<?xml version="1.0"encoding="US-ASCII"?>encoding="UTF-8"?> <!DOCTYPE rfc SYSTEM"rfc2629.dtd"> <?rfc toc="yes"?> <?rfc tocompact="yes"?> <?rfc tocdepth="4"?> <?rfc tocindent="yes"?> <?rfc symrefs="yes"?> <?rfc sortrefs="yes"?> <?rfc comments="yes"?> <?rfc inline="yes"?> <?rfc compact="yes"?>"rfc2629-xhtml.ent"> <rfc xmlns:xi="http://www.w3.org/2001/XInclude" submissionType="IETF" category="std" consensus="true" docName="draft-ietf-cdni-request-routing-extensions-08"ipr="trust200902">number="8804" ipr="trust200902" obsoletes="" updates="" xml:lang="en" tocInclude="true" tocDepth="4" symRefs="true" sortRefs="true" version="3"> <front> <title abbrev="CDNI Request RoutingExtensions">CDNIExtensions">Content Delivery Network Interconnection (CDNI) Request Routing Extensions</title> <seriesInfo name="RFC" value="8804"/> <author fullname="Ori Finkelman" initials="O." surname="Finkelman"> <organization>Qwilt</organization> <address> <postal> <street>6, Ha'harash</street> <city>Hod HaSharon</city><region></region><region/> <code>4524079</code> <country>Israel</country> </postal><phone></phone><phone/> <email>ori.finkelman.ietf@gmail.com</email> </address> </author> <author fullname="Sanjay Mishra" initials="S." surname="Mishra"> <organization>Verizon</organization> <address> <postal> <street>13100 Columbia Pike</street> <city>Silver Spring</city> <region>MD</region> <code>20904</code><country>USA</country><country>United States of America</country> </postal><phone></phone><phone/> <email>sanjay.mishra@verizon.com</email> </address> </author><date/><date year="2020" month="September"/> <abstract> <t>Open Caching architecture is a use case of Content DeliveryNetworksNetwork Interconnection (CDNI) in which the commercial Content Delivery Network (CDN) is the upstream CDN (uCDN) and the ISP caching layer serves as the downstream CDN (dCDN).The extensions specified in thisThis document defines extensions to the CDNI Metadata Interface (MI) and the Footprintand& CapabilitiesInterface (FCI)Advertisement interface (FCI). These extensions are derived from requirements raised by Open Caching but are also applicable to CDNI use cases ingeneral.</t>general. </t> </abstract> </front> <middle> <sectiontitle="Introduction">numbered="true" toc="default"> <name>Introduction</name> <t>The<xref target="SVA">StreamingStreaming VideoAlliance</xref>Alliance <xref target="SVA" format="default"/> is a global association that works to solve streaming video challenges in an effort to improve end-user experience and adoption. The<xref target="OCWG">OpenOpen Caching WorkingGroup</xref>Group <xref target="OCWG" format="default"/> of the<xref target="SVA">StreamingStreaming VideoAlliance</xref>Alliance <xref target="SVA" format="default"/> is focused on the delegation of video delivery requests from commercial CDNs to a caching layer at theInternet Service Provider's (ISP)ISP's network. Open Caching architecture is a specific use case of CDNI where the commercial CDN is the upstream CDN (uCDN) and the ISP caching layer is the downstream CDN (dCDN). The<xref target="OC-RR">OpenOpen Caching Request RoutingSpecification</xref>Functional Specification <xref target="OC-RR" format="default"/> defines the Request Routing process and the interfaces that are required for its provisioning. This document definesand registersthe CDNI metadata object <xreftarget="RFC8006"/>target="RFC8006" format="default"/> and the CDNI Footprint and Capabilities object <xreftarget="RFC8008"/>target="RFC8008" format="default"/> that are required for Open Caching RequestRouting. ForRouting:</t> <ul spacing="normal"> <li>Redirect Target Capability (for dCDN advertising redirect target address)</li> <li>Fallback Target Metadata (for uCDN configuring fallback target address)</li> </ul> <t>This document also registers CDNI Payload Types <xref target="RFC7736" format="default"/> for these defined objects. </t> <t>For consistency with other CDNIdocumentsdocuments, this document follows the CDNI convention of uCDN (upstream CDN) and dCDN (downstream CDN) to represent the commercial CDN and ISP cachinglayerlayer, respectively.</t><t>This document also registers CDNI Payload Types <xref target="RFC7736"/> for the defined objects: <list style="symbols"> <t>Redirect Target Capability (for dCDN advertising redirect target address)</t> <t>Fallback Target Metadata (for uCDN configuring fallback target address)</t> </list> </t><section anchor="terminology"title="Terminology">numbered="true" toc="default"> <name>Terminology</name> <t>The following terms are used throughout thisdocument: <list style="symbols"> <t>FQDN - Fullydocument:</t> <dl newline="false" spacing="normal" indent="8"> <dt>FQDN</dt> <dd>Fully Qualified DomainName</t> <t>CDN - ContentName</dd> <dt>CDN</dt> <dd>Content DeliveryNetwork</t> </list> </t>Network</dd> </dl> <t>Additionally, this document reuses the terminology defined in <xreftarget="RFC6707"/>,target="RFC6707" format="default"/>, <xreftarget="RFC7336"/>,target="RFC7336" format="default"/>, <xreftarget="RFC8006"/>,target="RFC8006" format="default"/>, <xreftarget="RFC8007"/>,target="RFC8007" format="default"/>, and <xreftarget="RFC8008"/>.target="RFC8008" format="default"/>. Specifically, we use the following CDNIacronyms: <list style="symbols"> <t>FCI - Footprint and Capability Interfaceacronyms:</t> <dl newline="false" spacing="normal" indent="8"> <dt>FCI</dt> <dd>Footprint & Capabilities Advertisement interface (see <xreftarget="RFC8008"/>)</t> <t>MI - Metadatatarget="RFC8008" format="default"/>)</dd> <dt>MI</dt> <dd>Metadata Interface (see <xreftarget="RFC8006"/>)</t> <t>uCDN, dCDN - Upstreamtarget="RFC8006" format="default"/>)</dd> <dt>uCDN</dt> <dd>Upstream CDNand Downstream(see <xref target="RFC7336" format="default"/>)</dd> <dt>dCDN</dt> <dd>Downstream CDNrespectively(see <xreftarget="RFC7336"/>)</t> <t>RT - Redirectiontarget="RFC7336" format="default"/>)</dd> <dt>RT</dt> <dd>Redirection Target. Endpoint for redirection from uCDN todCDN.</t> <t>RR - RequestdCDN.</dd> <dt>RR</dt> <dd>Request Router. An element responsible for routing user requests, typically using HTTP redirect or DNS CNAME, depending on the usecase.</t> </list> </t>case.</dd> </dl> </section> <sectiontitle="Requirements Language">numbered="true" toc="default"> <name>Requirements Language</name> <t>The key words"MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY","<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>", "<bcp14>MAY</bcp14>", and"OPTIONAL""<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as described inBCP 14BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they appear in all capitals, as shown here.</t> </section> </section> <section anchor="redirect-target-capability"title="Redirectnumbered="true" toc="default"> <name>Redirect TargetCapability">Capability</name> <t>Iterativerequest redirectionCDNI Request Redirection is defined inSection 1.1 of<xreftarget="RFC7336"/>target="RFC7336" sectionFormat="of" section="1.1"/> and elaborated by examples in Sections3.2<xref target="RFC7336" section="3.2" sectionFormat="bare"/> and3.4<xref target="RFC7336" section="3.4" sectionFormat="bare"/> of <xreftarget="RFC7336"/>.target="RFC7336" format="default"/>. A Redirection Target (RT) is defined inSection 2 of<xreftarget="RFC7975"/>target="RFC7975" sectionFormat="of" section ="2"/> for Recursive Request Redirectionas: </t> <t><list style="empty"> <t> "Theas:</t> <blockquote>The endpoint to which the User Agent is redirected. In CDNI,aan RT may point to a number of different components, some examples include a surrogate in the same CDN as the request router, a request router in a dCDN, or a surrogate in adCDN". </t> </list></t> <t> IndCDN.</blockquote> <t>In thisdocumentdocument, we adopt the same definition of the RT for the Iterative Request Redirect use case. This use case requires the provisioning of the RT address to be used by the uCDN in order to redirect to the dCDN. RT addresses can vary between differentfootprints, forfootprints (for example, between differentregions,regions), and they may also change overtime, for exampletime (for example, as a result of networkproblems.problems). Given this variable and dynamic nature of the redirect target address, it may not be suitable to advertise it during bootstrap. A more dynamic andfootprint orientedfootprint-oriented interface is required.Section 4.3 of<xreftarget="RFC7336"/>target="RFC7336" sectionFormat="of" section="4.3"/> suggests that it could be one of the roles of the FCI <xreftarget="RFC8008"/>.target="RFC8008" format="default"/>. Following this suggestion, we havetherefore,therefore chosen to use the CDNI Footprintand& Capabilities Advertisement interface for redirect target addressadvertisement. </t>advertisement.</t> <t>Usecases<list style="symbols"> <t>Footprint:cases:</t> <ul spacing="normal"> <li>Footprint: The dCDN may want to have a different target per footprint. Note that a dCDN may spread across multiple geographies. This makes it easier to route client requests to a nearby request router. Though this can be achieved using a single canonical name and "Geo DNS", such that in different geographies the same hostname is resolved to different IP address, that approach has limitations; forexampleexample, a client may be using athird partythird-party DNS resolver, making it impossible for the redirector to detect where the client is located, or Geo DNS granularity may be too rough for the requirement of theapplication.</t> <t>Scaling:application.</li> <li>Scaling: The dCDN may choose to scale itsrequest routingRequest Routing service by deploying more request routers in new locations and advertise them via an updatable interface like theFCI.</t> </list></t>FCI.</li> </ul> <t>The Redirect Target capability object is used to indicate the target address the uCDN should use in order to redirect a client to the dCDN. A target may be attached to a specific uCDN host, attached to a list of uCDN hosts, or used globally for all the hosts of theuCDN. </t> <t> WhenuCDN.</t> <t>When a dCDN is attaching the redirect target to a specific uCDN host or a list of uCDN hosts, the dCDNMUST<bcp14>MUST</bcp14> advertise the hosts within the Redirect Target capability object as "redirecting-hosts". In this case, the uCDN can redirect to that dCDN address, only if the User Agent request was to one of these uCDNhosts. </t> <t> Ifhosts.</t> <t>If theredirect targetRedirect Target capability object does not contain a target or the target is empty, the uCDNMUST<bcp14>MUST</bcp14> interpret it as "no target available for these uCDN hosts for the specified footprint". In case such a target was already advertised in a previous FCI object, the uCDNMUST<bcp14>MUST</bcp14> interpret it as an update that deletes the previous redirecttarget. </t>target.</t> <sectiontitle="DNSnumbered="true" toc="default"> <name>DNS RedirectTarget"> <t> ATarget</name> <t>A redirect target for DNS redirection isaan FQDN used as an alias in a CNAME record response (see <xreftarget="RFC1034"/>)target="RFC1034" format="default"/>) of the uCDN DNS router. Note that DNS routers make routing decisions based on either the DNS resolver's IP address or the client IP subnet when EDNS0 client-subnet (ECS) is used (see <xreftarget="RFC7871"/>).target="RFC7871" format="default"/>). The dCDN may choose to advertise redirect targets and footprints to cover both cases, such that the uCDN resolution would route the DNS query toadifferent dCDN CNAMEs according to client subnet or dCDN resolver IP address. This method further allows the dCDN DNS to optimize the resolution by localizing the target CNAMEs. A uCDN implementationSHOULD<bcp14>SHOULD</bcp14> prefer routing based on client IP subnet when the ECS option is present. A dCDN implementation using the ECS optionMUST<bcp14>MUST</bcp14> be aware of the privacy drawbacks listed inSection 2 of<xreftarget="RFC7871"/>target="RFC7871" sectionFormat="of" section="2"/> andSHOULD<bcp14>SHOULD</bcp14> follow the guidelines provided inSection 11.1 of<xreftarget="RFC7871"/>. </t>target="RFC7871" sectionFormat="of" section="11.1"/>.</t> </section> <sectiontitle="HTTPnumbered="true" toc="default"> <name>HTTP RedirectTarget"> <t> ATarget</name> <t>A redirect target for HTTP redirection is the URI to be used as the value for the Location header ofaan HTTP redirect 3xx response, typically a 302 (Found) (seeSection 7.1.2 of<xreftarget="RFC7231"/>target="RFC7231" sectionFormat="of" section="7.1.2"/> andsection 6.4 of<xreftarget="RFC7231"/>).target="RFC7231" sectionFormat="of" section="6.4"/>). </t> </section> <section anchor="redirect-target-capability-properties"title="Propertiesnumbered="true" toc="default"> <name>Properties of Redirect Target CapabilityObject">Object</name> <t>The Redirect Target capability object consists of the following properties:</t><t><list style="empty"> <t>Property: redirecting-hosts<list style="empty"> <t>Description: One<dl newline="false" spacing="normal"> <dt>Property:</dt><dd><t>redirecting-hosts</t> <dl newline="false" spacing="normal"> <dt>Description:</dt><dd>One or more uCDN hosts to which this redirect target is attached. A redirecting hostSHOULD<bcp14>SHOULD</bcp14> be a host that was published in a HostMatch object by the uCDN as defined inSection 4.1.2 of<xreftarget="RFC8006"/>.</t> <t>Type: Atarget="RFC8006" sectionFormat="of" section="4.1.2"/>.</dd> <dt>Type:</dt><dd>A list of Endpoint objects (seeSection 4.3.3 of<xreftarget="RFC8006"/>)</t> <t>Mandatory-to-Specify: No.target="RFC8006" sectionFormat="of" section="4.3.3"/>)</dd> <dt>Mandatory-to-Specify:</dt><dd>No. Ifnot present,absent or empty, the redirect target applies to all hosts of the redirectinguCDN.</t> </list></t> <t>Property: dns-target<list style="empty"> <t>Description: TargetuCDN.</dd> </dl></dd> <dt>Property:</dt><dd><t>dns-target</t> <dl newline="true" spacing="normal"> <dt>Description:</dt><dd>Target CNAME record for DNSredirection.</t> <t>Type: DnsTargetredirection.</dd> <dt>Type:</dt><dd>DnsTarget object (see <xreftarget="dns-target"/>)</t> <t>Mandatory-to-Specify: No.target="dns-target" format="default"/>)</dd> <dt>Mandatory-to-Specify:</dt><dd>No. If the dns-target isnot presentabsent oremptyempty, the uCDNMUST<bcp14>MUST</bcp14> interpret it as "no dns-targetavailable".</t> </list></t> <t>Property: http-target<list style="empty"> <t>Description: Targetavailable".</dd> </dl></dd> <dt>Property:</dt><dd><t>http-target</t> <dl newline="true" spacing="normal"> <dt>Description:</dt><dd>Target URI foraan HTTPredirect.</t> <t>Type: HttpTargetredirect.</dd> <dt>Type:</dt><dd>HttpTarget object (see <xreftarget="http-target"/>)</t> <t>Mandatory-to-Specify: No.target="http-target" format="default"/>)</dd> <dt>Mandatory-to-Specify:</dt><dd>No. If the http-target isnot presentabsent oremptyempty, the uCDNMUST<bcp14>MUST</bcp14> interpret it as "no http-targetavailable".</t> </list></t> </list></t>available".</dd> </dl></dd> </dl> <t>The following is an example of a Redirect Target capability object serialization that advertises a dCDN target address that is attached to a specific list of uCDN "redirecting-hosts". A uCDN host that is included in that list can redirect to the advertised dCDN redirect target. The capabilities object is serialized as a JSON object as defined inSection 5.1 of<xreftarget="RFC8008"/> </t> <figure> <artwork><![CDATA[target="RFC8008" sectionFormat="of" section="5.1"/>.</t> <sourcecode name="" type="json"><![CDATA[ { "capabilities": [ { "capability-type": "FCI.RedirectTarget", "capability-value": { "redirecting-hosts": [ "a.service123.ucdn.example.com", "b.service123.ucdn.example.com" ], "dns-target": { "host": "service123.ucdn.dcdn.example.com" }, "http-target": { "host": "us-east1.dcdn.example.com", "path-prefix": "/cache/1/", "include-redirecting-host": true } }, "footprints": [ <Footprint objects> ] } ] }]]></artwork> </figure>]]></sourcecode> </section> <section anchor="dns-target"title="DnsTarget Object">numbered="true" toc="default"> <name>DnsTarget Object</name> <t>The DnsTarget object gives the target address for the DNS response to delegate from the uCDN to the dCDN.</t><t><list style="empty"> <t>Property: host<list style="empty"> <t>Description: The<dl newline="false" spacing="normal"> <dt>Property:</dt><dd><t>host</t> <dl newline="false" spacing="normal"> <dt>Description:</dt><dd>The host property is a hostname or an IP address, without a portnumber.</t> <t>Type: Endpointnumber.</dd> <dt>Type:</dt><dd>Endpoint object as defined inSection 4.3.3 of<xreftarget="RFC8006"/>target="RFC8006" sectionFormat="of" section="4.3.3"/>, with the limitation that itSHOULD NOT<bcp14>SHOULD NOT</bcp14> include a port number and, in case a port number is present, the uCDNMUST<bcp14>MUST</bcp14> ignoreit.</t> <t>Mandatory-to-Specify: Yes.</t> </list></t> </list></t>it.</dd> <dt>Mandatory-to-Specify:</dt><dd>Yes.</dd> </dl></dd> </dl> <sectiontitle="DNS Target Example">numbered="true" toc="default"> <name>DnsTarget Example</name> <t>The following is an example of the DnsTarget object:</t><figure> <artwork><![CDATA[<sourcecode name="" type="json"><![CDATA[ { "host": "service123.ucdn.dcdn.example.com" }]]></artwork> </figure>]]></sourcecode> <t>The following is an example of a DNS query for uCDN address "a.service123.ucdn.example.com" and the corresponding CNAME redirection response:</t><figure> <artwork><![CDATA[<artwork name="" type="" align="left" alt=""><![CDATA[ Query: a.service123.ucdn.example.com: type A, class IN Response: NAME: a.service123.ucdn.example.com, TYPE: CNAME, CLASS: IN, TTL: 120, RDATA: service123.ucdn.dcdn.example.com ]]></artwork></figure></section> </section> <section anchor="http-target"title="HttpTarget Object">numbered="true" toc="default"> <name>HttpTarget Object</name> <t>The HttpTarget object gives the necessary information to construct the target Location URI for HTTP redirection.</t><t><list style="empty"> <t>Property: host<list style="empty"> <t>Description: Hostname<dl newline="false" spacing="normal"> <dt>Property:</dt><dd><t>host</t> <dl newline="false" spacing="normal"> <dt>Description:</dt><dd>Hostname or IP address and an optional port, i.e., the host and port of the authority component of the URI as described inSection 3.2 of<xreftarget="RFC3986"/>.</t> <t>Type: Endpointtarget="RFC3986" sectionFormat="of" section="3.2"/>.</dd> <dt>Type:</dt><dd>Endpoint object as defined inSection 4.3.3 of<xreftarget="RFC8006"/>.</t> <t>Mandatory-to-Specify: Yes.</t> </list></t> <t>Property: scheme<list style="empty"> <t>Description: Atarget="RFC8006" sectionFormat="of" section="4.3.3"/>.</dd> <dt>Mandatory-to-Specify:</dt><dd>Yes.</dd> </dl></dd> <dt>Property:</dt><dd><t>scheme</t> <dl newline="false" spacing="normal"> <dt>Description:</dt><dd>A URI scheme to be used in the redirect response location construction. When present, the uCDNMUST<bcp14>MUST</bcp14> use the provided scheme in for HTTP redirection to thedCDN.</t> <t>Type: AdCDN.</dd> <dt>Type:</dt><dd>A URI scheme as defined inSection 3.1 of<xreftarget="RFC3986"/>target="RFC3986" sectionFormat="of" section="3.1"/>, represented as a JSON string. The schemeMUST<bcp14>MUST</bcp14> be either "http" or"https".</t> <t>Mandatory-to-Specify: No."https".</dd> <dt>Mandatory-to-Specify:</dt><dd>No. If this property is absent oremptyempty, the uCDN request routerMUST<bcp14>MUST</bcp14> use the same scheme as was used in the original request beforeredirection.</t> </list></t> <t>Property: path-prefix<list style="empty"> <t>Description: Aredirection.</dd> </dl></dd> <dt>Property:</dt><dd><t>path-prefix</t> <dl newline="false" spacing="normal"> <dt>Description:</dt><dd>A path prefix for the HTTP redirect Location header. The original path is appended after thisprefix.</t> <t>Type: Aprefix.</dd> <dt>Type:</dt><dd>A prefix of a path-absolute as defined inSection 3.3 of<xreftarget="RFC3986"/>.target="RFC3986" sectionFormat="of" section="3.3"/>. The prefixMUST<bcp14>MUST</bcp14> end with a trailingslash,slash to indicate the end of the last path segment in theprefix.</t> <t>Mandatory-to-Specify: No.prefix.</dd> <dt>Mandatory-to-Specify:</dt><dd>No. If this property is absent or empty, the uCDNMUST NOT<bcp14>MUST NOT</bcp14> prepend apath prefixpath-prefix to the original content path, i.e., the original pathMUST<bcp14>MUST</bcp14> appear in thelocationLocation URI right after the authoritycomponent.</t> </list></t> <t>Property: include-redirecting-host<list style="empty"> <t>Description: Acomponent.</dd> </dl></dd> <dt>Property:</dt><dd><t>include-redirecting-host</t> <dl newline="false" spacing="normal"> <dt>Description:</dt><dd>A flag indicating whether or not to include the redirecting host as the first path segment after the path-prefix. If set to true and a "path-prefix" is used, the uCDN redirecting hostMUST<bcp14>MUST</bcp14> be added as a separate path segment after the path-prefix and before the original URL path. If set to true and there is no path-prefix, the uCDN redirecting hostMUST<bcp14>MUST</bcp14> be prepended as the first path segment in the redirectURL.</t> <t>Type: Boolean.</t> <t>Mandatory-to-Specify: No.URL.</dd> <dt>Type:</dt><dd>Boolean.</dd> <dt>Mandatory-to-Specify:</dt><dd>No. Default value isFalse.</t> </list></t> </list></t>False.</dd> </dl></dd> </dl> <sectiontitle="HTTP Target Example"> <t>Examplenumbered="true" toc="default"> <name>HttpTarget Example</name> <t>The following is an example of the HttpTarget object with a "scheme", a "path-prefix", and "include-redirecting-host" properties:</t><figure> <artwork><![CDATA[<sourcecode name="" type="json"><![CDATA[ { "host": "us-east1.dcdn.example.com", "scheme": "https", "path-prefix": "/cache/1/", "include-redirecting-host": true }]]></artwork> </figure> <t>Example]]></sourcecode> <t>The following is an example ofaan HTTP request for content at uCDN host "a.service123.ucdn.example.com" and the corresponding HTTP response with a Location header, used for redirecting the client to the dCDN, constructed according to the HttpTarget object from the above example:</t><figure> <artwork><![CDATA[<artwork name="" type="" align="left" alt=""><![CDATA[ Request: GET /vod/1/movie.mp4 HTTP/1.1 Host: a.service123.ucdn.example.com Response: HTTP/1.1 302 Found Location: https://us-east1.dcdn.example.com/cache/1/ a.service123.ucdn.example.com/vod/1/movie.mp4 ]]></artwork></figure></section> </section> <section anchor="redirect-target-usage-example"title="Usage Example"> <t> Beforenumbered="true" toc="default"> <name>Usage Example</name> <t>Before requests can be routed from the uCDN to thedCDNdCDN, the CDNs must exchange service configurations between them. Using the MI, the uCDN advertises out-of-band its hosts to thedCDN,dCDN; each host is designated by a hostname and has its own specific metadata (seeSection 4.1.2 of<xreftarget="RFC8006"/>. The dCDN, usingtarget="RFC8006" sectionFormat="of" section="4.1.2"/>). Using the FCI,advertises, also out-of-band,the dCDN advertises (also out-of-band) the redirect target addressobjectdefined in <xreftarget="redirect-target-capability-properties"/>target="redirect-target-capability-properties" format="default"/> for the relevant uCDN hosts. The following is a generalized example of the message flow betweenan upstream CDNa uCDN and adownstreamdCDN. For simplicity, we focus on the sequence of messages between the uCDN and dCDN and not on how they arepassed. </t> <figure> <artwork><![CDATA[passed.</t> <figure anchor="redirect"> <name>Redirect Target Address Advertisement</name> <artwork name="" type="" align="left" alt=""><![CDATA[ dCDN uCDN + + | | (1) | MI: host: s123.ucdn.example.com | | host-metadata: < metadata > | <-------------------------------------------------------+ | | (2) | FCI: capability-type: FCI.RedirectTarget | | redirecting-hosts: s123.ucdn.example.com | | target host: us-east1.dcdn.example.com | +-------------------------------------------------------> | | | | + +Figure 1: Redirect target address advertisement]]></artwork> </figure><t><list style="numbers"> <t> The<t>Explanation: </t> <ol spacing="normal" type="(%d)"> <li>The uCDN advertises a host (s123.ucdn.example.com) with the hostmetadata. </t> <t> Themetadata.</li> <li>The dCDN advertises its FCI objects to theuCDNuCDN, including aFCI.RedirectTargetRedirect Target capability object that contains the redirect target address (us-east1.dcdn.example.com) specified for that uCDNhost. </t> </list></t> <t> Oncehost.</li> </ol> <t>Once the redirect target has been set, the uCDN can start redirecting user requests to the dCDN. The following is a generic sequence of redirection using the host and redirect target that were advertised inFigure 1 above. </t> <figure> <artwork><![CDATA[<xref target="redirect"/>.</t> <figure anchor="generic"> <name>Generic Request Redirection Sequence</name> <artwork name="" type="" align="left" alt=""><![CDATA[ End User dCDN uCDN RR + + + | | | (1) | Request sent s123.ucdn.example.com | +-----------------------+-----------------------> | | | (2) | Redirect to us-east1.dcdn.example.com | <-----------------------+-----------------------+ | | | (3) | Request us-east1.dcdn.example.com | +-----------------------> | | | | (4) | Response | | <-----------------------+ | | | | + + +Figure 2: Generic requests redirection sequence]]></artwork> </figure><t><list style="numbers"> <t> The<t>Explanation:</t> <ol spacing="normal" type="(%d)"> <li>The End User sends a request (DNS or HTTP) to the uCDN Request Router(RR). </t> <t> Using(RR).</li> <li>Using the previously advertised Redirect Target, the uCDN redirects the request to thedCDN. </t> <t> ThedCDN.</li> <li>The End User sends a request to thedCDN. </t> <t> ThedCDN.</li> <li>The dCDN either sends a response or reroutes it, for example, to a dCDNsurrogate. </t> </list></t>surrogate.</li> </ol> </section> </section> <section anchor="fallback-target-metadata"title="Fallbacknumbered="true" toc="default"> <name>Fallback TargetAddress Metadata">Server Address</name> <t>Open Caching requires that the uCDN provides a fallback target server to thedCDN,dCDN to be used in cases where the dCDN cannot properly handle the request. To avoid redirect loops, the fallback target server's address at the uCDNMUST<bcp14>MUST</bcp14> be different from the original uCDN address from which the client was redirected to the dCDN. The uCDNMUST<bcp14>MUST</bcp14> avoid further redirection when receiving the client request at the fallback target. Thefallback targetFallback Target is defined as a generic metadata object (seeSection 3.2 of<xreftarget="RFC8006"/>)</t>target="RFC8006" sectionFormat="of" section="3.2"/>).</t> <t>Usecases<list style="symbols"> <t>Failover:cases:</t> <ul spacing="normal"> <li>Failover: A dCDN request router receives a request but has no caches to which it can route the request. This can happen in the case of failures or temporary networkoverload.</t> <t>Nooverload.</li> <li>No coverage: A dCDN request router receives a request from a client located in an area inside the footprint but not covered by the dCDN caches or outside the dCDN footprint coverage. In such cases, the router may choose to redirect the request back to the uCDN fallbackaddress.</t> <t>Error:address.</li> <li>Error: A cache may receive a request that it cannot properly serve, for example, some of the metadata objects for that service were not properly acquired. In this case, the cache's "default action" may be to "redirect back touCDN".</t> </list></t>uCDN".</li> </ul> <t>The FallbacktargetTarget metadata object is used to indicate the target address the dCDN should redirect a client to when falling back to the uCDN.FallbackThe fallback target address is represented as anendpointEndpoint object as defined inSection 4.3.3 of<xreftarget="RFC8006"/>.</t>target="RFC8006" sectionFormat="of" section="4.3.3"/>.</t> <t>In DNSredirectionredirection, a CNAME record is used as the fallback target address.</t> <t>In HTTPredirectionredirection, a hostname is used as the fallback target address.</t> <t>When using HTTP redirect to route a client request back to the uCDN, it is the dCDN's responsibility to use the original URL path as the client would have used for the original uCDN request, stripping, if needed, the dCDN path-prefix and/or the uCDN hostname from the redirect URL that may have been used to request the content from the dCDN.</t> <section anchor="fallback-target-metadata-properties"title="Propertiesnumbered="true" toc="default"> <name>Properties of Fallback TargetAddressGeneric MetadataObject">Object</name> <t>The MI.FallbackTargetMetadatageneric metadata object consists of the followingsingle property:</t> <t><list style="empty"> <t>Property: host<list style="empty"> <t>Description: Targettwo properties:</t> <dl newline="false" spacing="normal"> <dt>Property:</dt><dd><t>host</t> <dl newline="false" spacing="normal"> <dt>Description:</dt><dd>Target address to which the dCDN can redirect theclient.</t> <t>Type: Endpointclient.</dd> <dt>Type:</dt><dd>Endpoint object as defined inSection 4.3.3 of<xreftarget="RFC8006"/>target="RFC8006" sectionFormat="of" section="4.3.3"/>, with the limitation that in case of DNSdelegationdelegation, itSHOULD NOT<bcp14>SHOULD NOT</bcp14> include a portnumber and,number, and in case a port number is present, the dCDNMUST<bcp14>MUST</bcp14> ignoreit.</t> <t>Mandatory-to-Specify: Yes.</t> </list></t> <t>Property: scheme<list style="empty"> <t>Description: Ait.</dd> <dt>Mandatory-to-Specify:</dt><dd>Yes.</dd> </dl></dd> <dt>Property:</dt><dd><t>scheme</t> <dl newline="false" spacing="normal"> <dt>Description:</dt><dd>A URI scheme to be used in the redirect response location construction. When present, the dCDNMUST<bcp14>MUST</bcp14> use this scheme in case of HTTP redirection to the uCDN fallbackaddress.</t> <t>Type: Aaddress.</dd> <dt>Type:</dt><dd>A URI scheme as defined inSection 3.1 of<xreftarget="RFC3986"/>target="RFC3986" sectionFormat="of" section="3.1"/>, represented as a JSON string. The schemeMUST<bcp14>MUST</bcp14> be either "http" or"https".</t> <t>Mandatory-to-Specify: No."https".</dd> <dt>Mandatory-to-Specify:</dt><dd>No. In case of HTTP redirection to fallback, if this property is absent or empty, the dCDN redirecting entityMUST<bcp14>MUST</bcp14> use the same scheme as in the request received by thedCDN.</t> </list></t> </list></t> <t>ExampledCDN.</dd> </dl></dd> </dl> <t>The following is an example ofaan MI.FallbackTargetMetadatageneric metadata object that designates the host address the dCDN should use as fallback address to redirect back to theuCDN.</t> <figure> <artwork><![CDATA[uCDN:</t> <sourcecode name="" type="json"><![CDATA[ { "generic-metadata-type": "MI.FallbackTarget", "generic-metadata-value": { "host": "fallback-a.service123.ucdn.example", "scheme": "https" } }]]></artwork> </figure>]]></sourcecode> </section> <section anchor="fallback-address-usage-example"title="Usage Example"> <t> Thenumbered="true" toc="default"> <name>Usage Example</name> <t>The uCDN advertises out-of-band the fallback target address to the dCDN, so that the dCDN may redirect a request back to the uCDN in case the dCDN cannot serve it. Using theMIMI, the uCDN advertises its hosts to the dCDN, along with their specific host metadata (seeSection 4.1.2 of<xreftarget="RFC8006"/>.target="RFC8006" sectionFormat="of" section="4.1.2"/>). The Fallback Target generic metadata object is encapsulated within the "host-metadata" property of each host. The following is an example of a message flow betweenan upstream CDNa uCDN and adownstreamdCDN. For simplicity, we focus on the sequence of messages between the uCDN and dCDN, not on how they arepassed. </t> <figure> <artwork><![CDATA[passed.</t> <figure anchor="fallback"> <name>Advertisement of Host Metadata with Fallback Target</name> <artwork name="" type="" align="left" alt=""><![CDATA[ dCDN uCDN + + | | (1) | MI: host: s123.ucdn.example.com | | host-metadata: | | < metadata objects > | | < MI.FallbackTarget | | host: fallback-a.service123.ucdn.example > | | < metadata objects > | <-------------------------------------------------------+ | | (2) | FCI: capability-type: FCI.RedirectTarget | | redirecting-hosts: s123.ucdn.example.com | | target host: us-east1.dcdn.example.com | +-------------------------------------------------------> | | | | + +Figure 3: Advertisement of host metadata with Fallback Target]]></artwork> </figure><t><list style="numbers"> <t> The<t>Explanation: </t> <ol spacing="normal" type="(%d)"> <li>The uCDN advertises a host (s123.ucdn.example.com) with the host metadata. The host-metadata property containsaan MI.FallbackTargetobject. </t> <t> Thegeneric metadata object.</li> <li>The dCDN advertises its FCI objects to theuCDNuCDN, including aFCI.RedirectTargetRedirect Target capability object that contains the redirect target address (us-east1.dcdn.example.com) specified for that uCDNhost. </t> </list></t> <t> Thehost.</li> </ol> <t>The following is a generic sequence of redirection using the configurations that were advertised inFigure 3 above.<xref target="fallback"/>. In thiscasecase, the dCDN redirects back to the uCDN fallback targetaddress. </t> <figure> <artwork><![CDATA[address.</t> <figure anchor="redirection"> <name>Redirection to Fallback Target</name> <artwork name="" type="" align="left" alt=""><![CDATA[ End User dCDN uCDN fallback uCDN RR + + + + | | | | (1) | Request sent s123.ucdn.example.com | | +-------------------+-------------------+-------------------> | | | | (2) | Redirect to us-east1.dcdn.example.com | | <-------------------+-------------------+-------------------+ | | | | (3) | Request us-east1.dcdn.example.com | | +-------------------> | | | | | | (4) | Redirect back to fallback-a.service123.ucdn.example | <-------------------+ | | | | | | (5) | Request fallback-a.service123.ucdn.example | +---------------------------------------> | | | | | (6) | Response | | | <-------------------+-------------------+ | | | | | + + + +Figure 4: Redirection to Fallback Target]]></artwork> </figure><t><list style="numbers"> <t> The<t>Explanation: </t> <ol spacing="normal" type="(%d)"> <li>The End User sends a request (DNS or HTTP) to the uCDN Request Router(RR). </t> <t> Using(RR).</li> <li>Using the previously advertised Redirect Target, the uCDN redirects the request to thedCDN. </t> <t> ThedCDN.</li> <li>The End User sends a request to thedCDN. </t> <t> ThedCDN.</li> <li>The dCDN cannothandledhandle the requestand, therefore,and therefore redirects it back to the uCDN fallback targetaddress. </t> <t> Theaddress.</li> <li>The End User sends the request to the uCDN fallback targetaddress. </t> <t> Theaddress.</li> <li>The uCDN either sends a response or reroutes it, for example, to a uCDNsurrogate. </t> </list></t>surrogate.</li> </ol> </section> <sectiontitle="uCDN addressing considerations">numbered="true" toc="default"> <name>uCDN Addressing Considerations</name> <t>When advertising fallback addresses to thedCDNdCDN, the uCDNSHOULD<bcp14>SHOULD</bcp14> consider the failure use cases that may lead the dCDN to route requests to uCDN fallback. In extreme dCDN network failures or under denial-of-service (DoS) attacks, requests coming from a large segment or multiple segments of the dCDN may be routed back to the uCDN. The uCDNSHOULD<bcp14>SHOULD</bcp14> therefore design its fallback addressing scheme and its available resources accordingly. A favorable approach would be for the uCDN to use a different fallback target address for each uCDN host, enabling it to load balance the requests using the same methods as it would for its original hosts. See Sections4.1.2<xref target="RFC8006" section="4.1.2" sectionFormat="bare"/> and4.1.3<xref target="RFC8006" section="4.1.3" sectionFormat="bare"/> of <xreftarget="RFC8006"/>target="RFC8006" format="default"/> for a detailed description of how to use GenericMetadata objects within the HostMatch object advertised in the HostIndex of theuCDN. </t>uCDN.</t> </section> </section> <section anchor="IANA"title="IANA Considerations">numbered="true" toc="default"> <name>IANA Considerations</name> <section anchor="IANA.payload"title="CDNInumbered="true" toc="default"> <name>CDNI PayloadTypes"> <t>This document requests the registration ofTypes</name> <t>IANA has registered the following CDNI Payload Typesunderin theIANA"CDNI Payload Types" registry defined in <xreftarget="RFC7736"/>:</t> <texttable> <ttcoltarget="RFC7736" format="default"/>:</t> <table align="center"> <thead> <tr> <th align="left">PayloadType</ttcol> <ttcol align="left">Specification</ttcol> <c>FCI.RedirectTarget</c> <c>RFCthis</c> <c>MI.FallbackTarget</c> <c>RFCthis</c> </texttable> <t>[RFC Editor: Please replace RFCthis with the published RFC number for this document.]</t>Type</th> <th align="left">Specification</th> </tr> </thead> <tbody> <tr> <td align="left">FCI.RedirectTarget</td> <td align="left">RFC 8804</td> </tr> <tr> <td align="left">MI.FallbackTarget</td> <td align="left">RFC 8804</td> </tr> </tbody> </table> <section anchor="IANA.payload.RedirectTarget"title="CDNInumbered="true" toc="default"> <name>CDNI FCI RedirectTarget PayloadType"> <t>Purpose: TheType</name> <dl newline="false" spacing="normal"> <dt>Purpose:</dt><dd>The purpose of this payload type is to distinguishRedirectTargetFCIobjects</t> <t>Interface: FCI</t> <t>Encoding: see <xref target="redirect-target-capability-properties"/></t>advertisement objects for redirect target.</dd> <dt>Interface:</dt><dd>FCI</dd> <dt>Encoding:</dt><dd>See <xref target="redirect-target-capability-properties" format="default"/>.</dd> </dl> </section> <section anchor="IANA.payload.FallbackTarget"title="CDNInumbered="true" toc="default"> <name>CDNI MI FallbackTarget PayloadType"> <t>Purpose: TheType</name> <dl newline="false" spacing="normal"> <dt>Purpose:</dt><dd>The purpose of this payload type is to distinguish FallbackTarget MI objects (and any associated capabilityadvertisement)</t> <t>Interface: MI/FCI</t> <t>Encoding: see <xref target="fallback-target-metadata-properties"/></t>advertisement).</dd> <dt>Interface:</dt><dd>MI/FCI</dd> <dt>Encoding:</dt><dd>See <xref target="fallback-target-metadata-properties" format="default"/>.</dd> </dl> </section> </section> </section> <section anchor="Security"title="Security Considerations">numbered="true" toc="default"> <name>Security Considerations</name> <t>This specificationis in accordance withdefines extensions to the CDNI Metadata Interface (MI) and theCDNI Request Routing:Footprintand& CapabilitiesSemantics.Advertisement interface (FCI). As such, it is subject to the security and privacy considerationsasdefined inSection 8 of<xreftarget="RFC8006"/>target="RFC8006" sectionFormat="of" section="8"/> and inSection 7 of<xreftarget="RFC8008"/> respectively. </t>target="RFC8008" sectionFormat="of" section="7"/>, respectively.</t> <section anchor="Privacy"title="Confidentialitynumbered="true" toc="default"> <name>Confidentiality andPrivacy">Privacy</name> <t>The Redirect TargetFCIcapability object potentially reveals information about the internal structure of the dCDN network. A third party could intercept the FCI transactions and use the information to attack the dCDN. The same is also true for the Fallback TargetMetadata objectgeneric metadata object, as it may reveal information about the internal structure of the uCDN, exposing it to external exploits. Implementations of the FCI and MIMUST<bcp14>MUST</bcp14> therefore use strong authentication and encryption and strictly follow the directions for securing the interface as defined for the Metadata Interface inSection 8.3 of<xreftarget="RFC8006"/>. </t> </section>target="RFC8006" sectionFormat="of" section="8.3"/>.</t> </section><section anchor="Acknowledgements" title="Acknowledgements"> <t>The authors thank Nir B. Sopher for reality checks against production use cases, his contribution is significant to this document. The authors also thank Ben Niven-Jenkins for his review and feedback and Kevin J. Ma for his guidance throughout the development of this document including his regular reviews.</t></section> </middle> <back><references title="Normative References"> <?rfc include="reference.RFC.1034" ?> <?rfc include="reference.RFC.2119" ?> <?rfc include="reference.RFC.3986" ?> <?rfc include="reference.RFC.6707" ?> <?rfc include="reference.RFC.7231" ?> <?rfc include="reference.RFC.7336" ?> <?rfc include="reference.RFC.7975" ?> <?rfc include="reference.RFC.8006" ?> <?rfc include="reference.RFC.8007" ?> <?rfc include="reference.RFC.8008" ?> <?rfc include="reference.RFC.8174" ?><references> <name>References</name> <references> <name>Normative References</name> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.1034.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2119.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.3986.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.6707.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7231.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7336.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7975.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8006.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8007.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8008.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8174.xml"/> </references><references title="Informative References"> <?rfc include="reference.RFC.7736" ?> <?rfc include="reference.RFC.7871" ?><references> <name>Informative References</name> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7736.xml"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7871.xml"/> <reference anchor="SVA" target="https://www.streamingvideoalliance.org"> <front> <title>Streaming VideoAlliance Home Page</title>Alliance</title> <author/><date/></front> </reference> <reference anchor="OCWG" target="https://www.streamingvideoalliance.org/technical-groups/open-caching/"> <front> <title>OpenCaching Home Page</title> <author/> <date/>Caching</title> <author><organization>Streaming Video Alliance</organization> </author> </front> </reference> <reference anchor="OC-RR" target="https://www.streamingvideoalliance.org/books/open-cache-request-routing-functional-specification/"> <front> <title> OpenCaching -Cache Request Routing Functional Specification </title> <seriesInfo name="Version" value="1.1"/> <author initials="O." surname="Finkelman" fullname="Ori Finkelman" role="editor"> <organization>Qwilt</organization> </author> <author initials="J." surname="Hofmann" fullname="Jason Hofmann"> <organization>Limelight Networks</organization> </author> <author initials="E." surname="Klein" fullname="Eric Klein"> <organization>Disney Streaming Services</organization> </author> <author initials="S." surname="Mishra" fullname="Sanjay Mishra"> <organization>Verizon</organization> </author> <author initials="K." surname="Ma" fullname="Kevin J. Ma"> <organization>Disney Streaming Services</organization> </author> <author initials="D." surname="Sahar" fullname="Dan Sahar"> <organization>Qwilt</organization> </author> <author initials="B." surname="Zurat" fullname="Bill Zurat"> <organization>Disney Streaming Services</organization> </author> <dateday="4" month="October" year="2019"/>month="November" year="2016"/> </front><seriesInfo name="Version" value="1.1"/></reference> </references> </references> <section anchor="Acknowledgements" numbered="false" toc="default"> <name>Acknowledgements</name> <t>The authors thank <contact fullname="Nir B. Sopher"/> for reality checks against production use cases; his contribution is significant to this document. The authors also thank <contact fullname="Ben Niven-Jenkins"/> for his review and feedback and <contact fullname="Kevin J. Ma"/> for his guidance throughout the development of this document, including his regular reviews.</t> </section> </back> </rfc>