wdiff rfc7285.original rfc7285.txt

ALTO WG
Internet Engineering Task Force (IETF) R. Alimi, Ed.
Internet-Draft
Request for Comments: 7285 Google
Intended status:
Category: Standards Track R. Penno, Ed.
Expires: September 6, 2014
ISSN: 2070-1721 Cisco Systems Systems, Inc.
Y. Yang, Ed.
Yale University
March 5,
S. Kiesel
University of Stuttgart
S. Previdi
Cisco Systems, Inc.
W. Roome
Alcatel-Lucent
S. Shalunov
Open Garden
R. Woundy
Comcast
September 2014

ALTO

Application-Layer Traffic Optimization (ALTO) Protocol
draft-ietf-alto-protocol-27.txt

Abstract

Applications using the Internet already have access to some topology
information of Internet Service Provider (ISP) networks. For
example, views to Internet routing tables at looking glass Looking Glass servers
are available and can be practically downloaded to many network
application clients. What is missing is knowledge of the underlying
network topologies from the point of view of ISPs. In other words,
what an ISP prefers in terms of traffic optimization -- and a way to
distribute it.

The Application-Layer Traffic Optimization (ALTO) Service provides services defined in
this document provide network information (e.g., basic network
location structure and preferences of network paths) with the goal of
modifying network resource consumption patterns while maintaining or
improving application performance. The basic information of ALTO is
based on abstract maps of a network. These maps provide a simplified
view, yet enough information about a network for applications to
effectively utilize them. Additional services are built on top of
the maps.

This document describes a protocol implementing the ALTO Service. services.
Although the ALTO Service services would primarily be provided by ISPs, other
entities
entities, such as content service providers providers, could also operate an provide ALTO
Service.
services. Applications that could use this service the ALTO services are those
that have a choice to which end points to connect. Examples of such
applications are peer-to-peer (P2P) and content delivery networks.

Requirements Language

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].

Status of this This Memo

This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents an Internet Standards Track document.

This document is a product of the Internet Engineering Task Force
(IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list It represents the consensus of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid the IETF community. It has
received public review and has been approved for a maximum publication by the
Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of six months RFC 5741.

Information about the current status of this document, any errata,
and how to provide feedback on it may be updated, replaced, or obsoleted by other documents obtained at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."

This Internet-Draft will expire on September 6, 2014.
http://www.rfc-editor.org/info/rfc7285.

This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.

Table of Contents

1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 7 ....................................................6
1.1. Problem Statement . . . . . . . . . . . . . . . . . . . . 7 ..........................................6
1.1.1. Requirements Language ...............................7
1.2. Design Overview . . . . . . . . . . . . . . . . . . . . . 8 ............................................7
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 8 .....................................................7
2.1. Endpoint . . . . . . . . . . . . . . . . . . . . . . . . . 8 ...................................................8
2.2. Endpoint Address . . . . . . . . . . . . . . . . . . . . . 8 ...........................................8
2.3. Network Location . . . . . . . . . . . . . . . . . . . . . 9 ...........................................8
2.4. ALTO Information . . . . . . . . . . . . . . . . . . . . . 9 ...........................................8
2.5. ALTO Information Base . . . . . . . . . . . . . . . . . . 9
2.6. ALTO Service . . . . . . . . . . . . . . . . . . . . . . . 9 ......................................8
3. Architecture . . . . . . . . . . . . . . . . . . . . . . . . . 9 ....................................................8
3.1. ALTO Service Services and Protocol Scope . . . . . . . . . . . . . 9 ...........................9
3.2. ALTO Information Reuse and Redistribution . . . . . . . . 12 .................11
4. ALTO Information Service Framework . . . . . . . . . . . . . . 12 .............................11
4.1. ALTO Information Services . . . . . . . . . . . . . . . . 13 .................................12
4.1.1. Map Service . . . . . . . . . . . . . . . . . . . . . 13 ........................................12
4.1.2. Map Filtering Map-Filtering Service . . . . . . . . . . . . . . . . 13 ..............................12
4.1.3. Endpoint Property Service . . . . . . . . . . . . . . 13 ..........................12
4.1.4. Endpoint Cost Service . . . . . . . . . . . . . . . . 14 ..............................13
5. Network Map . . . . . . . . . . . . . . . . . . . . . . . . . 14 ....................................................13
5.1. Provider-defined Provider-Defined Identifier (PID) . . . . . . . . . . . . 14 .........................13
5.2. Endpoint Addresses . . . . . . . . . . . . . . . . . . . . 15 ........................................14
5.3. Example Network Map . . . . . . . . . . . . . . . . . . . 15 .......................................14
6. Cost Map . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 .......................................................15
6.1. Cost Types . . . . . . . . . . . . . . . . . . . . . . . . 17 ................................................16
6.1.1. Cost Metric . . . . . . . . . . . . . . . . . . . . . 17 ........................................16
6.1.2. Cost Mode . . . . . . . . . . . . . . . . . . . . . . 18 ..........................................17
6.2. Cost Map Structure . . . . . . . . . . . . . . . . . . . . 18 ........................................18
6.3. Network Map and Cost Map Dependency . . . . . . . . . . . 19 .......................18
6.4. Cost Map Update . . . . . . . . . . . . . . . . . . . . . 19 ...........................................19
7. Endpoint Properties . . . . . . . . . . . . . . . . . . . . . 20 ............................................19
7.1. Endpoint Property Type . . . . . . . . . . . . . . . . . . 20 ....................................19
7.1.1. Endpoint Property Type: pid . . . . . . . . . . . . . 20 ........................19
8. Protocol Specification: General Processing . . . . . . . . . . 20 .....................19
8.1. Overall Design . . . . . . . . . . . . . . . . . . . . . . 20 ............................................19
8.2. Notation . . . . . . . . . . . . . . . . . . . . . . . . . 21 ..................................................20
8.3. Basic Operations . . . . . . . . . . . . . . . . . . . . . 21 ..........................................21
8.3.1. Client Discovering Information Resources . . . . . . . 22 ...........21
8.3.2. Client Requesting Information Resources . . . . . . . 22 ............22
8.3.3. Server Responding to IR Information Resource Request . . . . . . . . . . . 23 ..22
8.3.4. Client Handling Server Response . . . . . . . . . . . 23 ....................23
8.3.5. Authentication and Encryption . . . . . . . . . . . . 24 ......................23
8.3.6. Information Refreshing . . . . . . . . . . . . . . . . 24 .............................24
8.3.7. Parsing of Unknown Fields . . . . . . . . . . . . . . 24 ..........................24
8.4. Server Response Encoding . . . . . . . . . . . . . . . . . 25 ..................................24
8.4.1. Meta Information . . . . . . . . . . . . . . . . . . . 25 ...................................24
8.4.2. Data Information . . . . . . . . . . . . . . . . . . . 25 ...................................25
8.5. Protocol Errors . . . . . . . . . . . . . . . . . . . . . 25 ...........................................25
8.5.1. Media Type . . . . . . . . . . . . . . . . . . . . . . 26 .........................................25
8.5.2. Response Format and Error Codes . . . . . . . . . . . 26 ....................25
8.5.3. Overload Conditions and Server Unavailability . . . . 28 ......28
9. Protocol Specification: Information Resource Directory . . . . 29 .........28
9.1. Information Resource Attributes . . . . . . . . . . . . . 29 ...........................29
9.1.1. Resource ID . . . . . . . . . . . . . . . . . . . . . 29 ........................................29
9.1.2. Media Type . . . . . . . . . . . . . . . . . . . . . . 29 .........................................29
9.1.3. Capabilities . . . . . . . . . . . . . . . . . . . . . 29 .......................................29
9.1.4. Accepts Input Parameters . . . . . . . . . . . . . . . 29 ...........................29
9.1.5. Dependent Resources . . . . . . . . . . . . . . . . . 30 ................................30
9.2. Information Resource Directory (IRD) . . . . . . . . . . . 30 ......................30
9.2.1. Media Type . . . . . . . . . . . . . . . . . . . . . . 30 .........................................30
9.2.2. Encoding . . . . . . . . . . . . . . . . . . . . . . . 30 ...........................................30
9.2.3. Example . . . . . . . . . . . . . . . . . . . . . . . 32 ............................................32
9.2.4. Delegation using Using IRD . . . . . . . . . . . . . . . . . 35 ...............................35
9.2.5. Considerations of Using IRD . . . . . . . . . . . . . 37 ........................37
10. Protocol Specification: Basic Data Types . . . . . . . . . . . 37 ......................38
10.1. PID Name . . . . . . . . . . . . . . . . . . . . . . . . . 38 .................................................38
10.2. Resource ID . . . . . . . . . . . . . . . . . . . . . . . 38 ..............................................38
10.3. Version Tag . . . . . . . . . . . . . . . . . . . . . . . 38 ..............................................38
10.4. Endpoints . . . . . . . . . . . . . . . . . . . . . . . . 39 ................................................39
10.4.1. Typed Endpoint Addresses . . . . . . . . . . . . . . . 39 ..........................39
10.4.2. Address Type . . . . . . . . . . . . . . . . . . . . . 39 ......................................39
10.4.3. Endpoint Address . . . . . . . . . . . . . . . . . . . 39 ..................................40
10.4.4. Endpoint Prefixes . . . . . . . . . . . . . . . . . . 40 .................................40
10.4.5. Endpoint Address Group . . . . . . . . . . . . . . . . 40 ............................41
10.5. Cost Mode . . . . . . . . . . . . . . . . . . . . . . . . 41 ................................................41
10.6. Cost Metric . . . . . . . . . . . . . . . . . . . . . . . 41 ..............................................42
10.7. Cost Type . . . . . . . . . . . . . . . . . . . . . . . . 42 ................................................42
10.8. Endpoint Property . . . . . . . . . . . . . . . . . . . . 42 ........................................42
10.8.1. Resource Specific Resource-Specific Endpoint Properties . . . . . . . . 42 .............43
10.8.2. Global Endpoint Properties . . . . . . . . . . . . . . 42 ........................43
11. Protocol Specification: Service Information Resources . . . . 43 .........43
11.1. Meta Information . . . . . . . . . . . . . . . . . . . . . 43 .........................................43
11.2. Map Service . . . . . . . . . . . . . . . . . . . . . . . 43 ..............................................43
11.2.1. Network Map . . . . . . . . . . . . . . . . . . . . . 43 .......................................44
11.2.2. Mapping IP Addresses to PIDs for
'ipv4'/'ipv6' Network Maps . . . . . . . . . . . . . . . . . . . . . 46 ........................46
11.2.3. Cost Map . . . . . . . . . . . . . . . . . . . . . . . 47 ..........................................47
11.3. Map-Filtering Service ....................................50
11.3.1. Filtered Network Map Filtering ..............................50
11.3.2. Filtered Cost Map .................................53
11.4. Endpoint Property Service . . . . . . . . . . . . . . . . . . 50
11.3.1. Filtered Network Map . . . . . . . . . . . . . . . . . 50
11.3.2. Filtered Cost Map . . . . . . . . . . . . . . . . . . 52
11.4. Endpoint Property Service . . . . . . . . . . . . . . . . 56 ................................57
11.4.1. Endpoint Property . . . . . . . . . . . . . . . . . . 57 .................................58
11.5. Endpoint Cost Service . . . . . . . . . . . . . . . . . . 60 ....................................61
11.5.1. Endpoint Cost . . . . . . . . . . . . . . . . . . . . 60 .....................................61
12. Use Cases . . . . . . . . . . . . . . . . . . . . . . . . . . 63 .....................................................64
12.1. ALTO Client Embedded in P2P Tracker . . . . . . . . . . . 64 ......................65
12.2. ALTO Client Embedded in P2P Client: Numerical Costs . . . 65 ......66
12.3. ALTO Client Embedded in P2P Client: Ranking . . . . . . . 66 ..............67
13. Discussions . . . . . . . . . . . . . . . . . . . . . . . . . 67 ...................................................68
13.1. Discovery . . . . . . . . . . . . . . . . . . . . . . . . 67 ................................................68
13.2. Hosts with Multiple Endpoint Addresses . . . . . . . . . . 68 ...................68
13.3. Network Address Translation Considerations . . . . . . . . 68 ...............69
13.4. Endpoint and Path Properties . . . . . . . . . . . . . . . 69 .............................69
14. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 69 ...........................................70
14.1. application/alto-* Media Types . . . . . . . . . . . . . . 69 ...........................70
14.2. ALTO Cost Metric Registry . . . . . . . . . . . . . . . . 71 ................................71
14.3. ALTO Endpoint Property Type Registry . . . . . . . . . . . 72 .....................73
14.4. ALTO Address Type Registry . . . . . . . . . . . . . . . . 74 ...............................75
14.5. ALTO Error Code Registry . . . . . . . . . . . . . . . . . 75 .................................76
15. Security Considerations . . . . . . . . . . . . . . . . . . . 75 .......................................76
15.1. Authenticity and Integrity of ALTO Information . . . . . . 76 ...........77
15.1.1. Risk Scenarios . . . . . . . . . . . . . . . . . . . . 76 ....................................77
15.1.2. Protection Strategies . . . . . . . . . . . . . . . . 76 .............................77
15.1.3. Limitations . . . . . . . . . . . . . . . . . . . . . 76 .......................................77
15.2. Potential Undesirable Guidance from Authenticated ALTO
Information . . . . . . . . . . . . . . . . . . . . . . . 77 ..............................................78
15.2.1. Risk Scenarios . . . . . . . . . . . . . . . . . . . . 77 ....................................78
15.2.2. Protection Strategies . . . . . . . . . . . . . . . . 77 .............................78
15.3. Confidentiality of ALTO Information . . . . . . . . . . . 78 ......................79
15.3.1. Risk Scenarios . . . . . . . . . . . . . . . . . . . . 78 ....................................79
15.3.2. Protection Strategies . . . . . . . . . . . . . . . . 78 .............................79
15.3.3. Limitations . . . . . . . . . . . . . . . . . . . . . 79 .......................................80
15.4. Privacy for ALTO Users . . . . . . . . . . . . . . . . . . 79 ...................................80
15.4.1. Risk Scenarios . . . . . . . . . . . . . . . . . . . . 79 ....................................80
15.4.2. Protection Strategies . . . . . . . . . . . . . . . . 79 .............................80
15.5. Availability of ALTO Service . . . . . . . . . . . . . . . 80 Services ............................81
15.5.1. Risk Scenarios . . . . . . . . . . . . . . . . . . . . 80 ....................................81
15.5.2. Protection Strategies . . . . . . . . . . . . . . . . 80 .............................81
16. Manageability Considerations . . . . . . . . . . . . . . . . . 80 ..................................81
16.1. Operations . . . . . . . . . . . . . . . . . . . . . . . . 81 ...............................................82
16.1.1. Installation and Initial Setup . . . . . . . . . . . . 81 ....................82
16.1.2. Migration Path . . . . . . . . . . . . . . . . . . . . 81 ....................................82
16.1.3. Dependencies on Other Protocols and
Functional Components . . . . . . . . . . . . . . . . . . . . . . 82 .............................83
16.1.4. Impact and Observation on Network Operation . . . . . 82
16.2. Management . . . . . . . . . . . . . . . . . . . . . . . . 83
16.2.1. Management Interoperability . . . . . . . . . . . . . 83
16.2.2. Management Information . . . . . . . . . . . . . . . . 83
16.2.3. Fault Management . . . . . . . . . . . . . . . . . . . 83 Observation on Network Operation .......83
16.2. Management ...............................................84
16.2.1. Management Interoperability .......................84
16.2.2. Management Information ............................84
16.2.3. Fault Management ..................................84
16.2.4. Configuration Management . . . . . . . . . . . . . . . 83 ..........................84
16.2.5. Performance Management . . . . . . . . . . . . . . . . 84 ............................85
16.2.6. Security Management . . . . . . . . . . . . . . . . . 84 ...............................85
17. References . . . . . . . . . . . . . . . . . . . . . . . . . . 84 ....................................................85
17.1. Normative References . . . . . . . . . . . . . . . . . . . 84 .....................................85
17.2. Informative References . . . . . . . . . . . . . . . . . . 85 ...................................86
Appendix A. Acknowledgments . . . . . . . . . . . . . . . . . . . 88 .......................................89
Appendix B. Design History and Merged Proposals . . . . . . . . . 89
Appendix C. Authors . . . . . . . . . . . . . . . . . . . . . . . 89
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 90 ...................90

1. Introduction

1.1. Problem Statement

This document defines the ALTO Protocol, which provides a solution
for the problem stated in [RFC5693]. Specifically, in today's
networks, network information such as network topologies, link
availability, routing policies, and path costs are hidden from the
application layer, and many applications benefited from such hiding
of network complexity. However, new applications, such as
application-layer overlays, can benefit from information about the
underlying network infrastructure. In particular, these new network
applications can be adaptive, and hence adaptive; hence, they can become more network-efficient network
efficient (e.g., reduce network resource consumption) and achieve
better application performance (e.g., accelerated download rate), by
leveraging network-provided information.

At a high level, the ALTO Protocol specified in this document is an
information publishing
information-publishing interface that allows a network to publish its
network information such as network locations, costs between them at
configurable granularities, and endhost properties to network
applications. The information published by the ALTO Protocol should
benefit both the network and the applications (i.e., the consumers of
the information). Either the operator of the network or a third- third
party (e.g., an information aggregator) can retrieve or derive
related information of the network and publish it using the ALTO
Protocol. When a network provides information through the ALTO
Protocol, the network is said to provide the ALTO Service.

To allow better understanding of the goal of the ALTO Protocol, this
document provides a short, non-normative overview of the benefits of
ALTO to both networks and applications:

o A network that provides an ALTO Service information can achieve better
utilization of its networking infrastructure. For example, by
using ALTO as a tool to interact with applications, a network is
able to provide network information to applications so that the
applications can better manage traffic on more expensive or
difficult-to-provision links such as long distance, transit long-distance, transit, or
backup links. During the interaction, the network can choose to
protect its sensitive and confidential network state information,
by abstracting real metric values into non-real numerical scores
or ordinal ranking.

o An application that uses an ALTO Service information can benefit from better
knowledge of the network to avoid network bottlenecks. For
example, an overlay application can use information provided by
the ALTO Service services to avoid selecting peers connected via high-delay high-
delay links (e.g., some intercontinental links). Using ALTO to
initialize each node with promising ("better-than-random") peers,
an adaptive peer-to-peer overlay may achieve faster, better
convergence.

1.1.1. Requirements Language

1.2. Design Overview

The ALTO Protocol specified in this document meets the ALTO
requirements specified in [RFC5693], and unifies multiple protocols
previously designed with similar intentions. See Appendix A for a
list of people and Appendix B for a list of proposals that have made
significant contributions to this effort.

The ALTO Protocol uses a REST-ful (Representational State Transfer
(REST)) design [Fielding-Thesis], and encodes its requests and
responses using JSON [RFC4627]. [RFC7159]. These designs are chosen because of
their flexibility and extensibility. In addition, these designs make
it possible for ALTO to be deployed at scale by leveraging existing
HTTP [RFC2616] [RFC7230] implementations, infrastructures and deployment
experience.

The ALTO Protocol uses a modular design by dividing ALTO information
publication into multiple ALTO services (e.g., the Map service, the
Map-Filtering Service, the Endpoint Property Service, and the
Endpoint Cost Service). Each ALTO service provides a given set of
functionalities and is realized by a set of information resources,
which are announced by information resource directories, to guide
ALTO clients.

2. Terminology

This document uses the following terms defined in [RFC5693]:
Application, Overlay Network, Peer, Resource, Resource Identifier,
Resource Provider, Resource Consumer, Resource Directory, Transport
Address, Host Location Attribute, ALTO Service, ALTO Server, ALTO Client, ALTO Query, ALTO Reply, Response, ALTO
Transaction, Local Traffic, Peering Traffic, and Transit Traffic.

This document extends the term "ALTO Service" defined in [RFC5693].
In particular, by adopting a modular design, this document allows the
ALTO Protocol to provide multiple ALTO services.

This document also uses the following additional terms: Endpoint
Address, Network Location, ALTO Information, ALTO Information Base, and ALTO Service. Information
Base.

2.1. Endpoint

An Endpoint endpoint is an application or host that is capable of
communicating (sending and/or receiving messages) on a network.

An Endpoint endpoint is typically either a Resource Provider resource provider or a Resource
Consumer. resource
consumer.

2.2. Endpoint Address

An Endpoint Address endpoint address represents the communication address of an
endpoint. Common forms of Endpoint Addresses endpoint addresses include IP address, MAC
address addresses,
Media Access Control (MAC) addresses, and overlay ID. IDs. An Endpoint Address endpoint
address can be network-
attachment network-attachment based (e.g., IP address) or
network-attachment agnostic (e.g., MAC address).

Each Endpoint Address endpoint address has an associated Address Type, address type, which indicates
both its syntax and semantics.

2.3. Network Location

Network Location is

This document uses network location as a generic term denoting to denote a
single Endpoint endpoint or a group of Endpoints. endpoints. For instance, it can be a
single IPv4 or IPv6 address, an IPv4 or IPv6 prefix, or a set of
prefixes.

2.4. ALTO Information

This document uses ALTO Information is information as a generic term referring to refer to the
network information sent provided by an ALTO Server. server.

2.5. ALTO Information Base

This document uses the term ALTO Information Base information base to refer to the
internal representation of ALTO Information information maintained by an ALTO
Server.
server. Note that the structure of this internal representation is
not defined by this document.

2.6. ALTO Service

A network that provides ALTO Information through the ALTO Protocol is
said to provide the ALTO Service.

3. Architecture

This section defines the ALTO architecture and the ALTO Protocol's
place in the overall architecture.

3.1. ALTO Service Services and Protocol Scope

Each network region in the global Internet can provide its ALTO
Service,
services, which conveys convey network information from the perspective of
that network region. A network region in this context can be an
Autonomous System (AS), an ISP, a region smaller than an AS or ISP,
or a set of ISPs. The specific network region that an ALTO Service service
represents will depend on the ALTO deployment scenario and ALTO
service discovery mechanism.

The ALTO Service services specified in this document defines define network Endpoints endpoints
(and aggregations thereof) and generic costs amongst them from the
region's perspective. The network Endpoints endpoints may include all
Endpoints
endpoints in the global Internet. We say that the network
information provided by the ALTO Service services of a network region
represents the "my-Internet view" of the network region.

The "my-Internet view" defined in this document does not specify the
internal topology of a network, and hence, it is said to provide a
"single-node" abstract topology. Extensions to this document may
provide topology details in "my-Internet view".

Figure 1 provides an overall picture of ALTO's system architecture,
so that one can better understand the ALTO Service services and the role of
the ALTO Protocol. In this architecture, an ALTO Server server prepares
ALTO Information; information, an ALTO Client client uses ALTO Service Discovery service discovery to
identify an appropriate ALTO Server; server, and the ALTO Client client requests
available ALTO Information information from the ALTO Server server using the ALTO
Protocol.

The ALTO Information information provided by the ALTO Server server can be updated
dynamically based on network conditions, or they can be seen as a
policy
which that is updated at on a larger time-scale. longer time scale.

+-------------------------------------------------------------------+
| Network Region |
| |
| +-----------+ |
| | Routing | |
| +--------------+ | Protocols | |
| | Provisioning | +-----------+ |
| | Policy | | |
| +--------------+\ | |
| \ | |
| \ | |
| +-----------+ \+---------+ +--------+ |
| |Dynamic | | ALTO | ALTO Protocol | ALTO | |
| |Network |.......| Server | ==================== | Client | |
| |Information| +---------+ +--------+ |
| +-----------+ / / |
| / ALTO SD Query/Response / |
| / / |
| +----------+ +----------------+ |
| | External | | ALTO Service | |
| | Interface| | Discovery (SD) | |
| +----------+ +----------------+ |
| | |
+-------------------------------------------------------------------+
|
+------------------+
| Third Parties |
| |
| Content Providers|
+------------------+

Figure 1: Basic ALTO Architecture. Architecture

Figure 1 illustrates that the ALTO Information information provided by an ALTO
Server
server may be influenced (at the service provider's discretion) by
other systems. In particular, the ALTO Server server can aggregate
information from multiple systems to provide an abstract and unified
view that can be more useful to applications. Examples of other
systems include (but are not limited to) static network configuration
databases, dynamic network information, routing protocols,
provisioning policies, and interfaces to outside parties. These
components are shown in the figure for completeness but are outside
the scope of this specification. Recall that while the ALTO Protocol
may convey dynamic network information, it is not intended to replace
near-real-time congestion control protocols.

It may also be possible for an ALTO Server server to exchange network
information with other ALTO Servers servers (either within the same
administrative domain or another administrative domain with the
consent of both parties) in order to adjust exported ALTO
Information.
information. Such a protocol is also outside the scope of this
specification.

3.2. ALTO Information Reuse and Redistribution

ALTO Information information may be useful to a large number of applications and
users. At the same time, distributing ALTO Information information must be
efficient and not become a bottleneck.

The design of the ALTO Protocol allows integration with the existing
HTTP caching infrastructure to redistribute ALTO Information. information. If
caching or redistribution is used, the response message to an ALTO
Client
client may be returned from a third-party. third party.

Application-dependent mechanisms, such as P2P DHTs Distributed Hash Tables
(DHTs) or P2P file- file sharing, may be used to cache and redistribute
ALTO Information. information. This document does not define particular
mechanisms for such redistribution.

Additional protocol mechanisms (e.g., expiration times and digital
signatures for returned ALTO information) are left for future
investigation.

4. ALTO Information Service Framework

The ALTO Protocol conveys network information through services, ALTO
information services (services for short), where each service defines
a set of related functionalities. An ALTO
Client client can request each
service individually. All of the services defined in ALTO are said
to form the ALTO service framework and are provided through a common
transport protocol, protocol; messaging structure and
encoding, encoding; and transaction
model. Functionalities offered in different services can overlap.

The goals of the ALTO information services defined in this document
are to convey (1)
Network Locations, network locations, which denote the locations of Endpoints
endpoints at a network, (2) provider-defined costs for paths between
pairs of
Network Locations, network locations, and (3) network related network-related properties of endhosts.
endpoints. The aforementioned goals are achieved by defining the Map
Service, which provides the core ALTO information to clients, and
three additional information services: the Map Filtering Map-Filtering Service, the
Endpoint Property
Service, Service (EPS), and the Endpoint Cost Service. Service (ECS).
Additional information services can be defined in companion
documents. Figure 2 gives an overview of the information services.
Details of the services are presented in subsequent sections.

Figure 2: ALTO Information Service Framework. Framework

4.1. ALTO Information Services

4.1.1. Map Service

The Map Service provides batch information to ALTO Clients clients in the
form
forms of Network Map ALTO network maps (network maps for short) and Cost Map. A Network Map ALTO cost
maps (cost maps for short). An ALTO network map (See Section 5)
provides a full set of Network Location network location groupings defined by the ALTO
Server
server and the Endpoints endpoints contained within each grouping. A Cost Map An ALTO
cost map (see Section 6) provides costs between a defined grouping. groupings.

These two maps can be thought of (and implemented as) implemented) as simple files
with appropriate encoding provided by the ALTO Server. server.

4.1.2. Map Filtering Map-Filtering Service

Resource constrained

Resource-constrained ALTO Clients clients may benefit from the filtering of
query results at the ALTO Server. server. This avoids that the situation in which
an ALTO Client client first spends network bandwidth and CPU cycles to
collect results and then performs client-side filtering. The Map Map-
Filtering Service allows ALTO Clients clients to query an ALTO Server server on Network Map and Cost Map ALTO
network maps and/or cost maps based on additional parameters.

4.1.3. Endpoint Property Service

This service allows ALTO Clients clients to look up properties for individual
Endpoints.
endpoints. An example property of an Endpoint endpoint is its Network
Location network
location (i.e., its grouping defined by the ALTO Server). server). Another
example property is its connectivity type such as ADSL (Asymmetric
Digital Subscriber Line), Cable, or FTTH (Fiber To The Home).

4.1.4. Endpoint Cost Service

Some ALTO Clients clients may also benefit from querying for costs and
rankings based on Endpoints. endpoints. The Endpoint Cost Service allows an
ALTO Server server to return either numerical costs or ordinal costs
(rankings) directly amongst Endpoints. endpoints.

5. Network Map

An ALTO Network Map network map defines a grouping of network endpoints. This
document uses Network Map ALTO network map to refer to the syntax and semantics
of how an ALTO Server distributes server defines the grouping. This document does not
discuss the internal representation of this data structure within the an
ALTO Server. server.

The definition of Network Map ALTO network maps is based on the observation that that,
in reality, many endpoints are close near by to one another in terms of
network connectivity. By treating a group of close-by nearby endpoints
together as a single entity, an ALTO Server server indicates aggregation of
these endpoints due to their proximity. This aggregation can also
lead to greater scalability without losing critical information when
conveying other network information (e.g., when defining Cost Map). cost maps).

5.1. Provider-defined Provider-Defined Identifier (PID)

One issue is that proximity varies depending on the granularity of
the ALTO information configured by the provider. In one deployment,
endpoints on the same subnet may be considered close; while in
another deployment, endpoints connected to the same Point of Presence
(PoP)
(POP) may be considered close.

ALTO introduces provider-defined Network Location network location identifiers called
Provider-defined Identifiers (PIDs) to provide an indirect and
network-agnostic way to specify an aggregation of network endpoints
that may be treated similarly, based on network topology, type, or
other properties. Specifically, a PID is a string of type PIDName
(see Section 10.1) and its associated set of Endpoint Addresses. endpoint addresses. As
discussed above, there can be many different ways of grouping the
endpoints and assigning PIDs. For example, a PID may denote a
subnet, a set of subnets, a metropolitan area, a PoP, POP, an autonomous
system, or a set of autonomous systems. Interpreting the PIDs
defined in a Network Map an ALTO network map using the "single-node" abstraction,
one can consider that each PID represents an abstract port (PoP) (POP) that
connects a set of endpoints.

A key use case of PIDs is to specify network preferences (costs)
between PIDs instead of individual endpoints. This allows cost
information to be more compactly represented and updated at a faster
time scale than the network aggregations themselves. For example, an
ISP may prefer that endpoints associated with the same PoP (Point-of-
Presence) POP in a P2P
application communicate locally instead of communicating with
endpoints in other PoPs. POPs. The ISP may aggregate
endhosts endpoints within a PoP
POP into a single PID in the Network Map. a network map. The cost may be encoded to
indicate that Network Locations network locations within the same PID are preferred;
for example, cost(PID_i, PID_i) == c and cost(PID_i, PID_j) > c for i
!= j. Section 6 provides further details on using PIDs to represent
costs in an ALTO Cost Map. cost map.

5.2. Endpoint Addresses

The endpoints aggregated into a PID are denoted by endpoint
addresses. There are many types of addresses, such as IP addresses,
MAC addresses, or overlay IDs. This document specifies in (in
Section
10.4 10.4) how to specify IPv4/IPv6 addresses or prefixes.
Extension documents may define further address types; Section 14.4 of
this document provides an IANA registry for endpoint address types.

5.3. Example Network Map

This document uses the Network Map ALTO network map shown in Figure 3 in most
examples.

.------------------------------------------------------------.
| An ALTO Network Map |
| |
| .-----------------------------------. .----------------. |
| | NetLoc: PID-1 | | NetLoc: PID-3 | |
| | .------------------------------. | | | |
| | | 192.0.2.0/24 | | | .-----------. | |
| | | .--------------------------. | | | | 0.0.0.0/0 | | |
| | | | Endpoint: 192.0.2.34 | | | | `-----------` | |
| | | `--------------------------` | | | | |
| | `------------------------------` | | | |
| | .------------------------------. | | | |
| | | 198.51.100.0/25 | | | | |
| | | .--------------------------. | | | | |
| | | | Endpoint: 198.51.100.100 | | | | | |
| | | `--------------------------` | | | | |
| | `------------------------------` | | | |
| `-----------------------------------` | | |
| | | |
| .-----------------------------------. | | |
| | NetLoc: PID-2 | | | |
| | .------------------------------. | | | |
| | | 198.51.100.128/25 | | | | |
| | `------------------------------` | | | |
| `-----------------------------------` `----------------` |
`------------------------------------------------------------`

Figure 3: Example Network Map. Map

6. Cost Map

An ALTO Server server indicates preferences amongst network locations in the
form of path costs. Path Costs. Path Costs costs are generic costs and can be
internally computed by a network provider according to its own
policy.

For a given Network Map, ALTO network map, an ALTO Cost Map cost map defines Path Costs path costs
pairwise amongst sets the set of source and destination Network Locations network locations
defined by the PIDs defined contained in the Network Map. network map. Each Path Cost path cost is
the end-to-end cost when a unit of traffic goes from the source to
the destination.

Since cost is directional from the source to the destination, an
application, when using ALTO Information, information, may independently determine
how the Resource Consumer resource consumer and Resource Provider resource provider are designated as the
source or destination in an ALTO query, and hence query and, hence, how to utilize the
Path Cost
path cost provided by ALTO Information. information. For example, if the cost is
expected to be correlated with throughput, a typical application
concerned with bulk data retrieval may use the Resource Provider resource provider as
the source, source and Resource Consumer the resource consumer as the destination.

One advantage of separating ALTO information into a Network Map network maps and a
Cost Map
cost maps is that the two components types of maps can be updated at different
time scales. For example, Network Maps network maps may be stable for a longer
time while Cost Maps cost maps may be updated to reflect more dynamic network
conditions.

As used in this document, a Cost Map an ALTO cost map refers to the syntax and
semantics of the information distributed by the ALTO Server. server. This
document does not discuss the internal representation of this data
structure within the ALTO Server. server.

6.1. Cost Types

Path Costs costs have attributes:

o Cost Metric: identifies what the costs represent;

o Cost Mode: identifies how the costs should be interpreted.

The combination of a cost metric and a cost mode defines a Cost Type. an ALTO cost
type. Certain queries for Cost Maps ALTO cost maps allow the ALTO Client client to
indicate the desired
Cost Type. cost type. For a given ALTO Server, server, the
combination of Cost Type cost type and
Network Map network map defines a key. In other
words, an ALTO Server server MUST NOT define two Cost Maps ALTO cost maps with the
same Cost Type, Network Map cost type \ network map pair.

6.1.1. Cost Metric

The Metric cost metric attribute indicates what the cost represents. For
example, an ALTO Server server could define costs representing air-miles, air miles,
hop-counts, or generic routing costs.

Cost metrics are indicated in protocol messages as strings.

6.1.1.1. Cost Metric: routingcost

An ALTO Server server MUST offer the 'routingcost' Cost Metric. "routingcost" cost metric.

This Cost Metric cost metric conveys a generic measure for the cost of routing
traffic from a source to a destination. A lower value indicates a
higher preference for traffic to be sent from a source to a
destination.

Note that an ISP may internally compute routing cost using any method
that it chooses (e.g., air-miles air miles or hop-count) as long as it conforms
to these the semantics.

6.1.2. Cost Mode

The Mode cost mode attribute indicates how costs should be interpreted.
Specifically, the Mode cost mode attribute indicates whether returned
costs should be interpreted as numerical values or ordinal rankings.

It is important to communicate such information to ALTO Clients, clients, as
certain operations may not be valid on certain costs returned by an
ALTO Server. server. For example, it is possible for an ALTO Server server to
return a set of IP addresses with costs indicating a ranking of the
IP addresses. Arithmetic operations that would make sense for
numerical values, do not make sense for ordinal rankings. ALTO
Clients
clients may handle such costs differently.

Cost Modes modes are indicated in protocol messages as strings.

An ALTO Server server MUST support at least one of 'numerical' the following modes:
numerical and 'ordinal'
modes. ordinal. An ALTO Client client needs to be cognizant of
operations when its desired Cost Mode cost mode is not supported.
Specifically, an ALTO Client client desiring numerical costs MAY adjust its
behaviors if only the ordinal
Cost Mode cost mode is available. Alternatively,
an ALTO Client client desiring ordinal costs MAY construct ordinal costs
from retrieved numerical values, if only the numerical Cost Mode cost mode is
available.

6.1.2.1. Cost Mode: numerical

This Cost Mode cost mode is indicated by the string 'numerical'. "numerical". This mode
indicates that it is safe to perform numerical operations (e.g. (e.g.,
normalization or computing ratios for weighted load-balancing) on the
returned costs. The values are floating-point numbers.

6.1.2.2. Cost Mode: ordinal

This Cost Mode cost mode is indicated by the string 'ordinal'. "ordinal". This mode
indicates that the costs cost values in a Cost Map cost map represent a ranking
(relative to all other values in a Cost Map), cost map), not actual costs. The
values are non-negative integers, with a lower value indicating a
higher preference. Ordinal cost values in a Cost Map cost map need not be
unique nor or contiguous. In particular, it is possible that two entries
in a cost map have an identical rank (ordinal cost value). This
document does not specify any behavior by an ALTO Client client in this
case; an ALTO Client client may decide to break ties by random selection,
other application knowledge, or some other means.

6.2. Cost Map Structure

A request for a Cost Map an ALTO cost map will either explicitly or implicitly includes
include a list of Source Network Locations source network locations and a list of Destination Network
Locations. destination
network locations. (Recall that a Network Location network location can be an
endpoint address or a PID.)

Specifically, assume that a request specifies a list of multiple
Source Network Locations, source
network locations, say [Src_1, Src_2, ..., Src_m], and a list of multiple Destination Network Locations,
destination network locations, say [Dst_1, Dst_2, ..., Dst_n].

The ALTO Server server will return the Path Cost path cost for each of the m*n
communicating pairs (i.e., Src_1 -> Dst_1, ..., Src_1 -> Dst_n, ...,
Src_m -> Dst_1, ..., Src_m -> Dst_n). If the ALTO Server server does not
define a Path Cost the path cost for a particular pair, it that cost may be omitted.
This document refers to this structure as a Cost Map. cost map.

If the Cost Mode cost mode is 'ordinal', ordinal, the Path Cost path cost of each communicating pair
is relative to the m*n entries.

6.3. Network Map and Cost Map Dependency

A Cost Map

An ALTO cost map gives Path Costs path costs between the PIDs defined in a Network
Map. an ALTO
network map. An ALTO Server server may modify a Network Map an ALTO network map at any
time, say by adding or deleting PIDs, or even redefining them. Hence
Hence, to effectively use an instance of a Cost Map, an ALTO Client cost map, an ALTO
client must know which version of the Network Map network map defined the PIDs in
that Cost Map. cost map. Version Tags tags allow an ALTO Clients client to correlate Cost Map cost
map instances with the corresponding versions of the Network Map.

A Version Tag network maps.

Specifically, a version tag is a tuple of (1) an ID for the resource
(e.g., a
Network Map), an ALTO network map) and (2) a tag (an opaque string)
associated with the version of that resource. A Network Map An ALTO network map
distributed by an ALTO
Server server includes its Version Tag. A Cost Map version tag. An ALTO cost
map referring to PIDs also includes Version Tag the version tag for the Network Map network
map on which it is based.

Two Network Maps ALTO network maps are the same if they have the same Version Tag. version tag.
Whenever the content of the Network Map an ALTO network map maintained by an ALTO Server
server changes, the tag MUST also be changed. Possibilities of
setting the tag component include the last-modified timestamp for the Network Map,
network map, or a hash of its contents, where the collision
probability is considered zero in practical deployment scenarios.

6.4. Cost Map Update

An ALTO Server server can update a Cost Map an ALTO cost map at any time. Hence, the
same
Cost Map cost map retrieved from the same ALTO Server server but from different
requests can be inconsistent.

7. Endpoint Properties

An endpoint property defines a network-aware property of an endpoint.

7.1. Endpoint Property Type

For each endpoint and an endpoint property type, there can be a value
for the property. The type of an Endpoint endpoint property is indicated in
protocol messages as a string. The value depends on the specific
property. For example, for a property such as whether an endpoint is
metered, the value is a true or false value. See Section 10.8 for
more details on specifying endpoint properties.

7.1.1. Endpoint Property Type: pid

An ALTO Server server MUST define the 'pid' Endpoint Property Type "pid" endpoint property type for each
Network Map
ALTO network map that it provides. Specifically, each Network Map ALTO network
map defines multiple PIDs. For an 'ipv4'/'ipv6' Network Map, "ipv4"/"ipv6" network map, given
an endpoint's IP address, the ALTO Server server uses the algorithm
specified in Section 11.2.2 to lookup look up the PID of the endpoint. This
PID is the
'pid' "pid" property of the endpoint for the Network Map. network map. See
Section 11.4.1.7 for an example.

8. Protocol Specification: General Processing

This section first specifies general client and server processing.
The details of specific services will be covered in the following
sections.

8.1. Overall Design

The ALTO Protocol uses a REST-ful design. There are two primary
components to this design:

o Information Resources: An Each ALTO Server provides service is realized by a set of
network information resources. Each information resource has a
media type [RFC2046]. An ALTO Client client may construct an HTTP
request for a particular information resource (including any
parameters, if necessary), and the ALTO Server server returns the
requested information resource in an HTTP response.

o Information Resource Directory (IRD): An ALTO Server provides server uses an IRD
to inform an ALTO Clients client about a list of available information
resources and the URI at which each is provided. This document refers to this list as
the Information Resource Directory. can be accessed. ALTO Clients clients
consult the
directory IRDs to determine the services provided by an ALTO Server.
servers.

8.2. Notation

This document uses 'JSONString', 'JSONNumber', 'JSONBool' JSONString, JSONNumber, and JSONBool to indicate
the JSON string, number, and boolean types, respectively. The type
'JSONValue'
JSONValue indicates a JSON value, as specified in Section 2.1 3 of
[RFC4627].
[RFC7159].

This document uses an adaptation of the C-style struct notation to
define the fields (names/values) of JSON objects. A JSON object consists of name/value pairs.
This document refers to each pair as a field. In some context, this
document also refers to a field as an attribute. The name of a
field/attribute may be referred to as the key. An optional field is
enclosed by [ ], and an ]. In the definitions, the JSON names of the fields
are case sensitive. An array is indicated by two numbers in angle
brackets, <m..n>, where m indicates the minimal number of values, values and
n is the maximum. When this document writes uses * for n, it means no upper
bound. In the definitions, the JSON names of the fields are
case sensitive.

For example, the definition below defines a new type Type4, with
three field members (or fields for short) named "name1", "name2", and
"name3" "name3", respectively. The
field named "name3" is optional, and the field named "name2" is an
array of at least one value.

object { Type1 name1; Type2 name2<1..*>; [Type3 name3;]
} Type4;

This document also defines dictionary maps (or maps for short) from
strings to JSON values. For example, the definition below defines a
Type3 object as a map. Type1 must be defined as string, and Type2
can be defined as any type.

object-map { Type1 -> Type2; } Type3;

This document uses subtyping to denote that one type is derived from
another type. The example below denotes that TypeDerived is derived
from TypeBase. TypeDerived includes all fields defined in TypeBase.
If TypeBase does not have a field named "name1", TypeDerived will
have a new field named "name1". If TypeBase already has a field
named "name1" but with a different type, TypeDerived will have a
field named "name1" with the type defined in TypeDerived (i.e., Type1
in the example).

object { Type1 name1; } TypeDerived : TypeBase;

Note that that, despite the notation, no standard, machine-readable
interface definition or schema is provided in this document.
Extension documents may document describe these as necessary.

8.3. Basic Operations

The ALTO Protocol employs standard HTTP [RFC2616]. [RFC7230]. It is used for
discovering available Information Resources information resources at an ALTO Server server and
retrieving Information Resources. ALTO Clients clients and ALTO Servers servers use
HTTP requests and responses carrying ALTO-specific content with
encoding as specified in this document, and they MUST be compliant
with
[RFC2616]. [RFC7230].

Instead of specifying the generic application/json Media Type media type for all
ALTO request parameters (if any) and responses, ALTO Clients clients and
Servers
servers use multiple, specific JSON-based Media Types media types (e.g.,
application/alto-networkmap+json, application/alto-costmap+json) to
indicate content types; see Table 2 for a list of Media Types media types defined
in this document. This allows easy extensibility while maintaining
clear semantics and versioning. For example, a new version of a
component of the ALTO Protocol (e.g., a new version of the Network
Map) ALTO network
maps) can be defined by simply introducing a new Media Type media type (e.g.,
application/alto-networkmap-v2+json).

8.3.1. Client Discovering Information Resources

To discover available Information Resources, information resources provided by an ALTO Client requests
Information Resource Directories. Informally, an Information
Resource Directory enumerates URIs at which
server, an ALTO Server offers
Information Resources. client requests its IRD(s).

Specifically, using the an ALTO Discovery service discovery protocol, an ALTO Client
client obtains a URI through which it can request an Information Resource
Directory information
resource directory (IRD). This document refers to this IRD as the
Root IRD of the ALTO Client. client. Each entry in an IRD indicates a URI at
which an ALTO Server server accepts requests, and returns either an Information
Resource
information resource or an Information Resource Directory information resource directory that
references additional Information Resources. information resources. Beginning with its Root
IRD and following links to IRDs recursively, an ALTO Client client can
discover all
Information Resources information resources available to it. This set of Information
Resources
information resources is referred to as the Information Resource Closure information resource
closure of the ALTO Client. client. By inspecting its Information Resource Closure, information resource
closure, an ALTO
Client client can determine whether an ALTO Server server supports
the desired
Information Resource, information resource, and if it is supported, the URI at
which it is available.

See Section 9.2 for a detailed specification on of IRDs.

8.3.2. Client Requesting Information Resources

Where possible, the ALTO Protocol uses the HTTP GET method to request
resources. However, some ALTO services provide Information Resources information resources
that are the function of one or more input parameters. Input
parameters are encoded in the HTTP request's entity body, and the
ALTO Client client MUST use the HTTP POST method to send the parameters.

When requesting an ALTO Information Resource information resource that requires input
parameters specified in a HTTP POST request, an ALTO Client client MUST set
the Content-Type HTTP header to the media type corresponding to the
format of the supplied input parameters.

An ALTO client MUST NOT assume that the HTTP GET and POST methods are
interchangeable. In particular, for an information resource that
uses the HTTP GET method, an ALTO client MUST NOT assume that the
information resource will accept a POST request as equivalent to a
GET request.

8.3.3. Server Responding to IR Information Resource Request

Upon receiving a request for an Information Resource information resource that the ALTO
Server
server can provide, the ALTO Server server normally returns the requested
Information Resource.
information resource. In other cases, to be more informative
([I-D.ietf-httpbis-p2-semantics]),
([RFC7231]), the ALTO Server server either provides the ALTO Client client with an Information Resource Directory
information resource directory indicating how to reach the desired
information resource, or it returns an ALTO error object; see
Section 8.5 for more details on ALTO error handling.

It is possible for an ALTO Server server to leverage caching HTTP
intermediaries to respond to both GET and POST requests by including
explicit freshness information (see Section 14 of [RFC2616]). [RFC7230]).
Caching of POST requests is not widely implemented by HTTP
intermediaries, however
intermediaries; however, an alternative approach is for an ALTO
Server,
server, in response to POST requests, to return an HTTP 303 status
code ("See Other") indicating to the ALTO Client client that the resulting
Information Resource
information resource is available via a GET request to an alternate
URL. HTTP intermediaries that do not support caching of POST
requests could then cache the response to the GET request from the
ALTO Client client following the alternate URL in the 303 response if the
response to the subsequent GET request contains explicit freshness
information.

The ALTO Server server MUST indicate the type of its response using a media
type (i.e., the Content-Type HTTP header of the response).

8.3.4. Client Handling Server Response

8.3.4.1. Using Information Resources

This specification does not indicate any required actions taken by
ALTO Clients clients upon successfully receiving an Information Resource information resource from
an ALTO Server. server. Although ALTO Clients clients are suggested to interpret the
received ALTO Information information and adapt application behavior, ALTO
Clients
clients are not required to do so.

8.3.4.2. Handling Server Response and IRD

After receiving an Information Resource Directory, information resource directory, the Client client can
consult it to determine if any of the offered URIs contain the
desired Information Resource. information resource. However, an ALTO Client client MUST NOT
assume that the media type returned by the ALTO Server server for a request
to a URI is the media type advertised in the IRD or specified in its
request (i.e., the client must still check the Content-Type header).
The expectation is that the media type returned should normally be
the media type advertised and requested, but but, in some cases cases, it may
legitimately not be so.

In particular, it is possible for an ALTO Client client to receive an
Information Resource Directory
information resource directory from an ALTO Server server as a response to
its request for a specific Information Resource. information resource. In this case, the
ALTO Client client may ignore the response or still parse the response. To
indicate that an ALTO Client client will always check if a response is an
Information Resource Directory,
information resource directory, the ALTO Client client can indicate in the
"Accept" header of a HTTP request that it can accept Information
Resource Directory; information
resource directory; see Section 9.2 9.2.1 for the media type.

8.3.4.3. Handling Error Conditions

If an ALTO Client client does not successfully receive a desired Information
Resource information
resource from a particular ALTO Server server (i.e., server response
indicates error or there is no response), the Client client can either
choose another server (if one is available) or fall back to a default
behavior (e.g., perform peer selection without the use of ALTO
information, when used in a peer-to-peer system).

8.3.5. Authentication and Encryption

ALTO server implementations as well as ALTO client implementations
MUST support the "https" URI scheme [RFC2818] and TLS Transport Layer
Security (TLS) [RFC5246]. See Section 15.1.2 for security
considerations and Section 16 for manageability considerations
regarding the usage of HTTPS/TLS.

For deployment scenarios where client authentication is desired, HTTP
Digest Authentication MUST be supported. TLS Client Authentication
is the preferred mechanism if it is available.

8.3.6. Information Refreshing

An ALTO Client client can determine the frequency at which ALTO Information information
is refreshed based on information made available via HTTP.

8.3.7. Parsing of Unknown Fields

This document only details object fields used by this specification.
Extensions may include additional fields within JSON objects defined
in this document. ALTO implementations MUST ignore unknown fields
when processing ALTO messages.

8.4. Server Response Encoding

Though each type of ALTO Server server response (i.e., an Information
Resource Directory, information
resource directory, an individual Information Resource, information resource, or an error
message) has its distinct syntax and hence and, hence, its unique Media Type, media type,
they are designed to have a similar structure: a meta field providing named "meta"
to provide meta definitions, and another field containing named "data" to
contain the data, if needed.

Specifically, this document defines the base type of each ALTO Server server
response as ResponseEntityBase:

object { ResponseMeta meta; } ResponseEntityBase;

with field:

meta

meta: meta information pertaining to the response.

8.4.1. Meta Information

Meta information is encoded as a map object for flexibility.
Specifically, ResponseMeta is defined as:

object-map { JSONString -> JSONValue } ResponseMeta;

8.4.2. Data Information

The data component of the response encodes the response-specific
data. This document derives five types from ResponseEntityBase to
add different types of data component: InfoResourceDirectory
(Section 9.2.2), InfoResourceNetworkMap (Section 11.2.1.6),
InfoResourceCostMap (Section 11.2.3.6),
InfoResourceEndpointProperties (Section 11.4.1.6), and
InfoResourceEndpointCostMap (Section 11.5.1.6).

8.5. Protocol Errors

If there is an ALTO server encounters an error while processing a request, an the
ALTO Server server SHOULD return additional ALTO-layer information, if it is
available, in the form of an ALTO Error Resource error resource encoded in the HTTP
response' entity body. If no ALTO-layer information is available, an
ALTO Server server may omit an the ALTO Error error resource from the response.

With or without additional ALTO-layer error information, an ALTO
Server
server MUST set an appropriate HTTP status code. It is important to
note that the HTTP Status Code status code and ALTO Error Resource error resource have distinct
roles. An ALTO Error Resource error resource provides detailed information about
why a particular request for an ALTO Resource information resource was not
successful. The HTTP status code code, on the other hand, indicates to
HTTP processing elements (e.g., intermediaries and clients) how the
response should be treated.

8.5.1. Media Type

The media type for an ALTO Error Response error response is "application/
alto-error+json".

8.5.2. Response Format and Error Codes

An ALTO Error Response error response MUST include the a field named "code" key in the
"meta" field of the response. The value of "code" MUST be an ALTO Error
Code, error code,
encoded in string, defined in Table 1. Note that the ALTO
Error Codes error
codes defined in Table 1 are limited to support the error conditions
needed for purposes of this document. Additional status codes may be
defined in companion or extension documents.

Table 1: Defined ALTO Error Codes. Codes

After an ALTO Server server receives a request, it needs to verify the
syntactic and semantic validity of the request. The following
paragraphs in this section are intended to illustrate the usage of
the error codes defined above during the verification. An individual
implementation may define its message processing in a different
order.

In the first step after an ALTO Server server receives a request, it checks
the syntax of the request body (i.e., whether the JSON structure can
be parsed), and indicates a syntax error using the error code
E_SYNTAX. For an E_SYNTAX error, the ALTO Server server MAY provide an
optional key field named "syntax-error" in the "meta" field of the error
response. The objective of providing "syntax-error" is to provide
technical debugging information to developers, not end users. Hence,
it should be a human-readable, free-form text describing the syntax
error. If possible, the text should include position information
about the syntax error, such as line number and offset within line about the syntax error.
line. If nothing else, the value of the field named "syntax-error"
could have include just the position. If a syntax error occurs in a
production environment, the ALTO Client client could inform the end user
that there was an error communicating with the ALTO Server, server, and
suggest that the user submit the error information, which includes
"syntax-error", to the developers.

A request without syntax errors may still be invalid. An error case
is that the request misses a required field. The server indicates
such an error using the error code E_MISSING_FIELD. This document
defines required fields for Filtered Network Map Filtering (Section 11.3.1.3),
Filtered Cost Map Filtering (Section 11.3.2.3), Endpoint Properties
(Section 11.4.1.3), and Endpoint Cost (Section 11.5.1.3). 11.5.1.3) services.
For an E_MISSING_FIELD error, the server may include an optional
field named "field" key in the "meta" field of the error response, to
indicate the missing field. "field" should be a JSONString indicating
the full path of the missing field. For example, assume that a
Filtered CostMap Cost Map request (see Section 11.3.2.3) misses the "cost-metric" field in omits the request. "cost-
metric" field. The error response from the ALTO Server server may specify
the value of "field" key as "cost-type/cost-mode". "cost-type/cost-metric".

A request with the correct fields might use a wrong type for the
value of a field. For example, the value of a field could be a
JSONString when a JSONNumber is expected. The server indicates such
an error using the error code E_INVALID_FIELD_TYPE. The server may
include an optional "field" key in the "meta" field of the response,
to indicate the field that contains the wrong type.

A request with the correct fields and types of values for the fields
may specify a wrong value for a field. For example, a cost map
filtering request may specify a wrong type for the
value of CostMode in a field. For example, the "cost-
type" value of a field (Section 11.3.2.3). could be a
JSONString when a JSONNumber is expected. The server indicates such
an error
with using the error code E_INVALID_FIELD_VALUE. For an
E_INVALID_FIELD_VALUE error, the E_INVALID_FIELD_TYPE. The server may
include an optional field named "field" key in the "meta" field of the
response, to indicate the field that contains the wrong value. The server may also include an
optional "value" key in the "meta" field of the response to indicate
the wrong value that triggered the error. type.

A request with the correct fields and types of values for the fields
may specify a wrong value for a field. For example, a filtered cost
map Filtered Cost
Map request may specify a wrong value for CostMode in the "cost-type"
field (Section 11.3.2.3). The server indicates such an error with
the error code E_INVALID_FIELD_VALUE. For an E_INVALID_FIELD_VALUE
error, the server may include an optional field named "field" key in the
"meta" field of the response, to indicate the field that contains the
wrong value. The server may also include an optional field named
"value" key in the "meta" field of the response to indicate the wrong
value that triggered the error. If the "value" key field is specified,
the "field"
key field MUST be specified. The "value" key field MUST have a
JSONString value. If the invalid value is not a string, the ALTO Server
server MUST convert it to a string. Below are the rules to specify
the "value" key:

o If the invalid value is a string, "value" is that string;

o If the invalid value is a number, "value" must be the invalid
number as a string;

o If the invalid value is a subfield, the server must set the
"field" key to the full path of the field name and "value" to the
invalid subfield value, converting it to a string if needed. For
example, if the "cost-mode" subfield of the "cost-type" field is
an invalid mode "foo", the server should set "value" to "foo", and
"field" to "cost-mode/cost-type";

o If an element of a JSON array has an invalid value, the server
sets "value" to the value of the invalid element, as a string, and
"field" to the name of the array. An array element of the wrong
type (e.g., a number in what is supposed to be an array of
strings) is an invalid value error, not an invalid type error.
The server sets "value" to the string version of the incorrect
element, and "field" to the name of the array.

If multiple errors are present in a single request (e.g., a request
uses a JSONString when a JSONNumber is expected and a required field
is missing), then the ALTO Server server MUST return exactly one of the
detected errors. However, the reported error is implementation
defined, since specifying a particular order for message processing
encroaches needlessly on implementation techniques.

8.5.3. Overload Conditions and Server Unavailability

If an ALTO Server server detects that it cannot handle a request from an
ALTO Client client due to excessive load, technical problems, or system
maintenance, it SHOULD do one of the following:

o Return an HTTP 503 ("Service Unavailable") status code to the ALTO
Client.
client. As indicated by [RFC2616], [RFC7230], the Retry-After HTTP header
may be used to indicate when the ALTO Client client should retry the
request.

o Return an HTTP 307 ("Temporary Redirect") status code indicating
an alternate ALTO Server server that may be able to satisfy the request.
Using Temporary Redirect may generate infinite redirection loops.
Although [RFC2616] [RFC7231] Section 10.3 requires 6.4 specifies that an HTTP client
SHOULD detect infinite redirection loops, it is more desirable
that multiple ALTO Servers are servers be configured to not to form redirection
loops.

The ALTO Server server MAY also terminate the connection with the ALTO
Client.
client.

The particular policy applied by an ALTO Server server to determine that it
cannot service a request is outside of the scope of this document.

9. Protocol Specification: Information Resource Directory

As already discussed, an ALTO Client client starts by retrieving an
Information Resource Directory,
information resource directory, which specifies the attributes of
individual Information Resources information resources that an ALTO Server server provides.

9.1. Information Resource Attributes

In this document, each Information Resource information resource has up to five attributes
associated with it, including its assigned ID, its response format,
its capabilities, its accepted input parameters, and other resources
that
on which it may depend on. depend. The function of an Information Resource
Directory information resource
directory is to publishes these attributes.

9.1.1. Resource ID

Each Information Resource information resource that an ALTO Client client can request MUST be
assigned an a resource ID attribute that is unique amongst all Information Resources
information resources in the Information Resource Closure information resource closure of the
client. The resource ID SHOULD remain stable even when the data
provided by that resource changes. For example, even though the
number of PIDs in a Network Map an ALTO network map may be adjusted, its Resource resource
ID should remain the same. Similarly, if the entries in a Cost Map an ALTO cost
map are updated, its Resource resource ID should remain the same. IDs SHOULD
NOT be re-used reused for different resources over time.

9.1.2. Media Type

ALTO uses Media Type media types [RFC2046] to uniquely indicate the data format
used to encode the content to be transmitted between an ALTO Server server
and an ALTO Client client in the HTTP entity body.

9.1.3. Capabilities

The Capabilities attribute of an Information Resource information resource indicates
specific capabilities that the server can provide. For example, if
an ALTO Server server allows an ALTO Client client to specify cost constraints when
the Client client requests a Cost Map Information Resource, cost map information resource, then the Server server
advertises the cost-constraints "cost-constraints" capability of the Cost Map
Information Resource. cost map
information resource.

9.1.4. Accepts Input Parameters

An ALTO Server server may allow an ALTO Client client to supply input parameters
when requesting certain Information Resources. information resources. The associated
accepts
"accepts" attribute of such an Information Resource is information resource specifies a Media Type, media
type, which indicates how the Client client specifies the input parameters
as contained in the entity body of the HTTP POST request.

9.1.5. Dependent Resources

The information provided in an Information Resource information resource may use
information provided in some other resources (e.g., a Cost Map cost map uses
the PIDs defined in a Network Map). network map). The uses "uses" attribute conveys
such information.

9.2. Information Resource Directory (IRD)

An ALTO Server server uses Information Resource Directory the information resource directory to publish
available Information Resources information resources and their aforementioned attributes.
Since resource selection happens after consumption of the Information
Resource Directory, information
resource directory, the format of the Information Resource Directory information resource directory
is designed to be simple with the intention of future ALTO Protocol
versions maintaining backwards compatibility. Future extensions or
versions of the ALTO Protocol SHOULD be accomplished by extending
existing media types or adding new media types, types but retaining the same
format for the Information Resource Directory.

An ALTO Server server MUST make an Information Resource Directory one information resource directory available
via the HTTP GET method to a URI discoverable by an ALTO Client. client.
Discovery of this URI is out of scope of this document, but it could
be accomplished by manual configuration or by returning the URI of an
Information Resource Directory
information resource directory from the ALTO Discovery Protocol
[I-D.ietf-alto-server-discovery].
[ALTO-SERVER-DISC]. For recommendations on how what the URI may look
like, see [I-D.ietf-alto-server-discovery]. [ALTO-SERVER-DISC].

9.2.1. Media Type

The media type to indicate an information resource directory is "application/
alto-directory+json".
"application/alto-directory+json".

9.2.2. Encoding

An Information Resource Directory information resource directory response may include in the "meta"
field the "cost-types" key, field, whose value is of type IRDMetaCostTypes
defined below, where CostType is defined in Section 10.7:

object-map {
JSONString -> CostType;
} IRDMetaCostTypes;

The function of "cost-types" is to assign names to a set of CostTypes
that can be used in one or more "resources" entries in the IRD to
simplify specification. The names defined in "cost-types" in an IRD
are local to the IRD.

For a Root IRD, "meta" MUST include the "default-alto-network-map"
key, a field named "default-alto-
network-map", which value specifies the Resource resource ID of a Network Map. an ALTO
network map. When there are multiple Network Maps network maps defined in an IRD
(e.g., with different levels of granularity), the "default-alto-network-map" key "default-alto-
network-map" field provides a guideline to simple clients that use
only one Network Map. network map.

The data component of an Information Resource Directory information resource directory response is
named "resources", which is a JSON object of type IRDResourceEntries:

object {
IRDResourceEntries resources;
} InfoResourceDirectory : ResponseEntityBase;

object-map {
ResourceID -> IRDResourceEntry;
} IRDResourceEntries;

object {
JSONString uri;
JSONString media-type;
[JSONString accepts;]
[Capabilities capabilities;]
[ResourceID uses<0..*>;]
} IRDResourceEntry;

object {
...
} Capabilities;

An IRDResourceEntries object is a dictionary map keyed by
ResourceIDs, where ResourceID is defined in Section 10.2. The value
of each entry specifies:

uri

uri: A URI at which the ALTO Server server provides one or more Information
Resources,
information resources, or an Information Resource Directory information resource
directory indicating additional Information Resources. information resources.
URIs can be relative to the URI of the IRD and MUST be
resolved according to Section 5 of [RFC3986].

media-type

media-type: The media type of Information Resource the information resource (see
Section 9.1.2) available via GET or POST requests to
the corresponding URI or "application/alto-directory+json", which URI. A value of "application/
alto-directory+json" indicates that the response for a
request to the URI will be an
Information Resource Directory for URIs discoverable via information resource
directory defining additional information resources in
the URI.

accepts information resource closure.

accepts: The media type of input parameters (see Section 9.1.4)
accepted by POST requests to the corresponding URI.
If this field is not present, it MUST be assumed to be
empty.

capabilities

capabilities: A JSON Object object enumerating capabilities of an ALTO
Server
server in providing the Information Resource information resource at the
corresponding URI and Information Resources information resources
discoverable via the URI. If this field is not
present, it MUST be assumed to be an empty object. If
a capability for one of the offered Information Resources information
resources is not explicitly listed here, an ALTO Client
client may either issue an OPTIONS HTTP request to the
corresponding URI to determine if the capability is supported,
supported or assume its default value documented in
this specification or an extension document describing
the capability.

uses

uses: A list of Resource resource IDs, defined in the same IRD, that
define the resources on which this resource directly
depends. An ALTO
Server server SHOULD include in this list
any resources that the ALTO
Client client would need to
retrieve in order to interpret the contents of this
resource. For example, a Cost Map an ALTO cost map resource
should include in this list the Network Map network map on which
it depends. ALTO Clients clients may wish to consult this
list in order to pre-fetch necessary resources.

If an entry has an empty list for "accepts", then the corresponding
URI MUST support GET requests. If an entry has a non-empty
"accepts", then the corresponding URI MUST support POST requests. If
an ALTO Server server wishes to support both GET and POST on a single URI,
it MUST specify two entries in the Information Resource Directory. information resource directory.

9.2.3. Example

The following is an example Information Resource Directory information resource directory returned
by an ALTO Server server to an ALTO Client. client. Assume it is the Root IRD of
the Client. client.

GET /directory HTTP/1.1
Host: alto.example.com
Accept: application/alto-directory+json,application/alto-error+json

HTTP/1.1 200 OK
Content-Length: 2333
Content-Type: application/alto-directory+json

{
"meta" : {
"cost-types": {
"num-routing": {
"cost-mode" : "numerical",
"cost-metric": "routingcost",
"description": "My default"
},
"num-hop": {
"cost-mode" : "numerical",
"cost-metric": "hopcount"
},
"ord-routing": {
"cost-mode" : "ordinal",
"cost-metric": "routingcost"
},
"ord-hop": {
"cost-mode" : "ordinal",
"cost-metric": "hopcount"
}
},
"default-alto-network-map" : "my-default-network-map"
},
"resources" : {
"my-default-network-map" : {
"uri" : "http://alto.example.com/networkmap",
"media-type" : "application/alto-networkmap+json"
},
"numerical-routing-cost-map" : {
"uri" : "http://alto.example.com/costmap/num/routingcost",
"media-type" : "application/alto-costmap+json",
"capabilities" : {
"cost-type-names" : [ "num-routing" ]
},
"uses": [ "my-default-network-map" ]
},
"numerical-hopcount-cost-map" : {
"uri" : "http://alto.example.com/costmap/num/hopcount",
"media-type" : "application/alto-costmap+json",
"capabilities" : {
"cost-type-names" : [ "num-hop" ]
},
"uses": [ "my-default-network-map" ]
},
"custom-maps-resources" : {
"uri" : "http://custom.alto.example.com/maps",
"media-type" : "application/alto-directory+json"
},
"endpoint-property" : {
"uri" : "http://alto.example.com/endpointprop/lookup",
"media-type" : "application/alto-endpointprop+json",
"accepts" : "application/alto-endpointpropparams+json",
"capabilities" : {
"prop-types" : [ "my-default-network-map.pid",
"priv:ietf-example-prop" ]
},
},
"endpoint-cost" : {
"uri" : "http://alto.example.com/endpointcost/lookup",
"media-type" : "application/alto-endpointcost+json",
"accepts" : "application/alto-endpointcostparams+json",
"capabilities" : {
"cost-constraints" : true,
"cost-type-names" : [ "num-routing", "num-hop",
"ord-routing", "ord-hop"]
}
}
}
}

Specifically, the "cost-types" key field of "meta" of the example IRD
defines names for four cost types in this IRD. For example, "num-
routing"
"num-routing" in the example is the name that refers to a Cost Type cost type
with
Cost Mode cost mode being "numerical" and Cost Metric cost metric being "routingcost".
This name is used in the second entry of "resources", which defines a
Cost Map.
cost map. In particular, the "cost-type-names" of its "capabilities"
specifies that this resource supports a Cost Type cost type named as "num-
routing".
"num-routing". The ALTO Client client looks up the name "num-routing" in "cost-
types"
"cost-types" of the IRD to obtain the Cost Type cost type named as
"num-routing". The last entry of "resources" uses all four names
defined in "cost-
types". "cost-types".

Another key field defined in "meta" of the example IRD is "default-alto-
network-map",
"default-alto-network-map", which has value "my-default-network-map",
which is the
Resource resource ID of a Network Map an ALTO network map that will be defined
in "resources".

The "resources" field of the example IRD defines six Information
Resources. information
resources. For example, the second entry, which is assigned a
Resource
resource ID "numerical-routing-cost-map", provides a Cost Map, cost map, as
indicated by the media-type "application/alto-costmap+json". The
Cost Map
cost map is based on the Network Map network map defined with Resource resource ID "my-
default-network-map".
"my-default-network-map". As another example, the last entry, which
is assigned Resource resource ID "endpoint-cost", provides the Endpoint Cost
Service, which is indicated by the media-type "application/
alto-endpointcost+json". An ALTO Client client should use uri
"http://alto.example.com/endpointcost/lookup" to access the service.

The ALTO Client client should format its request body to be the
"application/alto-endpointcostparams+json" media type, as specified
by the "accepts" attribute of the Information Resource. information resource. The "cost-
type-names" field of the "capabilities" attribute of the Information
Resource information
resource includes four defined cost types specified in the "cost-
types" key field of "meta" of the IRD. Hence, one an ALTO client can verify
that the Endpoint Cost Information Resource information resource supports both Cost Metrics
'routingcost' cost
metrics "routingcost" and 'hopcount', "hopcount", each available for both 'numerical'
"numerical" and
'ordinal'. "ordinal" cost modes. When requesting the Information Resource,
information resource, an ALTO Client client can specify cost constraints, as
indicated by the "cost-constraints" field of the "capabilities"
attribute.

9.2.4. Delegation using Using IRD

ALTO Information Resource Directory provides IRDs provide the flexibility to provide define a set of information
resources that are provided by ALTO Service (e.g., delegation to another domain). servers running in multiple
domains. Consider the preceding example. Assume that the ALTO Server
server running at alto.example.com wants to delegate some Information Resources information
resources to a separate subdomain: "custom.alto.example.com". In
particular, assume that the maps available via this subdomain are
filtered Network Maps, network maps, filtered Cost Maps, cost maps, and some pre-generated
maps for the "hopcount" and "routingcost" Cost Metrics cost metrics in the
"ordinal" Cost Mode. cost mode. The fourth entry of "resources" in the
preceding example IRD implements the delegation. The entry has a
media-type of "application/
alto-directory+json", "application/alto-directory+json", and an ALTO Client client
can discover the Information
Resources information resources available at
"custom.alto.example.com" if its request to
"http://custom.alto.example.com/maps" is successful:

GET /maps HTTP/1.1
Host: custom.alto.example.com
Accept: application/alto-directory+json,application/alto-error+json

HTTP/1.1 200 OK
Content-Length: 1900
Content-Type: application/alto-directory+json

{
"meta" : {
"cost-types": {
"num-routing": {
"cost-mode" : "numerical",
"cost-metric": "routingcost",
"description": "My default"
},
"num-hop": {
"cost-mode" : "numerical",
"cost-metric": "hopcount"
},
"ord-routing": {
"cost-mode" : "ordinal",
"cost-metric": "routingcost"
},
"ord-hop": {
"cost-mode" : "ordinal",
"cost-metric": "hopcount"
}
}
},
"resources" : {
"filtered-network-map" : {
"uri" : "http://custom.alto.example.com/networkmap/filtered",
"media-type" : "application/alto-networkmap+json",
"accepts" : "application/alto-networkmapfilter+json",
"uses": [ "my-default-network-map" ]
},
"filtered-cost-map" : {
"uri" : "http://custom.alto.example.com/costmap/filtered",
"media-type" : "application/alto-costmap+json",
"accepts" : "application/alto-costmapfilter+json",
"capabilities" : {
"cost-constraints" : true,
"cost-type-names" : [ "num-routing", "num-hop",
"ord-routing", "ord-hop" ]
},
"uses": [ "my-default-network-map" ]
},
"ordinal-routing-cost-map" : {
"uri" : "http://custom.alto.example.com/ord/routingcost",
"media-type" : "application/alto-costmap+json",
"capabilities" : {
"cost-type-names" : [ "ord-routing" ]
},
"uses": [ "my-default-network-map" ]
},
"ordinal-hopcount-cost-map" : {
"uri" : "http://custom.alto.example.com/ord/hopcount",
"media-type" : "application/alto-costmap+json",
"capabilities" : {
"cost-type-names" : [ "ord-hop" ], ]
},
"uses": [ "my-default-network-map" ]
}
}
}

Note that the subdomain does not define Network Map, any network maps, and uses
the
Network Map network map with Resource resource ID "my-default-network-map" defined in
the Root IRD.

9.2.5. Considerations of Using IRD

9.2.5.1. ALTO Client client

This document specifies no requirements or constraints on ALTO
Clients
clients with regards regard to how they process an Information Resource
Directory information resource
directory to identify the URI corresponding to a desired Information
Resource. information
resource. However, some advice is provided for implementors. implementers.

It is possible that multiple entries in the directory match a desired
Information Resource.
information resource. For instance, in the example in Section 9.2.3,
a full Cost Map cost map with the "numerical" Cost Mode cost mode and the "routingcost" Cost
Metric
cost metric could be retrieved via a GET request to
"http://alto.example.com/costmap/num/routingcost",
"http://alto.example.com/costmap/num/routingcost" or via a POST
request to "http://custom.alto.example.com/costmap/filtered".

In general, it is preferred for ALTO Clients clients to use GET requests
where appropriate, since it is more likely for responses to be
cachable.
cacheable. However, an ALTO Client client may need to use POST, for
example, to get ALTO costs or properties that are for a restricted
set of PIDs or Endpoints, endpoints or to update cached information previously
acquired via GET requests." requests.

9.2.5.2. ALTO Server server

This document indicates that an ALTO Server server may or may not provide
the Information Resources information resources specified in the Map Filtering Map-Filtering Service. If
these resources are not provided, it is indicated to an ALTO Client client
by the absence of a Network Map network map or Cost Map cost map with any media types
listed under "accepts".

10. Protocol Specification: Basic Data Types

This section details the format of basic data types.

10.1. PID Name

A PID Name is encoded as a JSON string. The string MUST be no more
than 64 characters, and it MUST NOT contain characters other than US-
ASCII alphanumeric characters (U+0030-U+0039, U+0041-U+005A, and
U+0061-U+007A), the hyphen ('-', U+002D), the colon (':', U+003A),
the at sign ('@', code point U+0040), the low line ('_', U+005F), or
the '.' separator (U+002E). The '.' separator is reserved for future
use and MUST NOT be used unless specifically indicated in this
document, or an extension document.

The type 'PIDName' PIDName is used in this document to indicate a string of
this format.

10.2. Resource ID

A Resource resource ID uniquely identifies an a particular resource (e.g., a
Network Map) an
ALTO network map) within an ALTO Server server (see Section 9.2).

A Resource resource ID is encoded as a JSON string with the same format as
that of the type PIDName.

The type 'ResourceID' ResourceID is used in this document to indicate a string of
this format.

10.3. Version Tag

A Version Tag version tag is defined as:

object {
ResourceID resource-id;
JSONString tag;
} VersionTag;
As described in Section 6.3, the 'resource-id' attribute is "resource-id" field provides the
Resource
resource ID of a resource (e.g., a Network Map) network map) defined in the
Information Resource Directory,
information resource directory, and 'tag' is "tag" provides an identifier
string.

Two values of the VersionTag version tags are equal if and only if both the
'resource-id' attributes "resource-id"
fields are byte-for-byte equal and the 'tag'
attributes "tag" fields are byte-for-byte
equal.

A 'tag' string representing the "tag" field MUST be no more than 64
characters, and it MUST NOT contain any character below U+0021 or
above U+007E. It is RECOMMENDED that the tag "tag" string have a low
collision probability with other tags. One suggested mechanism is to
compute it using a hash of the data contents of the resource.

10.4. Endpoints

This section defines formats used to encode addresses for Endpoints. endpoints.
In a case that multiple textual representations encode the same
Endpoint
endpoint address or prefix (within the guidelines outlined in this
document), the ALTO Protocol does not require ALTO Clients clients or ALTO
Servers
servers to use a particular textual representation, nor does it
require that ALTO Servers servers reply to requests using the same textual
representation used by requesting ALTO Clients. clients. ALTO Clients clients must be
cognizant of this.

10.4.1. Typed Endpoint Addresses

When an Endpoint Address endpoint address is used, an ALTO implementation must be able
to determine its type. For this purpose, the ALTO Protocol allows
endpoint addresses to also explicitly indicate their types. This
document refers to such addresses as Typed "Typed Endpoint Addresses. Addresses".

Typed Endpoint Addresses endpoint addresses are encoded as strings of the format
'AddressType:EndpointAddr',
AddressType:EndpointAddr, with the ':' character as a separator. The
type 'TypedEndpointAddr' TypedEndpointAddr is used to indicate a string of this format.

10.4.2. Address Type

The AddressType component of TypedEndPointAddr is defined as a string
consisting of only US-ASCII alphanumeric characters (U+0030-U+0039,
U+0041-U+005A, and U+0061-U+007A). The type 'AddressType' AddressType is used in
this document to indicate a string of this format.

This document defines two values for AddressType: 'ipv4' "ipv4" to refer to
IPv4 addresses, addresses and 'ipv6' "ipv6" to refer to IPv6 addresses. All
AddressType identifiers appearing in an HTTP request or response with
an 'application/alto-*' "application/alto-*" media type MUST be registered in the ALTO "ALTO
Address Type registry Registry" (see Section 14.4).

10.4.3. Endpoint Address

The EndpointAddr component of TypedEndPointAddr is also encoded as a
string. The exact characters and format depend on AddressType. This
document defines EndpointAddr when AddressType is 'ipv4' "ipv4" or 'ipv6'. "ipv6".

10.4.3.1. IPv4

IPv4 Endpoint Addresses are encoded as specified by the 'IPv4address' IPv4address
rule in Section 3.2.2 of [RFC3986].

10.4.3.2. IPv6

IPv6 Endpoint Addresses endpoint addresses are encoded as specified in Section 4 of
[RFC5952].

10.4.4. Endpoint Prefixes

For efficiency, it is useful to denote a set of Endpoint Addresses endpoint addresses
using a special notation (if one exists). This specification makes
use of the prefix notations for both IPv4 and IPv6 for this purpose.

Endpoint Prefixes prefixes are encoded as strings. The exact characters and
format depend on the type of endpoint address.

The type 'EndpointPrefix' EndpointPrefix is used in this document to indicate a string
of this format.

10.4.4.1. IPv4

IPv4 Endpoint Prefixes endpoint prefixes are encoded as specified in Section 3.1 of
[RFC4632].

10.4.4.2. IPv6

IPv6 Endpoint Prefixes endpoint prefixes are encoded as specified in Section 7 of
[RFC5952].

10.4.5. Endpoint Address Group

The ALTO Protocol includes messages that specify potentially large
sets of endpoint addresses. Endpoint Address Groups address groups provide a more
efficient way to encode such sets, even when the set contains
endpoint addresses of different types.

An Endpoint Address Group endpoint address group is defined as:

object-map {
AddressType -> EndpointPrefix<0..*>;
} EndpointAddrGroup;

In particular, an Endpoint Address Group endpoint address group is a JSON object
representing a map, where each key is the string corresponding to an
address type, and the corresponding value is an array listing
prefixes of addresses of that type.

The following is an example with both IPv4 and IPv6 endpoint
addresses:

{
"ipv4": [
"192.0.2.0/24",
"198.51.100.0/25"
],
"ipv6": [
"2001:db8:0:1::/64",
"2001:db8:0:2::/64"
]
}

10.5. Cost Mode

A Cost Mode cost mode is encoded as a string. The string MUST either have the a value 'numerical' of
either "numerical" or 'ordinal'. "ordinal".

The type 'CostMode' CostMode is used in this document to indicate a string of
this format.

10.6. Cost Metric

A Cost Metric cost metric is encoded as a string. The string MUST be no more
than 32 characters, and it MUST NOT contain characters other than US-
ASCII alphanumeric characters (U+0030-U+0039, U+0041-U+005A, and
U+0061-U+007A), the hyphen ('-', U+002D), the colon (':', U+003A),
the low line ('_', U+005F), or the '.' separator (U+002E). The '.'
separator is reserved for future use and MUST NOT be used unless
specifically indicated by a companion or extension document.

Identifiers prefixed with 'priv:' "priv:" are reserved for Private Use
[RFC5226] without a need to register with IANA. All other
identifiers that appear in an HTTP request or response with an
'application/alto-*'
"application/alto-*" media type and indicate Cost Metrics cost metrics MUST be
registered in the ALTO "ALTO Cost Metrics registry Metric Registry" Section 14.2. For an
identifier with the 'priv:' "priv:" prefix, an additional string (e.g.,
company identifier or random string) MUST follow (i.e., 'priv:' "priv:" only
is not a valid identifier) to reduce potential collisions.

The type 'CostMetric' CostMetric is used in this document to indicate a string of
this format.

10.7. Cost Type

The combination of a CostMetric and a CostMode defines a the type CostType:

object {
CostMetric cost-metric;
CostMode cost-mode;
[JSONString description;]
} CostType;

'description',

The "description" field, if present, MUST contain provide a string value with
a human-
readable human-readable description of the cost-metric and cost-mode. An
ALTO
Client client MAY present this string to a developer, as part of a
discovery
process. But process; however, the field is not intended to be
interpreted by an ALTO
Client. client.

10.8. Endpoint Property

This document will distinguish distinguishes two types of Endpoint Properties:
Resource Specific Endpoint Properties endpoint properties:
resource-specific endpoint properties and Global Endpoint Properties. global endpoint properties.
The type 'EndpointPropertyType' EndpointPropertyType is used in this document to indicate a
string denoting either a Resource Specific Endpoint Property resource-specific endpoint property or a
Global Endpoint Property.
global endpoint property.

10.8.1. Resource Specific Resource-Specific Endpoint Properties

This document defines only one Resource Specific Endpoint Property in

The name of resource-specific endpoint property MUST follow this document: pid. It has the following
format: a Resource resource ID, followed by the '.' separator (U+002E),
followed by "pid". a name obeying the same rules as for global endpoint
property names (Section 10.8.2).

This document defines only one resource-specific endpoint property:
pid. An example is "my-default-networkmap.pid".

10.8.2. Global Endpoint Properties

An Global Endpoint Property

A global endpoint property is encoded as a string. The string MUST
be no more than 32 characters, and it MUST NOT contain characters
other than US-ASCII alphanumeric characters (U+0030-U+0039,
U+0041-U+005A, and U+0061-U+007A), the hyphen ('-', U+002D), the
colon (':', U+003A), or the low line ('_', U+005F). Note that the
'.' separator is not allowed so that there is no ambiguity on whether
an endpoint property is global or resource specific.

Identifiers prefixed with 'priv:' "priv:" are reserved for Private Use
[RFC5226] without a need to register with IANA. All other
identifiers for Endpoint Properties endpoint properties appearing in an HTTP request or
response with an 'application/alto-*' "application/alto-*" media type MUST be registered
in the ALTO "ALTO Endpoint Property registry Type Registry" Section 14.3. For an Endpoint
Property
endpoint property identifier with the 'priv:' "priv:" prefix, an additional
string (e.g., company identifier or random string) MUST follow (i.e.,
'priv:'
"priv:" only is not a valid Endpoint Property endpoint property identifier) to reduce
potential collisions.

11. Protocol Specification: Service Information Resources

This section documents the individual Information Resources information resources defined
to provide the services defined in this document.

11.1. Meta Information

For the "meta" field of the response to an individual Information
Resource, information
resource, this document defines two generic keys: "vtag", fields: the "vtag" field,
which is provides the Version Tag version tag (see Section 10.3) of the current Information
Resource;
information resource, and "dependent-vtags", the "dependent-vtags" field, which is an
array of Version Tags, version tags, to indicate the Version Tags version tags of the resources that
on which this resource
depends on. depends.

11.2. Map Service

The Map Service provides batch information to ALTO Clients clients in the
form of two types of maps: a Network Map ALTO network maps and Cost Map. ALTO cost maps.

11.2.1. Network Map

A Network Map Information Resource

An ALTO network map information resource defines a set of PIDs, and
for each PID, lists the network locations (endpoints) within the PID.
An ALTO Server server MUST provide at least one Network Map. network map.

11.2.1.1. Media Type

The media type of Network Map ALTO network maps is "application/alto-networkmap+json". "application/alto-
networkmap+json".

11.2.1.2. HTTP Method

A Network Map

An ALTO network map resource is requested using the HTTP GET method.

11.2.1.3. Accept Input Parameters

None.

11.2.1.4. Capabilities

None.

11.2.1.5. Uses

None.

11.2.1.6. Response

The "meta" field of a Network Map an ALTO network map response MUST include "vtag", the
"vtag" field, which
is provides the Version Tag version tag of the retrieved Network Map. network
map.

The data component of a Network Map an ALTO network map response is named "network-map", "network-
map", which is a JSON object of type NetworkMapData:

object {
NetworkMapData network-map;
} InfoResourceNetworkMap : ResponseEntityBase;

object-map {
PIDName -> EndpointAddrGroup;
} NetworkMapData;
Specifically, a NetworkMapData object is a dictionary map keyed by
PIDs, and each
PIDs. The value representing of each PID is the associated set of endpoint
addresses of a for the PID.

The returned Network Map network map MUST include all PIDs known to the ALTO
Server.
server.

11.2.1.7. Example

GET /networkmap HTTP/1.1
Host: alto.example.com
Accept: application/alto-networkmap+json,application/alto-error+json

HTTP/1.1 200 OK
Content-Length: 449
Content-Type: application/alto-networkmap+json

{
"meta" : {
"vtag": {
"resource-id": "my-default-network-map",
"tag": "da65eca2eb7a10ce8b059740b0b2e3f8eb1d4785"
}
},
"network-map" : {
"PID1" : {
"ipv4" : [
"192.0.2.0/24",
"198.51.100.0/25"
]
},
"PID2" : {
"ipv4" : [
"198.51.100.128/25"
]
},
"PID3" : {
"ipv4" : [
"0.0.0.0/0"
],
"ipv6" : [
"::/0"
]
}
}
}
When parsing a Network Map, an ALTO Client network map, an ALTO client MUST ignore any
EndpointAddressGroup whose address type it does not recognize. If as
a result a PID does not have any address types known to the client,
the client still MUST recognize that PID name as valid, even though
the PID then contains no endpoints.

Note that the encoding of a Network Map an ALTO network map response was chosen for
readability and compactness. If lookup efficiency at runtime is
crucial, then the returned Network Map network map can be transformed into data
structures offering more efficient lookup. For example, one may
store the Network Map an ALTO network map as a trie-based data structure, which may
allow efficient longest-prefix matching of IP addresses.

11.2.2. Mapping IP Addresses to PIDs for 'ipv4'/'ipv6' Network Maps

A key usage of a Network Map an ALTO network map is to map Endpoint Addresses endpoint addresses to
PIDs. For Network Maps network maps containing the 'ipv4' "ipv4" and 'ipv6' "ipv6" address
types defined in this document, when either an ALTO Client client or an ALTO
Server
server needs to compute the mapping from IP addresses to PIDs, the
longest-prefix matching algorithm [RFC1812] (Longest Match in Section 5.2.4.3
of [RFC1812]) MUST be used.

To ensure that the longest-prefix matching algorithm yields one and
only one PID, Network Maps an ALTO network map containing the 'ipv4/'ipv6' "ipv4"/"ipv6"
address types MUST satisfy the following two requirements.

First, such a Network Map network map MUST define a PID for each possible address
in the IP address space for all of the address types contained in the
map. This is defined as the completeness property of a Network Map. an ALTO network
map. A RECOMMENDED way to satisfy this property is to define a PID
with the shortest enclosing prefix of the addresses provided in the
map. For a map with full IPv4 reachability, this would mean
including the 0.0.0.0/0 prefix in a PID; for full IPv6 reachability,
this would be the ::/0 prefix.

Second, such a Network Map network map MUST NOT define two or more PIDs that
contain an identical IP prefix, in order to ensure that the longest-
prefix matching algorithm maps each IP addresses into exactly one
PID. This is defined as the non-overlapping property of a Network
Map. an ALTO
network map. Specifically, to map an IP address to its PID in a non-
overlapping Network Map, network map, one considers the set S S, which consists of
all prefixes defined in the Network Map, network map, applies the longest-prefix
mapping algorithm to S to identify the longest prefix containing the
IP address, address and assigns that prefix the IP address belongs belonging to the
PID containing the identified longest prefix.

The following example shows a complete and non-overlapping Network
Map: ALTO
network map:

"network-map" : {
"PID0" : { "ipv6" : [ "::/0" ] },
"PID1" : { "ipv4" : [ "0.0.0.0/0" ] },
"PID2" : { "ipv4" : [ "192.0.2.0/24", "198.51.100.0/24" ] },
"PID3" : { "ipv4" : [ "192.0.2.0/25", "192.0.2.128/25" ] }
}

The IP address 192.0.2.1 should be mapped to PID3.

If, however, the two adjacent prefixes in PID3 were combined as a
single prefix, then PID3 was changed to to:

"PID3" : { "ipv4" : [ "192.0.2.0/24" ] }

The new map is no longer non-overlapping, and 192.0.2.1 could no
longer be mapped unambiguously to a PID by means of longest-prefix
matching.

Extension documents may define techniques to allow a single IP
address being mapped to multiple PIDs, when a need is identified.

11.2.3. Cost Map

A Cost Map

An ALTO cost map resource lists the Path Cost path cost for each pair of source/
destination PID
source/destination PIDs defined by the ALTO Server server for a given Cost Metric cost
metric and Cost Mode. cost mode. This resource MUST be provided for at least
the
'routingcost' Cost Metric. "routingcost" cost metric.

11.2.3.1. Media Type

The media type of Cost Map ALTO cost maps is "application/alto-costmap+json".

11.2.3.2. HTTP Method

A Cost Map

An ALTO cost map resource is requested using the HTTP GET method.

11.2.3.3. Accept Input Parameters

None.

11.2.3.4. Capabilities

The capabilities of an ALTO Server server URI providing an unfiltered cost
map is a JSON Object object of type CostMapCapabilities:

object {
JSONString cost-type-names<1..1>;
} CostMapCapabilities;

with field:

cost-type-names

cost-type-names: Note that the array MUST include a single CostType
name defined by key the "cost-types" field in the "meta" field of the
IRD. This is because an unfiltered Cost Map cost map (accept == "") is
requested via an HTTP GET that accepts no input parameters. As a
contrast, for filtered cost maps (see Section 11.3.2), the array
can have multiple elements.

11.2.3.5. Uses

The Resource resource ID of the Network Map network map based on which the Cost Map cost map will
be defined. Recall (Section 6) that the combination of a Network Map network map
and a CostType cost type defines a key. In other words, an ALTO Server server MUST
NOT define two Cost Maps cost maps with the same Cost Type, Network Map cost type / network map pair.

11.2.3.6. Response

The "meta" field of a Cost Map cost map response MUST include the "dependent-
vtags" key, field, whose value is a single-element array to indicate the
Version Tag
version tag of the Network Map network map used, where the Network Map network map is
specified in "uses" of the IRD. The "meta" MUST also include "cost-
type", to indicate the Cost Type
"cost-type" field, whose value indicates the cost type (Section 10.7)
of the Cost Map. cost map.

The data component of a Cost Map cost map response is named "cost-map", which
is a JSON object of type CostMapData:

object {
CostMapData cost-map;
} InfoResourceCostMap : ResponseEntityBase;

object-map {
PIDName -> DstCosts;
} CostMapData;

object-map {
PIDName -> JSONValue;
} DstCosts;

Specifically, a CostMapData object is a dictionary map object, with
each key being the PIDName string identifying the corresponding
Source
source PID, and value being a type of DstCosts, which denotes the
associated costs from the Source source PID to a set of destination PIDs (
Section
(Section 6.2). An implementation of the protocol in this document
SHOULD assume that the cost is a JSONNumber and fail to parse if it
is not, unless the implementation is using an extension to this
document that indicates when and how costs of other data types are
signaled.

The returned Cost Map cost map MUST include the Path Cost path cost for each (Source (source
PID, Destination destination PID) pair for which a Path Cost path cost is defined. An ALTO
Server
server MAY omit entries for which a Path Cost is path costs are not defined (e.g.,
both
either the Source and Destination source or the destination PIDs contain addresses outside
of the
Network Provider's network provider's administrative domain).

Similar to Network Map, the encoding of Cost Map ALTO network maps, the encoding of ALTO
cost maps was chosen for readability and compactness. If lookup
efficiency at runtime is crucial, then the returned Cost Map cost map can be
transformed into data structures offering more efficient lookup. For
example, one may store a Cost Map cost map as a matrix.

11.2.3.7. Example

GET /costmap/num/routingcost HTTP/1.1
Host: alto.example.com
Accept: application/alto-costmap+json,application/alto-error+json

HTTP/1.1 200 OK
Content-Length: 435
Content-Type: application/alto-costmap+json

{
"meta" : {
"dependent-vtags" : [
{"resource-id": "my-default-network-map",
"tag": "3ee2cb7e8d63d9fab71b9b34cbf764436315542e"
}
],
"cost-type" : {"cost-mode" : "numerical",
"cost-metric": "routingcost"
}
},
"cost-map" : {
"PID1": { "PID1": 1, "PID2": 5, "PID3": 10 },
"PID2": { "PID1": 5, "PID2": 1, "PID3": 15 },
"PID3": { "PID1": 20, "PID2": 15 }
}
}

Similar to the Network Map network map case, array-based encoding for "map" was
considered, but the current encoding was chosen for clarity.

11.3. Map Filtering Map-Filtering Service

The Map Filtering Map-Filtering Service allows ALTO Clients clients to specify filtering
criteria to return a subset of the a full maps map available in the Map
Service.

11.3.1. Filtered Network Map

A Filtered Network Map filtered ALTO network map is a Network Map Information Resource an ALTO network map information
resource (Section 11.2.1) for which an ALTO Client client may supply a list
of PIDs to be included. A Filtered Network Map filtered ALTO network map MAY be provided
by an ALTO
Server. server.

11.3.1.1. Media Type

Since a Filtered Network Map filtered ALTO network map is still a Network Map, an ALTO network map, it
uses the media type defined for Network Map ALTO network maps at
Section 11.2.1.1.

11.3.1.2. HTTP Method

A Filtered Network Map filtered ALTO network map is requested using the HTTP POST method.

11.3.1.3. Accept Input Parameters

An ALTO Client client supplies filtering parameters by specifying media type
"application/alto-networkmapfilter+json" with HTTP POST body
containing a JSON Object object of type ReqFilteredNetworkMap, where:

object {
PIDName pids<0..*>;
[AddressType address-types<0..*>;]
} ReqFilteredNetworkMap;

with fields:

pids

pids: Specifies list of PIDs to be included in the returned Filtered
Network Map. filtered
network map. If the list of PIDs is empty, the ALTO Server server MUST
interpret the list as if it contained a list of all currently- currently
defined PIDs. The ALTO Server server MUST interpret entries appearing
multiple times as if they appeared only once.

address-types

address-types: Specifies a list of address types to be included in
the returned Filtered Network Map. filtered network map. If the "address-types" field
is not specified, or the list of address types is empty, the ALTO Server
server MUST interpret the list as if it contained a list of all
address types known to the ALTO Server. server. The ALTO Server server MUST
interpret entries appearing multiple times as if they appeared
only once.

11.3.1.4. Capabilities

None.

11.3.1.5. Uses

The Resource resource ID of the Network Map network map based on which the filtering is
performed.

11.3.1.6. Response

The format is the same as unfiltered Network Map. network maps. See
Section 11.2.1.6 for the format.

The ALTO Server server MUST only include PIDs in the response that were
specified (implicitly or explicitly) in the request. If the input
parameters contain a PID name that is not currently defined by the
ALTO Server, server, the ALTO Server server MUST behave as if the PID did not appear
in the input parameters. Similarly, the ALTO Server server MUST only
enumerate addresses within each PID that have types which were specified
(implicitly or explicitly) in the request. If the input parameters
contain an address type that is not currently known to the ALTO Server,
server, the ALTO Server server MUST behave as if the address type did not
appear in the input parameters.

The Version Tag version tag included in the "vtag" field of the response MUST
correspond to the full (unfiltered) Network Map Information Resource network map information resource
from which the filtered information is provided. This ensures that a
single, canonical Version Tag version tag is used independent of any filtering
that is requested by an ALTO Client. client.

11.3.1.7. Example

POST /networkmap/filtered HTTP/1.1
Host: custom.alto.example.com
Content-Length: 33
Content-Type: application/alto-networkmapfilter+json
Accept: application/alto-networkmap+json,application/alto-error+json

{
"pids": [ "PID1", "PID2" ]
}

HTTP/1.1 200 OK
Content-Length: 342
Content-Type: application/alto-networkmap+json

{
"meta" : {
"vtag" : {
"resource-id": "my-default-network-map",
"tag": "c0ce023b8678a7b9ec00324673b98e54656d1f6d"
}
},
"network-map" : {
"PID1" : {
"ipv4" : [
"192.0.2.0/24",
"198.51.100.0/24"
]
},
"PID2" : {
"ipv4": [
"198.51.100.128/24"
]
}
}
}

11.3.2. Filtered Cost Map

A Filtered Cost Map filtered ALTO cost map is a Cost Map Information Resource cost map information resource
(Section 11.2.3) for which an ALTO Client client may supply additional
parameters limiting the scope of the resulting Cost Map. cost map. A Filtered
Cost Map filtered
ALTO cost map MAY be provided by an ALTO Server. server.

11.3.2.1. Media Type

Since a Filtered Cost Map filtered ALTO cost map is still a Cost Map, an ALTO cost map, it uses the
media type defined for Cost Map ALTO cost maps at Section 11.2.3.1.

11.3.2.2. HTTP Method

A Filtered Cost Map filtered ALTO cost map is requested using the HTTP POST method.

11.3.2.3. Accept Input Parameters

The input parameters for a Filtered Map filtered cost map are supplied in the
entity body of the POST request. This document specifies the input
parameters with a data format indicated by the media type
"application/alto-costmapfilter+json", which is a JSON Object object of type
ReqFilteredCostMap, where:

object {
CostType cost-type;
[JSONString constraints<0..*>;]
[PIDFilter pids;]
} ReqFilteredCostMap;

object {
PIDName srcs<0..*>;
PIDName dsts<0..*>;
} PIDFilter;

with fields:

cost-type

cost-type: The CostType (Section 10.7) for the returned costs. The
cost-metric
"cost-metric" and cost-mode "cost-mode" fields MUST match one of the
supported
Cost Types cost types indicated in this resource's capabilities "capabilities"
field (Section 11.3.2.4). The ALTO Client client SHOULD omit the description
"description" field, and if present, the ALTO Server server MUST ignore
the description "description" field.

constraints

constraints: Defines a list of additional constraints on which
elements of the Cost Map cost map are returned. This parameter MUST NOT be
specified if this resource's capabilities ( Section "capabilities" field
(Section 11.3.2.4) indicate that constraint support is not
available. A constraint contains two entities separated by
whitespace: (1) an operator,
'gt' "gt" for greater than, 'lt' "lt" for less
than, 'ge' "ge" for greater than or equal to, 'le' "le" for less than or
equal to, or 'eq' "eq" for equal to; to and (2) a target cost value. The
cost value is a number that MUST be defined in the same units as
the Cost Metric cost metric indicated by the
cost-metric "cost-metric" parameter. ALTO Servers
servers SHOULD use at least IEEE 754 double-precision floating
point [IEEE.754.2008] to store the cost value, and SHOULD perform
internal computations using double-
precision double-precision floating-point
arithmetic. If multiple 'constraint' "constraint" parameters are specified,
they are interpreted as being related to each other with a logical
AND.

pids

pids: A list of Source source PIDs and a list of Destination destination PIDs for which
Path Costs
path costs are to be returned. If a list is empty, the ALTO
Server
server MUST interpret it as the full set of currently-defined currently defined
PIDs. The ALTO Server server MUST interpret entries appearing in a list
multiple times as if they appeared only once. If the "pids" field
is not present, both lists MUST be interpreted by the ALTO Server server
as containing the full set of currently-defined currently defined PIDs.

11.3.2.4. Capabilities

The URI providing this resource supports all capabilities documented
in Section 11.2.3.4 (with identical semantics), plus additional
capabilities. In particular, the capabilities are defined by a JSON
object of type FilteredCostMapCapabilities:

object {
JSONString cost-type-names<1..*>;
JSONBool cost-constraints;
} FilteredCostMapCapabilities;

with fields:

cost-type-names

cost-type-names: See Section 11.2.3.4 and note that the array can
have 1 one to many cost types.

cost-constraints

cost-constraints: If true, then the ALTO Server server allows cost
constraints to be included in requests to the corresponding URI.
If not present, this field MUST be interpreted as if it specified
false. ALTO Clients clients should be aware that constraints may not have
the intended effect for cost maps with the 'ordinal' Cost Mode ordinal cost mode since
ordinal costs are not restricted to being sequential integers.

11.3.2.5. Uses

The Resource resource ID of the Network Map network map based on which the Cost Map cost map will
be filtered.

11.3.2.6. Response

The format is the same as an unfiltered Cost Map. ALTO cost map. See
Section 11.2.3.6 for the format.

The "dependent-vtags" key field in the "meta" field is provides an array
consisting of a single element, which is the Version Tag version tag of the Network Map
network map used in filtering. ALTO Clients clients should verify that the Version Tag
version tag included in the response is equal to the Version Tag version tag of
the Network
Map network map used to generate the request (if applicable). If it
is not, the ALTO Client client may wish to request an updated Network Map, network map,
identify changes, and consider requesting a new Filtered Cost Map. filtered cost map.

The returned Cost Map cost map MUST contain only source/destination pairs that
have been indicated (implicitly or explicitly) in the input
parameters. If the input parameters contain a PID name that is not
currently defined by the ALTO Server, server, the ALTO Server server MUST behave as
if the PID did not appear in the input parameters.

If any constraints are specified, Source/Destination source/destination pairs for which
the Path Costs path costs do not meet the constraints MUST NOT be included in
the returned Cost Map. cost map. If no constraints were specified, then all
Path Costs
path costs are assumed to meet the constraints.

11.3.2.7. Example

POST /costmap/filtered HTTP/1.1
Host: custom.alto.example.com
Content-Type: application/alto-costmapfilter+json
Content-Length: 181
Accept: application/alto-costmap+json,application/alto-error+json

{
"cost-type" : {"cost-mode": "numerical",
"cost-metric": "routingcost"
},
"pids" : {
"srcs" : [ "PID1" ],
"dsts" : [ "PID1", "PID2", "PID3" ]
}
}

HTTP/1.1 200 OK
Content-Length: 341
Content-Type: application/alto-costmap+json

{
"meta" : {
"dependent-vtags" : [
{"resource-id": "my-default-network-map",
"tag": "75ed013b3cb58f896e839582504f622838ce670f"
}
],
"cost-type": {"cost-mode" : "numerical",
"cost-metric" : "routingcost"
}
},
"cost-map" : {
"PID1": { "PID1": 0, "PID2": 1, "PID3": 2 }
}
}

11.4. Endpoint Property Service

The Endpoint Property Service provides information about Endpoint endpoint
properties to ALTO Clients. clients.

11.4.1. Endpoint Property

An Endpoint Property endpoint property resource provides information about properties
for individual endpoints. It In addition to the required "pid" endpoint
property (see Sections 7.1.1 and 11.4.1.4), further endpoint
properties MAY be provided by an ALTO Server. server.

11.4.1.1. Media Type

The media type of Endpoint Property an endpoint property resource is "application/
alto-endpointprop+json".

11.4.1.2. HTTP Method

The Endpoint Property endpoint property resource is requested using the HTTP POST
method.

11.4.1.3. Accept Input Parameters

An ALTO Client supplies the

The input parameters for an endpoint properties to be queried through
a media type "application/alto-endpointpropparams+json", and
specifies property request are supplied in
the HTTP POST entity body of the POST request. This document specifies the
input parameters with a data format indicated by the media type
"application/alto-endpointpropparams+json", which is a JSON Object object of
type ReqEndpointProp:

object {
EndpointPropertyType properties<1..*>;
TypedEndpointAddr endpoints<1..*>;
} ReqEndpointProp;

with fields:

properties

properties: List of endpoint properties to be returned for each
endpoint. Each specified property MUST be included in the list of
supported properties indicated by this resource's capabilities "capabilities"
field (Section 11.4.1.4). The ALTO Server server MUST interpret entries
appearing multiple times as if they appeared only once.

endpoints

endpoints: List of endpoint addresses for which the specified
properties are to be returned. The ALTO Server server MUST interpret
entries appearing multiple times as if they appeared only once.

11.4.1.4. Capabilities

This resource may be defined across multiple types of endpoint
properties.

The capabilities of an ALTO Server server URI providing
Endpoint Properties endpoint properties
are defined by a JSON Object object of type EndpointPropertyCapabilities:

object {
EndpointPropertyType prop-types<1..*>;
} EndpointPropertyCapabilities;

with field:

prop-types

prop-types: The Endpoint Properties endpoint properties (see Section 10.8) supported by
the corresponding URI.

In particular, the Information Resource Closure information resource closure MUST provide the look
up
lookup of pid for every Network Map ALTO network map defined.

11.4.1.5. Uses

None.

11.4.1.6. Response

The "dependent-vtags" key field in the "meta" field of the response MUST
be an array that includes the Version Tags version tags of all Network Maps ALTO network maps
whose
'pid' "pid" is queried.

The data component of an Endpoint Properties endpoint properties response is named
"endpoint-properties", which is a JSON object of type
EndpointPropertyMapData, where:

object {
EndpointPropertyMapData endpoint-properties;
} InfoResourceEndpointProperties : ResponseEntityBase;

object-map {
TypedEndpointAddr -> EndpointProps;
} EndpointPropertyMapData;

object {
EndpointPropertyType -> JSONValue;
} EndpointProps;

Specifically, an EndpointPropertyMapData object has one member for
each endpoint indicated in the input parameters (with the name being
the endpoint encoded as a TypedEndpointAddr). The requested
properties for each endpoint are encoded in a corresponding
EndpointProps object, which encodes one name/value pair for each
requested property, where the property names are encoded as strings
of type EndpointPropertyType. An implementation of the protocol in
this document SHOULD assume that the property value is a JSONString
and fail to parse if it is not, unless the implementation is using an
extension to this document that indicates when and how property
values of other data types are signaled.

The ALTO Server server returns the value for each of the requested endpoint
properties for each of the endpoints listed in the input parameters.

If the ALTO Server server does not define a requested property's value for a
particular endpoint, then it MUST omit that property from the
response for only that endpoint.

11.4.1.7. Example

POST /endpointprop/lookup HTTP/1.1
Host: alto.example.com
Content-Length: 181
Content-Type: application/alto-endpointpropparams+json
Accept: application/alto-endpointprop+json,application/alto-error+json

{
"properties" : [ "my-default-networkmap.pid",
"priv:ietf-example-prop" ],
"endpoints" : [ "ipv4:192.0.2.34",
"ipv4:203.0.113.129" ]
}

HTTP/1.1 200 OK
Content-Length: 396
Content-Type: application/alto-endpointprop+json

{
"meta" : {
"dependent-vtags" : [
{"resource-id": "my-default-network-map",
"tag": "7915dc0290c2705481c491a2b4ffbec482b3cf62"
}
]
},
"endpoint-properties": {
"ipv4:192.0.2.34" : { "my-default-network-map.pid": "PID1",
"priv:ietf-example-prop": "1" },
"ipv4:203.0.113.129" : { "my-default-network-map.pid": "PID3" }
}
}

11.5. Endpoint Cost Service

The Endpoint Cost Service provides information about costs between
individual endpoints.

In particular, this service allows lists of Endpoint endpoint prefixes (and
addresses, as a special case) to be ranked (ordered) by an ALTO
Server.
server.

11.5.1. Endpoint Cost

An Endpoint Cost endpoint cost resource provides information about costs between
individual endpoints. It MAY be provided by an ALTO Server. server.

How an ALTO Server server provides the Endpoint Cost endpoint cost resource is
implementation dependent. An ALTO Server server may use either fine-grained
costs among individual endpoints or coarse-grained costs based on the
costs between the PIDs corresponding to the endpoints. See
Section 15.3 for additional details.

11.5.1.1. Media Type

The media type of Endpoint Cost the endpoint cost resource is "application/
alto-endpointcost+json". "application/alto-
endpointcost+json".

11.5.1.2. HTTP Method

The Endpoint Cost endpoint cost resource is requested using the HTTP POST method.

11.5.1.3. Accept Input Parameters

An ALTO Client client supplies the endpoint cost parameters through a media
type "application/alto-endpointcostparams+json", with an HTTP POST
entity body of a JSON Object object of type ReqEndpointCostMap:

object {
CostType cost-type;
[JSONString constraints<0..*>;]
EndpointFilter endpoints;
} ReqEndpointCostMap;

object {
[TypedEndpointAddr srcs<0..*>;]
[TypedEndpointAddr dsts<0..*>;]
} EndpointFilter;
with fields:

cost-type

cost-type: The Cost Type cost type (Section 10.7) to use for returned costs.
The cost-metric "cost-metric" and cost-mode "cost-mode" fields MUST match one of the
supported Cost Types cost types indicated in this resource's capabilities (
Section "capabilities"
fields (Section 11.5.1.4). The ALTO Client client SHOULD omit the description
"description" field, and if present, the ALTO Server server MUST ignore
the description "description" field.

constraints

constraints: Defined equivalently to the "constraints" input
parameter of a Filtered Cost Map filtered cost map (see Section 11.3.2).

endpoints

endpoints: A list of Source Endpoints source endpoints and Destination Endpoints destination endpoints for
which Path Costs path costs are to be returned. If the list of Source source or
Destination Endpoints
destination endpoints is empty (or not included), the ALTO Server server
MUST interpret it as if it contained the Endpoint Address endpoint address
corresponding to the client IP address from the incoming
connection (see Section 13.3 for discussion and considerations
regarding this mode). The Source source and Destination Endpoint destination endpoint lists
MUST NOT be both empty. The ALTO Server server MUST interpret entries
appearing multiple times in a list as if they appeared only once.

11.5.1.4. Capabilities

This document defines EndpointCostCapabilities as the same as
FilteredCostMapCapabilities. See Section 11.3.2.4.

11.5.1.5. Uses

It is important to note that although this resource allows an ALTO
Server
server to reveal costs between individual endpoints, an the ALTO Server server
is not required to do so. A simple implementation of an ECS resource may compute
the cost between two endpoints as the cost between the PIDs
corresponding to the endpoints, using one of the exposed network and
cost maps defined by the server. ECS MUST NOT use specify the "use"
field to indicate a Network network or
Cost Map. cost map. Hence, the ECS cost is the
cost from the source endpoint to the destination endpoint. A future
extension may allow ECS to state that it "uses" a Network Map. network map. The
extension then will need to define the semantics.

11.5.1.6. Response

The "meta" field of an Endpoint Cost endpoint cost response MUST include the "cost-
type" key, field, to indicate the Cost Type cost type used.

The data component of an Endpoint Cost endpoint cost response is named "endpoint-
cost-map",
"endpoint-cost-map", which is a JSON object of type
EndpointCostMapData:

object {
EndpointCostMapData endpoint-cost-map;
} InfoResourceEndpointCostMap : ResponseEntityBase;

object-map {
TypedEndpointAddr -> EndpointDstCosts;
} EndpointCostMapData;

object-map {
TypedEndpointAddr -> JSONValue;
} EndpointDstCosts;

Specifically, an EndpointCostMapData object is a dictionary map with
each key representing a TypedEndpointAddr string identifying the
Source Endpoint
source endpoint specified in the input parameters. For each Source
Endpoint, a source
endpoint, an EndpointDstCosts dictionary map object denotes the
associated cost to each Destination Endpoint destination endpoint specified in input
parameters. An implementation of the protocol in this document
SHOULD assume that the cost value is a JSONNumber and fail to parse
if it is not, unless the implementation is using an extension to this
document that indicates when and how costs of other data types are
signaled. If the ALTO Server server does not define a cost value from a
Source Endpoint
source endpoint to a particular Destination Endpoint, destination endpoint, it MAY be
omitted from the response.

11.5.1.7. Example

POST /endpointcost/lookup HTTP/1.1
Host: alto.example.com
Content-Length: 248
Content-Type: application/alto-endpointcostparams+json
Accept: application/alto-endpointcost+json,application/alto-error+json

{
"cost-type": {"cost-mode" : "ordinal",
"cost-metric" : "routingcost"},
"endpoints" : {
"srcs": [ "ipv4:192.0.2.2" ],
"dsts": [
"ipv4:192.0.2.89",
"ipv4:198.51.100.34",
"ipv4:203.0.113.45"
]
}
}

HTTP/1.1 200 OK
Content-Length: 274
Content-Type: application/alto-endpointcost+json

{
"meta" : {
"cost-type": {"cost-mode" : "ordinal",
"cost-metric" : "routingcost"
}
},
"endpoint-cost-map" : {
"ipv4:192.0.2.2": {
"ipv4:192.0.2.89" : 1,
"ipv4:198.51.100.34" : 2,
"ipv4:203.0.113.45" : 3
}
}
}

12. Use Cases

The sections below depict typical use cases. While these use cases
focus on peer-to-peer applications, ALTO can be applied to other
environments such as CDNs [I-D.jenkins-alto-cdn-use-cases]. Content Distribution Networks (CDNs)
[ALTO-USE-CASES].

12.1. ALTO Client Embedded in P2P Tracker

Many currently-deployed deployed P2P systems use a Tracker tracker to manage swarms and perform
peer selection. Such a P2P Tracker tracker can already use a variety of
information to perform peer selection to meet application-
specific application-specific
goals. By acting as an ALTO Client, client, the P2P Tracker tracker can use ALTO
information as an additional information source to enable more
network-efficient traffic patterns and improve application
performance.

A particular requirement of many P2P trackers is that they must
handle a large number of P2P clients. A P2P tracker can obtain and
locally store ALTO information (the Network Map (e.g., ALTO network maps and Cost Map) cost
maps) from the ISPs containing the P2P clients, and benefit from the
same aggregation of network locations done by ALTO Servers. servers.

Figure 4: ALTO Client Embedded in P2P Tracker

Figure 4 shows an example use case where a P2P tracker is an ALTO
Client
client and applies ALTO information when selecting peers for its P2P
clients. The example proceeds as follows:

1. The P2P Tracker tracker requests from the ALTO Server using the Network
Map query the Network Map covering all PIDs. The Network Map
includes the IP prefixes contained in each PID, allowing the P2P
tracker to server a network map, so
that it locally map P2P clients into PIDs.

2. The P2P Tracker tracker requests from the ALTO Server server the Cost Map cost map
amongst all PIDs identified in the preceding step.

3. A P2P Client client joins the swarm, and requests a peer list from the
P2P Tracker. tracker.

4. The P2P Tracker tracker returns a peer list to the P2P client. The
returned peer list is computed based on the Network Map network map and Cost
Map the
cost map returned by the ALTO Server, server, and possibly other
information sources. Note that it is possible that a tracker may
use only the Network Map network map to implement hierarchical peer selection
by preferring peers within the same PID and ISP.

5. The P2P Client client connects to the selected peers.

Note that the P2P tracker may provide peer lists to P2P clients
distributed across multiple ISPs. In such a case, the P2P tracker
may communicate with multiple ALTO Servers. servers.

12.2. ALTO Client Embedded in P2P Client: Numerical Costs

P2P clients may also utilize ALTO information themselves when
selecting from available peers. It is important to note that not all
P2P systems use a P2P tracker for peer discovery and selection.
Furthermore, even when a P2P tracker is used, the P2P clients may
rely on other sources, such as peer exchange and DHTs, to discover
peers.

When an a P2P Client client uses ALTO information, it typically queries only
the ALTO Server server servicing its own ISP. The my-Internet view "my-Internet view"
provided by its ISP's ALTO Server server can include preferences to all
potential peers.

.---------. (1) Get Network Map .---------------.
| | <----------------------> | |
| ALTO | | P2P Client |
| Server | (2) Get Cost Map | (ALTO Client) client) |
| | <----------------------> | | .---------.
`---------' `---------------' <- | P2P |
.---------. / | ^ ^ | Tracker |
| Peer 1 | <-------------- | | \ `---------'
`---------' | (3) Gather Peers
. (4) Select Peers | | \
. and Connect / .--------. .--------.
.---------. / | P2P | | DHT |
| Peer 50 | <---------------- | Client | `--------'
`---------' | (PEX) |
`--------'

Figure 5: ALTO Client Embedded in P2P Client

Figure 5 shows an example use case where a P2P Client client locally applies
ALTO information to select peers. The use case proceeds as follows:

1. The P2P Client client requests the Network Map network map covering all PIDs from
the ALTO Server server servicing its own ISP.

2. The P2P Client client requests the Cost Map cost map providing path costs amongst
all PIDs from the ALTO Server. server. The Cost Map cost map by default specifies
numerical costs.

3. The P2P Client client discovers peers from sources such as Peer Exchange peer exchange
(PEX) from other P2P Clients, Distributed Hash Tables clients, distributed hash tables (DHT), and
P2P Trackers. trackers.

4. The P2P Client client uses ALTO information as part of the algorithm for
selecting new peers, peers and connects to the selected peers.

12.3. ALTO Client Embedded in P2P Client: Ranking

It is also possible for a P2P Client client to offload the selection and
ranking process to an ALTO Server. server. In this use case, the ALTO Client client
embedded in the P2P Client client gathers a list of known peers in the
swarm, and asks the ALTO Server server to rank them. This document limits
the use case to when the P2P Client client and the ALTO Server server are deployed
by the same entity, and hence entity; hence, the P2P Client client uses the ranking provided
by the ALTO Server server directly.

As in the use case using numerical costs, the P2P Client client typically
only queries the ALTO Server server servicing its own ISP.

.---------. .---------------.
| | | |
| ALTO | (2) Get Endpoint Ranking | P2P Client |
| Server | <----------------------> | (ALTO Client) client) |
| | | | .---------.
`---------' `---------------' <- | P2P |
.---------. / | ^ ^ | Tracker |
| Peer 1 | <-------------- | | \ `---------'
`---------' | (1) Gather Peers
. (3) Connect to | | \
. Selected Peers / .--------. .--------.
.---------. / | P2P | | DHT |
| Peer 50 | <---------------- | Client | `--------'
`---------' | (PEX) |
`--------'

Figure 6: ALTO Client Embedded in P2P Client: Ranking
Figure 6 shows an example of this scenario. The use case proceeds as
follows:

1. The P2P Client client discovers peers from sources such as Peer Exchange
(PEX) from other P2P Clients, clients, Distributed Hash Tables (DHT), and
P2P Trackers. trackers.

2. The P2P Client client queries the ALTO Server's Ranking Service, server's ranking service (i.e.,
the ECS Service), by including the discovered peers as the set of Destination Endpoints,
destination endpoints, and indicates indicating the 'ordinal' Cost Mode. "ordinal" cost mode.
The response indicates the ranking of the candidate peers.

3. The P2P Client client connects to the peers in the order specified in
the ranking.

13. Discussions

13.1. Discovery

The discovery mechanism by which an ALTO Client client locates an
appropriate ALTO Server server is out of scope for this document. This
document assumes that an ALTO Client client can discover an appropriate ALTO
Server.
server. Once it has done so, the ALTO Client client may use the Information
Resource Directory information
resource directory (see Section 9.2) to locate an Information
Resource information
resource with the desired ALTO Information. information.

13.2. Hosts with Multiple Endpoint Addresses

In practical deployments, a particular host can be reachable using
multiple addresses (e.g., a wireless IPv4 connection, a wireline IPv4
connection, and a wireline IPv6 connection). In general, the
particular network path followed when sending packets to the host
will depend on the address that is used. Network providers may
prefer one path over another. An additional consideration may be how
to handle private address spaces (e.g., behind carrier-grade NATs).

To support such behavior, this document allows multiple endpoint
addresses and address types. With this support, the ALTO Protocol
allows an ALTO Service Provider service provider the flexibility to indicate
preferences for paths from an endpoint address of one type to an
endpoint address of a different type.

13.3. Network Address Translation Considerations

In this day and age of NAT v4<->v4, v4<->v6 [RFC6144], and possibly
v6<->v6 [RFC6296], a protocol should strive to be NAT friendly and
minimize carrying IP addresses in the payload, payload or provide a mode of
operation where the source IP address provide provides the information
necessary to the server.

The protocol specified in this document provides a mode of operation
where the source network location is computed by the ALTO Server server
(i.e., the the Endpoint Cost Service) from the source IP address found in
the ALTO Client client query packets. This is similar to how some P2P Trackers
trackers (e.g., BitTorrent Trackers - trackers -- see "Tracker HTTP/HTTPS
Protocol" in [BitTorrent]) operate.

There may be cases where in which an ALTO Client client needs to determine its own
IP address, such as when specifying a source Endpoint Address endpoint address in the
Endpoint Cost Service. It is possible that an ALTO Client client has
multiple network interface addresses, and that some or all of them
may require NAT for connectivity to the public Internet.

If a public IP address is required for a network interface, the ALTO
Client
client SHOULD use the Session Traversal Utilities for NAT (STUN)
[RFC5389]. If using this method, the host MUST use the "Binding
Request" message and the resulting "XOR-MAPPED-ADDRESS" parameter
that is returned in the response. Using STUN requires cooperation
from a publicly accessible STUN server. Thus, the ALTO Client client also
requires configuration information that identifies the STUN server,
or a domain name that can be used for STUN server discovery. To be
selected for this purpose, the STUN server needs to provide the
public reflexive transport address of the host.

ALTO Clients clients should be cognizant that the network path between
Endpoints
endpoints can depend on multiple factors, e.g., source address, address and
destination address used for communication. An ALTO Server server provides
information based on Endpoint Addresses endpoint addresses (more generally, Network
Locations), network
locations), but the mechanisms used for determining existence of
connectivity or usage of NAT between Endpoints endpoints are out of scope of
this document.

13.4. Endpoint and Path Properties

An ALTO Server server could make available many properties about Endpoints endpoints
beyond their network location or grouping. For example, connection
type, geographical location, and others may be useful to
applications. This specification focuses on network location and
grouping, but the protocol may be extended to handle other Endpoint endpoint
properties.

14. IANA Considerations

This document defines registries for application/alto-* Media Types, media types,
ALTO Cost Metric, cost metrics, ALTO Endpoint Property Types, endpoint property types, ALTO Address Types, address types,
and ALTO Error Codes. error codes. Initial values for the registries and the
process of future assignments are given below.

14.1. application/alto-* Media Types

This document requests the registration of registers multiple media types, listed in Table 2.

+-------------+------------------------------+----------------+

Table 2: ALTO Protocol Media Types. Types

Type name: application

Subtype name: This documents requests the registration of registers multiple subtypes, as listed
in Table 2.

Required parameters: n/a

Optional parameters: n/a

Encoding considerations: Encoding considerations are identical to
those specified for the 'application/json' "application/json" media type. See
[RFC4627].
[RFC7159].

Security considerations: Security considerations relating to the
generation and consumption of ALTO Protocol messages are discussed
in Section 15.

Interoperability considerations: This document specifies format of
conforming messages and the interpretation thereof.

Published specification: This document is the specification for
these media types; see Table 2 for the section documenting each
media type.

Applications that use this media type: ALTO Servers servers and ALTO Clients clients
either standalone stand alone or are embedded within other applications.

Additional information:

Magic number(s): n/a

File extension(s): This document uses the mime type to refer to
protocol messages and thus does not require a file extension.

Macintosh file type code(s): n/a

Person & email address to contact for further information: See
"Authors' Addresses"
Authors' Addresses section.

Intended usage: COMMON

Restrictions on usage: n/a

Author: See "Authors' Addresses" Authors' Addresses section.

Change controller: Internet Engineering Task Force
(mailto:iesg@ietf.org).

14.2. ALTO Cost Metric Registry

This document requests

IANA has created and now maintains the creation of an ALTO "ALTO Cost Metric registry, Registry",
listed in Table 3, to be maintained by IANA. 3.

Table 3: ALTO Cost Metrics. Metrics

This registry serves two purposes. First, it ensures uniqueness of
identifiers referring to ALTO Cost Metrics. cost metrics. Second, it provides
references to particular semantics of allocated Cost Metrics cost metrics to be
applied by both ALTO Servers servers and applications utilizing ALTO Clients. clients.

New ALTO Cost Metrics cost metrics are assigned after IETF Review [RFC5226] to
ensure that proper documentation regarding ALTO Cost Metric cost metric semantics
and security considerations has been provided. The RFCs documenting
the new metrics should be detailed enough to provide guidance to both
ALTO Service Providers service providers and applications utilizing ALTO Clients clients as to
how values of the registered ALTO Cost Metric cost metric should be interpreted.
Updates and deletions of ALTO Cost Metrics cost metrics follow the same procedure.

Registered ALTO Cost Metric cost metric identifiers MUST conform to the
syntactical requirements specified in Section 10.6. Identifiers are
to be recorded and displayed as strings.

As specified in Section 10.6, identifiers prefixed with 'priv:' "priv:" are
reserved for Private Use.

Requests to add a new value to the registry MUST include the
following information:

o Identifier: The name of the desired ALTO Cost Metric. cost metric.

o Intended Semantics: ALTO Costs costs carry with them semantics to guide
their usage by ALTO Clients. clients. For example, if a value refers to a
measurement, the measurement units must be documented. For proper
implementation of the ordinal Cost Mode cost mode (e.g., by a third-party
service), it should be documented whether higher or lower values
of the cost are more preferred.

o Security Considerations: ALTO Costs costs expose information to ALTO
Clients.
clients. As such, proper usage of a particular Cost Metric cost metric may
require certain information to be exposed by an ALTO Service
Provider. service
provider. Since network information is frequently regarded as
proprietary or confidential, ALTO Service Providers service providers should be made
aware of the security ramifications related to usage of a Cost
Metric. cost
metric.

This specification requests registration of the identifier
'routingcost'.
"routingcost". Semantics for the this Cost Metric cost metric are documented in
Section 6.1.1.1, and security considerations are documented in
Section 15.3.

14.3. ALTO Endpoint Property Type Registry

This document requests

IANA has created and now maintains the creation of an ALTO "ALTO Endpoint Property
Types registry, Type
Registry", listed in Table 4, to be maintained by IANA. 4.

+------------+--------------------+
| Identifier | Intended Semantics |
+------------+--------------------+
| pid | See Section 7.1.1 |
| priv: | Private use |
+------------+--------------------+

Table 4: ALTO Endpoint Property Types. Types

The maintenance of this registry is similar to that of the preceding
ALTO Cost Metrics. cost metrics. That is, the registry will be is maintained by IANA,
subject to the description in Section 10.8.2.

New Endpoint Property Types

New endpoint property types are assigned after IETF Review [RFC5226]
to ensure that proper documentation regarding ALTO Endpoint Property
Type endpoint property
type semantics and security considerations has been provided.
Updates and deletions of ALTO Endpoint Property Type endpoint property types follow the same
procedure.

Registered ALTO Endpoint Property Type endpoint property type identifiers MUST conform to
the syntactical requirements specified in Section 10.8.1.
Identifiers are to be recorded and displayed as strings.

As specified in Section 10.8.1, identifiers prefixed with 'priv:' "priv:" are
reserved for Private Use.

Requests to add a new value to the registry MUST include the
following information:

o Identifier: The name of the desired ALTO Endpoint Property Type. endpoint property type.

o Intended Semantics: ALTO Endpoint Properties endpoint properties carry with them
semantics to guide their usage by ALTO Clients. clients. Hence, a document
defining a new type should provide guidance to both ALTO Service
Providers service
providers and applications utilizing ALTO Clients clients as to how values
of the registered ALTO Endpoint Property endpoint property should be interpreted.
For example, if a value refers to a measurement, the measurement
units must be documented.

o Security Considerations: ALTO Endpoint Properties endpoint properties expose
information to ALTO Clients. clients. ALTO Service Providers service providers should be
made aware of the security ramifications related to the exposure
of an Endpoint Property. endpoint property.

In particular, the request should discuss the sensitivity of the
information, and why such sensitive information is required for ALTO-
based operations. It may recommend that ISP provide mechanisms for
users to grant or deny consent to such information sharing.
Limitation to a trust domain being a type of consent bounding.

A request defining new Endpoint Properties endpoint properties should focus on exposing
attributes of endpoints that are related to the goals of ALTO --
optimization of application-layer traffic -- as opposed to more
general properties of endpoints. Maintaining this focus on
technical, network-layer data will also help extension developers
avoid the privacy concerns associated with publishing information
about endpoints. For example:

o An extension to indicate the capacity of a server would likely be
appropriate, since server capacities can be used by a client to
choose between multiple equivalent servers. In addition, these
properties are unlikely to be viewed as private information.

o An extension to indicate the geolocation of endpoints might be
appropriate. In some cases, a certain level of geolocation (e.g.,
to the country level) can be useful for selecting content sources.
More precise geolocation, however, is not relevant to content
delivery, and is typically considered private.

o An extension indicating demographic attributes of the owner of an
endpoint (e.g., age, sex, income) would not be appropriate,
because these attributes are not related to delivery optimization,
and because they are clearly private data.

This specification requests registration of the identifier 'pid'. "pid".
Semantics for this property is are documented in Section 7.1.1, and
security considerations are documented in Section 15.4.

14.4. ALTO Address Type Registry

This document requests

IANA has created and now maintains the creation of an ALTO "ALTO Address Type registry, Registry",
listed in Table 5, to be maintained by IANA. 5.

Table 5: ALTO Address Types. Types

This registry serves two purposes. First, it ensures uniqueness of
identifiers referring to ALTO Address Types. address types. Second, it states the
requirements for allocated Address Type address type identifiers.

New ALTO Address Types address types are assigned after IETF Review [RFC5226] to
ensure that proper documentation regarding the new ALTO Address Types address types
and their security considerations has been provided. RFCs defining
new Address Types address types should indicate how an address of a registered type
is encoded as an EndpointAddr and, if possible, a compact method
(e.g., IPv4 and IPv6 prefixes) for encoding a set of addresses as an
EndpointPrefix. Updates and deletions of ALTO Address Types address types follow
the same procedure.

Registered ALTO Address Type address type identifiers MUST conform to the
syntactical requirements specified in Section 10.4.2. Identifiers
are to be recorded and displayed as strings.

Requests to add a new value to the registry MUST include the
following information:

o Identifier: The name of the desired ALTO Address Type. address type.

o Endpoint Address Encoding: The procedure for encoding an address
of the registered type as an EndpointAddr (see Section 10.4.3).

o Endpoint Prefix Encoding: The procedure for encoding a set of
addresses of the registered type as an EndpointPrefix (see
Section 10.4.4). If no such compact encoding is available, the
same encoding used for a singular address may be used. In such a
case, it must be documented that sets of addresses of this type
always have exactly one element.

o Mapping to/from IPv4/IPv6 Addresses: If possible, a mechanism to
map addresses of the registered type to and from IPv4 or IPv6
addresses should be specified.

o Security Considerations: In some usage scenarios, Endpoint
Addresses endpoint
addresses carried in ALTO Protocol messages may reveal information
about an ALTO Client client or an ALTO Service Provider. service provider. Applications
and ALTO Service Providers service providers using addresses of the registered type
should be made aware of how (or if) the addressing scheme relates
to private information and network proximity.

This specification requests registration of the identifiers 'ipv4' "ipv4"
and 'ipv6', "ipv6", as shown in Table 5.

14.5. ALTO Error Code Registry

This document requests

IANA has created and now maintains the creation of an ALTO "ALTO Error Code registry,
to be maintained by IANA. Registry".
Initial values are listed in Table 1, and recommended usage of the Error Codes
error codes is specified in Section 8.5.2.

Although the Error Codes error codes defined in Table 1 are already quite
complete, future extensions may define new Error Codes. error codes. The ALTO "ALTO
Error Code registry Registry" ensures the uniqueness of Error Codes error codes when new
Error Codes
error codes are added.

New ALTO Error Codes error codes are assigned after IETF Review [RFC5226] to
ensure that proper documentation regarding the new ALTO Error Codes error codes
and their usage has been provided.

A request to add a new ALTO Error Code error code to the registry MUST include
the following information:

o Error Code: A string starting with E_ to indicate the error.

o Intended Usage: ALTO Error Codes error codes carry with them semantics to
guide their usage by ALTO Servers servers and Clients. clients. In particular, if
a new Error Code error code indicates conditions that overlap with those of
an existing ALTO Error Code, error code, recommended usage of the new Error
Code error
code should be specified.

15. Security Considerations

Some environments and use cases of ALTO require consideration of
security attacks on ALTO Servers servers and Clients. clients. In order to support
those environments interoperably, the ALTO requirements document
[RFC6708] outlines minimum-to-implement authentication and other
security requirements. This document considers the following threats
and protection strategies.

15.1. Authenticity and Integrity of ALTO Information

15.1.1. Risk Scenarios

An attacker may want to provide false or modified ALTO Information
Resources information
resources or Information Resource Directory an information resource directory to ALTO Clients clients to
achieve certain malicious goals. As an example, an attacker may
provide false endpoint properties. For example, suppose that a
network supports an endpoint property named "hasQuota" "hasQuota", which reports
whether an endpoint has usage quota. An attacker may want to
generate a false reply to lead to unexpected charges to the endpoint.
An attack may also want to provide a false Cost Map. cost map. For example, by
faking a Cost Map cost map that highly prefers a small address range or a
single address, the attacker may be able to turn a distributed
application into a Distributed Denial of Service Distributed-Denial-of-Service (DDoS) tool.

Depending on the network scenario, an attacker can attack
authenticity and integrity of ALTO Information Resources information resources using
various techniques, including, but not limited to, sending forged
DHCP replies in an Ethernet, DNS poisoning, and installing a
transparent HTTP proxy that does some modifications.

15.1.2. Protection Strategies

ALTO protects the authenticity and integrity of ALTO Information information
(both Information Directory information directory and individual Information Resources) information resources) by
leveraging the authenticity and integrity mechanisms in TLS (see
Section 8.3.5).

ALTO Providers service providers who request server certificates and
certification authorities who issue ALTO-specific certificates SHOULD
consider the recommendations and guidelines defined in [RFC6125].

Software engineers developing and service providers deploying ALTO
should make themselves familiar with possibly updated standards
documents as well as up-to-date Best Current Practices on configuring
HTTP over TLS.

15.1.3. Limitations

The protection of HTTP over TLS for ALTO depends on that the domain
name in the URI for the Information Resources information resources is not comprised. This
will depend on the protection implemented by service discovery.

A deployment scenario may require redistribution of ALTO information
to improve scalability. When authenticity and integrity of ALTO
information are still required, then ALTO Clients clients obtaining ALTO
information through redistribution must be able to validate the
received ALTO information. Support for this validation is not
provided in this document, but it may be provided by extension
documents.

15.2. Potential Undesirable Guidance from Authenticated ALTO
Information

15.2.1. Risk Scenarios

The ALTO Service makes services make it possible for an ALTO Provider service provider to
influence the behavior of network applications. An ALTO Provider service
provider may be hostile to some applications and hence and, hence, try to use
ALTO Information
Resources information resources to achieve certain goals [RFC5693]: "redirecting

...redirecting applications to corrupted mediators providing
malicious content, or applying policies in computing Cost Map cost maps
based on criteria other than network efficiency." efficiency.

See [I-D.ietf-alto-deployments] [ALTO-DEPLOYMENT] for additional discussions on faked ALTO Guidance.
guidance.

A related scenario is that an ALTO Server server could unintentionally give
"bad" guidance. For example, if many ALTO Clients clients follow the Cost
Map cost
map or the Endpoint Cost Service guidance without doing additional
sanity checks or adaptation, more preferable hosts and/or links could
get overloaded while less preferable ones remain idle; see AR-14 of
[RFC6708] for related application considerations.

15.2.2. Protection Strategies

To protect applications from undesirable ALTO Information Resources, information resources,
it is important to note that there is no protocol mechanism to
require conforming behaviors on how applications use ALTO Information
Resources. information
resources. An application using ALTO may consider including a
mechanism to detect misleading or undesirable results from using ALTO
Information Resources.
information resources. For example, if throughput measurements do
not show "better-than-random" results when using the Cost Map an ALTO cost map to
select resource providers, the application may want to disable ALTO
usage or switch to an external ALTO Server server provided by an
"independent organization" (see AR-20 and AR-21 in [RFC6708]). If
the first ALTO Server server is provided by the access network service
provider and the access network service provider tries to redirect
access to the external ALTO Server server back to the provider's ALTO Server server
or try to tamper with the responses, the preceding authentication and
integrity protection can detect such a behavior.

15.3. Confidentiality of ALTO Information

15.3.1. Risk Scenarios

Although in

In many cases cases, although ALTO Information Resources information resources may be regarded as
non-confidential information, there are deployment cases where in which
ALTO
Information Resources information resources can be sensitive information that can pose
risks if exposed to unauthorized parties. This document discusses
the risks and protection strategies for such deployment scenarios.

For example, an attacker may infer details regarding the topology,
status, and operational policies of a network through the Network its ALTO
network and
Cost Maps. cost maps. As a result, a sophisticated attacker may be
able to infer more fine-grained topology information than an ISP
hosting an ALTO Server server intends to disclose. The attacker can
leverage the information to mount effective attacks such as focusing
on high-cost links.

Revealing some endpoint properties may also reveal additional
information than the Provider provider intended. For example, when adding the
line bitrate as one endpoint property, such information may be
potentially linked to the income of the habitants at the network
location of an endpoint.

In [RFC6708] Section 5.2.1, 5.2.1 of [RFC6708], three types of risks associated with
the confidentiality of ALTO Information Resources information resources are identified:
risk type (1) Excess disclosure of the ALTO service provider's data
to an authorized ALTO Client; client; risk type (2) Disclosure of the ALTO
service provider's data (e.g., network topology information or
endpoint addresses) to an unauthorized third party; and risk type (3)
Excess retrieval of the ALTO service provider's data by collaborating
ALTO
Clients. [I-D.ietf-alto-deployments] clients. [ALTO-DEPLOYMENT] also discusses information leakage
from ALTO.

15.3.2. Protection Strategies

To address risk types (1) and (3), the Provider provider of an ALTO Server server
must be cognizant that the network topology and provisioning
information provided through ALTO may lead to attacks. ALTO does not
require any particular level of details of information disclosure,
and hence disclosure;
hence, the Provider provider should evaluate how much information is revealed
and the associated risks.

To address risk type (2), the ALTO Protocol needs confidentiality.
Since ALTO requires that HTTP over TLS must be supported, the
confidentiality mechanism is provided by HTTP over TLS.

For deployment scenarios where client authentication is desired to
address risk type (2), ALTO requires that HTTP Digestion
Authentication is supported to achieve ALTO Client Authentication client authentication to
limit the number of parties with whom ALTO information is directly
shared. TLS Client Authentication client authentication may also be supported. Depending
on the use-case use case and scenario, an ALTO Server server may apply other access
control techniques to restrict access to its services. Access
control can also help to prevent Denial-of-Service attacks by
arbitrary hosts from the Internet. See [I-D.ietf-alto-deployments] [ALTO-DEPLOYMENT] for a more
detailed discussion on this issue.

See Section 14.3 on guidelines when registering Endpoint Properties endpoint properties
to protect endpoint privacy.

15.3.3. Limitations

ALTO Information Providers information providers should be cognizant that encryption only
protects ALTO information until it is decrypted by the intended ALTO
Client.
client. Digital Rights Management (DRM) techniques and legal
agreements protecting ALTO information are outside of the scope of
this document.

15.4. Privacy for ALTO Users

15.4.1. Risk Scenarios

The ALTO Protocol provides mechanisms in which the ALTO Client client
serving a user can send messages containing Network Location
Identifiers network location
identifiers (IP addresses or fine-grained PIDs) to the ALTO Server. server.
This is particularly true for the Endpoint Property, the Endpoint
Cost, and the fine-grained Filtered Map services. The ALTO Server server or
a third- third party who is able to intercept such messages can store and
process obtained information in order to analyze user behaviors and
communication patterns. The analysis may correlate information
collected from multiple clients to deduce additional application/
content information. Such analysis can lead to privacy risks. For a
more comprehensive classification of related risk scenarios, see
cases 4, 5, and 6 in [RFC6708], Section 5.2.

15.4.2. Protection Strategies

To protect user privacy, an ALTO Client client should be cognizant about
potential ALTO Server server tracking through client queries, e.g., by using
HTTP cookies. The ALTO Protocol as defined by this document does not
rely on HTTP cookies. ALTO Clients clients MAY decide to not to return cookies
received from the server, in order to make tracking more difficult.
However, this might break protocol extensions that are beyond the
scope of this document.

An ALTO Client client may consider the possibility of relying only on
Network Map ALTO
network maps for PIDs and Cost Map cost maps amongst PIDs to avoid passing IP
addresses of other endpoints (e.g., peers) to the ALTO Server. server. When
specific IP addresses are needed (e.g., when using the Endpoint Cost
Service), an ALTO Client client SHOULD minimize the amount of information
sent in IP addresses. For example, the ALTO Client client may consider
obfuscation techniques such as specifying a broader address range
(i.e., a shorter prefix length) or by zeroing out or randomizing the
last few bits of IP addresses. Note that obfuscation may yield less
accurate results.

15.5. Availability of ALTO Service Services

15.5.1. Risk Scenarios

An attacker may want to disable the ALTO Service services of a network as a
way to disable network guidance to large scale applications.In applications. In
particular, queries
which that can be generated with low effort but result
in expensive workloads at the ALTO Server server could be exploited for
Denial-of-Service attacks. For instance, a simple ALTO query with n Source Network
Locations
source network locations and m Destination Network Locations destination network locations can be
generated fairly easily but results in the computation of n*m Path Costs path
costs between pairs by the ALTO Server server (see Section 5.2).

15.5.2. Protection Strategies

The ALTO Provider service provider should be cognizant of the workload at the
ALTO Server server generated by certain ALTO Queries, such as certain
queries to the Map Service, the Map Filtering Map-Filtering Service and the
Endpoint Cost (Ranking) Service. One way to limit Denial-of-Service
attacks is to employ access control to the ALTO Server. server. The ALTO Server
server can also indicate overload and reject repeated requests that
can cause availability problems. More advanced protection schemes
such as computational puzzles [I-D.jennings-sip-hashcash] [SIP] may be considered in an extension
document.

An ALTO Provider service provider should also leverage the fact that the Map
Service allows ALTO Servers servers to pre-generate maps that can be
distributed to many ALTO Clients. clients.

16. Manageability Considerations

This section details operations and management considerations based
on existing deployments and discussions during protocol development.
It also indicates where extension documents are expected to provide
appropriate functionality discussed in [RFC5706] as additional
deployment experience becomes available.

16.1. Operations

16.1.1. Installation and Initial Setup

The ALTO Protocol is based on HTTP. Thus, configuring an ALTO Server server
may require configuring the underlying HTTP server implementation to
define appropriate security policies, caching policies, performance
settings, etc.

Additionally, an ALTO Service Provider service provider will need to configure the
ALTO information to be provided by the ALTO Server. server. The granularity
of the topological map and the cost map maps is left to the specific
policies of the ALTO Service Provider. service provider. However, a reasonable default
may include two PIDs, one to hold the endpoints in the provider's
network and the second PID to represent full IPv4 and IPv6
reachability (see Section 11.2.2), with the cost between each source/
destination PID set to 1. Another operational issue that the ALTO
Service Provider
service provider needs to consider is that the filtering service can
degenerate into a full map service when the filtering input is empty.
Although this choice as the degeneration behavior provides
continuity, the computational and network load of serving full maps
to a large number of ALTO Clients clients should be considered.

Implementers employing an ALTO Client client should attempt to automatically
discover an appropriate ALTO Server. server. Manual configuration of the
ALTO Server server location may be used where automatic discovery is not
appropriate. Methods for automatic discovery and manual
configuration are discussed in [I-D.ietf-alto-server-discovery]. [ALTO-SERVER-DISC].

Specifications for underlying protocols (e.g., TCP, HTTP, TLS) should
be consulted for their available settings and proposed default
configurations.

16.1.2. Migration Path

This document does not detail a migration path for ALTO Servers servers since
there is no previous standard protocol providing the similar
functionality.

There are existing applications making use of network information
discovered from other entities such as whois, geo-location databases,
or round-trip time measurements, etc. Such applications should
consider using ALTO as an additional source of information; ALTO need
not be the sole source of network information.

16.1.3. Dependencies on Other Protocols and Functional Components

The ALTO Protocol assumes that HTTP client and server implementations
exist. It also assumes that JSON encoder and decoder implementations
exist.

An ALTO Server server assumes that it can gather sufficient information to
populate Network and Cost maps. "Sufficient information" is
dependent on the information being exposed, but likely includes
information gathered from protocols such as IGP and EGP Routing
Information Bases (see Figure 1). Specific mechanisms have been
proposed (e.g., [I-D.medved-alto-svr-apis]) [ALTO-SVR-APIS]) and are expected to be provided in
extension documents.

16.1.4. Impact and Observation on Network Operation

ALTO presents a new opportunity for managing network traffic by
providing additional information to clients. In particular, the
deployment of an ALTO Server server may shift network traffic patterns, and
the potential impact to network operation can be large. An ALTO
Service Provider
service provider should ensure that appropriate information is being
exposed. Privacy implications for ISPs are discussed in
Section 15.3.

An ALTO Service Provider service provider should consider how to measure impacts on
(or integration with) traffic engineering, in addition to monitoring
correctness and responsiveness of ALTO Servers. servers. The measurement of
impacts can be challenging because ALTO-enabled applications may not
provide related information back to the ALTO Service Provider. service provider.
Furthermore, the measurement of an ALTO Service Provider service provider may show
that ALTO Clients clients are not bound to ALTO Server server guidance as ALTO is
only one source of information.

While it can be challenging to measure the impact of ALTO guidance,
there exist some possible techniques. In certain trusted deployment
environments, it may be possible to collect information directly from
ALTO clients. It may also be possible to vary or selectively disable
ALTO guidance for a portion of ALTO clients either by time,
geographical region, or some other criteria to compare the network
traffic characteristics with and without ALTO.

Both ALTO Service Providers service providers and those using ALTO Clients clients should be
aware of the impact of incorrect or faked guidance (see
[I-D.ietf-alto-deployments]).
[ALTO-DEPLOYMENT]).

16.2. Management

16.2.1. Management Interoperability

A common management API would be desirable given that ALTO Servers servers
may typically be configured with dynamic data from various sources,
and ALTO Servers servers are intended to scale horizontally for fault-
tolerance and reliability. A specific API or protocol is outside the
scope of this document, but may be provided by an extension document.

Logging is an important functionality for ALTO Servers servers and, depending
on the deployment, ALTO Clients. clients. Logging should be done via syslog
[RFC5424].

16.2.2. Management Information

A Management Information Model (see Section 3.2 of [RFC5706]) is not
provided by this document, but should be included or referenced by
any extension documenting an ALTO-related management API or protocol.

16.2.3. Fault Management

An ALTO Service Provider service provider should monitor whether any ALTO Servers servers have
failed. See Section 16.2.5 for related metrics which that may indicate
server failures.

16.2.4. Configuration Management

Standardized approaches and protocols to configuration management for
ALTO are outside the scope of this document, but this document does
outline high-level principles suggested for future standardization
efforts.

An ALTO Server server requires at least the following logical inputs:

o Data sources from which ALTO Information information resources is derived.
This can
either be either raw network information (e.g., from routing
elements) or pre-processed ALTO-level information in the form forms of a Network Map,
Cost Map,
network maps, cost maps, etc.

o Algorithms for computing the ALTO information returned to clients.
These could either return either information from a database, database or
information customized for each client.

o Security policies mapping potential clients to the information
that they have privilege to access.

Multiple ALTO Servers servers can be deployed for scalability. A centralized
configuration database may be used to ensure they are providing the
desired ALTO information with appropriate security controls. The
ALTO information (e.g., Network Maps network maps and Cost Maps) cost maps) being served by
each ALTO Server, server, as well as security policies (HTTP authentication,
TLS client and server authentication, TLS encryption parameters)
intended to serve the same information should be monitored for
consistency.

16.2.5. Performance Management

An exhaustive list of desirable performance information from ALTO
Servers
servers and ALTO Clients clients are outside of the scope of this document.
The following is a list of suggested ALTO-specific metrics to be
monitored based on the existing deployment and protocol development
experience:

o Requests and responses for each service listed in a Information
Directory an information
directory (total counts and size in bytes). bytes);

o CPU and memory utilization utilization;

o ALTO map updates updates;

o Number of PIDs PIDs;

o ALTO map sizes (in-memory size, encoded size, number of entries) entries).

16.2.6. Security Management

Section 15 documents ALTO-specific security considerations.
Operators should configure security policies with those in mind.
Readers should refer to HTTP [RFC2616] [RFC7230] and TLS [RFC5246] and related
documents for mechanisms available for configuring security policies.
Other appropriate security mechanisms (e.g., physical security,
firewalls, etc) etc.) should also be considered.

17. References

17.1. Normative References

[RFC1812] Baker, F., "Requirements for IP Version 4 Routers", RFC
1812, June 1995.

[RFC2046] Freed, N. and N. Borenstein, "Multipurpose Internet Mail
Extensions (MIME) Part Two: Media Types", RFC 2046,
November 1996.

[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.

[RFC2616] Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
Transfer Protocol -- HTTP/1.1", RFC 2616, June 1999.

[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Resource Identifier (URI): Generic Syntax", STD 66, RFC
3986, January 2005.

[RFC4632] Fuller, V. and T. Li, "Classless Inter-domain Routing
(CIDR): The Internet Address Assignment and Aggregation
Plan", BCP 122, RFC 4632, August 2006.

[RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", BCP 26, RFC 5226,
May 2008.

[RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security
(TLS) Protocol Version 1.2", RFC 5246, August 2008.

[RFC5389] Rosenberg, J., Mahy, R., Matthews, P., and D. Wing,
"Session Traversal Utilities for NAT (STUN)", RFC 5389,
October 2008.

[RFC5424] Gerhards, R., "The Syslog Protocol", RFC 5424, March 2009.

[RFC5952] Kawamura, S. and M. Kawashima, "A Recommendation for IPv6
Address Text Representation", RFC 5952, August 2010.

[RFC6125] Saint-Andre, P. and J. Hodges, "Representation and
Verification of Domain-Based Application Service Identity
within Internet Public Key Infrastructure Using X.509
(PKIX) Certificates in the Context of Transport Layer
Security (TLS)", RFC 6125, March 2011.

17.2. Informative References

[BitTorrent]
"Bittorrent Protocol Specification v1.0",
<http://wiki.theory.org/BitTorrentSpecification>.

[Fielding-Thesis]

[RFC7230] Fielding, R., "Architectural Styles R. and the Design of
Network-based Software Architectures", University of
California, Irvine, Dissertation 2000, 2000.

[I-D.akonjang-alto-proxidor]
Akonjang, O., Feldmann, A., Previdi, S., Davie, B., J. Reschke, "Hypertext Transfer Protocol
(HTTP/1.1): Message Syntax and D.
Saucez, "The PROXIDOR Service",
draft-akonjang-alto-proxidor-00 (work in progress),
March 2009.

[I-D.ietf-alto-deployments] Routing", RFC 7230, June
2014.

17.2. Informative References

[ALTO-DEPLOYMENT]
Stiemerling, M., Ed., Kiesel, S., Ed., Previdi, S., and M.
Scharf, "ALTO Deployment Considerations",
draft-ietf-alto-deployments-09 (work Work in progress),
Progress, February 2014.

[I-D.ietf-alto-server-discovery]
Kiesel,

[ALTO-INFOEXPORT]
Shalunov, S., Stiemerling, M., Schwan, N., Scharf, M., Penno, R., and
S. Yongchao, "ALTO Server Discovery",
draft-ietf-alto-server-discovery-10 (work in progress),
September 2013.

[I-D.ietf-httpbis-p2-semantics]
Fielding, R. and J. Reschke, "Hypertext Transfer Protocol
(HTTP/1.1): Semantics and Content",
draft-ietf-httpbis-p2-semantics-26 (work in progress),
February 2014.

[I-D.jenkins-alto-cdn-use-cases]
Niven-Jenkins, B., Watson, G., Bitar, N., Medved, J., and
S. Previdi, "Use Cases for ALTO within CDNs",
draft-jenkins-alto-cdn-use-cases-03 (work in progress),
June 2012.

[I-D.jennings-sip-hashcash]
Jennings, C., "Computational Puzzles for SPAM Reduction in
SIP", draft-jennings-sip-hashcash-06 (work in progress),
July 2007.

[I-D.medved-alto-svr-apis]
Medved, J., Ward, D., Peterson, J., Woundy, R., and D.
McDysan, "ALTO Network-Server and Server-Server APIs",
draft-medved-alto-svr-apis-00 (work in progress),
March 2011.

[I-D.p4p-framework]
Alimi, R., Pasko, D., Popkin, L., Wang, Y., and Y. Yang,
"P4P: Provider Portal for P2P Applications",
draft-p4p-framework-00 (work Information
Export Service", Work in progress), November Progress, October 2008.

[I-D.saumitra-alto-multi-ps]

[ALTO-MULTI-PS]
Das, S., Narayanan, V., and L. Dondeti, "ALTO: A Multi
Dimensional Peer Selection Problem",
draft-saumitra-alto-multi-ps-00 (work Work in progress), Progress,
October 2008.

[I-D.saumitra-alto-queryresponse]

[ALTO-QUERYRESPONSE]
Das, S. and V. Narayanan, "A Client to Service Query
Response Protocol for ALTO",
draft-saumitra-alto-queryresponse-00 (work Work in progress), Progress, March 2009.

[I-D.shalunov-alto-infoexport]
Shalunov,

[ALTO-SERVER-DISC]
Kiesel, S., Penno, R., Stiemerling, M., Schwan, N., Scharf, M., and R.
H. Song, "ALTO Server Discovery", Work in Progress,
September 2013.

[ALTO-SVR-APIS]
Medved, J., Ward, D., Peterson, J., Woundy, R., and D.
McDysan, "ALTO Information
Export Service", draft-shalunov-alto-infoexport-00 (work Network-Server and Server-Server APIs",
Work in progress), October 2008.

[I-D.wang-alto-p4p-specification]
Wang, Y., Alimi, Progress, March 2011.

[ALTO-USE-CASES]
Niven-Jenkins, B., Watson, G., Bitar, N., Medved, J., and
S. Previdi, "Use Cases for ALTO within CDNs", Work in
Progress, June 2012.

[BitTorrent]
"Bittorrent Protocol Specification v1.0",
<http://wiki.theory.org/BitTorrentSpecification>.

[Fielding-Thesis]
Fielding, R., Pasko, D., Popkin, L., "Architectural Styles and Y. Yang,
"P4P Protocol Specification",
draft-wang-alto-p4p-specification-00 (work in progress),
March 2009. the Design of
Network-based Software Architectures", University of
California, Irvine, Dissertation 2000, 2000.

[IEEE.754.2008]
Institute of Electrical and Electronics Engineers,
"Standard for Binary Floating-Point Arithmetic", IEEE
Standard 754, August 2008.

[P4P-FRAMEWORK]
Alimi, R., Pasko, D., Popkin, L., Wang, Y., and Y. Yang,
"P4P: Provider Portal for P2P Applications", Work in
Progress, November 2008.

[P4P-SIGCOMM08]
Xie, H., Yang, Y., Krishnamurthy, A., Liu, Y., and A.
Silberschatz, "P4P: Provider Portal for (P2P)
Applications", SIGCOMM 2008, August 2008.

[P4P-SPEC]
Wang, Y., Alimi, R., Pasko, D., Popkin, L., and Y. Yang,
"P4P Protocol Specification", Work in Progress, March
2009.

[PROXIDOR]
Akonjang, O., Feldmann, A., Previdi, S., Davie, B., and D.
Saucez, "The PROXIDOR Service", Work in Progress, March
2009.

[RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818, May 2000.

[RFC4627] Crockford, D., "The application/json Media Type for
JavaScript Object Notation (JSON)", RFC 4627, July 2006.

[RFC5693] Seedorf, J. and E. Burger, "Application-Layer Traffic
Optimization (ALTO) Problem Statement", RFC 5693, October
2009.

[RFC5706] Harrington, D., "Guidelines for Considering Operations and
Management of New Protocols and Protocol Extensions", RFC
5706, November 2009.

[RFC6144] Baker, F., Li, X., Bao, C., and K. Yin, "Framework for
IPv4/IPv6 Translation", RFC 6144, April 2011.

[RFC6296] Wasserman, M. and F. Baker, "IPv6-to-IPv6 Network Prefix
Translation", RFC 6296, June 2011.

[RFC6708] Kiesel, S., Previdi, S., Stiemerling, M., Woundy, R., and
Y. Yang, "Application-Layer Traffic Optimization (ALTO)
Requirements", RFC 6708, September 2012.

[RFC7159] Bray, T., "The JavaScript Object Notation (JSON) Data
Interchange Format", RFC 7159, March 2014.

[RFC7231] Fielding, R. and J. Reschke, "Hypertext Transfer Protocol
(HTTP/1.1): Semantics and Content", RFC 7231, June 2014.

[SIP] Jennings, C., "Computational Puzzles for SPAM Reduction in
SIP", Work in Progress, July 2007.

Appendix A. Acknowledgments

Thank you to Sebastian Kiesel (University of Stuttgart) and Jan Seedorf (NEC) for substantial contributions to the
Security Considerations section. Ben Niven-Jenkins (Velocix),
Michael Scharf Scharf, and Sabine Randriamasy (Alcatel-Lucent) gave
substantial feedback and suggestions on the protocol design.

We are particularly grateful to
the substantial contributions of Wendy Roome (Alcatel-Lucent).

We would like to thank the following people whose input and
involvement was indispensable in achieving this merged proposal:

Obi Akonjang (DT Labs/TU Berlin),

Saumitra M. Das (Qualcomm Inc.),

Syon Ding (China Telecom),

Doug Pasko (Verizon),

Laird Popkin (Pando Networks),

Satish Raghunath (Juniper Networks),

Albert Tian (Ericsson/Redback),

Yu-Shun Wang (Microsoft),

David Zhang (PPLive),

Yunfei Zhang (China Mobile).

We would also like to thank the following additional people who were
involved in the projects that contributed to this merged document:
Alex Gerber (ATT), Chris Griffiths (Comcast), Ramit Hora (Pando
Networks), Arvind Krishnamurthy (University of Washington), Marty
Lafferty (DCIA), Erran Li (Bell Labs), Jin Li (Microsoft), Y. Grace
Liu (IBM Watson), Jason Livingood (Comcast), Michael Merritt (ATT),
Ingmar Poese (DT Labs/TU Berlin), James Royalty (Pando Networks),
Damien Saucez (UCL) Thomas Scholl (ATT), Emilio Sepulveda
(Telefonica), Avi Silberschatz (Yale University), Hassan Sipra (Bell
Canada), Georgios Smaragdakis (DT Labs/TU Berlin), Haibin Song
(Huawei), Oliver Spatscheck (ATT), See-Mong Tang (Microsoft), Jia
Wang (ATT), Hao Wang (Yale University), Ye Wang (Yale University),
Haiyong Xie (Yale University).

Stanislav Shalunov would like to thank BitTorrent, where he worked
while contributing to ALTO development.

Appendix B. Design History and Merged Proposals

The ALTO Protocol specified in this document consists of
contributions from

o P4P [I-D.p4p-framework], [P4P-FRAMEWORK], [P4P-SIGCOMM08],
[I-D.wang-alto-p4p-specification]; [P4P-SPEC];

o ALTO Info-Export [I-D.shalunov-alto-infoexport]; [ALTO-INFOEXPORT];

o Query/Response [I-D.saumitra-alto-queryresponse],
[I-D.saumitra-alto-multi-ps]; [ALTO-QUERYRESPONSE], [ALTO-MULTI-PS]; and

o Proxidor [I-D.akonjang-alto-proxidor].

Appendix C. Authors

[[CmtAuthors: RFC Editor: Please move information in this section to
the Authors' Addresses section at publication time.]]

Sebastian Kiesel
University of Stuttgart Computing Center
Networks and Communication Systems Department
Allmandring 30
70550 Stuttgart
Germany

Email: ietf-alto@skiesel.de

Stefano Previdi
Cisco

Email: sprevidi@cisco.com

Wendy Roome
Alcatel Lucent

Email: w.roome@alcatel-lucent.com
Stanislav Shalunov
BitTorrent

Email: shalunov@bittorrent.com

Richard Woundy
Comcast

Richard_Woundy@cable.comcast.com [PROXIDOR].

Authors' Addresses

Richard Alimi (editor)
Google
1600 Amphitheatre Parkway
Mountain View View, CA 94043
USA

Email:

EMail: ralimi@google.com

Reinaldo Penno (editor)
Cisco Systems Systems, Inc.
170 West Tasman Dr
San Jose Jose, CA 95134
USA

Email:

EMail: repenno@cisco.com

Y. Richard Yang (editor)
Yale University
51 Prospect St
New Haven Haven, CT 06511
USA

Email:

EMail: yry@cs.yale.edu
Sebastian Kiesel
University of Stuttgart Information Center
Networks and Communication Systems Department
Allmandring 30
Stuttgart 70550
Germany

EMail: ietf-alto@skiesel.de

Stefano Previdi
Cisco Systems, Inc.
Via Del Serafico, 200
Rome 00142
Italy

EMail: sprevidi@cisco.com

Wendy Roome
Alcatel-Lucent
600 Mountain Ave.
Murray Hill, NJ 07974
USA

EMail: w.roome@alcatel-lucent.com

Stanislav Shalunov
Open Garden
751 13th St
San Francisco, CA 94130
USA

EMail: shalunov@shlang.com

Richard Woundy
Comcast Cable Communications
One Comcast Center
1701 John F. Kennedy Boulevard
Philadelphia, PA 19103
USA

EMail: Richard_Woundy@cable.comcast.com