I am implementing the WebRTC stack from scratch as a hobby project. I cannot understand when the DTLS negotiation is supposed to start? BEFORE or AFTER the candidate nomination is completed with a triggered check?
When I connected two Chrome clients in p2p and monitored the traffic on Wireshark, it seems that the DTLS client hello is sent before the candidate has been nominated, What I don't understand is why it establishes the DTLs before even knowing the actual nominated candidate pair.
What you are observing is most likely aggressive nomination described in https://www.rfc-editor.org/rfc/rfc5245#section-8.1.1.2 DTLS starts once there is a candidate that is writable, why wait for nomination which takes some time.