INTERNET-DRAFT TS Choi Intended Status: Standards Track ETRI Expires: April 24, 2013 YI Seo DJ Kim KT JM Lee SKT JR Koo LGU+ JDH Shinn Solbox Inc. KS Park KAIST October 21, 2012 CDNi Request Routing Redirection with Loop Prevention draft-choi-cdni-req-routing-redir-loop-prevention-01 Abstract This document describes request routing redirection procedures, loop prevention mechanisms, and other operational considerations which are associated with redirection. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on December 29, 2012. Copyright Notice Copyright (c) 2012 IETF Trust and the persons identified as the document authors. All rights reserved. TS Choi et al. Expires April 24, 2013 [Page 1] INTERNET DRAFT Req. Routing Redirection Loop PreventionOctober 21, 2012 This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Table of Contents 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1 Terminology . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Redirection Procedures . . . . . . . . . . . . . . . . . . . . 3 2.1. Preliminaries . . . . . . . . . . . . . . . . . . . . . . 3 2.2. Iterative Redirection Procedures . . . . . . . . . . . . . 4 2.2.1. HTTP-based Redirection . . . . . . . . . . . . . . . . 4 2.2.2. DNS-based Redirection . . . . . . . . . . . . . . . . 8 2.3. Recursive Redirection Procedures . . . . . . . . . . . . . 10 2.3.1. HTTP-based Redirection . . . . . . . . . . . . . . . . 10 2.3.2. DNS-based Redirection . . . . . . . . . . . . . . . . 14 3. Redirection Loop Prevention . . . . . . . . . . . . . . . . . 17 4. Redirection Operational Considerations . . . . . . . . . . . . 18 5 Security Considerations . . . . . . . . . . . . . . . . . . . . 19 6 IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 19 7 References . . . . . . . . . . . . . . . . . . . . . . . . . . 19 7.1 Normative References . . . . . . . . . . . . . . . . . . . 19 7.2 Informative References . . . . . . . . . . . . . . . . . . 19 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 19 TS Choi et al. Expires April 24, 2013 [Page 2] INTERNET DRAFT Req. Routing Redirection Loop PreventionOctober 21, 2012 1 Introduction According to the CDNi generic and request routing interface requirements[I-D.ietf-cdni-requirements], the CDNi solution shall support iterative and recursive CDNi request routing, efficient request routing for small and large objects, arbitrary number of levels of cascaded CDN redirection, looping prevention of any CDN request routing redirection, and subsequently allowing the request routing redirection. To meet such requirements, this document describes request routing redirection procedures, loop prevention mechanisms, and other operational considerations that are associated with redirection. 1.1 Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. 2. Redirection Procedures 2.1. Preliminaries To meet the requirements of request routing redirection, we define the term "CDN-Provider-ID". It uniquely identifies each CDN provider during the course of request routing redirection. It consists of "CDN provider name" and "MaxNumRedHops". A pair of an AS number and an additional qualifier is used for CDN provider name. Since more than one CDN providers can belong to the same AS, an additional qualifier is used to guarantee the uniqueness. MaxNumRedHops represents a maximum allowed redirections. The value is decreased once every redirection occurs until it reaches 0. To avoid its usage abuse (e.g., end user or CDN operator can set huge number like 100 or above), a reasonable upper bound has to be agreed among CDN providers. Security aspect of it is for further study. A few examples of the CDN provider names are 100:0 and 200:1. The former means that a CDN provider belong to AS 100 and it is the only CDN provider within that AS. The latter represents the first CDN provider in the AS 200. There are other CDN providers in the same AS. One example of CDN-Provider-ID is "CDN-Provider-Name=100:0 & MaxNumRedHops=10", which means that a CDN provider that belong to AS number 100 and it is the only CDN provider and a maximum allowed redirection is 10. An example how a list of CDN-Provider-IDs can be carried in the URI query string when a certain cascaded request TS Choi et al. Expires April 24, 2013 [Page 3] INTERNET DRAFT Req. Routing Redirection Loop PreventionOctober 21, 2012 routing redirection occurs is the following. We assume that redirection is cascaded three times: uCDN -> dCDN1 -> dCDN2. dCDN1, then, carries the following URL, "http://cdn.csp.com?uCDN-Provider- ID=100:0&dCDN1-Provider-ID=200:1&MaxNumRedHops=9". Note that MaxNumbRedHops carries the latest number instead of adding in every CDN-Provider-ID to save the space in URI query string. It is applicable for both HTTP-based and DNS redirections. For HTTP- based redirection, we define a HTTP request routing redirection header "CDN-Provider-ID". For each step of redirection, it is attached to the beginning of the provider domain URL. For example, uCDN initiates a redirection with its URL, http://100:0:10.cdn.csp.com. dCDN further attaches its own CDN- Provider-ID in the front when another level of redirection is required. For DNS-based redirection, the CDN-Provider-ID can be attached in the DNS CNAME. Since there is a CDNi requirement to support of arbitrary topology of interconnected CDNs, this document assumes that the redirection procedures and loop prevention mechanisms must also support arbitrary topology. 2.2. Iterative Redirection Procedures 2.2.1. HTTP-based Redirection In this section, we describe an iterative procedure of HTTP-based request routing redirection with loop prevention. End-User dCDNn dCDNn-1 dCDN1 uCDN |DNS cdn.csp.com | | | | |------------------------------------------------------->| | | | | |(1) |IPaddr of uCDN's Request Router | | | |<-------------------------------------------------------| |HTTP cdn.csp.com | | } | |------------------------------------------------------->| | | | | |(2) |302 peer-uCDN.dCDN1.net/cdn.csp.com?uCDN-Provider-ID | |<-------------------------------------------------------| |DNS peer-uCDN.dCDN1.net | | | |-------------------------------------------->| | | | | |(3) | |IPaddr of dCDN1's Request Router| | | |<--------------------------------------------| | | | | | | |HTTP peer-uCDN.dCDN1.net/cdn.csp.com?uCDN-Provider-ID | TS Choi et al. Expires April 24, 2013 [Page 4] INTERNET DRAFT Req. Routing Redirection Loop PreventionOctober 21, 2012 |-------------------------------------------->| | | | | |(4) | |302 peer-dCDN1.dCDN2.net/cdn.csp.com?dCDN1-Provider-ID | |<--------------------------------------------| | | | | | | | | ....... |(5) | | | | | | |302 peer-dCDNn-1.dCDNn.net/cdn.csp.com?dCDNn-1-Provider-ID |<-------------------------------| | | | | | | | |DNS peer-dCDNn-1.dCDNn.net | | | |------------------------------->| | | | | |(6) | | |IPaddr of dCDNn's Request Router| | | |<-------------------------------| | | | | | | | |HTTP peer-dCDNn-1.dCDNn.net/cdn.csp.com | | |------------------------------->| | | | | |(7) | | |302 node1.peer-dCDNn-1.dCDNn.net/cdn.csp.com | | |<-------------------------------| | | | | | | | |DNS node1.peer-dCDNn-1.dCDNn.net| | | |------------------>| | | | | | |(8) | | |IPaddr of dCDNn's Delivery Node } | | |<------------------| | | | | | | | | |HTTP node1.peer-dCDNn-1.dCDNn.net/cdn.csp.com| | |------------------>| | | | | |(9) | | | | |DNS dCDNn-acq.dCDNn-1.net| | | |----------->| | | | | |(10) | | | |IPaddr of dCDNn-1's Request Router | | |<-----------| | | | |HTTP dCDNn-acq.dCDNn-1.net?dCDNn-Provider-ID | |----------->| | | | | |(11) | | | | | ....... | | | | | | | | |HTTP dCDN1-acq.uCDN.net?dCDN1-Provider-ID | | | |--------->| | | | | |(12) | | |302 node2.dCDN1.acq.uCDN.net | | | |<---------| | | |DNS node2.dCDN1-acq.uCDN.net | | | |--------->| TS Choi et al. Expires April 24, 2013 [Page 5] INTERNET DRAFT Req. Routing Redirection Loop PreventionOctober 21, 2012 | | | | |(13) | | |IPaddr of uCDN's Delivery Node | | | |<---------| | | | | |(14) | | | | Data | | | | |<---------| | | | ....... | | |Data | | | | |<------------------| | | | Figure 1: HTTP-based request routing redirection iterative procedure The steps illustrated in the figure are as follows: 1. A DNS resolver for uCDN provider processes the DNS request for its customer based on CDN-domain cdn.csp.com. It returns the IP address of a request router in uCDN provider. 2. A Request Router for uCDN provider processes the HTTP request and recognizes that the end-user is best served by dCDN1. So it returns a 302 redirect message for a new URL constructed by "stacking" dCDN1's distinguished CDN-domain (peer- uCDN.dCDN1.net) on the front of the original URL. It also adds uCDN's CDN-Provider-ID in the URI query string of the HTTP request message. (e.g., uCDN-Provider-ID=100:0 & MaxNumRedHops=10). This information is not processed by the customer but conveyed in the HTTP message without any modification of the step 4. The details on how it is used for loop prevention is described in the step 4. 3. The end-user does a DNS lookup using dCDN1's distinguished CDN-domain (peer-uCDN.dCDN1.net). dCDN1's DNS resolver returns the IP address of a request router for dCDN1. 4. The request router for dCDN1 processes the HTTP request. There are two options: redirect further to another dCDN (i.e., cascading the request) or process it by itself. In either cases, it performs loop prevention step first. It checks a list of CDN-provider-IDs in the URI query string: it contains a list of CDN providers which requested redirections so far. If either it contains own CDN provider name or MaxNumRedHops becomes 0, it means that the redirection loop has occurred or the number of redirection hops has reached the maximum. Once loop is detected, details on the next steps is described in the section 3. If it is loop free, it either redirects further or processes based on the local policy. For the former, it selects another dCDN provider and and sends an HTTP redirect message with its own CDN-Provider-ID included in its URI query string (e.g., TS Choi et al. Expires April 24, 2013 [Page 6] INTERNET DRAFT Req. Routing Redirection Loop PreventionOctober 21, 2012 uCDN-Provider-ID=100:0 & dCDN1-Provider-ID=200:1 & MaxNumRedHops=9) attached. For the latter, it selects a suitable delivery node to serve the end-user request, and returns a 302 redirect message for a new URL constructed by replacing the hostname by a subdomain of the dCDN1's distinguished CDN-domain that points to the selected delivery node. Then it goes to the step 6. 5. If further redirection is decided, it repeats steps 2 - 4 until it either selects dCDN provider to serve the request or MaxNumRedHops expires. If the former occurs, it resumes the step 6. If the latter occurs, it follows the processes described in the section 3. 6. Assuming that dCDNn is selected as a serving dCDN provider, the end-user does a DNS lookup using dCDNn's distinguished CDN-domain (peer-dCDNn-1.dCDNn.net). dCDNn-1's DNS resolver returns the IP address of a request router for dCDNn. 7. The request router for dCDN1 processes the HTTP request and selects a suitable delivery node to serve the end-user request, and returns a 302 redirect message for a new URL constructed by replacing the hostname by a subdomain of the dCDNn's distinguished CDN-domain that points to the selected delivery node. 8. The end-user does a DNS lookup using dCDNn's delivery node subdomain (node1.peer-dCDNn-1.dCDNn.net). dCDNn's DNS resolver returns the IP address of the delivery node. 9. The end-user requests the content from dCDNn's delivery node. In the case of a cache hit, steps 10 ~ 14 below do not happen, and the content data is directly returned by the delivery node to the end-user. In the case of a cache miss, the content needs to be acquired by dCDN from either parent dCDN or uCDN (not the CSP). The distinguished CDN-domain peer-dCDNn-1.dCDNn.net indicates that this content is to be acquired from dCDNn-1; stripping the CDN-domain reveals the original CDN-domain cdn.csp.com and dCDNn may verify that this CDN-domain belongs to a known peer (so as to avoid being tricked into serving as an open proxy). It then does a DNS request for an inter-CDN acquisition CDN-domain as agreed above (in this case, dCDNn- acq.dCDNn-1.net). This process repeats recursively until it finds a CDN provider that can serve the requested content. 10. dCDNn-1's DNS resolver processes the DNS request and returns the IP address of a request router in dCDNn-1. TS Choi et al. Expires April 24, 2013 [Page 7] INTERNET DRAFT Req. Routing Redirection Loop PreventionOctober 21, 2012 11. The request router for dCDNn-1 processes the HTTP request from dCDNn's delivery node. dCDNn-1 request router recognizes that the request is from a peer CDN rather than an end-user because of the dedicated inter-CDN acquisition domain (dCDNn-acq.dCDNn-1.net). It also performs loop prevention process as described in step 4 based on the provided CDN- Provider-ID (e.g., uCDN-Provider-ID=100:0 & dCDN1-Provider- ID=200:1 & ... & dCDNn-Provider-ID=1000:0 & MaxNumRedHops=1). Depending on the number of levels of redirection and availability of contents, the same process repeats until either content serving CDN provider is found or MaxNumRedHps expires. 12. Assuming that all intermediate dCDNs also have a cache miss, The request router for uCDN selects a suitable delivery node to serve the inter-CDN acquisition request and returns a 302 redirect message for a new URL constructed by replacing the hostname by a subdomain of the uCDN's distinguished inter-CDN acquisition domain that points to the selected delivery node. 13. uCDN DNS resolver processes the DNS request and returns the IP address of the delivery node in uCDN. 14. uCDN serves content for the requested CDN-domain to dCDN and finally to end-user. Although not shown, it is at this point that uCDN processes the rest of the URL: it extracts information identifying the origin server, validates that this server has been registered, and determines the content provider that owns the origin server. It may also perform its own content acquisition steps if needed before returning the content to dCDN. 2.2.2. DNS-based Redirection In this section, we describe an iterative procedure of DNS-based request routing redirection with loop prevention. TS Choi et al. Expires April 24, 2013 [Page 8] INTERNET DRAFT Req. Routing Redirection Loop PreventionOctober 21, 2012 End-User dCDNn dCDNn-1 dCDN1 uCDN |DNS cdn.csp.com | | | | |------------------------------------------------------->| | | | | | |CNAME uCDNProviderID.dCDN1.cdn.csp.com | |(1) |NS records for dCDN1.cdn.csp.com| | | |<-------------------------------------------------------| |DNS dCDN1.cdn.csp.com | | | |-------------------------------------------->| | | | | | | | | ....... |(2) | | | | | | |CNAME dCDN1.cdn.csp.com | | | |NS records for dCDN1.cdn.csp.com| | | |<-------------------------------| | | |DNS dCDNn.cdn.csp.com | | | |------------------>| | | | | | |(3) | | |IPaddr of dCDNn's Delivery Node } | | |<------------------| | | | | | | | | |HTTP cdn.csp.com | | | | |------------------>| | | | | |(4) | | | | |DNS dCDNn-acq.dCDNn-1.net| | | |----------->| | | | | | | | | | | ....... |(5) | | | | | | | |DNS dCDN1 ProviderID.dCDN1-acq.uCDN.net | | | |--------->| | | | | |(6) | | |IPaddr of uCDN's Delivery Node | | | |<---------| | | | | |(7) | | | | Data | | | | |<---------| | | | ....... | | |Data | | | | |<------------------| | | | Figure 2: DNS-based request routing redirection iterative procedure The steps illustrated in the figure are as follows: 1. Request Router for uCDN provider processes the DNS request for CDN- domain cdn.csp.com and recognizes that the end-user is best TS Choi et al. Expires April 24, 2013 [Page 9] INTERNET DRAFT Req. Routing Redirection Loop PreventionOctober 21, 2012 served by another CDN. (This may depend on the IP address of the user's local DNS resolver, or other information discussed below.) The Request Router returns a DNS CNAME response by "stacking" the distinguished identifier for dCDN1 and uCDN's CDN-Provider-ID (e.g., 100:0.10) onto the original CDN-domain (e.g., dCDN1.cdn.csp.com), plus an NS record that maps dCDN1.cdn.csp.com to dCDN1's Request Router. 2. The end-user does a DNS lookup using the modified CDN-domain (i.e., dCDN1.cdn.csp.com). dCDN1 Request Router processes the request and decides to serve the request or redirect further to another CDN provider. It also checks redirection loop. This process iterates until either serving dCDN is selected or MaxNumRedHops expires. In this case, dCDNn is selected as a serving dCDN. If the former occurs, it proceeds to step 3. If the latter occurs, it follows the processes described in the section 3. 3. The end-user does a DNS lookup using the modified CDN-domain (i.e., dCDN1.cdn.csp.com). This causes dCDNn's request router returns an IP address of a suitable delivery node. 4. The end-user requests the content from dCDNn's delivery node. In the case of a cache hit, steps 5 ~ 7 do not happen, and the content data is directly returned by the delivery node to the end-user. In the case of a cache miss, the content needs to be acquired by dCDNn from either parent dCDN or uCDN (not the CSP). It also performs loop prevention process as described in the step 2 based on the provided CDN-Provider-ID (e.g., 100:0.200:1.....900:0.1) 5. Depending on the number of levels of redirection and availability of contents, the same process repeats until either content serving CDN provider is found or MaxNumRedHps expires. 6. Assuming that all intermediate dCDNs also miss cache, uCDN is selected as a content delivery CDN provider. Thus, the request router for uCDN selects a suitable delivery node to serve the inter-CDN acquisition request and returns IP address of the suitable uCDN delivery node. 7. uCDN serves content to dCDN1 and further down to end-user. Although not shown, it is at this point that uCDN processes the rest of the URL: it extracts information identifying the origin server, validates that this server has been registered, and determines the content provider that owns the origin server. 2.3. Recursive Redirection Procedures TS Choi et al. Expires April 24, 2013 [Page 10] INTERNET DRAFT Req. Routing Redirection Loop PreventionOctober 21, 2012 2.3.1. HTTP-based Redirection In this section, we describe an recursive procedure of HTTP-based request routing redirection with loop prevention. End-User dCDNn dCDNn-1 dCDN1 uCDN |DNS cdn.csp.com | | | | |------------------------------------------------------->| | | | | |(1) |IPaddr of uCDN's Request Router | | | |<-------------------------------------------------------| |HTTP cdn.csp.com | | } | |------------------------------------------------------->| | | | | | | RRI REQ cdn.csp.com | | | | |<---------| | | ....... | | | |<-----------| | | | RRI RESP node1.dCDNn.net |(2) | | |----------->| | | | | ....... | | | RRI RESP node1.dCDNn.net | | | | |--------->| | | | | | |302 node1.dCDNn.net/cdn.csp.com | | | |<-------------------------------------------------------|(3) | | | | | |DNS node1.dCDNn.net| | | | |------------------>| | | | | |(4) | | | |IPaddr of dCDNn's Delivery Node } | | |<------------------| | | | | | | | | |HTTP node1.dCDNn.net/cdn.csp.com| | | |------------------>| | | | | |(5) | | | | |DNS dCDNn-acq.dCDNn-1.net| | | |----------->| | | | | |(6) | | | |IPaddr of dCDNn-1's Request Router | | |<-----------| | | | |HTTP dCDNn-acq.dCDNn-1.net?dCDNn ProviderID | |----------->| | | | | | | | | | | ....... |(7) | | | | | | | |HTTP dCDN1-acq.uCDN.net?dCDN1 ProviderID | | | |--------->| TS Choi et al. Expires April 24, 2013 [Page 11] INTERNET DRAFT Req. Routing Redirection Loop PreventionOctober 21, 2012 | | | | |(8) | | |302 node2.dCDN1.acq.uCDN.net | | | |<---------| | | |DNS node2.op-b-acq.op-a.net | | | |--------->| | | | | |(9) | | |IPaddr of uCDN's Delivery Node | | | |<---------| | | | | |(10) | | | | Data | | | | |<---------| | | | ....... | | |Data | | | | |<------------------| | | | Figure 3: HTTP-based request routing redirection recursive procedure The steps illustrated in the figure are as follows: 1. A DNS resolver for uCDN provider processes the DNS request for its customer based on CDN-domain cdn.csp.com. It returns the IP address of a request router in uCDN provider. 2. A Request Router for uCDN provider processes the HTTP request and recognizes that the end-user is best served by dCDN1. So it queries the CDNI Request Routing interface of dCDN1 providing a set of information about the request including the URL requested. It also provides uCDN's CDN-Provider-ID (e.g., uCDN- Provider-ID=100:0 & MaxNumRedHops=10) for loop prevention process. It contains a list of CDN providers that have requested redirections so far. If either it contains its own CDN provider name or MaxNumRedHops becomes 0, it means that the redirection loop has occurred or it has reached the maximum number of allowed number of redirection hops. Once loop is detected, details on the next steps are described in the section 3. If it is loop free, dCDN1 then either replies with the DNS name of a delivery node or redirect to another dCDN. Such cascading redirection can continue until a serving dCDN is decided. The RRI RESP can be sent in the reverse order of cascaded redirection or directly to the redirection origin CDN provider if contact information is known. The contact information can be embedded in the RRI REQ message or pre- configured during bootstrapping process. The default behavior is recursive RESP. 3. uCDN returns a 302 redirect message for a new URL obtained from TS Choi et al. Expires April 24, 2013 [Page 12] INTERNET DRAFT Req. Routing Redirection Loop PreventionOctober 21, 2012 the Request Routing Interface. 4. The end-user does a DNS lookup using the host name of the URL just provided (node1.dCDNn.net). dCDNn's DNS resolver returns the IP address of the corresponding delivery node. Note that, since the name of the delivery node was already obtained from dCDNn using the CDNI Request Routing Interface, there should not be any further redirection here (in contrast to the iterative method described above.) 4. The request router for dCDN1 processes the HTTP request. There are two options: redirect further to another dCDN (i.e., cascading the request) or process it by itself. In either cases, it performs loop prevention step first. If it is loop free, it either redirect further or processes based on the local policy. For the former, it selects another dCDN provider and and sends HTTP redirect message with it own CDN-Provider-ID (e.g., uCDN-Provider-ID=100:0 & dCDN1-Provider-ID=200:1 & MaxNumRedHops=9) attached. For the latter, it selects a suitable delivery node to serve the end-user request, and returns a 302 redirect message for a new URL constructed by replacing the hostname by a subdomain of the dCDN1's distinguished CDN-domain that points to the selected delivery node. Then it goes to step 6. 5. The end-user requests the content from dCDNn's delivery node. In the case of a cache hit, steps 6 ~ 10 below do not happen, and the content data is directly returned by the delivery node to the end-user. In the case of a cache miss, the content needs to be acquired by dCDN from either parent dCDN or uCDN (not the CSP). The distinguished CDN-domain dCDNn.net indicates that this content is to be acquired from dCDNn-1; stripping the CDN-domain reveals the original CDN-domain cdn.csp.com and dCDNn may verify that this CDN-domain belongs to a known peer (so as to avoid being tricked into serving as an open proxy). It then does a DNS request for an inter-CDN acquisition CDN-domain as agreed above (in this case, dCDNn-acq.dCDNn-1.net). This process repeats recursively until it finds CDN provider that can serve the requested content. 6. dCDNn-1's DNS resolver processes the DNS request and returns the IP address of a request router in dCDNn-1. 7. The request router for dCDNn-1 processes the HTTP request from dCDNn's delivery node. dCDNn-1 request router recognizes that the request is from a peer CDN rather than an end-user because of the dedicated inter-CDN acquisition domain TS Choi et al. Expires April 24, 2013 [Page 13] INTERNET DRAFT Req. Routing Redirection Loop PreventionOctober 21, 2012 (dCDNn-acq.dCDNn-1.net). It also performs loop prevention process as described in the step 2 based on the provided CDN- Provider-ID (e.g., uCDN-Provider-ID=100:0 & dCDN1-Provider- ID=200:1 & ... & dCDNn-1-Provider-ID=900:0 & MaxNumRedHops=1). Depending on the number of levels of redirection and availability of contents, the same process repeats until either content serving CDN provider is found or MaxNumRedHps expires. 8. Assuming that all intermediate dCDNs also have a cache miss, The request router for uCDN selects a suitable delivery node to serve the inter-CDN acquisition request and returns a 302 redirect message for a new URL constructed by replacing the hostname by a subdomain of the uCDN's distinguished inter-CDN acquisition domain that points to the selected delivery node. 9. uCDN DNS resolver processes the DNS request and returns the IP address of the delivery node in uCDN. 10. uCDN serves content for the requested CDN-domain to dCDN and finally to end-user. Although not shown, it is at this point that uCDN processes the rest of the URL: it extracts information identifying the origin server, validates that this server has been registered, and determines the content provider that owns the origin server. It may also perform its own content acquisition steps if needed before returning the content to dCDN. 2.3.2. DNS-based Redirection In this section, we describe an recursive procedure of DNS-based request routing redirection with loop prevention. TS Choi et al. Expires April 24, 2013 [Page 14] INTERNET DRAFT Req. Routing Redirection Loop PreventionOctober 21, 2012 End-User dCDNn dCDNn-1 dCDN1 uCDN |DNS cdn.csp.com | | | | |------------------------------------------------------->| | | | | |(1) | RRI REQ cdn.csp.com | | | | |<---------| | | ....... | | | |<-----------| | | | RRI RESP node1.dCDNn.net | | | |----------->| | | | | ....... | | | RRI RESP node1.dCDNn.net | | | | |--------->| | | | | | |CNAME dCDNn.cdn.csp.com | | | |NS records for dCDNn.cdn.csp.com| | |(2) |<-------------------------------------------------------| | | | | | |DNS dCDNn.cdn.csp.com | | | |------------------>| | | | | |(3) | | | |IPaddr of dCDNn's Delivery Node } | | |<------------------| | | | | | | | | |HTTP cdn.csp.com | | | | |------------------>| | | | | |(4) | | | | |DNS dCDNn-acq.dCDNn-1.net| | | |----------->| | | | | | | | | | | ....... |(5) | | | | | | | |DNS dCDN1 ProviderID.dCDN1-acq.uCDN.net | | | |--------->| | | | | |(6) | | |IPaddr of uCDN's Delivery Node | | | |<---------| | | | | |(7) | | | | Data | | | | |<---------| | | | ....... | | |Data | | | | |<------------------| | | | Figure 4: DNS-based request routing redirection recursive procedure The steps illustrated in the figure are as follows: TS Choi et al. Expires April 24, 2013 [Page 15] INTERNET DRAFT Req. Routing Redirection Loop PreventionOctober 21, 2012 1. Request Router for uCDN provider processes the DNS request for CDN-domain cdn.csp.com and recognizes that the end-user is best served by dCDN1. So it queries the CDNI Request Routing Interface of dCDN1 providing a set of information about the request including the URL requested. It also provides uCDN's CDN-Provider-ID (e.g., uCDN-Provider-ID=100:0 & MaxNumRedHops=10) for loop prevention process. It checks CDN-Provider-ID. If either it contains own CDN provider name or MaxNumRedHops becomes 0, it means that the redirection loop is occurred. Once loop is detected, details on the next steps are described in the section 3. If it is loop-free, dCDN1 then either replies with the DNS name of a delivery node or redirect to another dCDN. Such cascaded redirection can continue until a serving dCDN is decided. The RRI RESP can be sent in the reverse order of cascaded redirection or directly to the redirection origin CDN provider if contact information is known. The contact information can be embedded in the RRI REQ message or pre- configured during bootstrapping process. The default behavior is recursive RESP In this case, dCDNn is selected as a serving dCDN. 2. The Request Router returns a DNS CNAME response by "stacking" the distinguished identifier for dCDNn and uCDN's CDN-Provider-ID onto the original CDN-domain (e.g., dCDN1.cdn.csp.com), plus an NS record that maps dCDN1.cdn.csp.com to dCDN1's Request Router. 3. The end-user does a DNS lookup using the modified CDN-domain (i.e., dCDN1.cdn.csp.com). This causes dCDNn's request router returns an IP address of a suitable delivery node. 4. The end-user requests the content from dCDNn's delivery node. In the case of a cache hit, steps 5 ~ 7 do not happen, and the content data is directly returned by the delivery node to the end-user. In the case of a cache miss, the content needs to be acquired by dCDNn from either parent dCDN or uCDN (not the CSP). It also performs loop prevention process as described in the step 2 based on the provided CDN-Provider-ID (e.g., uCDN-Provider- ID=100:0 & dCDN1-Provider-ID=200:1 & ... & dCDNn-1-Provider- ID=900:1 & MaxNumRedHops=1). 5. Depending on the number of levels of redirection and availability of contents, the same process repeats until either content serving CDN provider is found or MaxNumRedHps expires. 6. Assuming that all intermediate dCDNs also miss cache, uCDN is selected as a content delivery CDN provider. Thus, the request router for uCDN selects a suitable delivery node to serve the inter-CDN acquisition request and returns IP address of the suitable uCDN delivery node. TS Choi et al. Expires April 24, 2013 [Page 16] INTERNET DRAFT Req. Routing Redirection Loop PreventionOctober 21, 2012 7. uCDN serves content to dCDN1 and further down to end-user. Although not shown, it is at this point that uCDN processes the rest of the URL: it extracts information identifying the origin server, validates that this server has been registered, and determines the content provider that owns the origin server. 3. Redirection Loop Prevention According to the CDNi generic and request routing interface requirements, the CDNi solution shall support loop prevention of any CDN request routing redirection and subsequently allowing the request routing redirection. To meet such requirements, this section describes request routing redirection loop prevention mechanisms. Loop prevention mechanism should support both detection of the loop and post processing after loop detection. Also loop prevention should be applicable for the process of redirection CDN provider selection and inter CDN content acquisition. This document specifies loop prevention mechanisms based on CDN- Provider-ID. Framework document [I-D.ietf-cdni-framework] recommends using distinguished acquisition domain for loop detection. It has some drawbacks such as overheads caused by length and processing time of domain name stacking in the case of cascading redirection This document defines more general solution which can be applicable in both HTTP-based and DNS-based redirections. CDN-Provider-ID which is described in details in the section 2.1 is our proposed solution. Unlike distinguished domain name which is proposed in the framework, it is simple, unique, and efficient. Post-processing after loop detection is also as important as its detection. The most strict option is to deny the service when the loop is detected. This option should the last resort when other alternatives are not available. The simplest choice is the CDN provider which detected the loop provide the service by itself although the service quality may not be optimal. If it is not possible, it requests its parent. If the parent can provide the service, it does so. If not, it further checks with other dCDN providers at the peer level or downstream until it finds available one. If it all fails its attempts at the its parent, peer, and children, it checks with uCDN. If note is available, it finally rejects the service. 4. Redirection Operational Considerations For efficient request routing redirection, various operational considerations need to be addressed. In the framework document, for the redirection selection criteria, CDNi uses end-user's IP address prefix. However, in real CDN service environments, there are various TS Choi et al. Expires April 24, 2013 [Page 17] INTERNET DRAFT Req. Routing Redirection Loop PreventionOctober 21, 2012 other reasons such as service availability, QoS requirements, resource faults, etc. Both Routing Request Interface and redirection request should allow exchange of such information. The type and details of information that can be exchanged among CDN providers for the efficient redirection has to be considered together with footprint/capability advertisement. The details are for further study. Performance feasibility of request routing redirection and loop prevention should be addressed. The requirements may vary depending on the CDN service types (e.g., CDN for small and/or large object). Also granularity of redirection within or between contents should be considered. It is for further study, too. TS Choi et al. Expires April 24, 2013 [Page 18] INTERNET DRAFT Req. Routing Redirection Loop PreventionOctober 21, 2012 5 Security Considerations 6 IANA Considerations 7 References 7.1 Normative References [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [I-D.davie-cdni-framework] Peterson, L. and B. Davie, "Framework for CDN Interconnection", April 2012. [I-D.ietf-cdni-requirements] Leung, K. and Y. Lee, "Content Distribution Network Interconnection (CDNI) Requirements", December 2011. 7.2 Informative References [I-D.ietf-cdni-problem-statement] Niven-Jenkins, B., Faucheur, F., and N. Bitar, "Content Distribution Network Interconnection (CDNI) Problem Statement", May 2012. [I-D.ietf-cdni-use-cases] Bertrand, G., Stephan, E., Burbridge, T., Eardley, P., Ma, K., and G. Watson, "Use Cases for Content Delivery Network Interconnection", June 2012. Authors' Addresses Taesang Choi ETRI 161 Gajong-Dong Yusong-Gu, Daejeon Republic of Korea Phone: +82-42-860-5628 Email: choits@etri.re.kr Young-IL Seo KT Network R&D Laboratory TS Choi et al. Expires April 24, 2013 [Page 19] INTERNET DRAFT Req. Routing Redirection Loop PreventionOctober 21, 2012 463-1, Jeonmoin-dong, Yuseong-gu, Daejeon Republic of Korea Phone: 82-10-3235-0135 Email: yohan.seo@kt.com Dong-Ju Kim KT Network R&D Laboratory 463-1, Jeonmoin-dong, Yuseong-gu, Daejeon Republic of Korea Phone: 82-10-2686-9605 Email: dj.kim@kt.com Jongmin Lee SK Telecom 11, Euljiro-2ga Jung-gu, Seoul Republic of Korea Phone: 82-10-9429-6260 Email: jminlee@sk.com Ja-Ryeong Koo LG U plus Corporation Namdaemunro 5-ga Jung-gu, Seoul Republic of Korea Phone: 82-10-8080-6115 Email: wjbkoo@lguplus.co.kr John Dongho Shinn Solbox Inc. 7F, Haesung Bldg. 747-2 Yeoksam-Dong Kangnam-Gu, Seoul Republic of Korea Phone: +82-10-3005-4785 Email: eastsky@solbox.com TS Choi et al. Expires April 24, 2013 [Page 20]