idnits 2.17.1 draft-ietf-cdni-request-routing-extensions-08.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (November 20, 2019) is 1619 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Downref: Normative reference to an Informational RFC: RFC 6707 ** Obsolete normative reference: RFC 7231 (Obsoleted by RFC 9110) ** Downref: Normative reference to an Informational RFC: RFC 7336 Summary: 3 errors (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group O. Finkelman 3 Internet-Draft Qwilt 4 Intended status: Standards Track S. Mishra 5 Expires: May 23, 2020 Verizon 6 November 20, 2019 8 CDNI Request Routing Extensions 9 draft-ietf-cdni-request-routing-extensions-08 11 Abstract 13 Open Caching architecture is a use case of Content Delivery Networks 14 Interconnection (CDNI) in which the commercial Content Delivery 15 Network (CDN) is the upstream CDN (uCDN) and the ISP caching layer 16 serves as the downstream CDN (dCDN). The extensions specified in 17 this document to the CDNI Metadata Interface (MI) and the Footprint 18 and Capabilities Interface (FCI) are derived from requirements raised 19 by Open Caching but are also applicable to CDNI use cases in general. 21 Status of This Memo 23 This Internet-Draft is submitted in full conformance with the 24 provisions of BCP 78 and BCP 79. 26 Internet-Drafts are working documents of the Internet Engineering 27 Task Force (IETF). Note that other groups may also distribute 28 working documents as Internet-Drafts. The list of current Internet- 29 Drafts is at https://datatracker.ietf.org/drafts/current/. 31 Internet-Drafts are draft documents valid for a maximum of six months 32 and may be updated, replaced, or obsoleted by other documents at any 33 time. It is inappropriate to use Internet-Drafts as reference 34 material or to cite them other than as "work in progress." 36 This Internet-Draft will expire on May 23, 2020. 38 Copyright Notice 40 Copyright (c) 2019 IETF Trust and the persons identified as the 41 document authors. All rights reserved. 43 This document is subject to BCP 78 and the IETF Trust's Legal 44 Provisions Relating to IETF Documents 45 (https://trustee.ietf.org/license-info) in effect on the date of 46 publication of this document. Please review these documents 47 carefully, as they describe your rights and restrictions with respect 48 to this document. Code Components extracted from this document must 49 include Simplified BSD License text as described in Section 4.e of 50 the Trust Legal Provisions and are provided without warranty as 51 described in the Simplified BSD License. 53 Table of Contents 55 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 56 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 57 1.2. Requirements Language . . . . . . . . . . . . . . . . . . 3 58 2. Redirect Target Capability . . . . . . . . . . . . . . . . . 4 59 2.1. DNS Redirect Target . . . . . . . . . . . . . . . . . . . 5 60 2.2. HTTP Redirect Target . . . . . . . . . . . . . . . . . . 5 61 2.3. Properties of Redirect Target Capability Object . . . . . 5 62 2.4. DnsTarget Object . . . . . . . . . . . . . . . . . . . . 7 63 2.4.1. DNS Target Example . . . . . . . . . . . . . . . . . 7 64 2.5. HttpTarget Object . . . . . . . . . . . . . . . . . . . . 8 65 2.5.1. HTTP Target Example . . . . . . . . . . . . . . . . . 9 66 2.6. Usage Example . . . . . . . . . . . . . . . . . . . . . . 10 67 3. Fallback Target Address Metadata . . . . . . . . . . . . . . 11 68 3.1. Properties of Fallback Target Address Metadata Object . . 12 69 3.2. Usage Example . . . . . . . . . . . . . . . . . . . . . . 13 70 3.3. uCDN addressing considerations . . . . . . . . . . . . . 15 71 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16 72 4.1. CDNI Payload Types . . . . . . . . . . . . . . . . . . . 16 73 4.1.1. CDNI FCI RedirectTarget Payload Type . . . . . . . . 16 74 4.1.2. CDNI MI FallbackTarget Payload Type . . . . . . . . . 16 75 5. Security Considerations . . . . . . . . . . . . . . . . . . . 17 76 5.1. Confidentiality and Privacy . . . . . . . . . . . . . . . 17 77 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 17 78 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 17 79 7.1. Normative References . . . . . . . . . . . . . . . . . . 17 80 7.2. Informative References . . . . . . . . . . . . . . . . . 18 81 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 19 83 1. Introduction 85 The Streaming Video Alliance [SVA] is a global association that works 86 to solve streaming video challenges in an effort to improve end-user 87 experience and adoption. The Open Caching Working Group [OCWG] of 88 the Streaming Video Alliance [SVA] is focused on the delegation of 89 video delivery requests from commercial CDNs to a caching layer at 90 the Internet Service Provider's (ISP) network. Open Caching 91 architecture is a specific use case of CDNI where the commercial CDN 92 is the upstream CDN (uCDN) and the ISP caching layer is the 93 downstream CDN (dCDN). The Open Caching Request Routing 94 Specification [OC-RR] defines the Request Routing process and the 95 interfaces that are required for its provisioning. This document 96 defines and registers CDNI metadata object [RFC8006] and CDNI 97 Footprint and Capabilities object [RFC8008] that are required for 98 Open Caching Request Routing. For consistency with other CDNI 99 documents this document follows the CDNI convention of uCDN (upstream 100 CDN) and dCDN (downstream CDN) to represent the commercial CDN and 101 ISP caching layer respectively. 103 This document also registers CDNI Payload Types [RFC7736] for the 104 defined objects: 106 o Redirect Target Capability (for dCDN advertising redirect target 107 address) 109 o Fallback Target Metadata (for uCDN configuring fallback target 110 address) 112 1.1. Terminology 114 The following terms are used throughout this document: 116 o FQDN - Fully Qualified Domain Name 118 o CDN - Content Delivery Network 120 Additionally, this document reuses the terminology defined in 121 [RFC6707], [RFC7336], [RFC8006], [RFC8007], and [RFC8008]. 122 Specifically, we use the following CDNI acronyms: 124 o FCI - Footprint and Capability Interface (see [RFC8008]) 126 o MI - Metadata Interface (see [RFC8006]) 128 o uCDN, dCDN - Upstream CDN and Downstream CDN respectively (see 129 [RFC7336]) 131 o RT - Redirection Target. Endpoint for redirection from uCDN to 132 dCDN. 134 o RR - Request Router. An element responsible for routing user 135 requests, typically using HTTP redirect or DNS CNAME, depending on 136 the use case. 138 1.2. Requirements Language 140 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 141 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 142 "OPTIONAL" in this document are to be interpreted as described in BCP 143 14 [RFC2119] [RFC8174] when, and only when, they appear in all 144 capitals, as shown here. 146 2. Redirect Target Capability 148 Iterative request redirection is defined in Section 1.1 of [RFC7336] 149 and elaborated by examples in Sections 3.2 and 3.4 of [RFC7336]. A 150 Redirection Target (RT) is defined in Section 2 of [RFC7975] for 151 Recursive Request Redirection as: 153 "The endpoint to which the User Agent is redirected. In CDNI, a 154 RT may point to a number of different components, some examples 155 include a surrogate in the same CDN as the request router, a 156 request router in a dCDN, or a surrogate in a dCDN". 158 In this document we adopt the same definition of the RT for the 159 Iterative Request Redirect use case. This use case requires the 160 provisioning of the RT address to be used by the uCDN in order to 161 redirect to the dCDN. RT addresses can vary between different 162 footprints, for example, between different regions, and they may also 163 change over time, for example as a result of network problems. Given 164 this variable and dynamic nature of the redirect target address, it 165 may not be suitable to advertise it during bootstrap. A more dynamic 166 and footprint oriented interface is required. Section 4.3 of 167 [RFC7336] suggests that it could be one of the roles of the FCI 168 [RFC8008]. Following this suggestion, we have therefore, chosen to 169 use the CDNI Footprint and Capabilities interface for redirect target 170 address advertisement. 172 Use cases 174 o Footprint: The dCDN may want to have a different target per 175 footprint. Note that a dCDN may spread across multiple 176 geographies. This makes it easier to route client requests to a 177 nearby request router. Though this can be achieved using a single 178 canonical name and "Geo DNS", such that in different geographies 179 the same hostname is resolved to different IP address, that 180 approach has limitations; for example a client may be using a 181 third party DNS resolver, making it impossible for the redirector 182 to detect where the client is located, or Geo DNS granularity may 183 be too rough for the requirement of the application. 185 o Scaling: The dCDN may choose to scale its request routing service 186 by deploying more request routers in new locations and advertise 187 them via an updatable interface like the FCI. 189 The Redirect Target capability object is used to indicate the target 190 address the uCDN should use in order to redirect a client to the 191 dCDN. A target may be attached to a specific uCDN host, a list of 192 uCDN hosts, or used globally for all the hosts of the uCDN. 194 When a dCDN is attaching the redirect target to a specific uCDN host 195 or a list of uCDN hosts, the dCDN MUST advertise the hosts within the 196 Redirect Target capability object as "redirecting-hosts". In this 197 case, the uCDN can redirect to that dCDN address, only if the User 198 Agent request was to one of these uCDN hosts. 200 If the redirect target capability object does not contain a target or 201 the target is empty, the uCDN MUST interpret it as "no target 202 available for these uCDN hosts for the specified footprint". In case 203 such a target was already advertised in a previous FCI object, the 204 uCDN MUST interpret it as an update that deletes the previous 205 redirect target. 207 2.1. DNS Redirect Target 209 A redirect target for DNS redirection is a FQDN used as an alias in a 210 CNAME record response (see [RFC1034]) of the uCDN DNS router. Note 211 that DNS routers make routing decisions based on either the DNS 212 resolver's IP address or the client IP subnet when EDNS0 client- 213 subnet (ECS) is used (see [RFC7871]). The dCDN may choose to 214 advertise redirect targets and footprints to cover both cases, such 215 that the uCDN resolution would route the DNS query to a different 216 dCDN CNAMEs according client subnet or dCDN resolver IP address. 217 This method further allows the dCDN DNS to optimize the resolution by 218 localizing the target CNAMEs. A uCDN implementation SHOULD prefer 219 routing based on client IP subnet when ECS option is present. A dCDN 220 implementation using the ECS option MUST be aware of the privacy 221 drawbacks listed in Section 2 of [RFC7871] and SHOULD follow the 222 guidelines provided in Section 11.1 of [RFC7871]. 224 2.2. HTTP Redirect Target 226 A redirect target for HTTP redirection is the URI to be used as the 227 value for the Location header of a HTTP redirect 3xx response, 228 typically a 302 (Found) (see Section 7.1.2 of [RFC7231] and section 229 6.4 of [RFC7231]). 231 2.3. Properties of Redirect Target Capability Object 233 The Redirect Target capability object consists of the following 234 properties: 236 Property: redirecting-hosts 238 Description: One or more uCDN hosts to which this redirect 239 target is attached. A redirecting host SHOULD be a host that 240 was published in a HostMatch object by the uCDN as defined in 241 Section 4.1.2 of [RFC8006]. 243 Type: A list of Endpoint objects (see Section 4.3.3 of 244 [RFC8006]) 246 Mandatory-to-Specify: No. If not present, or empty, the 247 redirect target applies to all hosts of the redirecting uCDN. 249 Property: dns-target 251 Description: Target CNAME record for DNS redirection. 253 Type: DnsTarget object (see Section 2.4) 255 Mandatory-to-Specify: No. If the dns-target is not present or 256 empty the uCDN MUST interpret it as "no dns-target available". 258 Property: http-target 260 Description: Target URI for a HTTP redirect. 262 Type: HttpTarget object (see Section 2.5) 264 Mandatory-to-Specify: No. If the http-target is not present or 265 empty the uCDN MUST interpret it as "no http-target available". 267 The following is an example of a Redirect Target capability object 268 serialization that advertises a dCDN target address that is attached 269 to a specific list of uCDN "redirecting-hosts". A uCDN host that is 270 included in that list can redirect to the advertised dCDN redirect 271 target. The capabilities object is serialized as a JSON object as 272 defined in Section 5.1 of [RFC8008] 273 { 274 "capabilities": [ 275 { 276 "capability-type": "FCI.RedirectTarget", 277 "capability-value": { 278 "redirecting-hosts": [ 279 "a.service123.ucdn.example.com", 280 "b.service123.ucdn.example.com" 281 ], 282 "dns-target": { 283 "host": "service123.ucdn.dcdn.example.com" 284 }, 285 "http-target": { 286 "host": "us-east1.dcdn.example.com", 287 "path-prefix": "/cache/1/", 288 "include-redirecting-host": true 289 } 290 }, 291 "footprints": [ 292 293 ] 294 } 295 ] 296 } 298 2.4. DnsTarget Object 300 The DnsTarget object gives the target address for the DNS response to 301 delegate from the uCDN to the dCDN. 303 Property: host 305 Description: The host property is a hostname or an IP address, 306 without a port number. 308 Type: Endpoint object as defined in Section 4.3.3 of [RFC8006] 309 with the limitation that it SHOULD NOT include a port number 310 and, in case a port number is present, the uCDN MUST ignore it. 312 Mandatory-to-Specify: Yes. 314 2.4.1. DNS Target Example 316 The following is an example of DnsTarget object: 318 { 319 "host": "service123.ucdn.dcdn.example.com" 320 } 322 The following is an example of a DNS query for uCDN address 323 "a.service123.ucdn.example.com" and the corresponding CNAME 324 redirection response: 326 Query: 327 a.service123.ucdn.example.com: 328 type A, class IN 330 Response: 331 NAME: a.service123.ucdn.example.com, TYPE: CNAME, CLASS: IN, 332 TTL: 120, RDATA: service123.ucdn.dcdn.example.com 334 2.5. HttpTarget Object 336 The HttpTarget object gives the necessary information to construct 337 the target Location URI for HTTP redirection. 339 Property: host 341 Description: Hostname or IP address and an optional port, i.e., 342 the host and port of the authority component of the URI as 343 described in Section 3.2 of [RFC3986]. 345 Type: Endpoint object as defined in Section 4.3.3 of [RFC8006]. 347 Mandatory-to-Specify: Yes. 349 Property: scheme 351 Description: A URI scheme to be used in the redirect response 352 location construction. When present, the uCDN MUST use the 353 provided scheme in for HTTP redirection to the dCDN. 355 Type: A URI scheme as defined in Section 3.1 of [RFC3986] 356 represented as a JSON string. The scheme MUST be either "http" 357 or "https". 359 Mandatory-to-Specify: No. If this property is absent or empty 360 the uCDN request router MUST use the same scheme as was used in 361 the original request before redirection. 363 Property: path-prefix 365 Description: A path prefix for the HTTP redirect Location 366 header. The original path is appended after this prefix. 368 Type: A prefix of a path-absolute as defined in Section 3.3 of 369 [RFC3986]. The prefix MUST end with a trailing slash, to 370 indicate the end of the last path segment in the prefix. 372 Mandatory-to-Specify: No. If this property is absent or empty, 373 the uCDN MUST NOT prepend a path prefix to the original content 374 path, i.e., the original path MUST appear in the location URI 375 right after the authority component. 377 Property: include-redirecting-host 379 Description: A flag indicating whether or not to include the 380 redirecting host as the first path segment after the path- 381 prefix. If set to true and a "path-prefix" is used, the uCDN 382 redirecting host MUST be added as a separate path segment after 383 the path-prefix and before the original URL path. If set to 384 true and there is no path-prefix, the uCDN redirecting host 385 MUST be prepended as the first path segment in the redirect 386 URL. 388 Type: Boolean. 390 Mandatory-to-Specify: No. Default value is False. 392 2.5.1. HTTP Target Example 394 Example of HttpTarget object with a "scheme", a "path-prefix", and 395 "include-redirecting-host" properties: 397 { 398 "host": "us-east1.dcdn.example.com", 399 "scheme": "https", 400 "path-prefix": "/cache/1/", 401 "include-redirecting-host": true 402 } 404 Example of a HTTP request for content at uCDN host 405 "a.service123.ucdn.example.com" and the corresponding HTTP response 406 with a Location header, used for redirecting the client to the dCDN, 407 constructed according to the HttpTarget object from the above 408 example: 410 Request: 411 GET /vod/1/movie.mp4 HTTP/1.1 412 Host: a.service123.ucdn.example.com 414 Response: 415 HTTP/1.1 302 Found 416 Location: https://us-east1.dcdn.example.com/cache/1/ 417 a.service123.ucdn.example.com/vod/1/movie.mp4 419 2.6. Usage Example 421 Before requests can be routed from the uCDN to the dCDN the CDNs must 422 exchange service configurations between them. Using the MI, the uCDN 423 advertises out-of-band its hosts to the dCDN, each host is designated 424 by a hostname and has its own specific metadata (see Section 4.1.2 of 425 [RFC8006]. The dCDN, using the FCI, advertises, also out-of-band, 426 the redirect target address object defined in Section 2.3 for the 427 relevant uCDN hosts. The following is a generalized example of the 428 message flow between an upstream CDN and a downstream dCDN. For 429 simplicity, we focus on the sequence of messages between the uCDN and 430 dCDN and not on how they are passed. 432 dCDN uCDN 433 + + 434 | | 435 (1) | MI: host: s123.ucdn.example.com | 436 | host-metadata: < metadata > | 437 <-------------------------------------------------------+ 438 | | 439 (2) | FCI: capability-type: FCI.RedirectTarget | 440 | redirecting-hosts: s123.ucdn.example.com | 441 | target host: us-east1.dcdn.example.com | 442 +-------------------------------------------------------> 443 | | 444 | | 445 + + 447 Figure 1: Redirect target address advertisement 449 1. The uCDN advertises a host (s123.ucdn.example.com) with the host 450 metadata. 452 2. The dCDN advertises its FCI objects to the uCDN including a 453 FCI.RedirectTarget object that contains the redirect target 454 address (us-east1.dcdn.example.com) specified for that uCDN host. 456 Once the redirect target has been set, the uCDN can start redirecting 457 user requests to the dCDN. The following is a generic sequence of 458 redirection using the host and redirect target that were advertised 459 in Figure 1 above. 461 End User dCDN uCDN RR 462 + + + 463 | | | 464 (1) | Request sent s123.ucdn.example.com | 465 +-----------------------+-----------------------> 466 | | | 467 (2) | Redirect to us-east1.dcdn.example.com | 468 <-----------------------+-----------------------+ 469 | | | 470 (3) | Request us-east1.dcdn.example.com | 471 +-----------------------> | 472 | | | 473 (4) | Response | | 474 <-----------------------+ | 475 | | | 476 + + + 478 Figure 2: Generic requests redirection sequence 480 1. The End User sends a request (DNS or HTTP) to the uCDN Request 481 Router (RR). 483 2. Using the previously advertised Redirect Target, the uCDN 484 redirects the request to the dCDN. 486 3. The End User sends a request to the dCDN. 488 4. The dCDN either sends a response or reroutes it, for example, to 489 a dCDN surrogate. 491 3. Fallback Target Address Metadata 493 Open Caching requires that the uCDN provides a fallback target server 494 to the dCDN, to be used in cases where the dCDN cannot properly 495 handle the request. To avoid redirect loops, the fallback target 496 server's address at the uCDN MUST be different from the original uCDN 497 address from which the client was redirected to the dCDN. The uCDN 498 MUST avoid further redirection when receiving the client request at 499 the fallback target. The fallback target is defined as a generic 500 metadata object (see Section 3.2 of [RFC8006]) 502 Use cases 503 o Failover: A dCDN request router receives a request but has no 504 caches to which it can route the request. This can happen in the 505 case of failures or temporary network overload. 507 o No coverage: A dCDN request router receives a request from a 508 client located in an area inside the footprint but not covered by 509 the dCDN caches or outside the dCDN footprint coverage. In such 510 cases, the router may choose to redirect the request back to the 511 uCDN fallback address. 513 o Error: A cache may receive a request that it cannot properly 514 serve, for example, some of the metadata objects for that service 515 were not properly acquired. In this case, the cache's "default 516 action" may be to "redirect back to uCDN". 518 The Fallback target metadata object is used to indicate the target 519 address the dCDN should redirect a client to when falling back to the 520 uCDN. Fallback target address is represented as an endpoint object 521 as defined in Section 4.3.3 of [RFC8006]. 523 In DNS redirection a CNAME record is used as the fallback target 524 address. 526 In HTTP redirection a hostname is used as the fallback target 527 address. 529 When using HTTP redirect to route a client request back to the uCDN, 530 it is the dCDN's responsibility to use the original URL path as the 531 client would have used for the original uCDN request, stripping, if 532 needed, the dCDN path-prefix and/or the uCDN hostname from the 533 redirect URL that may have been used to request the content from the 534 dCDN. 536 3.1. Properties of Fallback Target Address Metadata Object 538 The MI.FallbackTarget Metadata object consists of the following 539 single property: 541 Property: host 543 Description: Target address to which the dCDN can redirect the 544 client. 546 Type: Endpoint object as defined in Section 4.3.3 of [RFC8006] 547 with the limitation that in case of DNS delegation it SHOULD 548 NOT include a port number and, in case a port number is 549 present, the dCDN MUST ignore it. 551 Mandatory-to-Specify: Yes. 553 Property: scheme 555 Description: A URI scheme to be used in the redirect response 556 location construction. When present, the dCDN MUST use this 557 scheme in case of HTTP redirection to the uCDN fallback 558 address. 560 Type: A URI scheme as defined in Section 3.1 of [RFC3986] 561 represented as a JSON string. The scheme MUST be either "http" 562 or "https". 564 Mandatory-to-Specify: No. In case of HTTP redirection to 565 fallback, if this property is absent or empty, the dCDN 566 redirecting entity MUST use the same scheme as in the request 567 received by the dCDN. 569 Example of a MI.FallbackTarget Metadata object that designates the 570 host address the dCDN should use as fallback address to redirect back 571 to the uCDN. 573 { 574 "generic-metadata-type": "MI.FallbackTarget", 575 "generic-metadata-value": 576 { 577 "host": "fallback-a.service123.ucdn.example", 578 "scheme": "https" 579 } 580 } 582 3.2. Usage Example 584 The uCDN advertises out-of-band the fallback target address to the 585 dCDN, so that the dCDN may redirect a request back to the uCDN in 586 case the dCDN cannot serve it. Using the MI the uCDN advertises its 587 hosts to the dCDN, along with their specific host metadata (see 588 Section 4.1.2 of [RFC8006]. The Fallback Target generic metadata 589 object is encapsulated within the "host-metadata" property of each 590 host. The following is an example of a message flow between an 591 upstream CDN and a downstream dCDN. For simplicity, we focus on the 592 sequence of messages between the uCDN and dCDN, not on how they are 593 passed. 595 dCDN uCDN 596 + + 597 | | 598 (1) | MI: host: s123.ucdn.example.com | 599 | host-metadata: | 600 | < metadata objects > | 601 | < MI.FallbackTarget | 602 | host: fallback-a.service123.ucdn.example > | 603 | < metadata objects > | 604 <-------------------------------------------------------+ 605 | | 606 (2) | FCI: capability-type: FCI.RedirectTarget | 607 | redirecting-hosts: s123.ucdn.example.com | 608 | target host: us-east1.dcdn.example.com | 609 +-------------------------------------------------------> 610 | | 611 | | 612 + + 614 Figure 3: Advertisement of host metadata with Fallback Target 616 1. The uCDN advertises a host (s123.ucdn.example.com) with the host 617 metadata. The host-metadata property contains a 618 MI.FallbackTarget object. 620 2. The dCDN advertises its FCI objects to the uCDN including a 621 FCI.RedirectTarget object that contains the redirect target 622 address (us-east1.dcdn.example.com) specified for that uCDN host. 624 The following is a generic sequence of redirection using the 625 configurations that were advertised in Figure 3 above. In this case 626 the dCDN redirects back to the uCDN fallback target address. 628 End User dCDN uCDN fallback uCDN RR 629 + + + + 630 | | | | 631 (1) | Request sent s123.ucdn.example.com | | 632 +-------------------+-------------------+-------------------> 633 | | | | 634 (2) | Redirect to us-east1.dcdn.example.com | | 635 <-------------------+-------------------+-------------------+ 636 | | | | 637 (3) | Request us-east1.dcdn.example.com | | 638 +-------------------> | | 639 | | | | 640 (4) | Redirect back to fallback-a.service123.ucdn.example | 641 <-------------------+ | | 642 | | | | 643 (5) | Request fallback-a.service123.ucdn.example | 644 +---------------------------------------> | 645 | | | | 646 (6) | Response | | | 647 <-------------------+-------------------+ | 648 | | | | 649 + + + + 651 Figure 4: Redirection to Fallback Target 653 1. The End User sends a request (DNS or HTTP) to the uCDN Request 654 Router (RR). 656 2. Using the previously advertised Redirect Target, the uCDN 657 redirects the request to the dCDN. 659 3. The End User sends a request to the dCDN. 661 4. The dCDN cannot handled the request and, therefore, redirects it 662 back to the uCDN fallback target address. 664 5. The End User sends the request to the uCDN fallback target 665 address. 667 6. The uCDN either sends a response or reroutes it, for example, to 668 a uCDN surrogate. 670 3.3. uCDN addressing considerations 672 When advertising fallback addresses to the dCDN the uCDN SHOULD 673 consider the failure use cases that may lead the dCDN to route 674 requests to uCDN fallback. In extreme dCDN network failures or under 675 denial-of-service (DoS) attacks, requests coming from a large segment 676 or multiple segments of the dCDN may be routed back to the uCDN. The 677 uCDN SHOULD therefore design its fallback addressing scheme and its 678 available resources accordingly. A favorable approach would be for 679 the uCDN to use different fallback target address for each uCDN host, 680 enabling it to load balance the requests using the same methods as it 681 would for its original hosts. See Sections 4.1.2 and 4.1.3 of 682 [RFC8006] for a detailed description of how to use GenericMetadata 683 objects within the HostMatch object advertised in the HostIndex of 684 the uCDN. 686 4. IANA Considerations 688 4.1. CDNI Payload Types 690 This document requests the registration of the following CDNI Payload 691 Types under the IANA "CDNI Payload Types" registry defined in 692 [RFC7736]: 694 +--------------------+---------------+ 695 | Payload Type | Specification | 696 +--------------------+---------------+ 697 | FCI.RedirectTarget | RFCthis | 698 | MI.FallbackTarget | RFCthis | 699 +--------------------+---------------+ 701 [RFC Editor: Please replace RFCthis with the published RFC number for 702 this document.] 704 4.1.1. CDNI FCI RedirectTarget Payload Type 706 Purpose: The purpose of this payload type is to distinguish 707 RedirectTarget FCI objects 709 Interface: FCI 711 Encoding: see Section 2.3 713 4.1.2. CDNI MI FallbackTarget Payload Type 715 Purpose: The purpose of this payload type is to distinguish 716 FallbackTarget MI objects (and any associated capability 717 advertisement) 719 Interface: MI/FCI 721 Encoding: see Section 3.1 723 5. Security Considerations 725 This specification is in accordance with the CDNI Metadata Interface 726 and the CDNI Request Routing: Footprint and Capabilities Semantics. 727 As such, it is subject to the security and privacy considerations as 728 defined in Section 8 of [RFC8006] and in Section 7 of [RFC8008] 729 respectively. 731 5.1. Confidentiality and Privacy 733 The Redirect Target FCI object potentially reveals information about 734 the internal structure of the dCDN network. A third party could 735 intercept the FCI transactions and use the information to attack the 736 dCDN. The same is also true for the Fallback Target Metadata object 737 as it may reveal information about the internal structure of the 738 uCDN, exposing it to external exploits. Implementations of the FCI 739 and MI MUST therefore use strong authentication and encryption and 740 strictly follow the directions for securing the interface as defined 741 for the Metadata Interface in Section 8.3 of [RFC8006]. 743 6. Acknowledgements 745 The authors thank Nir B. Sopher for reality checks against production 746 use cases, his contribution is significant to this document. The 747 authors also thank Ben Niven-Jenkins for his review and feedback and 748 Kevin J. Ma for his guidance throughout the development of this 749 document including his regular reviews. 751 7. References 753 7.1. Normative References 755 [RFC1034] Mockapetris, P., "Domain names - concepts and facilities", 756 STD 13, RFC 1034, DOI 10.17487/RFC1034, November 1987, 757 . 759 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 760 Requirement Levels", BCP 14, RFC 2119, 761 DOI 10.17487/RFC2119, March 1997, 762 . 764 [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform 765 Resource Identifier (URI): Generic Syntax", STD 66, 766 RFC 3986, DOI 10.17487/RFC3986, January 2005, 767 . 769 [RFC6707] Niven-Jenkins, B., Le Faucheur, F., and N. Bitar, "Content 770 Distribution Network Interconnection (CDNI) Problem 771 Statement", RFC 6707, DOI 10.17487/RFC6707, September 772 2012, . 774 [RFC7231] Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer 775 Protocol (HTTP/1.1): Semantics and Content", RFC 7231, 776 DOI 10.17487/RFC7231, June 2014, 777 . 779 [RFC7336] Peterson, L., Davie, B., and R. van Brandenburg, Ed., 780 "Framework for Content Distribution Network 781 Interconnection (CDNI)", RFC 7336, DOI 10.17487/RFC7336, 782 August 2014, . 784 [RFC7975] Niven-Jenkins, B., Ed. and R. van Brandenburg, Ed., 785 "Request Routing Redirection Interface for Content 786 Delivery Network (CDN) Interconnection", RFC 7975, 787 DOI 10.17487/RFC7975, October 2016, 788 . 790 [RFC8006] Niven-Jenkins, B., Murray, R., Caulfield, M., and K. Ma, 791 "Content Delivery Network Interconnection (CDNI) 792 Metadata", RFC 8006, DOI 10.17487/RFC8006, December 2016, 793 . 795 [RFC8007] Murray, R. and B. Niven-Jenkins, "Content Delivery Network 796 Interconnection (CDNI) Control Interface / Triggers", 797 RFC 8007, DOI 10.17487/RFC8007, December 2016, 798 . 800 [RFC8008] Seedorf, J., Peterson, J., Previdi, S., van Brandenburg, 801 R., and K. Ma, "Content Delivery Network Interconnection 802 (CDNI) Request Routing: Footprint and Capabilities 803 Semantics", RFC 8008, DOI 10.17487/RFC8008, December 2016, 804 . 806 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 807 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 808 May 2017, . 810 7.2. Informative References 812 [OC-RR] Finkelman, O., Ed., Hofmann, J., Klein, E., Mishra, S., 813 Ma, K., Sahar, D., and B. Zurat, "Open Caching - Request 814 Routing Functional Specification", Version 1.1, October 815 2019, . 818 [OCWG] "Open Caching Home Page", 819 . 822 [RFC7736] Ma, K., "Content Delivery Network Interconnection (CDNI) 823 Media Type Registration", RFC 7736, DOI 10.17487/RFC7736, 824 December 2015, . 826 [RFC7871] Contavalli, C., van der Gaast, W., Lawrence, D., and W. 827 Kumari, "Client Subnet in DNS Queries", RFC 7871, 828 DOI 10.17487/RFC7871, May 2016, 829 . 831 [SVA] "Streaming Video Alliance Home Page", 832 . 834 Authors' Addresses 836 Ori Finkelman 837 Qwilt 838 6, Ha'harash 839 Hod HaSharon 4524079 840 Israel 842 Email: ori.finkelman.ietf@gmail.com 844 Sanjay Mishra 845 Verizon 846 13100 Columbia Pike 847 Silver Spring, MD 20904 848 USA 850 Email: sanjay.mishra@verizon.com