retransmit on the first transaction happens just as the first STUN request on the last transaction occurs. Pictorially:
出于这个原因，设置 RTO 使得第一个事务的第一次重传发生在最后一个事务的第一个 STUN 请求发生的同时。图示：

In this picture, there are three transactions that will be sent (for example, in the case of candidate gathering, there are three host candidate/STUN server pairs).
在这张图中，将发送三个事务（例如，在候选收集的情况下，有三个主机候选人/STUN 服务器对）。

These are transactions A, B, and C. The retransmit timer is set so that the first retransmission on the first transaction (packet A2) is sent at time 3Ta.
这些是事务A、B和C。重传计时器被设置为在时间3Ta发送第一个事务（分组A2）的第一个重传。

Subsequent retransmits after the first will occur even less frequently than Ta milliseconds apart, since STUN uses an exponential backoff on its retransmissions.
在第一次重传之后的后续重传发生的频率甚至低于 Ta 毫秒间隔，因为 STUN 在其重传上使用指数退避。

This mechanism of a global minimum pacing interval of 5 ms is not generally applicable to transport protocols, but it is applicable to ICE based on the following reasoning.
这种全局最小来回间隔为 5 ms 的机制一般不适用于传输协议，但基于以下推理，它适用于 ICE。

• Start with the following rules that would be generally applicable to transport protocols:
  从以下通常适用于传输协议的规则开始

1. Let MaxBytes be the maximum number of bytes allowed to be outstanding in the network at startup, which SHOULD be 14600, as defined in Section 2 of [RFC6928].
   让 MaxBytes 为启动时允许在网络中未完成的最大字节数，应为 14600，如 [RFC6928] 第 2 节中所定义。
2. Let HTO be the transaction timeout, which SHOULD be 2RTT if RTT is known or 500 ms otherwise. This is based on the RTO for STUN messages from [RFC5389] and the TCP initial RTO, which is 1 sec in [RFC6298].
   让 HTO 为事务超时，如果 RTT 已知，则应为 2RTT，否则为 500 ms。这基于来自 [RFC5389] 的 STUN 消息的 RTO 和 TCP 初始 RTO，在 [RFC6298] 中为 1 秒。
3. Let MinPacing be the minimum pacing interval between transactions, which is 5 ms (see above).
   让 MinPacing 为事务之间的最小来回间隔，即 5 毫秒（见上文）。

• Observe that agents typically do not know the RTT for ICE transactions (connectivity checks in particular), meaning that HTO will almost always be 500 ms.
  观察代理通常不知道 ICE 交易的 RTT（特别是连接检查），这意味着 HTO 几乎总是 500 毫秒。
• Observe that a MinPacing of 5 ms and HTO of 500 ms gives at most 100 packets/HTO, which for a typical ICE check of less than 120 bytes means a maximum of 12000 outstanding bytes in the network, which is less than the maximum expressed by rule 1.
  观察到 5 ms 的 MinPacing 和 500 ms 的 HTO 最多提供 100 个数据包/HTO，对于小于 120 字节的典型 ICE 检查，这意味着网络中最多有 12000 个未完成的字节，这小于表示的最大值根据规则 1。
• Thus, for ICE, the rule set reduces to just the MinPacing rule, which is equivalent to having a global Ta value.
  因此，对于 ICE，规则集简化为仅 MinPacing 规则，这相当于具有全局 Ta 值。

B.2. Candidates with Multiple Bases【具有多个Base的候选】

Section 5.1.3 talks about eliminating candidates that have the same transport address and base. However, candidates with the same transport addresses but different bases are not redundant.
第 5.1.3 节讨论了消除具有相同传输地址和基址的候选者。 然而，具有相同传输地址但不同基数的候选不是冗余的。

When can an ICE agent have two candidates that have the same IP address and port but different bases? Consider the topology of Figure 11:
ICE 代理何时可以有两个具有相同 IP 地址和端口但bases不同的候选？ 考虑图 11 的拓扑：

图 11: 具有不同Bases的相同候选Bases

In this case, the initiating agent is multihomed. It has one IP address, 10.0.1.100, on network C, which is a net 10 private network.
在这种情况下，启动代理是多宿主的。它在网络 C 上有一个 IP 地址 10.0.1.100，该网络是一个 net 10 专用网络。

The responding agent is on this same network. The initiating agent is also connected to network A, which is 192.168/16, and has an IP address of 192.168.1.100.
响应代理位于同一网络上。发起代理还连接到网络 A，即 192.168/16，IP 地址为 192.168.1.100。

There is a NAT on this network, natting into network B, which is another net 10 private network, but it is not connected to network C. There is a STUN server on network B.
这个网络上有一个NAT，natting到网络B，这是另一个net 10私有网络，但它没有连接到网络C。网络B上有一个STUN服务器。

The initiating agent obtains a host candidate on its IP address on network C (10.0.1.100:2498) and a host candidate on its IP address on network A (192.168.1.100:3344).
发起代理在网络 C (10.0.1.100:2498) 上的 IP 地址上获得一个候选主机，在网络 A (192.168.1.100:3344) 上的 IP 地址上获得一个候选主机。

It performs a STUN query to its configured STUN server from 192.168.1.100:3344.
它从 192.168.1.100:3344 对其配置的 STUN 服务器执行 STUN 查询。

This query passes through the NAT, which happens to assign the binding 10.0.1.100:2498.
此查询通过 NAT，它恰好分配了绑定 10.0.1.100:2498。

The STUN server reflects this in the STUN Binding response. Now, the initiating agent has obtained a server-reflexive candidate with a transport address that is identical to a host candidate (10.0.1.100:2498).
STUN 服务器在 STUN 绑定响应中反映了这一点。现在，启动代理已经获得了一个服务器自反候选，其传输地址与主机候选 (10.0.1.100:2498) 相同。

However, the server-reflexive candidate has a base of 192.168.1.100:3344, and the host candidate has a base of 10.0.1.100:2498.
但是，服务器自反候选的基数为 192.168.1.100:3344，而主机候选的基数为 10.0.1.100:2498。

B.3. Purpose of the Related-Address and Related-Port Attributes【相关地址和相关端口属性的用途】

The candidate attribute contains two values that are not used at all by ICE itself – related address and related port. Why are they present?
候选属性包含 ICE 本身根本不使用的两个值——相关地址和相关端口。 他们为什么在场？

There are two motivations for its inclusion. The first is diagnostic. It is very useful to know the relationship between the different types of candidates.
包含它有两个目的。 首先是诊断。 了解不同类型候选之间的关系非常有用。

By including it, an ICE agent can know which relayed candidate is associated with which reflexive candidate, which in turn is associated with a specific host candidate.
通过包含它，ICE 代理可以知道哪个中继候选人与哪个reflexive候选相关联，而哪个reflexive候选又与特定的host候选相关联。

When checks for one candidate succeed but not for others, this provides useful diagnostics on what is going on in the network.
当对一个候选的检查成功但对其他候选没有成功时，这为网络中发生的事情提供了有用的诊断。

The second reason has to do with off-path Quality-of-Service (QoS) mechanisms.
第二个原因与非路径服务质量 (QoS) 机制有关。

When ICE is used in environments such as PacketCable 2.0, proxies will, in addition to performing normal SIP operations, inspect the SDP in SIP messages and extract the IP address and port for data traffic.
在 PacketCable 2.0 等环境中使用 ICE 时，代理除了执行正常的 SIP 操作外，还会检查 SIP 消息中的 SDP 并提取 IP 地址和端口以进行数据流量。

They can then interact, through policy servers, with access routers in the network, to establish guaranteed QoS for the data flows.
然后，它们可以通过策略服务器与网络中的接入路由器交互，为数据流建立有保证的 QoS。

This QoS is provided by classifying the RTP traffic based on 5-tuple and then providing it a guaranteed rate, or marking its DSCP appropriately.
此 QoS 是通过基于 5 元组对 RTP 流量进行分类，然后为其提供保证速率或适当标记其 DSCP 来提供的。

When a residential NAT is present, and a relayed candidate gets selected for data, this relayed candidate will be a transport address on an actual TURN server.
当一个住宅 NAT 存在，并且一个relayed候选被选中用于数据时，这个relayed候选将是实际 TURN 服务器上的传输地址。

That address says nothing about the actual transport address in the access router that would be used to classify packets for QoS treatment.
该地址没有说明接入路由器中用于对数据包进行分类以进行 QoS 处理的实际传输地址。

Rather, the server-reflexive candidate towards the TURN server is needed.
相反，需要针对 TURN 服务器的server-reflexive候选。

By carrying the translation in the SDP, the proxy can use that transport address to request QoS from the access router.
通过在 SDP 中进行转换，代理可以使用该传输地址向接入路由器请求 QoS。

B.4. Importance of the STUN Username【STUN 用户名的重要性】

ICE requires the usage of message integrity with STUN using its short-term credential functionality.
ICE 需要使用 STUN 的短期凭证功能来使用消息完整性。

The actual short-term credential is formed by exchanging username fragments in the candidate exchange.
实际的短期凭证是通过在候选交换中交换用户名片段形成的。

The need for this mechanism goes beyond just security; it is actually required for correct operation of ICE in the first place.
对这种机制的需求不仅仅是安全性； 实际上首先需要正确操作 ICE。

Consider ICE agents L, R, and Z. L and R are within private enterprise 1, which is using 10.0.0.0/8. Z is within private enterprise 2, which is also using 10.0.0.0/8.
考虑 ICE 代理 L、R 和 Z。L 和 R 在使用 10.0.0.0/8 的私营企业 1 内。 Z 在私有企业 2 内，该企业也在使用 10.0.0.0/8。

As it turns out, R and Z both have IP address 10.0.1.1. L sends candidates to Z. Z responds to L with its host candidates.
事实证明，R 和 Z 的 IP 地址都是 10.0.1.1。 L 将候选发送给 Z。Z 用它的宿主候选者响应 L。

In this case, those candidates are 10.0.1.1:8866 and 10.0.1.1:8877.
在这种情况下，这些候选是 10.0.1.1:8866 和 10.0.1.1:8877。

As it turns out, R is in a session at that same time and is also using 10.0.1.1:8866 and 10.0.1.1:8877 as host candidates.
事实证明，R 同时在一个会话中，并且还使用 10.0.1.1:8866 和 10.0.1.1:8877 作为主机候选。

This means that R is prepared to accept STUN messages on those ports, just as Z is.
这意味着 R 准备好在这些端口上接受 STUN 消息，就像 Z 一样。

L will send a STUN request to 10.0.1.1:8866 and another to 10.0.1.1:8877.
L 将向 10.0.1.1:8866 发送 STUN 请求，向 10.0.1.1:8877 发送另一个请求。

However, these do not go to Z as expected. Instead, they go to R! If R just replied to them, L would believe it has connectivity to Z, when in fact it has connectivity to a completely different user, R.
然而，这些并没有像预期的那样到达 Z。相反，他们去R！如果 R 只是回复他们，L 会认为它与 Z 有连接，而实际上它与完全不同的用户 R 有连接。

To fix this, STUN short-term credential mechanisms are used. The username fragments are sufficiently random; thus it is highly unlikely that R would be using the same values as Z.
为了解决这个问题，使用了 STUN 短期凭证机制。用户名片段足够随机；因此，R 极不可能使用与 Z 相同的值。

Consequently, R would reject the STUN request since the credentials were invalid.
因此，R 将拒绝 STUN 请求，因为凭证无效。

In essence, the STUN username fragments provide a form of transient host identifiers, bound to a particular session established as part of the candidate exchange.
本质上，STUN 用户名片段提供了一种临时主机标识符，绑定到作为候选交换的一部分而建立的特定会话。

An unfortunate consequence of the non-uniqueness of IP addresses is that, in the above example, R might not even be an ICE agent.
IP 地址不唯一性的一个不幸后果是，在上面的示例中，R 甚至可能不是 ICE 代理。

It could be any host, and the port to which the STUN packet is directed could be any ephemeral port on that host.
它可以是任何主机，STUN 数据包指向的端口可以是该主机上的任何临时端口。

If there is an application listening on this socket for packets, and it is not prepared to handle malformed packets for whatever protocol is in use, the operation of that application could be affected.
如果有应用程序在此套接字上侦听数据包，并且它不准备为正在使用的任何协议处理格式错误的数据包，则该应用程序的操作可能会受到影响。

Fortunately, since the ports exchanged are ephemeral and usually drawn from the dynamic or registered range, the odds are good that the port is not used to run a server on host R, but rather is the agent side of some protocol.
幸运的是，由于交换的端口是短暂的，并且通常来自动态或注册范围，因此该端口很有可能不用于在主机 R 上运行服务器，而是用于某些协议的代理端。

This decreases the probability of hitting an allocated port, due to the transient nature of port usage in this range.
由于此范围内端口使用的瞬态特性，这降低了命中分配端口的可能性。

However, the possibility of a problem does exist, and network deployers need to be prepared for it. Note that this is not a problem specific to ICE; stray packets can arrive at a port at any time for any type of protocol, especially ones on the public Internet.
但是，确实存在问题的可能性，网络部署人员需要为此做好准备。 请注意，这不是 ICE 特有的问题； 对于任何类型的协议，尤其是公共 Internet 上的协议，杂散数据包可以随时到达端口。

As such, this requirement is just restating a general design guideline for Internet applications – be prepared for unknown packets on any port.
因此，此要求只是重申了 Internet 应用程序的一般设计指南——为任何端口上的未知数据包做好准备。

B.5. The Candidate Pair Priority Formula【候选对优先级公式】

The priority for a candidate pair has an odd form. It is:
候选对的优先级具有奇数形式：

pair priority = 2^32MIN(G,D) + 2MAX(G,D) + (G>D?1:0)

Why is this? When the candidate pairs are sorted based on this value, the resulting sorting has the MAX/MIN property.
为什么是这样？ 当候选对基于此值排序时，生成的排序具有 MAX/MIN 属性。

This means that the pairs are first sorted based on decreasing value of the minimum of the two priorities.
这意味着首先根据两个优先级中最小值的递减值对这些对进行排序。

For pairs that have the same value of the minimum priority, the maximum priority is used to sort amongst them.
对于具有相同最小优先级值的对，使用最大优先级在它们之间进行排序。

If the max and the min priorities are the same, the controlling agent’s priority is used as the tiebreaker in the last part of the expression.
如果最大和最小优先级相同，则控制代理的优先级用作表达式最后部分的决胜局。

The factor of 232 is used since the priority of a single candidate is always less than 232, resulting in the pair priority being a “concatenation” of the two component priorities.
使用 232 因子是因为单个候选的优先级总是小于 232，导致对优先级是两个组件优先级的“串联”。

This creates the MAX/MIN sorting. MAX/MIN ensures that, for a particular ICE agent, a lower-priority candidate is never used until all higher-priority candidates have been tried.
这将创建 MAX/MIN 排序。 MAX/MIN 确保对于特定的 ICE 代理，在尝试所有较高优先级的候选人之前，永远不会使用较低优先级的候选人。

B.6. Why Are Keepalives Needed?【为什么需要 Keepalives】

Once data begins flowing on a candidate pair, it is still necessary to keep the bindings alive at intermediate NATs for the duration of the session.
一旦数据开始在候选对上流动，仍然需要在会话期间在中间 NAT 上保持绑定活动。

Normally, the data stream packets themselves (e.g., RTP) meet this objective. However, several cases merit further discussion.
通常，数据流包本身（例如，RTP）满足这个目标。然而，有几个案例值得进一步讨论。

Firstly, in some RTP usages, such as SIP, the data streams can be “put on hold”. This is accomplished by using the SDP “sendonly” or “inactive” attributes, as defined in RFC 3264.
首先，在某些 RTP 用途中，例如 SIP，数据流可以“暂停”。这是通过使用 RFC 3264 中定义的 SDP“sendonly”或“inactive”属性来完成的。

RFC 3264 directs implementations to cease transmission of data in these cases. However, doing so may cause NAT bindings to time out, and data won’t be able to come off hold.
RFC 326 指示实现在这些情况下停止数据传输。但是，这样做可能会导致 NAT 绑定超时，并且数据将无法暂停。

Secondly, some RTP payload formats, such as the payload format for text conversation [RFC4103], may send packets so infrequently that the interval exceeds the NAT binding timeouts.
其次，某些 RTP 有效负载格式，例如文本对话的有效负载格式 [RFC4103]，可能发送数据包的频率太低，以至于间隔超过 NAT 绑定超时。

Thirdly, if silence suppression is in use, long periods of silence may cause data transmission to cease sufficiently long for NAT bindings to time out.
第三，如果使用静音抑制，长时间的静音可能会导致数据传输停止足够长的时间，以使 NAT 绑定超时。

For these reasons, the data packets themselves cannot be relied upon.
由于这些原因，不能依赖数据包本身。

ICE defines a simple periodic keepalive utilizing STUN Binding Indications.
ICE 使用 STUN 绑定指示定义了一个简单的周期性保活。

This makes its bandwidth requirements highly predictable and thus amenable to QoS reservations.
这使得它的带宽需求高度可预测，因此可以接受 QoS 预留。

B.7. Why Prefer Peer-Reflexive Candidates?【为什么更推荐Peer-Reflexive候选】

Section 5.1.2 describes procedures for computing the priority of a candidate based on its type and local preferences.
第 5.1.2 节描述了根据候选人的类型和本地偏好计算候选人优先级的过程。

That section requires that the type preference for peer-reflexive candidates always be higher than server reflexive.
该部分要求peer-reflexive候选的类型偏好始终高于server reflexive候选。

Why is that? The reason has to do with the security considerations in Section 19.
这是为什么？ 原因与第 19 节中的安全考虑有关。

It is much easier for an attacker to cause an ICE agent to use a false server-reflexive candidate rather than a false peer-reflexive candidate.
攻击者更容易让 ICE 代理使用虚假的server-reflexive候选，而不是虚假的对等自反候选者。

Consequently, attacks against address gathering with Binding requests are thwarted by ICE by preferring the peer-reflexive candidates.
因此，ICE 通过优先选择peer-reflexiv候选来阻止对使用绑定请求进行地址收集的攻击。

B.8. Why Are Binding Indications Used for Keepalives?【为什么将绑定指示用于保活】

Data keepalives are described in Section 11. These keepalives make use of STUN when both endpoints are ICE capable.
数据保活在第 11 节中描述。当两个端点都支持 ICE 时，这些保活使用 STUN。

However, rather than using a Binding request transaction (which generates a response), the keepalives use an Indication.
但是，keepalive 不使用绑定请求事务（生成响应），而是使用指示。

Why is that? The primary reason has to do with network QoS mechanisms.
这是为什么？ 主要原因与网络 QoS 机制有关。

Once data begins flowing, network elements will assume that the data stream has a fairly regular structure, making use of periodic packets at fixed intervals, with the possibility of jitter.
一旦数据开始流动，网络元素将假定数据流具有相当规则的结构，以固定间隔使用周期性数据包，并可能出现抖动。

If an ICE agent is sending data packets, and then receives a Binding request, it would need to generate a response packet along with its data packets.
如果 ICE 代理正在发送数据包，然后接收到绑定请求，则需要生成响应包及其数据包。

This will increase the actual bandwidth requirements for the 5-tuple carrying the data packets and introduce jitter in the delivery of those packets.
这将增加携带数据包的 5 元组的实际带宽需求，并在这些数据包的传递中引入抖动。

Analysis has shown that this is a concern in certain Layer 2 access networks that use fairly tight packet schedulers for data.
分析表明，在某些第 2 层接入网络中，这是一个问题，这些网络使用相当严格的数据包调度程序来处理数据。

Additionally, using a Binding Indication allows integrity to be disabled, which may result in better performance.
此外，使用绑定指示允许禁用完整性，这可能会带来更好的性能。

This is useful for large-scale endpoints, such as Public Switched Telephone Network (PSTN) gateways and Session Border Controllers (SBCs).
这对于大型端点非常有用，例如公共交换电话网络 (PSTN) 网关和会话边界控制器 (SBC)。

B.9. Selecting Candidate Type Preference【选择候选人类型偏好】

One criterion for selecting type and local preference values is the use of a data intermediary, such as a TURN server, a tunnel service such as a VPN server, or NAT.
选择类型和本地首选项值的一个标准是使用数据中介，例如 TURN 服务器、隧道服务（例如 VPN 服务器）或 NAT。

With a data intermediary, if data is sent to that candidate, it will first transit the data intermediary before being received.
对于数据中介，如果数据被发送到该候选，它将在被接收之前首先通过数据中介。

One type of candidate that involves a data intermediary is the relayed candidate. Another type is the host candidate, which is obtained from a VPN interface.
涉及数据中介的一类候选者是relayed候选。 另一种类型是host候选，它是从 VPN 接口获得的。

When data is transited through a data intermediary, it can have a positive or negative effect on the latency between transmission and reception.
当数据通过数据中介传输时，它会对传输和接收之间的延迟产生积极或消极的影响。

It may or may not increase the packet losses, because of the additional router hops that may be taken.
它可能会或可能不会增加数据包丢失，因为可能会采用额外的路由器跃点。

It may increase the cost of providing service, since data will be routed in and right back out of a data intermediary run by a provider.
它可能会增加提供服务的成本，因为数据将被路由进出由提供商运行的数据中介。

If these concerns are important, the type preference for relayed candidates needs to be carefully chosen.
如果这些问题很重要，则需要仔细选择relayed候选的类型偏好。

Another criterion for selecting preferences is the IP address family. ICE works with both IPv4 and IPv6.
选择首选项的另一个标准是 IP 地址系列。 ICE 适用于 IPv4 和 IPv6。

It provides a transition mechanism that allows dual-stack hosts to prefer connectivity over IPv6 but to fall back to IPv4 in case the v6 networks are disconnected.
它提供了一种转换机制，允许双栈主机优先选择连接而不是 IPv6，但在 v6 网络断开连接的情况下回退到 IPv4。

Implementation SHOULD follow the guidelines from [RFC8421] to avoid excessive delays in the connectivity-check phase if broken paths exist.
实现应该遵循 [RFC8421] 的指导方针，以避免在存在损坏路径的情况下在连接检查阶段出现过度延迟。

Another criterion for selecting preferences is topological awareness. This is beneficial for candidates that make use of intermediaries.
选择偏好的另一个标准是拓扑意识。这对使用中介的候选是有益的。

In those cases, if an ICE agent has preconfigured or dynamically discovered knowledge of the topological proximity of the intermediaries to itself, it can use that to assign higher local preferences to candidates obtained from closer intermediaries.
在这些情况下，如果 ICE 代理已经预先配置或动态发现了中介与其自身的拓扑邻近性的知识，它可以使用它来为从更接近的中介获得的候选分配更高的本地偏好。

Another criterion for selecting preferences might be security or privacy.
选择偏好的另一个标准可能是安全性或隐私性。

If a user is a telecommuter, and therefore connected to a corporate network and a local home network, the user may prefer their voice traffic to be routed over the VPN or similar tunnel in order to keep it on the corporate network when communicating within the enterprise but may use the local network when communicating with users outside of the enterprise.
如果用户是因为远程办公，才连接到公司网络和本地家庭网络，则用户可能更喜欢通过 VPN 或类似隧道路由他们的语音流量，以便在企业内部通信时将其保留在公司网络上但在与企业外部的用户通信时可能会使用本地网络。

In such a case, a VPN address would have a higher local preference than any other address.
在这种情况下，VPN 地址将比任何其他地址具有更高的本地优先级。