idnits 2.17.1 draft-tarapore-mboned-multicast-cdni-06.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an Introduction section. (A line matching the expected section header was found, but with an unexpected indentation: ' 2. Overview of Inter-domain Multicast Application Transport' ) ** The document seems to lack a Security Considerations section. (A line matching the expected section header was found, but with an unexpected indentation: ' 5. Security Considerations' ) ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) (A line matching the expected section header was found, but with an unexpected indentation: ' 6. IANA Considerations' ) Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == Line 122 has weird spacing: '...Catalog all ...' == Line 247 has weird spacing: '...network envi...' == Line 260 has weird spacing: '... Users in A...' == Line 315 has weird spacing: '... o It is r...' == Line 318 has weird spacing: '... entire netwo...' == (6 more instances...) == The document seems to contain a disclaimer for pre-RFC5378 work, but was first submitted on or after 10 November 2008. The disclaimer is usually necessary only for documents that revise or obsolete older RFCs, and that take significant amounts of text from those RFCs. If you can contact all authors of the source material and they are willing to grant the BCP78 rights to the IETF Trust, you can and should remove the disclaimer. Otherwise, the disclaimer is needed and you can ignore this comment. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (July 4, 2014) is 3581 days in the past. Is this intentional? Checking references for intended status: Best Current Practice ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Missing reference section? 'RFC4607' on line 1011 looks like a reference -- Missing reference section? 'RFC4604' on line 1004 looks like a reference -- Missing reference section? 'RFC2784' on line 998 looks like a reference -- Missing reference section? 'IETF-ID-AMT' on line 1001 looks like a reference -- Missing reference section? 'RFC2236' on line 672 looks like a reference Summary: 3 errors (**), 0 flaws (~~), 8 warnings (==), 6 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 MBONED Working Group Percy S. Tarapore 2 Internet Draft Robert Sayko 3 Intended status: BCP AT&T 4 Expires: January 4, 2015 Greg Shepherd 5 Toerless Eckert 6 Cisco 7 Ram Krishnan 8 Brocade 9 July 4, 2014 11 Multicasting Applications Across Inter-Domain Peering Points 12 draft-tarapore-mboned-multicast-cdni-06.txt 14 Status of this Memo 16 This Internet-Draft is submitted in full conformance with the 17 provisions of BCP 78 and BCP 79. 19 Internet-Drafts are working documents of the Internet Engineering 20 Task Force (IETF). Note that other groups may also distribute 21 working documents as Internet-Drafts. The list of current Internet- 22 Drafts is at http://datatracker.ietf.org/drafts/current/. 24 Internet-Drafts are draft documents valid for a maximum of six 25 months and may be updated, replaced, or obsoleted by other documents 26 at any time. It is inappropriate to use Internet-Drafts as 27 reference material or to cite them other than as "work in progress." 29 This Internet-Draft will expire on January 4, 2015. 31 Copyright Notice 33 Copyright (c) 2014 IETF Trust and the persons identified as the 34 document authors. All rights reserved. 36 This document is subject to BCP 78 and the IETF Trust's Legal 37 Provisions Relating to IETF Documents 38 (http://trustee.ietf.org/license-info) in effect on the date of 39 publication of this document. Please review these documents 40 carefully, as they describe your rights and restrictions with 41 respect to this document. Code Components extracted from this 42 document must include Simplified BSD License text as described in 43 Section 4.e of the Trust Legal Provisions and are provided without 44 warranty as described in the Simplified BSD License. 46 IETF I-D Multicasting Applications Across Peering Points February 2014 48 This document may contain material from IETF Documents or IETF 49 Contributions published or made publicly available before November 50 10, 2008. The person(s) controlling the copyright in some of this 51 material may not have granted the IETF Trust the right to allow 52 modifications of such material outside the IETF Standards Process. 53 Without obtaining an adequate license from the person(s) controlling 54 the copyright in such materials, this document may not be modified 55 outside the IETF Standards Process, and derivative works of it may 56 not be created outside the IETF Standards Process, except to format 57 it for publication as an RFC or to translate it into languages other 58 than English. 60 Abstract 62 This document examines the process of transporting applications via 63 multicast across inter-domain peering points. The objective is to 64 describe the setup process for multicast-based delivery across 65 administrative domains and document supporting functionality to 66 enable this process. 68 Table of Contents 70 1. Introduction...................................................3 71 2. Overview of Inter-domain Multicast Application Transport.......4 72 3. Inter-domain Peering Point Requirements for Multicast..........5 73 3.1. Native Multicast..........................................5 74 3.2. Peering Point Enabled with GRE Tunnel.....................7 75 3.3. Peering Point Enabled with an AMT - Both Domains Multicast 76 Enabled........................................................8 77 3.4. Peering Point Enabled with an AMT - AD-2 Not Multicast 78 Enabled........................................................9 79 3.5. AD-2 Not Multicast Enabled - Multiple AMT Tunnels Through 80 AD-2..........................................................11 81 4. Supporting Functionality......................................13 82 4.1. Network Interconnection Transport and Security Guidelines14 83 4.2. Routing Aspects and Related Guidelines...................15 84 4.2.1 Native Multicast Routing Aspects..................15 85 4.2.2 GRE Tunnel over Interconnecting Peering Point.....16 86 4.2.3 Routing Aspects with AMT Tunnels.....................16 87 4.3. Back Office Functions - Billing and Logging Guidelines...19 88 4.3.1 Provisioning Guidelines...........................19 89 4.3.2 Application Accounting Billing Guidelines.........20 90 4.3.3 Log Management Guidelines.........................21 91 4.3.4 Settlement Guidelines.............................21 92 4.4. Operations - Service Performance and Monitoring Guidelines22 93 4.5. Reliability Models/Service Assurance Guidelines..........22 95 IETF I-D Multicasting Applications Across Peering Points February 2014 97 4.6. Provisioning Guidelines..................................22 98 4.7. Client Models............................................23 99 4.8. Addressing Guidelines....................................23 100 5. Security Considerations.......................................23 101 6. IANA Considerations...........................................23 102 7. Conclusions...................................................23 103 8. References....................................................23 104 8.1. Normative References.....................................23 105 8.2. Informative References...................................24 106 9. Acknowledgments...............................................24 108 1. Introduction 110 Several types of applications (e.g., live video streaming, software 111 downloads) are well suited for delivery via multicast means. The use 112 of multicast for delivering such applications offers significant 113 savings for utilization of resources in any given administrative 114 domain. End user demand for such applications is growing. Often, 115 this requires transporting such applications across administrative 116 domains via inter-domain peering points. 118 The objective of this Best Current Practices document is twofold: 119 o Describe the process and establish guidelines for setting up 120 multicast-based delivery of applications across inter-domain 121 peering points, and 122 o Catalog all required information exchange between the 123 administrative domains to support multicast-based delivery. 125 While there are several multicast protocols available for use, this 126 BCP will focus the discussion to those that are applicable and 127 recommended for the peering requirements of today's service model, 128 including: 130 o Protocol Independent Multicast - Source Specific Multicast 131 (PIM-SSM) [RFC4607] 132 o Internet Group Management Protocol (IGMP) v3 [RFC4604] 133 o Multicast Listener Discovery (MLD) [RFC4604] 135 This document therefore serves the purpose of a "Gap Analysis" 136 exercise for this process. The rectification of any gaps identified 137 - whether they involve protocol extension development or otherwise - 138 is beyond the scope of this document and is for further study. 140 IETF I-D Multicasting Applications Across Peering Points February 2014 142 2. Overview of Inter-domain Multicast Application Transport 144 A multicast-based application delivery scenario is as follows: 145 o Two independent administrative domains are interconnected via a 146 peering point. 147 o The peering point is either multicast enabled (end-to-end 148 native multicast across the two domains) or it is connected by 149 one of two possible tunnel types: 150 o A Generic Routing Encapsulation (GRE) Tunnel [RFC2784] 151 allowing multicast tunneling across the peering point, or 152 o An Automatic Multicast Tunnel (AMT) [IETF-ID-AMT]. 153 o The application stream originates at a source in Domain 1. 154 o An End User associated with Domain 2 requests the application. 155 It is assumed that the application is suitable for delivery via 156 multicast means (e.g., live steaming of major events, software 157 downloads to large numbers of end user devices, etc.) 158 o The request is communicated to the application source which 159 provides the relevant multicast delivery information to the EU 160 device via a "manifest file". At a minimum, this file contains 161 the {Source, Group} or (S,G) information relevant to the 162 multicast stream. 163 o The application client in the EU device then joins the 164 multicast stream distributed by the application source in 165 domain 1 utilizing the (S,G) information provided in the 166 manifest file. The manifest file may also contain additional 167 information that the application client can use to locate the 168 source and join the stream. 170 It should be noted that the second administrative domain - domain 2 171 - may be an independent network domain (e.g., Tier 1 network 172 operator domain) or it could also be an Enterprise network operated 173 by a single customer. The peering point architecture and 174 requirements may have some unique aspects associated with the 175 Enterprise case. 177 IETF I-D Multicasting Applications Across Peering Points February 2014 179 The Use Cases describing various architectural configurations for 180 the multicast distribution along with associated requirements is 181 described in section 3. Unique aspects related to the Enterprise 182 network possibility will be described in this section. A 183 comprehensive list of pertinent information that needs to be 184 exchanged between the two domains to support various functions 185 enabling the application transport is provided in section 4. 187 3. Inter-domain Peering Point Requirements for Multicast 189 The transport of applications using multicast requires that the 190 inter-domain peering point is enabled to support such a process. 191 There are three possible Use Cases for consideration. 193 3.1. Native Multicast 195 This Use Case involves end-to-end Native Multicast between the two 196 administrative domains and the peering point is also native 197 multicast enabled - Figure 1. 199 ------------------- ------------------- 200 / AD-1 \ / AD-2 \ 201 / (Multicast Enabled) \ / (Multicast Enabled) \ 202 / \ / \ 203 | +----+ | | | 204 | | | +------+ | | +------+ | +----+ 205 | | AS |------>| BR |-|---------|->| BR |-------------|-->| EU | 206 | | | +------+ | I1 | +------+ |I2 +----+ 207 \ +----+ / \ / 208 \ / \ / 209 \ / \ / 210 ------------------- ------------------- 212 AD = Administrative Domain (Independent Autonomous System) 213 AS = Application (e.g., Content) Multicast Source 214 BR = Border Router 215 I1 = AD-1 and AD-2 Multicast Interconnection (MBGP or BGMP) 216 I2 = AD-2 and EU Multicast Connection 218 Figure 1 - Content Distribution via End to End Native Multicast 220 Advantages of this configuration are: 222 IETF I-D Multicasting Applications Across Peering Points February 2014 224 o Most efficient use of bandwidth in both domains 226 o Fewer devices in the path traversed by the multicast stream 227 when compared to unicast transmissions. 229 From the perspective of AD-1, the one disadvantage associated with 230 native multicast into AD-2 instead of individual unicast to every EU 231 in AD-2 is that it does not have the ability to count the number of 232 End Users as well as the transmitted bytes delivered to them. This 233 information is relevant from the perspective of customer billing and 234 operational logs. It is assumed that such data will be collected by 235 the application layer. The application layer mechanisms for 236 generating this information need to be robust enough such that all 237 pertinent requirements for the source provider and the AD operator 238 are satisfactorily met. The specifics of these methods are beyond 239 the scope of this document. 241 Architectural guidelines for this configuration are as follows: 243 o Dual homing for peering points between domains is recommended 244 as a way to ensure reliability with full BGP table visibility. 246 o If the peering point between AD-1 and AD-2 is a controlled 247 network environment, then bandwidth can be allocated 248 accordingly by the two domains to permit the transit of non- 249 rate adaptive multicast traffic. If this is not the case, then 250 it is recommended that the multicast traffic should support 251 rate-adaption. 253 o The sending and receiving of multicast traffic between two 254 domains is typically determined by local policies associated 255 with each domain. For example, if AD-1 is a service provider 256 and AD-2 is an enterprise, then AD-1 may support local policies 257 for traffic delivery to, but not traffic reception from AD-2. 259 o Relevant information on multicast streams delivered to End 260 Users in AD-2 is assumed to be collected by available 261 capabilities in the application layer. The precise nature and 262 formats of the collected information will be determined by 263 directives from the source owner and the domain operators. 265 IETF I-D Multicasting Applications Across Peering Points February 2014 267 3.2. Peering Point Enabled with GRE Tunnel 269 The peering point is not native multicast enabled in this Use Case. 270 There is a Generic Routing Encapsulation Tunnel provisioned over the 271 peering point. In this case, the interconnection I1 between AD-1 and 272 AD-2 in Figure 1 is multicast enabled via a Generic Routing 273 Encapsulation Tunnel (GRE) [RFC2784] and encapsulating the multicast 274 protocols across the interface. The routing configuration is 275 basically unchanged: Instead of BGP (SAFI2) across the native IP 276 multicast link between AD-1 and AD-2, BGP (SAFI2) is now run across 277 the GRE tunnel. 279 Advantages of this configuration: 281 o Highly efficient use of bandwidth in both domains although not 282 as efficient as the fully native multicast Use Case. 284 o Fewer devices in the path traversed by the multicast stream 285 when compared to unicast transmissions. 287 o Ability to support only partial IP multicast deployments in AD- 288 1 and/or AD-2. 290 o GRE is an existing technology and is relatively simple to 291 implement. 293 Disadvantages of this configuration: 295 o Per Use Case 3.1, current router technology cannot count the 296 number of end users or the number bytes transmitted. 298 o GRE tunnel requires manual configuration. 300 o GRE must be in place prior to stream starting. 302 o GRE is often left pinned up 304 Architectural guidelines for this configuration include the 305 following: 307 Guidelines (a) through (d) are the same as those described in Use 308 Case 3.1. 310 o GRE tunnels are typically configured manually between peering 311 points to support multicast delivery between domains. 313 IETF I-D Multicasting Applications Across Peering Points February 2014 315 o It is recommended that the GRE tunnel (tunnel server) 316 configuration in the source network is such that it only 317 advertises the routes to the application sources and not to the 318 entire network. This practice will prevent unauthorized 319 delivery of applications through the tunnel (e.g., if 320 application - e.g., content - is not part of an agreed inter- 321 domain partnership). 323 3.3. Peering Point Enabled with an AMT - Both Domains Multicast 324 Enabled 326 Both administrative domains in this Use Case are assumed to be 327 native multicast enabled here; however the peering point is not. The 328 peering point is enabled with an Automatic Multicast Tunnel. The 329 basic configuration is depicted in Figure 2. 331 ------------------- ------------------- 332 / AD-1 \ / AD-2 \ 333 / (Multicast Enabled) \ / (Multicast Enabled) \ 334 / \ / \ 335 | +----+ | | | 336 | | | +------+ | | +------+ | +----+ 337 | | AS |------>| AR |-|---------|->| AG |-------------|-->| EU | 338 | | | +------+ | I1 | +------+ |I2 +----+ 339 \ +----+ / \ / 340 \ / \ / 341 \ / \ / 342 ------------------- ------------------- 344 AR = AMT Relay 345 AG = AMT Gateway 346 I1 = AMT Interconnection between AD-1 and AD-2 347 I2 = AD-2 and EU Multicast Connection 349 Figure 2 - AMT Interconnection between AD-1 and AD-2 351 Advantages of this configuration: 353 o Highly efficient use of bandwidth in AD-1. 355 IETF I-D Multicasting Applications Across Peering Points February 2014 357 o AMT is an existing technology and is relatively simple to 358 implement. Attractive properties of AMT include the following: 360 o Dynamic interconnection between Gateway-Relay pair across 361 the peering point. 363 o Ability to serve clients and servers with differing 364 policies. 366 Disadvantages of this configuration: 368 o Per Use Case 3.1 (AD-2 is native multicast), current router 369 technology cannot count the number of end users or the number 370 bytes transmitted. 372 o Additional devices (AMT Gateway and Relay pairs) may be 373 introduced into the path if these services are not incorporated 374 in the existing routing nodes. 376 o Currently undefined mechanisms to select the AR from the AG 377 automatically. 379 Architectural guidelines for this configuration are as follows: 381 Guidelines (a) through (d) are the same as those described in Use 382 Case 3.1. 384 e. It is recommended that AMT Relay and Gateway pairs be 385 configured at the peering points to support multicast delivery 386 between domains. AMT tunnels will then configure dynamically 387 across the peering points once the Gateway in AD-2 receives the 388 (S, G) information from the EU. 390 3.4. Peering Point Enabled with an AMT - AD-2 Not Multicast Enabled 392 In this AMT Use Case, the second administrative domain AD-2 is not 393 multicast enabled. This implies that the interconnection between AD- 394 2 and the End User is also not multicast enabled as depicted in 395 Figure 3. 397 IETF I-D Multicasting Applications Across Peering Points February 2014 399 ------------------- ------------------- 400 / AD-1 \ / AD-2 \ 401 / (Multicast Enabled) \ / (Non-Multicast \ 402 / \ / Enabled) \ 403 | +----+ | | | 404 | | | +------+ | | | +----+ 405 | | AS |------>| AR |-|---------|-----------------------|-->|EU/G| 406 | | | +------+ | | |I2 +----+ 407 \ +----+ / \ / 408 \ / \ / 409 \ / \ / 410 ------------------- ------------------- 412 AS = Application Multicast Source 413 AR = AMT Relay 414 EU/G = Gateway client embedded in EU device 415 I2 = AMT Tunnel Connecting EU/G to AR in AD-1 through Non-Multicast 416 Enabled AD-2. 418 Figure 3 - AMT Tunnel Connecting AD-1 AMT Relay and EU Gateway 420 This Use Case is equivalent to having unicast distribution of the 421 application through AD-2. The total number of AMT tunnels would be 422 equal to the total number of End Users requesting the application. 423 The peering point thus needs to accommodate the total number of AMT 424 tunnels between the two domains. Each AMT tunnel can provide the 425 data usage associated with each End User. 427 Advantages of this configuration: 429 o Highly efficient use of bandwidth in AD-1. 431 o AMT is an existing technology and is relatively simple to 432 implement. Attractive properties of AMT include the following: 434 o Dynamic interconnection between Gateway-Relay pair across 435 the peering point. 437 o Ability to serve clients and servers with differing 438 policies. 440 o Each AMT tunnel serves as a count for each End User and is also 441 able to track data usage (bytes) delivered to the EU. 443 IETF I-D Multicasting Applications Across Peering Points February 2014 445 Disadvantages of this configuration: 447 o Additional devices (AMT Gateway and Relay pairs) are introduced 448 into the transport path. 450 o Assuming multiple peering points between the domains, the EU 451 Gateway needs to be able to find the "correct" AMT Relay in AD- 452 1. 454 Architectural guidelines for this configuration are as follows: 456 Guidelines (a) through (c) are the same as those described in Use 457 Case 3.1. 459 d. It is recommended that proper procedures are implemented such 460 that the AMT Gateway at the End User device is able to find the 461 correct AMT Relay in AD-1 across the peering points. The 462 application client in the EU device is expected to supply the (S, 463 G) information to the Gateway for this purpose. 465 e. The AMT tunnel capabilities are expected to be sufficient for 466 the purpose of collecting relevant information on the multicast 467 streams delivered to End Users in AD-2. 469 3.5. AD-2 Not Multicast Enabled - Multiple AMT Tunnels Through AD-2 471 This is a variation of Use Case 3.4 as follows: 473 IETF I-D Multicasting Applications Across Peering Points February 2014 475 ------------------- ------------------- 476 / AD-1 \ / AD-2 \ 477 / (Multicast Enabled) \ / (Non-Multicast \ 478 / \ / Enabled) \ 479 | +----+ | |+--+ +--+ | 480 | | | +------+ | ||AG| |AG| | +----+ 481 | | AS |------>| AR |-|-------->||AR|------------->|AR|-|-->|EU/G| 482 | | | +------+ | I1 ||1 | I2 |2 | |I3 +----+ 483 \ +----+ / \+--+ +--+ / 484 \ / \ / 485 \ / \ / 486 ------------------- ------------------- 488 (Note: Diff-marks for the figure have been removed to improve 489 viewing) 491 AS = Application Source 492 AR = AMT Relay in AD-1 493 AGAR1 = AMT Gateway/Relay node in AD-2 across Peering Point 494 I1 = AMT Tunnel Connecting AR in AD-1 to GW in AGAR1 in AD-2 495 AGAR2 = AMT Gateway/Relay node at AD-2 Network Edge 496 I2 = AMT Tunnel Connecting Relay in AGAR1 to GW in AGAR2 497 EU/G = Gateway client embedded in EU device 498 I3 = AMT Tunnel Connecting EU/G to AR in AGAR2 500 Figure 4 - AMT Tunnel Connecting AD-1 AMT Relay and EU Gateway 502 Use Case 3.4 results in several long AMT tunnels crossing the entire 503 network of AD-2 linking the EU device and the AMT Relay in AD-1 504 through the peering point. Depending on the number of End Users, 505 there is a likelihood of an unacceptably large number of AMT tunnels 506 - and unicast streams - through the peering point. This situation 507 can be alleviated as follows: 509 o Provisioning of strategically located AMT nodes at the edges of 510 AD-2. An AMT node comprises co-location of an AMT Gateway and 511 an AMT Relay. One such node is at the AD-2 side of the peering 512 point (node AGAR1 in Figure 4). 514 o Single AMT tunnel established across peering point linking AMT 515 Relay in AD-1 to the AMT Gateway in the AMT node AGAR1 in AD-2. 517 o AMT tunnels linking AMT node AGAR1 at peering point in AD-2 to 518 other AMT nodes located at the edges of AD-2: e.g., AMT tunnel 520 IETF I-D Multicasting Applications Across Peering Points February 2014 522 I2 linking AMT Relay in AGAR1 to AMT Gateway in AMT node AGAR2 523 in Figure 4. 525 o AMT tunnels linking EU device (via Gateway client embedded in 526 device) and AMT Relay in appropriate AMT node at edge of AD-2: 527 e.g., I3 linking EU Gateway in device to AMT Relay in AMT node 528 AGAR2. 530 The advantage for such a chained set of AMT tunnels is that the 531 total number of unicast streams across AD-2 is significantly reduced 532 thus freeing up bandwidth. Additionally, there will be a single 533 unicast stream across the peering point instead of possibly, an 534 unacceptably large number of such streams per Use Case 3.4. However, 535 this implies that several AMT tunnels will need to be dynamically 536 configured by the various AMT Gateways based solely on the (S,G) 537 information received from the application client at the EU device. A 538 suitable mechanism for such dynamic configurations is therefore 539 critical. 541 Architectural guidelines for this configuration are as follows: 543 Guidelines (a) through (c) are the same as those described in Use 544 Case 3.1. 546 d. It is recommended that proper procedures are implemented such 547 that the various AMT Gateways (at the End User devices and the AMT 548 nodes in AD-2) are able to find the correct AMT Relay in other AMT 549 nodes as appropriate. The application client in the EU device is 550 expected to supply the (S, G) information to the Gateway for this 551 purpose. 553 e. The AMT tunnel capabilities are expected to be sufficient for 554 the purpose of collecting relevant information on the multicast 555 streams delivered to End Users in AD-2. 557 4. Supporting Functionality 559 Supporting functions and related interfaces over the peering point 560 that enable the multicast transport of the application are listed in 561 this section. Critical information parameters that need to be 562 exchanged in support of these functions are enumerated along with 563 guidelines as appropriate. Specific interface functions for 564 consideration are as follows. 566 IETF I-D Multicasting Applications Across Peering Points February 2014 568 4.1. Network Interconnection Transport and Security Guidelines 570 The term "Network Interconnection Transport" refers to the 571 interconnection points between the two Administrative Domains. The 572 following is a representative set of attributes that will need to be 573 agreed to between the two administrative domains to support 574 multicast delivery. 576 o Number of Peering Points 578 o Peering Point Addresses and Locations 580 o Connection Type - Dedicated for Multicast delivery or shared 581 with other services 583 o Connection Mode - Direct connectivity between the two AD's or 584 via another ISP 586 o Peering Point Protocol Support - Multicast protocols that will 587 be used for multicast delivery will need to be supported at 588 these points. Examples of protocols include eBGP, BGMP, and 589 MBGP. 591 o Bandwidth Allocation - If shared with other services, then 592 there needs to be a determination of the share of bandwidth 593 reserved for multicast delivery. 595 o QoS Requirements - Delay/latency specifications that need to be 596 specified in an SLA. 598 o AD Roles and Responsibilities - the role played by each AD for 599 provisioning and maintaining the set of peering points to 600 support multicast delivery. 602 From a security perspective, it is expected that normal/typical 603 security procedures will be followed by each AD to facilitate 604 multicast delivery to registered and authenticated end users. Some 605 security aspects for consideration are: 607 o Encryption - Peering point links may be encrypted per agreement 608 if dedicated for multicast delivery. 610 o Security Breach Mitigation Plan - In the event of a security 611 breach, the two AD's are expected to have a mitigation plan for 612 shutting down the peering point and directing multicast traffic 614 IETF I-D Multicasting Applications Across Peering Points February 2014 616 over alternated peering points. It is also expected that 617 appropriate information will be shared for the purpose of 618 securing the identified breach. 620 4.2. Routing Aspects and Related Guidelines 622 The main objective for multicast delivery routing is to ensure that 623 the End User receives the multicast stream from the "most optimal" 624 source [INF_ATIS_10] which typically: 626 o Maximizes the multicast portion of the transport and minimizes 627 any unicast portion of the delivery, and 629 o Minimizes the overall combined network(s) route distance. 631 This routing objective applies to both Native and AMT; the actual 632 methodology of the solution will be different for each. Regardless, 633 the routing solution is expected to be: 635 o Scalable 637 o Avoid/minimize new protocol development or modifications, and 639 o Be robust enough to achieve high reliability and automatically 640 adjust to changes/problems in the multicast infrastructure. 642 For both Native and AMT environments, having a source as close as 643 possible to the EU network is most desirable; therefore, in some 644 cases, an AD may prefer to have multiple sources near different 645 peering points, but that is entirely an implementation issue. 647 4.2.1 Native Multicast Routing Aspects 649 Native multicast simply requires that the Administrative Domains 650 coordinate and advertise the correct source address(es) at their 651 network interconnection peering points(i.e., border routers). An 652 example of multicast delivery via a Native Multicast process across 653 two administrative Domains is as follows assuming that the 654 interconnecting peering points are also multicast enabled: 656 o Appropriate information is obtained by the EU client who is a 657 subscriber to AD-2 (see Use Case 3.1). This is usually done via 658 an appropriate file transfer - this file is typically known as 659 the manifest file. It contains instructions directing the EU 661 IETF I-D Multicasting Applications Across Peering Points February 2014 663 client to launch an appropriate application if necessary, and 664 also additional information for the application about the source 665 location and the group (or stream) id in the form of the "S,G" 666 data. The "S" portion provides the name or IP address of the 667 source of the multicast stream. The file may also contain 668 alternate delivery information such as specifying the unicast 669 address of the stream. 671 o The client uses the join message with S,G to join the multicast 672 stream [RFC2236]. 674 To facilitate this process, the two AD's need to do the following: 676 o Advertise the source id(s) over the Peering Points 678 o Exchange relevant Peering Point information such as Capacity 679 and Utilization (Other??) 681 4.2.2 GRE Tunnel over Interconnecting Peering Point 683 If the interconnecting peering point is not multicast enabled and 684 both ADs are multicast enabled, then a simple solution is to 685 provision a GRE tunnel between the two ADs - see Use Case 3.2.2. 686 The termination points of the tunnel will usually be a network 687 engineering decision, but generally will be between the border 688 routers or even between the AD 2 border router and the AD 1 source 689 (or source access router). The GRE tunnel would allow end-to-end 690 native multicast or AMT multicast to traverse the interface. 691 Coordination and advertisement of the source IP is still required. 693 The two AD's need to follow the same process as described in 4.2.1 694 to facilitate multicast delivery across the Peering Points. 696 4.2.3 Routing Aspects with AMT Tunnels 698 Unlike Native (with or without GRE), an AMT Multicast environment is 699 more complex. It presents a dual layered problem because there are 700 two criteria that should be simultaneously meet: 702 o Find the closest AMT relay to the end-user that also has 703 multicast connectivity to the content source and 705 o Minimize the AMT unicast tunnel distance. 707 There are essentially two components to the AMT specification: 709 IETF I-D Multicasting Applications Across Peering Points February 2014 711 o AMT Relays: These serve the purpose of tunneling UDP multicast 712 traffic to the receivers (i.e., End Points). The AMT Relay will 713 receive the traffic natively from the multicast media source and 714 will replicate the stream on behalf of the downstream AMT 715 Gateways, encapsulating the multicast packets into unicast 716 packets and sending them over the tunnel toward the AMT Gateway. 717 In addition, the AMT Relay may perform various usage and 718 activity statistics collection. This results in moving the 719 replication point closer to the end user, and cuts down on 720 traffic across the network. Thus, the linear costs of adding 721 unicast subscribers can be avoided. However, unicast replication 722 is still required for each requesting endpoint within the 723 unicast-only network. 725 o AMT Gateway (GW): The Gateway will reside on an on End-Point - 726 this may be a Personal Computer (PC) or a Set Top Box (STB). The 727 AMT Gateway receives join and leave requests from the 728 Application via an Application Programming Interface (API). In 729 this manner, the Gateway allows the endpoint to conduct itself 730 as a true Multicast End-Point. The AMT Gateway will encapsulate 731 AMT messages into UDP packets and send them through a tunnel 732 (across the unicast-only infrastructure) to the AMT Relay. 734 The simplest AMT Use Case (section 3.3) involves peering points that 735 are not multicast enabled between two multicast enabled ADs. An AMT 736 tunnel is deployed between an AMT Relay on the AD 1 side of the 737 peering point and an AMT Gateway on the AD 2 side of the peering 738 point. One advantage to this arrangement is that the tunnel is 739 established on an as needed basis and need not be a provisioned 740 element. The two ADs can coordinate and advertise special AMT Relay 741 Anycast addresses with each other - though they may alternately 742 decide to simply provision Relay addresses, though this would not be 743 a optimal solution in terms of scalability. 745 Use Cases 3.4 and 3.5 describe more complicated AMT situations as 746 AD-2 is not multicast enabled. For these cases, the End User device 747 needs to be able to setup an AMT tunnel in the most optimal manner. 748 Using an Anycast IP address for AMT Relays allows for all AMT 749 Gateways to find the "closest" AMT Relay - the nearest edge of the 750 multicast topology of the source. An example of a basic delivery 751 via an AMT Multicast process for these two Use Cases is as follows: 753 o The manifest file is obtained by the EU client application. This 754 file contains instructions directing the EU client to an ordered 755 list of particular destinations to seek the requested stream and, 756 for multicast, specifies the source location and the group (or 757 stream) ID in the form of the "S,G" data. The "S" portion provides 759 IETF I-D Multicasting Applications Across Peering Points February 2014 761 the URI (name or IP address) of the source of the multicast stream 762 and the "G" identifies the particular stream originated by that 763 source. The manifest file may also contain alternate delivery 764 information such as the address of the unicast form of the content 765 to be used, for example, if the multicast stream becomes 766 unavailable. 768 o Using the information in the manifest file, and possibly 769 information provisioned directly in the EU client, a DNS query is 770 initiated in order to connect the EU client/AMT Gateway to an AMT 771 Relay. 773 o Query results are obtained, and may return an Anycast address or a 774 specific unicast address of a relay. Multiple relays will 775 typically exist. The Anycast address is a routable "pseudo- 776 address" shared among the relays that can gain multicast access to 777 the source. 779 o If a specific IP address unique to a relay was not obtained, the 780 AMT Gateway then sends a message (e.g., the discovery message) to 781 the Anycast address such that the network is making the routing 782 choice of particular relay - e.g., closest relay to the EU. (Note 783 that in IPv6 there is a specific Anycast format and Anycast is 784 inherent in IPv6 routing, whereas in IPv4 Anycast is handled via 785 provisioning in the network. Details are out of scope for this 786 document.) 788 o The contacted AMT Relay then returns its specific unicast IP 789 address (after which the Anycast address is no longer required). 790 Variations may exist as well. 792 o The AMT Gateway uses that unicast IP address to initiate a three- 793 way handshake with the AMT Relay. 795 o AMT Gateway provides "S,G" to the AMT Relay (embedded in AMT 796 protocol messages). 798 o AMT Relay receives the "S,G" information and uses the S,G to join 799 the appropriate multicast stream, if it has not already subscribed 800 to that stream. 802 o AMT Relay encapsulates the multicast stream into the tunnel 803 between the Relay and the Gateway, providing the requested content 804 to the EU. 806 IETF I-D Multicasting Applications Across Peering Points February 2014 808 Note: Further routing discussion on optimal method to find "best AMT 809 Relay/GW combination" and information exchange between AD's to be 810 provided. 812 4.3. Back Office Functions - Billing and Logging Guidelines 814 Back Office refers to the following: 816 o Servers and Content Management systems that support the delivery 817 of applications via multicast and interactions between ADs. 818 o Functionality associated with logging, reporting, ordering, 819 provisioning, maintenance, service assurance, settlement, etc. 821 4.3.1 Provisioning Guidelines 823 Resources for basic connectivity between ADs Providers need to be 824 provisioned as follows: 826 o Sufficient capacity must be provisioned to support multicast-based 827 delivery across ADs. 828 o Sufficient capacity must be provisioned for connectivity between 829 all supporting back-offices of the Ads as appropriate. This 830 includes activating proper security treatment for these back- 831 office connections (gateways, firewalls, etc) as appropriate. 832 o Routing protocols as needed, e.g. configuring routers to support 833 these. 835 Provisioning aspects related to Multicast-Based inter-domain 836 delivery are as follows. 838 The ability to receive requested application via multicast is 839 triggered via the manifest file. Hence, this file must be provided 840 to the EU regarding multicast URL - and unicast fallback if 841 applicable. AD-2 must build manifest and provision capability to 842 provide the file to the EU. 844 Native multicast functionality is assumed to be available in across 845 many ISP backbones, peering and access networks. If however, native 846 multicast is not an option (Use Cases 3.4 and 3.5), then: 848 o EU must have multicast client to use AMT multicast obtained either 849 from Application Source (per agreement with AD-1) or from AD-1 or 850 AD-2 (if delegated by the Application Source). 852 IETF I-D Multicasting Applications Across Peering Points February 2014 854 o If provided by AD-1/AD-2, then the EU could be redirected to a 855 client download site (note: this could be an Application Source 856 site). If provided by the Application Source, then this Source 857 would have to coordinate with AD-1 to ensure the proper client is 858 provided (assuming multiple possible clients). 859 o Where AMT Gateways support different application sets, all AD-2 860 AMT Relays need to be provisioned with all source & group 861 addresses for streams it is allowed to join. 862 o DNS across each AD, must be provisioned to enable a client GW to 863 locate the optimal AMT Relay (i.e. longest multicast path and 864 shortest unicast tunnel) with connectivity to the content's 865 multicast source. 867 Provisioning Aspects Related to Operations and Customer Care are 868 stated as follows. 870 Each AD provider is assumed to provision operations and customer 871 care access to their own systems. 873 AD-1's operations and customer care functions must have visibility 874 to what is happening in AD-2's network or to the service provided by 875 AD-2, sufficient to verify their mutual goals and operations, e.g. 876 to know how the EU's are being served. This can be done in two ways: 878 o Automated interfaces are built between AD-1 and AD-2 such that 879 operations and customer care continue using their own systems. 880 This requires coordination between the two AD's with appropriate 881 provisioning of necessary resources. 882 o AD-1's operations and customer care personnel are provided access 883 directly to AD-2's system. In this scenario, additional 884 provisioning in these systems will be needed to provide necessary 885 access. Additional provisioning must be agreed to by the two AD-2s 886 to support this option. 888 4.3.2 Application Accounting Billing Guidelines 890 All interactions between pairs of Ads can be discovered and/or be 891 associated with the account(s) utilized for delivered applications. 892 Supporting guidelines are as follows: 894 o A unique identifier is recommended to designate each master 895 account. 896 o AD-2 is expected to set up "accounts" (logical facility generally 897 protected by login/password/credentials) for use by AD-1. Multiple 899 IETF I-D Multicasting Applications Across Peering Points February 2014 901 accounts and multiple types/partitions of accounts can apply, e.g. 902 customer accounts, security accounts, etc. 904 4.3.3 Log Management Guidelines 906 Successful delivery of applications via multicast between pairs of 907 interconnecting ADs requires that appropriate logs will be exchanged 908 between them in support. Associated guidelines are as follows. 910 AD-2 needs to supply logs to AD-1 per existing contract(s). Examples 911 of log types include the following: 913 o Usage information logs at aggregate level. 914 o Usage failure instances at an aggregate level. 915 o Grouped or sequenced application access 916 performance/behavior/failure at an aggregate level to support 917 potential Application Provider-driven strategies. Examples of 918 aggregate levels include grouped video clips, web pages, and sets 919 of software download. 920 o Security logs, aggregated or summarized according to agreement 921 (with additional detail potentially provided during security 922 events, by agreement). 923 o Access logs (EU), when needed for troubleshooting. 924 o Application logs (what is the application doing), when needed for 925 shared troubleshooting. 926 o Syslogs (network management), when needed for shared 927 troubleshooting. 929 The two ADs may supply additional security logs to each other as 930 agreed to by contract(s). Examples include the following: 932 o Information related to general security-relevant activity which 933 may be of use from a protective or response perspective, such as 934 types and counts of attacks detected, related source information, 935 related target information, etc. 936 o Aggregated or summarized logs according to agreement (with 937 additional detail potentially provided during security events, by 938 agreement) 940 4.3.4 Settlement Guidelines 942 Settlements between the ADs relate to (1) billing and reimbursement 943 aspects for delivery of applications, and (2) aggregation, 944 transport, and collection of data in preparation for the billing and 946 IETF I-D Multicasting Applications Across Peering Points February 2014 948 reimbursement aspects for delivery of applications for the 949 Application Provider. At a high level: 951 o AD-2 collects "usage" data for AD-1 related to application 952 delivery to End Users, and submits invoices to AD-1 based on this 953 usage data. The data may include information related to the type 954 of content delivered, total bandwidth utilized, storage utilized, 955 features supported, etc. 956 o AD-1 collects all available data from partner AD-2 and creates 957 aggregate reports pertaining to responsible Application Providers, 958 and submits subsequent reports to these Providers for 959 reimbursements. 960 o AD-1 may convey charging values or charging rules to the AD-2, 961 proactively or in response to a query, especially in cases where 962 these may change. 963 o AD-2 may convey prices/rates to AD-1, proactively or in response 964 to a query, especially in cases where these may change. 965 o Usage data may be collected per end user or on an aggregated 966 basis; the method of collection will depend on the application 967 delivered and/or the agreements with the source provider. In all 968 cases, usage volume is expected to be in terms of delivered packet 969 bits or bytes. 971 4.4. Operations - Service Performance and Monitoring Guidelines 973 4.5. Reliability Models/Service Assurance Guidelines 975 4.6. Provisioning Guidelines 977 In order to find right relay there is a need for a small/light 978 implementation of an AMT DNS in source network. 980 IETF I-D Multicasting Applications Across Peering Points February 2014 982 4.7. Client Models 984 4.8. Addressing Guidelines 986 5. Security Considerations 988 (Include discussion on DRM, AAA, Network Security) 990 6. IANA Considerations 992 7. Conclusions 994 8. References 996 8.1. Normative References 998 [RFC2784] D. Farinacci, T. Li, S. Hanks, D. Meyer, P. Traina, 999 "Generic Routing Encapsulation (GRE)", RFC 2784, March 2000 1001 [IETF-ID-AMT] G. Bumgardner, "Automatic Multicast Tunneling", draft- 1002 ietf-mboned-auto-multicast-13, April 2012, Work in progress 1004 [RFC4604] H. Holbrook, et al, "Using Internet Group Management 1005 Protocol Version 3 (IGMPv3) and Multicast Listener Discovery 1006 Protocol Version 2 (MLDv2) for Source Specific Multicast", RFC 4604, 1007 August 2006 1009 IETF I-D Multicasting Applications Across Peering Points February 2014 1011 [RFC4607] H. Holbrook, et al, "Source Specific Multicast", RFC 4607, 1012 August 2006 1014 8.2. Informative References 1016 [INF_ATIS_10] "CDN Interconnection Use Cases and Requirements in a 1017 Multi-Party Federation Environment", ATIS Standard A-0200010, 1018 December 2012 1020 9. Acknowledgments 1022 IETF I-D Multicasting Applications Across Peering Points February 2014 1024 Authors' Addresses 1026 Percy S. Tarapore 1027 AT&T 1028 Phone: 1-732-420-4172 1029 Email: tarapore@att.com 1031 Robert Sayko 1032 AT&T 1033 Phone: 1-732-420-3292 1034 Email: rs1983@att.com 1036 Greg Shepherd 1037 Cisco 1038 Phone: 1039 Email: shep@cisco.com 1041 Toerless Eckert 1042 Cisco 1043 Phone: 1044 Email: eckert@cisco.com 1046 Ram Krishnan 1047 Brocade 1048 Phone: 1049 Email: ramk@brocade.com