MBONED Working Group Percy S. Tarapore Internet Draft Robert Sayko Intended status: BCP AT&T Expires: April 21, 2014 Greg Shepherd Toerless Eckert Cisco Ram Krishnan Brocade October 21, 2013 Multicasting Applications Across Inter-Domain Peering Points draft-tarapore-mboned-multicast-cdni-04.txt Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on April 21, 2014. Copyright Notice Copyright (c) 2013 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Tarapore, et al Expires April 21, 2014 [Page 1] IETF I-D Multicasting Applications Across Peering Points October 2013 This document may contain material from IETF Documents or IETF Contributions published or made publicly available before November 10, 2008. The person(s) controlling the copyright in some of this material may not have granted the IETF Trust the right to allow modifications of such material outside the IETF Standards Process. Without obtaining an adequate license from the person(s) controlling the copyright in such materials, this document may not be modified outside the IETF Standards Process, and derivative works of it may not be created outside the IETF Standards Process, except to format it for publication as an RFC or to translate it into languages other than English. Abstract This document examines the process of transporting applications via multicast across inter-domain peering points. The objective is to describe the setup process for multicast-based delivery across administrative domains and document supporting functionality to enable this process. Table of Contents 1. Introduction...................................................3 2. Overview of Inter-domain Multicast Application Transport.......3 3. Inter-domain Peering Point Requirements for Multicast..........5 3.1. Native Multicast..........................................5 3.2. Peering Point Enabled with GRE Tunnel.....................6 3.3. Peering Point Enabled with an AMT - Both Domains Multicast Enabled........................................................8 3.4. Peering Point Enabled with an AMT - AD-2 Not Multicast Enabled........................................................9 3.5. AD-2 Not Multicast Enabled - Multiple AMT Tunnels Through AD-2..........................................................11 4. Supporting Functionality......................................13 4.1. Network Transport and Security Guidelines................14 4.2. Routing Aspects and Related Guidelines...................14 4.3. Back Office Functions - Billing and Logging Guidelines...14 4.4. Operations - Service Performance and Monitoring Guidelines14 4.5. Reliability Models/Service Assurance Guidelines..........14 4.6. Provisioning Guidelines..................................14 4.7. Client Models............................................14 4.8. Addressing Guidelines....................................14 5. Security Considerations.......................................15 6. IANA Considerations...........................................15 7. Conclusions...................................................15 8. References....................................................15 Tarapore, et al Expires April 21, 2014 [Page 2] IETF I-D Multicasting Applications Across Peering Points October 2013 8.1. Normative References.....................................15 8.2. Informative References...................................15 9. Acknowledgments...............................................15 1. Introduction Several types of applications (e.g., live video streaming, software downloads) are well suited for delivery via multicast means. The use of multicast for delivering such applications offers significant savings for utilization of resources in any given administrative domain. End user demand for such applications is growing. Often, this requires transporting such applications across administrative domains via inter-domain peering points. The objective of this Best Current Practices document is twofold: o Describe the process and establish guidelines for setting up multicast-based delivery of applications across inter-domain peering points, and o Catalog all required information exchange between the administrative domains to support multicast-based delivery. While there are several multicast protocols available for use, this BCP will focus the discussion to those that are applicable and recommended for the peering requirements of today's service model, including: o Protocol Independent Multicast - Source Specific Multicast (PIM-SSM) [RFC4607] o Internet Group Management Protocol (IGMP) v3 [RFC4604] o Multicast Listener Discovery (MLD) [RFC4604] This document therefore serves the purpose of a "Gap Analysis" exercise for this process. The rectification of any gaps identified - whether they involve protocol extension development or otherwise - is beyond the scope of this document and is for further study. 2. Overview of Inter-domain Multicast Application Transport A multicast-based application delivery scenario is as follows: o Two independent administrative domains are interconnected via a peering point. Tarapore, et al Expires April 21, 2014 [Page 3] IETF I-D Multicasting Applications Across Peering Points October 2013 o The peering point is either multicast enabled (end-to-end native multicast across the two domains) or it is connected by one of two possible tunnel types: o A Generic Routing Encapsulation (GRE) Tunnel [RFC2784] allowing multicast tunneling across the peering point, or o An Automatic Multicast Tunnel (AMT) [IETF-ID-AMT]. o The application stream originates at a source in Domain 1. o An End User associated with Domain 2 requests the application. It is assumed that the application is suitable for delivery via multicast means (e.g., live steaming of major events, software downloads to large numbers of end user devices, etc.) o The request is communicated to the application source which provides the relevant multicast delivery information to the EU device via a "manifest file". At a minimum, this file contains the {Source, Group} or (S,G) information relevant to the multicast stream. o The application client in the EU device then joins the multicast stream distributed by the application source in domain 1 utilizing the (S,G) information provided in the manifest file. The manifest file may also contain additional information that the application client can use to locate the source and join the stream. It should be noted that the second administrative domain - domain 2 - may be an independent network domain (e.g., Tier 1 network operator domain) or it could also be an Enterprise network operated by a single customer. The peering point architecture and requirements may have some unique aspects associated with the Enterprise case. The Use Cases describing various architectural configurations for the multicast distribution along with associated requirements is described in section 3. Unique aspects related to the Enterprise network possibility will be described in this section. A comprehensive list of pertinent information that needs to be exchanged between the two domains to support various functions enabling the application transport is provided in section 4. Tarapore, et al Expires April 21, 2014 [Page 4] IETF I-D Multicasting Applications Across Peering Points October 2013 3. Inter-domain Peering Point Requirements for Multicast The transport of applications using multicast requires that the inter-domain peering point is enabled to support such a process. There are three possible Use Cases for consideration. 3.1. Native Multicast This Use Case involves end-to-end Native Multicast between the two administrative domains and the peering point is also native multicast enabled - Figure 1. ------------------- ------------------- / AD-1 \ / AD-2 \ / (Multicast Enabled) \ / (Multicast Enabled) \ / \ / \ | +----+ | | | | | | +------+ | | +------+ | +----+ | | CS |------>| BR |-|---------|->| BR |-------------|-->| EU | | | | +------+ | I1 | +------+ |I2 +----+ \ +----+ / \ / \ / \ / \ / \ / ------------------- ------------------- AD = Administrative Domain (Independent Autonomous System) CS = Content Multicast Source BR = Border Router I1 = AD-1 and AD-2 Multicast Interconnection (MBGP or BGMP) I2 = AD-2 and EU Multicast Connection Figure 1 - Content Distribution via End to End Native Multicast Advantages of this configuration are: o Most efficient use of bandwidth in both domains o Fewer devices in the path traversed by the multicast stream when compared to unicast transmissions. From the perspective of AD-1, the one disadvantage associated with native multicast into AD-2 instead of individual unicast to every EU Tarapore, et al Expires April 21, 2014 [Page 5] IETF I-D Multicasting Applications Across Peering Points October 2013 in AD-2 is that it does not have the ability to count the number of End Users as well as the transmitted bytes delivered to them. This information is relevant from the perspective of customer billing and operational logs. It is assumed that such data will be collected by the application layer. The application layer mechanisms for generating this information need to be robust enough such that all pertinent requirements for the source provider and the AD operator are satisfactorily met. The specifics of these methods are beyond the scope of this document. Architectural guidelines for this configuration are as follows: a. Dual homing for peering points between domains is recommended as a way to ensure reliability with full BGP table visibility. b. If the peering point between AD-1 and AD-2 is a controlled network environment, then bandwidth can be allocated accordingly by the two domains to permit the transit of non- rate adaptive multicast traffic. If this is not the case, then it is recommended that the multicast traffic should support rate-adaption. c. The sending and receiving of multicast traffic between two domains is typically determined by local policies associated with each domain. For example, if AD-1 is a service provider and AD-2 is an enterprise, then AD-1 may support local policies for traffic delivery to, but not traffic reception from AD-2. d. Relevant information on multicast streams delivered to End Users in AD-2 is assumed to be collected by available capabilities in the application layer. The precise nature and formats of the collected information will be determined by directives from the source owner and the domain operators. 3.2. Peering Point Enabled with GRE Tunnel The peering point is not native multicast enabled in this Use Case. There is a Generic Routing Encapsulation Tunnel provisioned over the peering point. In this case, the interconnection I1 between AD-1 and AD-2 in Figure 1 is multicast enabled via a Generic Routing Encapsulation Tunnel (GRE) [RFC2784] and encapsulating the multicast protocols across the interface. The routing configuration is basically unchanged: Instead of BGP (SAFI2) across the native IP Tarapore, et al Expires April 21, 2014 [Page 6] IETF I-D Multicasting Applications Across Peering Points October 2013 multicast link between AD-1 and AD-2, BGP (SAFI2) is now run across the GRE tunnel. Advantages of this configuration: o Highly efficient use of bandwidth in both domains although not as efficient as the fully native multicast Use Case. o Fewer devices in the path traversed by the multicast stream when compared to unicast transmissions. o Ability to support only partial IP multicast deployments in AD- 1 and/or AD-2. o GRE is an existing technology and is relatively simple to implement. Disadvantages of this configuration: o Per Use Case 3.1, current router technology cannot count the number of end users or the number bytes transmitted. o GRE tunnel requires manual configuration. o GRE must be in place prior to stream starting. o GRE is often left pinned up Architectural guidelines for this configuration include the following: Guidelines (a) through (d) are the same as those described in Use Case 3.1. e. GRE tunnels are typically configured manually between peering points to support multicast delivery between domains. f. It is recommended that the GRE tunnel (tunnel server) configuration in the source network is such that it only advertises the routes to the content sources and not to the entire network. This practice will prevent unauthorized delivery of content through the tunnel (e.g., if content is not part of an agreed CDN partnership). Tarapore, et al Expires April 21, 2014 [Page 7] IETF I-D Multicasting Applications Across Peering Points October 2013 3.3. Peering Point Enabled with an AMT - Both Domains Multicast Enabled Both administrative domains in this Use Case are assumed to be native multicast enabled here; however the peering point is not. The peering point is enabled with an Automatic Multicast Tunnel. The basic configuration is depicted in Figure 2. ------------------- ------------------- / AD-1 \ / AD-2 \ / (Multicast Enabled) \ / (Multicast Enabled) \ / \ / \ | +----+ | | | | | | +------+ | | +------+ | +----+ | | CS |------>| AR |-|---------|->| AG |-------------|-->| EU | | | | +------+ | I1 | +------+ |I2 +----+ \ +----+ / \ / \ / \ / \ / \ / ------------------- ------------------- AR = AMT Relay AG = AMT Gateway I1 = AMT Interconnection between P-CDN and S-CDN I2 = S-CDN and EU Multicast Connection Figure 2 - AMT Interconnection between AD-1 and AD-2 Advantages of this configuration: o Highly efficient use of bandwidth in AD-1. o AMT is an existing technology and is relatively simple to implement. Attractive properties of AMT include the following: o Dynamic interconnection between Gateway-Relay pair across the peering point. o Ability to serve clients and servers with differing policies. Disadvantages of this configuration: Tarapore, et al Expires April 21, 2014 [Page 8] IETF I-D Multicasting Applications Across Peering Points October 2013 o Per Use Case 3.1 (AD-2 is native multicast), current router technology cannot count the number of end users or the number bytes transmitted. o Additional devices (AMT Gateway and Relay pairs) may be introduced into the path if these services are not incorporated in the existing routing nodes. o Currently undefined mechanisms to select the AR from the AG automatically. Architectural guidelines for this configuration are as follows: Guidelines (a) through (d) are the same as those described in Use Case 3.1. e. It is recommended that AMT Relay and Gateway pairs be configured at the peering points to support multicast delivery between domains. AMT tunnels will then configure dynamically across the peering points once the Gateway in AD-2 receives the (S, G) information from the EU. 3.4. Peering Point Enabled with an AMT - AD-2 Not Multicast Enabled In this AMT Use Case, the second administrative domain AD-2 is not multicast enabled. This implies that the interconnection between AD- 2 and the End User is also not multicast enabled as depicted in Figure 3. Tarapore, et al Expires April 21, 2014 [Page 9] IETF I-D Multicasting Applications Across Peering Points October 2013 ------------------- ------------------- / AD-1 \ / AD-2 \ / (Multicast Enabled) \ / (Non-Multicast \ / \ / Enabled) \ | +----+ | | | | | | +------+ | | | +----+ | | CS |------>| AR |-|---------|-----------------------|-->|EU/G| | | | +------+ | | |I2 +----+ \ +----+ / \ / \ / \ / \ / \ / ------------------- ------------------- CS = Content Source AR = AMT Relay EU/G = Gateway client embedded in EU device I2 = AMT Tunnel Connecting EU/G to AR in AD-1 through Non-Multicast Enabled AD-2. Figure 3 - AMT Tunnel Connecting AD-1 AMT Relay and EU Gateway This Use Case is equivalent to having unicast distribution of the application through AD-2. The total number of AMT tunnels would be equal to the total number of End Users requesting the application. The peering point thus needs to accommodate the total number of AMT tunnels between the two domains. Each AMT tunnel can provide the data usage associated with each End User. Advantages of this configuration: o Highly efficient use of bandwidth in AD-1. o AMT is an existing technology and is relatively simple to implement. Attractive properties of AMT include the following: o Dynamic interconnection between Gateway-Relay pair across the peering point. o Ability to serve clients and servers with differing policies. o Each AMT tunnel serves as a count for each End User and is also able to track data usage (bytes) delivered to the EU. Tarapore, et al Expires April 21, 2014 [Page 10] IETF I-D Multicasting Applications Across Peering Points October 2013 Disadvantages of this configuration: o Additional devices (AMT Gateway and Relay pairs) are introduced into the transport path. o Assuming multiple peering points between the domains, the EU Gateway needs to be able to find the "correct" AMT Relay in AD- 1. Architectural guidelines for this configuration are as follows: Guidelines (a) through (c) are the same as those described in Use Case 3.1. d. It is recommended that proper procedures are implemented such that the AMT Gateway at the End User device is able to find the correct AMT Relay in AD-1 across the peering points. The application client in the EU device is expected to supply the (S, G) information to the Gateway for this purpose. e. The AMT tunnel capabilities are expected to be sufficient for the purpose of collecting relevant information on the multicast streams delivered to End Users in AD-2. 3.5. AD-2 Not Multicast Enabled - Multiple AMT Tunnels Through AD-2 This is a variation of Use Case 3.4 as follows: Tarapore, et al Expires April 21, 2014 [Page 11] IETF I-D Multicasting Applications Across Peering Points October 2013 ------------------- ------------------- / AD-1 \ / AD-2 \ / (Multicast Enabled) \ / (Non-Multicast \ / \ / Enabled) \ | +----+ | |+--+ +--+ | | | | +------+ | ||AG| |AG| | +----+ | | CS |------>| AR |-|-------->||AR|------------->|AR|-|-->|EU/G| | | | +------+ | I1 ||1 | I2 |2 | |I3 +----+ \ +----+ / \+--+ +--+ / \ / \ / \ / \ / ------------------- ------------------- (Note: Diff-marks for the figure have been removed to improve viewing) CS = Content Source AR = AMT Relay in AD-1 AGAR1 = AMT Gateway/Relay node in AD-2 across Peering Point I1 = AMT Tunnel Connecting AR in AD-1 to GW in AGAR1 in AD-2 AGAR2 = AMT Gateway/Relay node at AD-2 Network Edge I2 = AMT Tunnel Connecting Relay in AGAR1 to GW in AGAR2 EU/G = Gateway client embedded in EU device I3 = AMT Tunnel Connecting EU/G to AR in AGAR2 Figure 4 - AMT Tunnel Connecting AD-1 AMT Relay and EU Gateway Use Case 3.4 results in several long AMT tunnels crossing the entire network of AD-2 linking the EU device and the AMT Relay in AD-1 through the peering point. Depending on the number of End Users, there is a likelihood of an unacceptably large number of AMT tunnels - and unicast streams - through the peering point. This situation can be alleviated as follows: o Provisioning of strategically located AMT nodes at the edges of AD-2. An AMT node comprises co-location of an AMT Gateway and an AMT Relay. One such node is at the AD-2 side of the peering point (node AGAR1 in Figure 4). o Single AMT tunnel established across peering point linking AMT Relay in AD-1 to the AMT Gateway in the AMT node AGAR1 in AD-2. o AMT tunnels linking AMT node AGAR1 at peering point in AD-2 to other AMT nodes located at the edges of AD-2: e.g., AMT tunnel Tarapore, et al Expires April 21, 2014 [Page 12] IETF I-D Multicasting Applications Across Peering Points October 2013 I2 linking AMT Relay in AGAR1 to AMT Gateway in AMT node AGAR2 in Figure 4. o AMT tunnels linking EU device (via Gateway client embedded in device) and AMT Relay in appropriate AMT node at edge of AD-2: e.g., I3 linking EU Gateway in device to AMT Relay in AMT node AGAR2. The advantage for such a chained set of AMT tunnels is that the total number of unicast streams across AD-2 is significantly reduced thus freeing up bandwidth. Additionally, there will be a single unicast stream across the peering point instead of possibly, an unacceptably large number of such streams per Use Case 3.4. However, this implies that several AMT tunnels will need to be dynamically configured by the various AMT Gateways based solely on the (S,G) information received from the application client at the EU device. A suitable mechanism for such dynamic configurations is therefore critical. Architectural guidelines for this configuration are as follows: Guidelines (a) through (c) are the same as those described in Use Case 3.1. d. It is recommended that proper procedures are implemented such that the various AMT Gateways (at the End User devices and the AMT nodes in AD-2) are able to find the correct AMT Relay in other AMT nodes as appropriate. The application client in the EU device is expected to supply the (S, G) information to the Gateway for this purpose. e. The AMT tunnel capabilities are expected to be sufficient for the purpose of collecting relevant information on the multicast streams delivered to End Users in AD-2. 4. Supporting Functionality Supporting functions and related interfaces over the peering point that enable the multicast transport of the application are listed in this section. Critical information parameters that need to be exchanged in support of these functions are enumerated along with guidelines as appropriate. Specific interface functions for consideration are as follows. Tarapore, et al Expires April 21, 2014 [Page 13] IETF I-D Multicasting Applications Across Peering Points October 2013 4.1. Network Transport and Security Guidelines 4.2. Routing Aspects and Related Guidelines 4.3. Back Office Functions - Billing and Logging Guidelines 4.4. Operations - Service Performance and Monitoring Guidelines 4.5. Reliability Models/Service Assurance Guidelines 4.6. Provisioning Guidelines In order to find right relay there is a need for a small/light implementation of an AMT DNS in source network. 4.7. Client Models 4.8. Addressing Guidelines Tarapore, et al Expires April 21, 2014 [Page 14] IETF I-D Multicasting Applications Across Peering Points October 2013 5. Security Considerations (Include discussion on DRM, AAA, Network Security) 6. IANA Considerations 7. Conclusions 8. References 8.1. Normative References [RFC2784] D. Farinacci, T. Li, S. Hanks, D. Meyer, P. Traina, "Generic Routing Encapsulation (GRE)", RFC 2784, March 2000 [IETF-ID-AMT] G. Bumgardner, "Automatic Multicast Tunneling", draft- ietf-mboned-auto-multicast-13, April 2012, Work in progress [RFC4604] H. Holbrook, et al, "Using Internet Group Management Protocol Version 3 (IGMPv3) and Multicast Listener Discovery Protocol Version 2 (MLDv2) for Source Specific Multicast", RFC 4604, August 2006 [RFC4607] H. Holbrook, et al, "Source Specific Multicast", RFC 4607, August 2006 8.2. Informative References 9. Acknowledgments Tarapore, et al Expires April 21, 2014 [Page 15] IETF I-D Multicasting Applications Across Peering Points October 2013 Authors' Addresses Percy S. Tarapore AT&T Phone: 1-732-420-4172 Email: tarapore@att.com Robert Sayko AT&T Phone: 1-732-420-3292 Email: rs1983@att.com Greg Shepherd Cisco Phone: Email: shep@cisco.com Toerless Eckert Cisco Phone: Email: eckert@cisco.com Ram Krishnan Brocade Phone: Email: ramk@brocade.com Tarapore, et al Expires April 21, 2014 [Page 16]