idnits 2.17.1 draft-ietf-mboned-session-announcement-req-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** The document seems to lack a License Notice according IETF Trust Provisions of 28 Dec 2009, Section 6.b.i or Provisions of 12 Sep 2009 Section 6.b -- however, there's a paragraph with a matching beginning. Boilerplate error? (You're using the IETF Trust Provisions' Section 6.b License Notice from 12 Feb 2009 rather than one of the newer Notices. See https://trustee.ietf.org/license-info/.) Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack a Security Considerations section. ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The abstract seems to contain references ([3]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. == There are 3 instances of lines with multicast IPv4 addresses in the document. If these are generic example addresses, they should be changed to use the 233.252.0.x range defined in RFC 5771 Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document doesn't use any RFC 2119 keywords, yet has text resembling RFC 2119 boilerplate text. -- The document seems to contain a disclaimer for pre-RFC5378 work, and may have content which was first submitted before 10 November 2008. The disclaimer is necessary when there are original authors that you have been unable to contact, or if some do not wish to grant the BCP78 rights to the IETF Trust. If you are able to get all authors (current and original) to grant those rights, you can and should remove the disclaimer; otherwise, the disclaimer is needed and you can ignore this comment. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (March 9, 2009) is 5526 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- ** Obsolete normative reference: RFC 4566 (ref. '4') (Obsoleted by RFC 8866) Summary: 5 errors (**), 0 flaws (~~), 3 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 MBONED Working Group H. Asaeda 3 Internet-Draft Keio University 4 Intended status: Informational V. Roca 5 Expires: September 10, 2009 INRIA 6 March 9, 2009 8 Requirements for IP Multicast Session Announcement in the Internet 9 draft-ietf-mboned-session-announcement-req-01 11 Status of this Memo 13 This Internet-Draft is submitted to IETF in full conformance with the 14 provisions of BCP 78 and BCP 79. This document may contain material 15 from IETF Documents or IETF Contributions published or made publicly 16 available before November 10, 2008. The person(s) controlling the 17 copyright in some of this material may not have granted the IETF 18 Trust the right to allow modifications of such material outside the 19 IETF Standards Process. Without obtaining an adequate license from 20 the person(s) controlling the copyright in such materials, this 21 document may not be modified outside the IETF Standards Process, and 22 derivative works of it may not be created outside the IETF Standards 23 Process, except to format it for publication as an RFC or to 24 translate it into languages other than English. 26 Internet-Drafts are working documents of the Internet Engineering 27 Task Force (IETF), its areas, and its working groups. Note that 28 other groups may also distribute working documents as Internet- 29 Drafts. 31 Internet-Drafts are draft documents valid for a maximum of six months 32 and may be updated, replaced, or obsoleted by other documents at any 33 time. It is inappropriate to use Internet-Drafts as reference 34 material or to cite them other than as "work in progress." 36 The list of current Internet-Drafts can be accessed at 37 http://www.ietf.org/ietf/1id-abstracts.txt. 39 The list of Internet-Draft Shadow Directories can be accessed at 40 http://www.ietf.org/shadow.html. 42 This Internet-Draft will expire on September 10, 2009. 44 Copyright Notice 46 Copyright (c) 2009 IETF Trust and the persons identified as the 47 document authors. All rights reserved. 49 This document is subject to BCP 78 and the IETF Trust's Legal 50 Provisions Relating to IETF Documents in effect on the date of 51 publication of this document (http://trustee.ietf.org/license-info). 52 Please review these documents carefully, as they describe your rights 53 and restrictions with respect to this document. 55 Abstract 57 The Session Announcement Protocol (SAP) [3] was used to announce 58 information for all available multicast sessions to the prospective 59 receiver in an experimental network. It is easy to use, but not 60 scalable and difficult to control the SAP message transmission in a 61 wide area network. This document describes the major limitations SAP 62 has and the requirements for multicast session announcement in the 63 global Internet. 65 Conventions used in this document 67 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL 68 NOT","SHOULD", "SHOULD NOT", "RECOMMENDED","MAY", and "OPTIONAL" in 69 this document are to be interpreted as described in RFC 2119 [1]. 71 Table of Contents 73 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5 74 2. Potential Problems in SAP . . . . . . . . . . . . . . . . . . 6 75 2.1. Announcement Interval vs. Latency . . . . . . . . . . . . 6 76 2.2. Difficulties in Scope Definition . . . . . . . . . . . . . 6 77 2.3. ASM Dependency . . . . . . . . . . . . . . . . . . . . . . 7 78 2.4. Lack of Sender and Receiver Control . . . . . . . . . . . 8 79 3. Potential Problems in Server-Based Solutions . . . . . . . . . 9 80 4. Requirements . . . . . . . . . . . . . . . . . . . . . . . . . 10 81 5. Normative References . . . . . . . . . . . . . . . . . . . . . 11 82 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 12 84 1. Introduction 86 The Session Announcement Protocol (SAP) [3] was a necessary component 87 to announce information for all available multicast sessions to the 88 prospective receiver in the experimental MBone. In a SAP 89 announcement procedure, the entire session information must be 90 periodically transmitted and all active session descriptions 91 (described with the Session Description Protocol (SDP) [4] syntax) 92 must be continuously refreshed. If ever a session is no longer 93 announced, its description eventually times out and is deleted from 94 the available session list. This is a major property of a "soft- 95 state" protocol. 97 SAP enables to keep the session information active and refresh it, 98 and builds robust and fault-tolerant systems. However, it requires 99 the periodic message transmission (i.e. message flooding) that may 100 cause major overheads or overloads. Although this strategy keeps the 101 implementation simple, it rises costs and further reduces its 102 scalability. 104 Another issue is closely related to a security or policy management. 105 As with the above issue, it is difficult to control a data sender or 106 a receiver and the amount of traffic or the data distribution area 107 even with existing scoping techniques. 109 This document explains the issues SAP and other systems have raised 110 and clarifies the requirements that should fulfill an ideal session 111 announcement system. This document describes work originally 112 published by Asaeda and Roca in IEICE Transactions on Information and 113 Systems [2]. 115 2. Potential Problems in SAP 117 2.1. Announcement Interval vs. Latency 119 SAP improves the robustness and data consistency in front of packet 120 losses by transmitting each message several times. However, 121 transmitting a large number of active multicast sesssion information 122 in a flooding manner may cause major overheads. The solution defined 123 in [3] is the time period between repetitions of an announcement. 124 This period is chosen such that the total bandwidth used by all 125 announcements on a single SAP group remains below a preconfigured 126 limit, and the bandwidth limit should be assumed to be 4000 bits per 127 second, if not specified. 129 However, this solution largely increases the latency experienced by 130 end users especially when the number of sessions increases. In its 131 definition, since the minimum interval of SAP message transmission is 132 200 seconds, end users experience a minimum waiting time of 200 133 seconds to obtain the entire session list, irrespective of the number 134 of observed multicast sessions, message size of multicast session 135 information, and bandwidth SAP uses. Let us assume the average 136 message size of a single multicast session information is about 300 137 bytes. When there are more than 500 active multicast sessions, an 138 interval time of each session announcement becomes greater than 200 139 seconds and the average announcement interval increases accordingly. 140 For instance, if 2000 multicast sessions are active in the Internet, 141 each session announcement interval is between 800 seconds and 1600 142 seconds. In this case, if some SAP message is lost, users may need 143 to wait 1600 seconds for the next announcement as maximum. 145 Obviously, it is possible to make the announcement interval shorter 146 by changing the SAP configuration on a sender side and provide 147 shorter latency for the sender-receiver communication. However, it 148 makes the total ammount of SAP messages transmitted larger and may 149 increase the probability of creating congestions. 151 2.2. Difficulties in Scope Definition 153 Multicast data senders or network administrators may want to define 154 an area where data packets sent within a session will be confined. 155 This area is called "scope area". An end user who belongs to the 156 scope area can receive the session data. 158 When IP multicast was initially deployed in the MBone, the Time-To- 159 Live (TTL) field of the IP header was used to control the 160 distribution of multicast traffic. A multicast router configured 161 with a TTL threshold drops any multicast packet in which the TTL 162 falls below the threshold. For instance, a router at the boundary of 163 an organization configures the threshold to 32, which denotes an 164 "organization" scope boundary. 166 The drawbacks of this "TTL scoping" are: 1) the senders must be 167 sufficiently aware of the network topology to determine the TTL value 168 to use, and 2) complex scope areas cannot be defined (e.g., between 169 overlapped areas). Especially the first point becomes big obstacles 170 for general end users to precisely set up the data distribution area. 171 TTL scoping, which only defines a rough granularity, does not provide 172 a complete solution. 174 The "administratively scoped IP multicast" approach [5] provides 175 clear and simple semantics such as scope boundaries are associated to 176 multicast addresses. With IPv4, packets addressed to the 177 administratively scoped multicast address range 239/8 (i.e. from 178 239.0.0.0 to 239.255.255.255) cannot cross the configured 179 administrative boundaries. Since scoped addresses are defined 180 locally, the same multicast address can be used in different non- 181 overlapping areas. Oppositely, an administrator can define multiple 182 areas overlap by dividing the administratively scoped address range, 183 which is not possible with TTL scoping. 185 However, administrative scoping has several major limitations. An 186 administrator may want to partition the scope area to disjoint areas 187 on a per receiver basis, or he may want to limit data distribution 188 according to the transmission rate or the content category of each 189 session, or he may want to use the data sender's address as a keyword 190 to set up the scope. Note that the latter aspect is nowadays 191 feasible since Source-Specific Multicast (SSM) [6] requires that a 192 join request specifies both the multicast and source addresses. 194 SSM highlights another contradiction in the administrative scoping 195 approach: the address range dedicated to SSM, 232/8 with IPv4, cannot 196 cover the address range dedicated to administrative scoping, 239/8. 197 Although the problem can be solved by defining yet another SSM 198 specific administrative scoping address range, defining a new 199 addressing architecture requires modifying application, end host, and 200 router implementations or configurations. Hence, using multicast 201 addresses to define a scope is not a complete solution either. 203 2.3. ASM Dependency 205 SAP relies on the ASM model, since every SAP instance can send 206 announcements in the SAP announcement group. For instance, to 207 receive SAP announcement messages for the global scope IPv4 multicast 208 sessions, all prospective receivers must join session 224.2.127.254 209 (without specifying any source address). This is another major 210 limitation of SAP since some Internet Service Providers (ISPs) may 211 want to provide only SSM multicast routing. It is known that a 212 versatile announcement protocol should not rely on any specific 213 routing architecture. 215 Moreover, this communication model is subject to a Denial-of-Service 216 attack. If malicious hosts flood high bandwidth stream to this 217 global announcement address, 224.2.127.254, then all prospective 218 receivers including multicast routers listening SAP messages take in 219 the stream and their networks may be corrupted or destroyed. 221 2.4. Lack of Sender and Receiver Control 223 Network administrators or service providers may want to define 224 approved senders and restrict multicast data transmissions or 225 announcement only from them. However, it is difficult to configure 226 approved senders only who can send SAP messages, or non-approved 227 senders who are disabled to send SAP messages. 229 In addition, it is difficult to hide multicast session information 230 announced by SAP from non-approved receivers if they are inside the 231 scoped network. SAP messages might be encrypted to prevent non- 232 authorized client from reading them. However, it adds more 233 complexity to SAP by combining with a key sharing mechanism. 235 3. Potential Problems in Server-Based Solutions 237 Emails, RSS (Rich Site Summary or Really Simple Syndication), and the 238 Web are the alternative ways of conveying session descriptions. 239 These applications are of wide use and can be used to carry many 240 kinds of information. However, to provide a multicast announcement 241 function, these approaches would have to rely on a central server or 242 a central management system. This condition reduces flexibility of 243 fine-grained user and session management. 245 Session announcement should be decided by data senders or 246 administrators policy, such as scoping policy [5], or content-level 247 or user-level access control, which defines "who can access which 248 contents". Defining and applying such site-local policy or user 249 management would be very difficult or impossible on a single server 250 in the global Internet. This condition contradicts the requirements 251 experienced in the traditional MBone and expected in current or 252 future use. 254 In addition, emails and the RSS feed are implemented with a 255 "subscription model". The subscription model requires end users to 256 know the address of service providers and have subscribed to the 257 services for getting session information prior to receiving the 258 contents information. This condition is not reasonable for session 259 announcement, because end users do not always know potential data 260 senders, and the subscription model does not enable to discover them. 262 Finally, server-based systems may require a large amount of 263 operational costs or cause scalability problems for the fine-grained 264 user and session management and session announcement, especially when 265 the systems need to support a large number of users and contents 266 information. 268 4. Requirements 270 According to the analyses aforementioned, the requirements for IP 271 multicast session announcement are defined as follows; 273 o Information consistency: Information consistency, which warrants 274 that end users have a consistent view of session announcement, is 275 of major importance. 277 o Low information update latency: IP multicast session would be 278 fully dynamic. The list of sessions should be updated rapidly 279 after the creation, modification, or removal of the session 280 information. 282 o Low bandwidth consumption: IP multicast session announcement 283 should effectively consume the network bandwidth so that it does 284 not affect other communications or services. 286 o Scalability: Session announcement can be used by a large number of 287 end users spread throughout the Internet, and can manage a very 288 large number of sessions. 290 o High availability: The scheme must be robust in front of host/link 291 failures and packet losses. This can be fulfilled either by 292 transmitting messages periodically or by keeping track of failures 293 and recovering them. 295 o Scope control: Scope control is required to preserve bandwidth 296 resources and offer a certain level of confidentiality in IP 297 multicast communication. 299 o No dependency on a routing architecture: The session announcement 300 scheme must accommodate (or be independent of) any kind of 301 multicast routing protocol or communication model. 303 o No dependency on a central server: Session announcement should not 304 rely on a central server, because defining and applying session 305 scopes would be impossible. 307 o Sender and receiver control: Administrators must be able to allow 308 to announce multicast sessions only from approved multicast 309 senders and only to approved multicast data receivers in their 310 network. They must be able to filter out malicious users. 312 o Security consideration: In order to provide secure multicast 313 communication, session announcement should have a function that 314 enables to encrypt session information and distribute it to only 315 the legitimate users. 317 5. Normative References 319 [1] Bradner, S., "Key words for use in RFCs to indicate requirement 320 levels", RFC 2119, March 1997. 322 [2] Asaeda, H. and V. Roca, "Policy and Scope Management for 323 Multicast Channel Announcement", IEICE Trans. on Information and 324 Systems, Vol.E88-D, No.7, pp.1638-1645, July 2005. 326 [3] Handley, M., Perkins, C., and E. Whelan, "Session Announcement 327 Protocol", RFC 2974, October 2000. 329 [4] Handley, M., Jacobson, V., and C. Perkins, "SDP: Session 330 Description Protocol", RFC 4566, July 2006. 332 [5] Mayer, D., "Administratively scoped IP multicast", RFC 2365, 333 July 1998. 335 [6] Holbrook, H. and B. Cain, "Source-Specific Multicast for IP", 336 RFC 4607, August 2006. 338 Authors' Addresses 340 Hitoshi Asaeda 341 Keio University 342 Graduate School of Media and Governance 343 5322 Endo 344 Fujisawa, Kanagawa 252-8520 345 Japan 347 Email: asaeda@wide.ad.jp 348 URI: http://www.sfc.wide.ad.jp/~asaeda/ 350 Vincent Roca 351 INRIA 352 Planete Research Team 353 655, Avenue de l'Europe 354 Montbonnot - Saint Martin, Saint Ismier 38334 355 France 357 Email: vincent.roca@inrialpes.fr 358 URI: http://planete.inrialpes.fr/~roca/