< draft-penno-alto-protocol-04.txt   draft-ietf-alto-protocol-03.txt >
ALTO WG R. Penno, Ed. ALTO WG R. Alimi, Ed.
Internet-Draft Juniper Networks Internet-Draft Yale University
Intended status: Standards Track Y. Yang, Ed. Intended status: Standards Track R. Penno, Ed.
Expires: April 29, 2010 Yale University Expires: September 9, 2010 Juniper Networks
October 26, 2009 Y. Yang, Ed.
Yale University
March 8, 2010
ALTO Protocol ALTO Protocol
draft-penno-alto-protocol-04.txt draft-ietf-alto-protocol-03.txt
Abstract
Networking applications today already have access to a great amount
of Inter-Provider network topology information. For example, views
of the Internet routing table are easily available at looking glass
servers and entirely practical to be downloaded by clients. What is
missing is knowledge of the underlying network topology from the ISP
or Content Provider (henceforth referred as Provider) point of view.
In other words, what a Provider prefers in terms of traffic
optimization -- and a way to distribute it.
The ALTO Service provides information such as preferences of network
resources with the goal of modifying network resource consumption
patterns while maintaining or improving application performance.
This document describes a protocol implementing the ALTO Service.
While such service would primarily be provided by the network (i.e.,
the ISP), content providers and third parties could also operate this
service. Applications that could use this service are those that
have a choice in connection endpoints. Examples of such applications
are peer-to-peer (P2P) and content delivery networks.
Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [1].
Status of this Memo Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
skipping to change at page 1, line 33 skipping to change at page 2, line 16
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on April 29, 2010. This Internet-Draft will expire on September 9, 2010.
Copyright Notice Copyright Notice
Copyright (c) 2009 IETF Trust and the persons identified as the Copyright (c) 2010 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents in effect on the date of Provisions Relating to IETF Documents
publication of this document (http://trustee.ietf.org/license-info). (http://trustee.ietf.org/license-info) in effect on the date of
Please review these documents carefully, as they describe your rights publication of this document. Please review these documents
and restrictions with respect to this document. carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
Abstract include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
Networking applications today already have access to a great amount described in the BSD License.
of Inter-Provider network topology information. For example, views
of the Internet routing table are easily available at looking glass
servers and entirely practical to be downloaded by clients. What is
missing is knowledge of the underlying network topology from the ISP
or Content Provider (henceforth referred as Provider) point of view.
In other words, what an Provider prefers in terms of traffic
optimization -- and a way to distribute it.
The ALTO Service provides information such as preferences of network
resources with the goal of modifying network resource consumption
patterns while maintaining or improving application performance.
This document describes a protocol implementing the ALTO Service.
While such service would primarily be provided by the network (i.e.,
the ISP), content providers and third parties could also operate this
service. Applications that could use this service are those that
have a choice in connection endpoints. Examples of such applications
are peer-to-peer (P2P) and content delivery networks.
Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [1].
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5
1.1. Background and Problem Statement . . . . . . . . . . . . . 5 1.1. Background and Problem Statement . . . . . . . . . . . . . 5
1.2. Design History and Merged Proposals . . . . . . . . . . . 5 1.2. Design History and Merged Proposals . . . . . . . . . . . 5
1.3. Solution Benefits . . . . . . . . . . . . . . . . . . . . 5 1.3. Solution Benefits . . . . . . . . . . . . . . . . . . . . 5
1.3.1. Service Providers . . . . . . . . . . . . . . . . . . 6 1.3.1. Service Providers . . . . . . . . . . . . . . . . . . 5
1.3.2. Applications . . . . . . . . . . . . . . . . . . . . . 6 1.3.2. Applications . . . . . . . . . . . . . . . . . . . . . 6
2. Architecture . . . . . . . . . . . . . . . . . . . . . . . . . 6 2. Architecture . . . . . . . . . . . . . . . . . . . . . . . . . 6
2.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 6 2.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 6
2.1.1. Endpoint Address . . . . . . . . . . . . . . . . . . . 6 2.1.1. Endpoint Address . . . . . . . . . . . . . . . . . . . 6
2.1.2. Network Location . . . . . . . . . . . . . . . . . . . 7 2.1.2. ASN . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.1.3. Network Location . . . . . . . . . . . . . . . . . . . 7
2.2. ALTO Service and Protocol Scope . . . . . . . . . . . . . 7 2.2. ALTO Service and Protocol Scope . . . . . . . . . . . . . 7
3. Protocol Structure . . . . . . . . . . . . . . . . . . . . . . 8 3. Protocol Structure . . . . . . . . . . . . . . . . . . . . . . 8
3.1. Server Capability . . . . . . . . . . . . . . . . . . . . 9 3.1. Server Capability . . . . . . . . . . . . . . . . . . . . 9
3.2. Services . . . . . . . . . . . . . . . . . . . . . . . . . 9 3.2. Services . . . . . . . . . . . . . . . . . . . . . . . . . 9
3.2.1. Map Service . . . . . . . . . . . . . . . . . . . . . 9 3.2.1. Map Service . . . . . . . . . . . . . . . . . . . . . 9
3.2.2. Map Filtering Service . . . . . . . . . . . . . . . . 10 3.2.2. Map Filtering Service . . . . . . . . . . . . . . . . 10
3.2.3. Endpoint Property Service . . . . . . . . . . . . . . 10 3.2.3. Endpoint Property Service . . . . . . . . . . . . . . 10
3.2.4. Ranking Service . . . . . . . . . . . . . . . . . . . 10 3.2.4. Endpoint Cost Service . . . . . . . . . . . . . . . . 10
4. Network Map . . . . . . . . . . . . . . . . . . . . . . . . . 10 4. Network Map . . . . . . . . . . . . . . . . . . . . . . . . . 10
4.1. PID . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 4.1. PID . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
4.2. Example Network Map . . . . . . . . . . . . . . . . . . . 11 4.2. Example Network Map . . . . . . . . . . . . . . . . . . . 11
5. Path Rating . . . . . . . . . . . . . . . . . . . . . . . . . 12 5. Cost Map . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
5.1. Path Cost . . . . . . . . . . . . . . . . . . . . . . . . 12 5.1. Cost Attributes . . . . . . . . . . . . . . . . . . . . . 12
5.1.1. Cost Type . . . . . . . . . . . . . . . . . . . . . . 12 5.1.1. Cost Type . . . . . . . . . . . . . . . . . . . . . . 13
5.1.2. Cost Mode . . . . . . . . . . . . . . . . . . . . . . 12 5.1.2. Cost Mode . . . . . . . . . . . . . . . . . . . . . . 13
5.2. Path Rating Query . . . . . . . . . . . . . . . . . . . . 13 5.2. Cost Map Structure . . . . . . . . . . . . . . . . . . . . 14
5.2.1. Cost Map . . . . . . . . . . . . . . . . . . . . . . . 13 5.3. Network Map and Cost Map Dependency . . . . . . . . . . . 14
5.2.2. Ranking List . . . . . . . . . . . . . . . . . . . . . 13
5.2.3. Network Map and Cost Map Dependency . . . . . . . . . 13
6. Protocol Overview . . . . . . . . . . . . . . . . . . . . . . 14 6. Protocol Overview . . . . . . . . . . . . . . . . . . . . . . 14
6.1. Design Approach . . . . . . . . . . . . . . . . . . . . . 14 6.1. Design Approach . . . . . . . . . . . . . . . . . . . . . 14
6.1.1. Use of Existing Infrastructure . . . . . . . . . . . . 14 6.1.1. Use of Existing Infrastructure . . . . . . . . . . . . 15
6.1.2. ALTO Information Reuse and Redistribution . . . . . . 14 6.1.2. ALTO Information Reuse and Redistribution . . . . . . 15
6.2. Message Format . . . . . . . . . . . . . . . . . . . . . . 15 7. Protocol Messaging . . . . . . . . . . . . . . . . . . . . . . 15
6.2.1. Query Message . . . . . . . . . . . . . . . . . . . . 15 7.1. Notation . . . . . . . . . . . . . . . . . . . . . . . . . 16
6.2.2. Response Message . . . . . . . . . . . . . . . . . . . 16 7.2. Message Format . . . . . . . . . . . . . . . . . . . . . . 16
6.2.3. Query and Response Body Encoding . . . . . . . . . . . 16 7.2.1. Protocol Versioning Approach . . . . . . . . . . . . . 16
7. Protocol Messaging . . . . . . . . . . . . . . . . . . . . . . 16 7.2.2. Request Message . . . . . . . . . . . . . . . . . . . 17
7.1. Client Processing . . . . . . . . . . . . . . . . . . . . 16 7.2.3. Response Message . . . . . . . . . . . . . . . . . . . 18
7.1.1. General Processing . . . . . . . . . . . . . . . . . . 17 7.3. General Processing . . . . . . . . . . . . . . . . . . . . 20
7.1.2. General Error Conditions . . . . . . . . . . . . . . . 17 7.3.1. Server Responses . . . . . . . . . . . . . . . . . . . 20
7.2. Server Processing . . . . . . . . . . . . . . . . . . . . 17 7.3.2. Client Behavior . . . . . . . . . . . . . . . . . . . 20
7.2.1. Successful Responses . . . . . . . . . . . . . . . . . 17 7.4. HTTP Usage . . . . . . . . . . . . . . . . . . . . . . . . 21
7.2.2. General Error Conditions . . . . . . . . . . . . . . . 17 7.4.1. Authentication and Encryption . . . . . . . . . . . . 21
7.2.3. Caching Parameters . . . . . . . . . . . . . . . . . . 17 7.4.2. Cookies . . . . . . . . . . . . . . . . . . . . . . . 21
7.3. ALTO Queries . . . . . . . . . . . . . . . . . . . . . . . 18 7.4.3. Caching Parameters . . . . . . . . . . . . . . . . . . 21
7.3.1. Server Capability . . . . . . . . . . . . . . . . . . 18 7.5. ALTO Requests . . . . . . . . . . . . . . . . . . . . . . 21
7.3.2. Map Service . . . . . . . . . . . . . . . . . . . . . 18 7.5.1. Server Capability . . . . . . . . . . . . . . . . . . 22
7.3.3. Map Filtering Service . . . . . . . . . . . . . . . . 19 7.5.2. Map Service . . . . . . . . . . . . . . . . . . . . . 25
7.3.4. Endpoint Property Service . . . . . . . . . . . . . . 21 7.5.3. Map Filtering Service . . . . . . . . . . . . . . . . 28
7.3.5. Ranking Service . . . . . . . . . . . . . . . . . . . 22 7.5.4. Endpoint Property Service . . . . . . . . . . . . . . 32
8. Use Cases . . . . . . . . . . . . . . . . . . . . . . . . . . 23 7.5.5. Endpoint Cost Service . . . . . . . . . . . . . . . . 34
8.1. ALTO Client Embedded in P2P Tracker . . . . . . . . . . . 23 7.6. Redistributable Responses . . . . . . . . . . . . . . . . 36
8.2. ALTO Client Embedded in P2P Client: Numerical Costs . . . 25 7.6.1. Server and Request Parameters . . . . . . . . . . . . 37
8.3. ALTO Client Embedded in P2P Client: Ranking . . . . . . . 26 7.6.2. Expiration Time . . . . . . . . . . . . . . . . . . . 37
9. Discussions . . . . . . . . . . . . . . . . . . . . . . . . . 27 7.6.3. Signature . . . . . . . . . . . . . . . . . . . . . . 38
9.1. Discovery . . . . . . . . . . . . . . . . . . . . . . . . 27 8. Use Cases . . . . . . . . . . . . . . . . . . . . . . . . . . 39
9.2. Network Address Translation Considerations . . . . . . . . 27 8.1. ALTO Client Embedded in P2P Tracker . . . . . . . . . . . 39
9.3. Mapping IPs to ASNs . . . . . . . . . . . . . . . . . . . 28 8.2. ALTO Client Embedded in P2P Client: Numerical Costs . . . 40
9.4. Endpoint and Path Properties . . . . . . . . . . . . . . . 28 8.3. ALTO Client Embedded in P2P Client: Ranking . . . . . . . 41
9.5. P2P Peer Selection . . . . . . . . . . . . . . . . . . . . 28 9. Discussions . . . . . . . . . . . . . . . . . . . . . . . . . 42
9.5.1. Client-based Peer Selection . . . . . . . . . . . . . 29 9.1. Discovery . . . . . . . . . . . . . . . . . . . . . . . . 42
9.5.2. Server-based Peer Selection . . . . . . . . . . . . . 29 9.2. Network Address Translation Considerations . . . . . . . . 43
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 29 9.3. Mapping IPs to ASNs . . . . . . . . . . . . . . . . . . . 43
11. Security Considerations . . . . . . . . . . . . . . . . . . . 29 9.4. Endpoint and Path Properties . . . . . . . . . . . . . . . 44
11.1. ISPs . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 9.5. P2P Peer Selection . . . . . . . . . . . . . . . . . . . . 44
11.2. ALTO Clients . . . . . . . . . . . . . . . . . . . . . . . 29 9.5.1. Client-based Peer Selection . . . . . . . . . . . . . 44
11.3. ALTO Information . . . . . . . . . . . . . . . . . . . . . 30 9.5.2. Server-based Peer Selection . . . . . . . . . . . . . 44
11.4. ALTO Information Redistribution . . . . . . . . . . . . . 30 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 45
11.5. Denial of Service . . . . . . . . . . . . . . . . . . . . 31 11. Security Considerations . . . . . . . . . . . . . . . . . . . 45
12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 31 11.1. Privacy Considerations for ISPs . . . . . . . . . . . . . 45
12.1. Normative References . . . . . . . . . . . . . . . . . . . 31 11.2. ALTO Clients . . . . . . . . . . . . . . . . . . . . . . . 45
12.2. Informative References . . . . . . . . . . . . . . . . . . 31 11.3. Authentication, Integrity Protection, and Encryption . . . 46
Appendix A. Contributors . . . . . . . . . . . . . . . . . . . . 33 11.4. ALTO Information Redistribution . . . . . . . . . . . . . 46
Appendix B. Acknowledgements . . . . . . . . . . . . . . . . . . 35 11.5. Denial of Service . . . . . . . . . . . . . . . . . . . . 47
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 35 11.6. ALTO Server Access Control . . . . . . . . . . . . . . . . 48
12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 48
12.1. Normative References . . . . . . . . . . . . . . . . . . . 48
12.2. Informative References . . . . . . . . . . . . . . . . . . 48
Appendix A. ALTO Protocol Grammar . . . . . . . . . . . . . . . . 50
Appendix B. Acknowledgments . . . . . . . . . . . . . . . . . . . 50
Appendix C. Authors . . . . . . . . . . . . . . . . . . . . . . . 51
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 52
1. Introduction 1. Introduction
1.1. Background and Problem Statement 1.1. Background and Problem Statement
Today, network information available to applications is mostly from Today, network information available to applications is mostly from
the view of endhosts. There is no clear mechanism to convey the view of endhosts. There is no clear mechanism to convey
information about the network's preferences to applications. By information about the network's preferences to applications. By
leveraging better network-provided information, applications have leveraging better network-provided information, applications have the
potential to become more network-efficient (e.g., reduce network potential to become more network-efficient (e.g., reduce network
resource consumption) and achieve better application performance resource consumption) and achieve better application performance
(e.g., accelerated download rate). The ALTO Service intends to (e.g., accelerated download rate). The ALTO Service intends to
provide a simple way to convey network information to applications. provide a simple way to convey network information to applications.
The goal of the protocol specified in this document is to provide a The goal of this document is to specify a simple and unified protocol
simple, unified protocol that meets the ALTO requirements [5], that meets the ALTO requirements [7] while providing a migration path
providing a migration path for Internet Service Providers (ISP), for Internet Service Providers (ISP), Content Providers, and clients
Content Providers, and clients that have deployed protocols with that have deployed protocols with similar intentions (see below).
similar intentions (see below). This document is a work in progress This document is a work in progress and will be updated with further
and will be updated with further developments. developments.
1.2. Design History and Merged Proposals 1.2. Design History and Merged Proposals
The protocol specified here consists of contributions from The protocol specified here consists of contributions from
o P4P [6],[7]; o P4P [8], [9];
o ALTO Info-Export [8]; o ALTO Info-Export [10];
o Query/Response [9],[10]; o Query/Response [11], [12];
o ATTP [ATTP]. o ATTP [ATTP].
o Proxidor [19]. o Proxidor [19].
The people listed here should be viewed as co-authors of this See Appendix B for a list of people that have contributed
document: Obi Akonjang, Richard Alimi, Saumitra M. Das, Syon Ding, significantly to this effort and the projects and proposals listed
Anja Feldmann, Doug Pasko, Reinaldo Penno, Laird Popkin, Stefano above.
Previdi, Satish Raghunath, Stanislav Shalunov, Albert Tian, Yu-Shun
Wang, Richard Woundy, Y. Richard Yang, David Zhang, and Yunfei Zhang.
Due to the limit of 5 authors per draft, the complete list of authors
were moved to the contributors section at this point.
1.3. Solution Benefits 1.3. Solution Benefits
The ALTO Service offers many benefits to both end-users (consumers of The ALTO Service offers many benefits to both end-users (consumers of
the service) and Internet Service Providers (providers of the the service) and Internet Service Providers (providers of the
service). service).
1.3.1. Service Providers 1.3.1. Service Providers
The ALTO Service enables ISPs to influence the neighborhood selection The ALTO Service enables ISPs to influence the peer selection process
process of overlay networks to increase locality of traffic and also in distributed applications in order to increase locality of traffic,
regain the ability to efficiently engineer traffic that traverses improve user-experience, amongst others. It also helps ISPs to
more expensive links such as backbone and transit links, thus efficiently engineer traffic that traverses more expensive links such
allowing a better provisioning of the networking infrastructure. as transit and backup links, thus allowing a better provisioning of
the networking infrastructure.
1.3.2. Applications 1.3.2. Applications
Applications that use the ALTO Service can benefit in multiple ways. Applications that use the ALTO Service can benefit in multiple ways.
For example, they may no longer need to infer topology information, For example, they may no longer need to infer topology information,
and some applications can reduce reliance on measuring path and some applications can reduce reliance on measuring path
performance metrics themselves. They can take advantage of the ISP's performance metrics themselves. They can take advantage of the ISP's
knowledge to avoid bottlenecks and boost performance. knowledge to avoid bottlenecks and boost performance.
An example type of application is a Peer-to-Peer overlay where peer An example type of application is a Peer-to-Peer overlay where peer
skipping to change at page 6, line 35 skipping to change at page 6, line 31
2. Architecture 2. Architecture
Two key design objectives of the ALTO Protocol are simplicity and Two key design objectives of the ALTO Protocol are simplicity and
extensibility. At the same time, it introduces additional techniques extensibility. At the same time, it introduces additional techniques
to address potential scalability and privacy issues. Below we start to address potential scalability and privacy issues. Below we start
with an introduction to the terminology. Then we define the overall with an introduction to the terminology. Then we define the overall
architecture and how the ALTO Protocol fits into the architecture. architecture and how the ALTO Protocol fits into the architecture.
2.1. Terminology 2.1. Terminology
We use the following terms defined in [11]: Application, Overlay We use the following terms defined in [13]: Application, Overlay
Network, Peer, Resource, Resource Identifier, Resource Provider, Network, Peer, Resource, Resource Identifier, Resource Provider,
Resource Consumer, Resource Directory, Transport Address, Host Resource Consumer, Resource Directory, Transport Address, Host
Location Attribute, ALTO Service, ALTO Server, ALTO Client, ALTO Location Attribute, ALTO Service, ALTO Server, ALTO Client, ALTO
Query, ALTO Reply, ALTO Transaction, Local Traffic, Peering Traffic, Query, ALTO Reply, ALTO Transaction, Local Traffic, Peering Traffic,
Transit Traffic. Transit Traffic.
We also use the following additional terms: Endpoint Address and We also use the following additional terms: Endpoint Address, ASN,
Network Location. and Network Location.
2.1.1. Endpoint Address 2.1.1. Endpoint Address
An endpoint address represents the communication address of an end An endpoint address represents the communication address of an end
point. An endpoint address can be network-attachment based (IP point. An endpoint address can be network-attachment based (IP
address) or network-attachment agnostic. Common forms of endpoint address) or network-attachment agnostic. Common forms of endpoint
addresses include IP address, MAC address, overlay ID, and phone addresses include IP address, MAC address, overlay ID, and phone
number. number.
2.1.2. Network Location 2.1.2. ASN
An Autonomous System Number.
2.1.3. Network Location
Network Location is a generic concept denoting a single endpoint or Network Location is a generic concept denoting a single endpoint or
group of endpoints. Whenever we say Network Location, we refer to group of endpoints. Whenever we say Network Location, we refer to
either a single endpoint or a group of endpoints. either a single endpoint or a group of endpoints.
2.2. ALTO Service and Protocol Scope 2.2. ALTO Service and Protocol Scope
An ALTO Server conveys the network information from the perspective An ALTO Server conveys the network information from the perspective
of a network region. We say that the ALTO Server presents its "my- of a network region. We say that the ALTO Server presents its "my-
Internet View" [12] of the network region. A network region in this Internet View" [14] of the network region. A network region in this
context can be an Autonomous System, an ISP, perhaps a smaller context can be an Autonomous System, an ISP, perhaps a smaller
region, or perhaps a set of ISPs; the details depend on the region, or perhaps a set of ISPs; the details depend on the
deployment scenario and discovery mechanism. deployment scenario and discovery mechanism.
To better understand the ALTO Service and the role of the ALTO To better understand the ALTO Service and the role of the ALTO
Protocol, we show in Figure 1 the overall system architecture. In Protocol, we show in Figure 1 the overall system architecture. In
this architecture, an ALTO Client uses ALTO Service Discovery to this architecture, an ALTO Server prepares ALTO Information; an ALTO
identify an appropriate ALTO Server; an ALTO Server prepares ALTO Client uses ALTO Service Discovery to identify an appropriate ALTO
Information; and the ALTO Client requests available ALTO Information Server; and the ALTO Client requests available ALTO Information from
from the ALTO Server using the ALTO Protocol. the ALTO Server using the ALTO Protocol.
The ALTO Information provided by the ALTO Server can be updated The ALTO Information provided by the ALTO Server can be updated
dynamically based on network conditions, or can be seen as a policy dynamically based on network conditions, or can be seen as a policy
which is updated at a larger time-scale. which is updated at a larger time-scale.
More specifically, the ALTO Information provided by an ALTO Server More specifically, the ALTO Information provided by an ALTO Server
may be influenced (at the operator's discretion) by other systems. may be influenced (at the operator's discretion) by other systems.
Examples include (but are not limited to) static network Examples include (but are not limited to) static network
configuration databases, dynamic network information, routing configuration databases, dynamic network information, routing
protocols, provisioning policies, and interfaces to outside parties. protocols, provisioning policies, and interfaces to outside parties.
These components are shown in the figure for completeness but outside These components are shown in the figure for completeness but outside
the scope of this specification. the scope of this specification.
Note that it may also be possible for ALTO Servers to exchange
network information with other ALTO Servers (either within the same
administrative domain or another administrative domain with the
consent of both parties) in order to adjust exported ALTO
information. Such a protocol is also outside the scope of this
specification.
+-------------------------------------------------------------------+ +-------------------------------------------------------------------+
| ISP | | ISP |
| | | |
| +-----------+ | | +-----------+ |
| | Routing | | | | Routing | |
| +--------------+ | Protocols | | | +--------------+ | Protocols | |
| | Provisioning | +-----------+ | | | Provisioning | +-----------+ |
| | Policy | | | | | Policy | | |
| +--------------+\ | | | +--------------+\ | |
| \ | | | \ | |
skipping to change at page 8, line 48 skipping to change at page 8, line 48
ALTO Architecture ALTO Architecture
3. Protocol Structure 3. Protocol Structure
The ALTO Protocol uses a simple extensible framework to convey The ALTO Protocol uses a simple extensible framework to convey
network information. In the general framework, the ALTO protocol network information. In the general framework, the ALTO protocol
will convey properties on both Endpoints and paths between network will convey properties on both Endpoints and paths between network
locations. locations.
In this document, we focus on a particular endpoint property to In this document, we focus on a particular endpoint property to
denote the location of an endpoint and a particular path property denote the location of an endpoint, and provider-defined costs for
called Path Rating to denote the ISP-defined cost of a path. paths between pairs of network locations.
The ALTO Protocol is built on a common transport protocol, messaging The ALTO Protocol is built on a common transport protocol, messaging
structure and encoding, and transaction model. The protocol is structure and encoding, and transaction model. The protocol is
subdivided into services of related functionality. ALTO-Core subdivided into services of related functionality. ALTO-Core
provides the Map Service. Other services can provide additional provides the Map Service. Other services can provide additional
functionality. There are three such services defined in this functionality. There are three such services defined in this
document: the Map Filtering Service, Endpoint Property Service, and document: the Map Filtering Service, Endpoint Property Service, and
Ranking Service. Additional services may be defined in the future in Endpoint Cost Service. Additional services may be defined in the
companion documents. future in companion documents. Note that functionality offered in
different services are not totally non-overlapping (e.g., the Map
Service and Map Filtering Service).
.-------------------------------------------------------------------. .--------------------------------------------------------.
| | | |
| .----------. .---------------. .---------------. .-------------. | | .----------. .-----------. .----------. .----------. |
| | | | Map Filtering | | Endpont Prop. | | Ranking | | | | | | Map | | Endpoint | | Endpoint | |
| | | | Service | | Service | | Service | | | | | | Filtering | | Property | | Cost | |
| | | `---------------' `---------------' `-------------' | | | | | Service | | Service | | Service | |
| | Server | .-------------------------------------------------. | | | | `-----------' `----------' `----------' |
| |Capability| | Map Service | | | | Server | .-------------------------------------. |
| | | | .-------------. .--------------. | | | |Capability| | Map Service | |
| | | | | Network Map | | Cost Map | | | | | | | .-------------. .--------------. | |
| | | | `-------------' `--------------' | | | | | | | Network Map | | Cost Map | | |
| `----------' `-------------------------------------------------' | | | | | `-------------' `--------------' | |
| | | `----------' `-------------------------------------' |
`-------------------------------------------------------------------' | |
`--------------------------------------------------------'
Figure 1: ALTO Protocol Structure Figure 1: ALTO Protocol Structure
3.1. Server Capability 3.1. Server Capability
It lists the details on the information that can be provided by an The Server Capability Service lists the details on the information
ALTO Server. The configuration includes, for example, details about that can be provided by an ALTO Server and perhaps other ALTO Servers
the operations and cost metrics supported by the ALTO Server. The maintained by the network provider. The configuration includes, for
capability document can be downloaded by ALTO Clients or provisioned example, details about the operations and cost metrics supported by
into devices. the ALTO Server. The capability document can be downloaded by ALTO
Clients. The capability information could also be provisioned to
devices, but care must be taken to update it appropriately.
3.2. Services 3.2. Services
3.2.1. Map Service 3.2.1. Map Service
The Map Service provides batch information to ALTO Clients. Two maps The Map Service provides batch information to ALTO Clients. Two maps
are provided in this document. The Network Map (See Section 4) are defined in this document. The Network Map (See Section 4)
provides the full set of network location groupings defined by the provides the full set of network location groupings defined by the
ALTO Server and the endpoints contained with each grouping. The Cost ALTO Server and the endpoints contained with each grouping. The Cost
Map (see Section 5.2.1) provides costs between the defined groupings. Map (see Section 5) provides costs between the defined groupings.
These two maps can be thought of (and implemented as) as simple files These two maps can be thought of (and implemented as) as simple files
with appropriate encoding provided by the ALTO Server. with appropriate encoding provided by the ALTO Server.
3.2.2. Map Filtering Service 3.2.2. Map Filtering Service
Resource constrained ALTO Clients may benefit from query results Resource constrained ALTO Clients may benefit from query results
being filtered at the ALTO Server. This avoids an ALTO Client being filtered at the ALTO Server. This avoids an ALTO Client
spending network bandwidth collecting results and performing client- spending network bandwidth or CPU collecting results and performing
side filtering. The Map Filtering Service allows ALTO Clients to client-side filtering. The Map Filtering Service allows ALTO Clients
query for ALTO Server maps based on additional parameters. to query for ALTO Server maps based on additional parameters.
3.2.3. Endpoint Property Service 3.2.3. Endpoint Property Service
This service allows ALTO Clients to look up properties for individual This service allows ALTO Clients to look up properties for individual
endpoints. An example endpoint property is its network location (its endpoints. An example endpoint property is its network location (its
grouping defined by the ALTO Server) or connectivity type (e.g., grouping defined by the ALTO Server) or connectivity type (e.g.,
ADSL, Cable, or FioS). ADSL, Cable, or FioS).
3.2.4. Ranking Service 3.2.4. Endpoint Cost Service
Some ALTO Clients may also benefit from querying for rankings and Some ALTO Clients may also benefit from querying for costs and
costs based on endpoints. The Ranking Service allows an ALTO Server rankings based on endpoints. The Endpoint Cost Service allows an
to return either numerical costs or ordinal costs (rankings) for ALTO Server to return either numerical costs or ordinal costs
additional network locations types such as Endpoints. (rankings) directly amongst Endpoints.
4. Network Map 4. Network Map
In this section, we give more detail on the particular endpoint In reality, many endpoints are very close to one another in terms of
property named PID. In the next section, we give more detail about
the particular path property named Path Rating.
In reality many endpoints are very close to one another in terms of
network connectivity, for example, endpoints on the same site of an network connectivity, for example, endpoints on the same site of an
enterprise. By treating a group of endpoints together as a single enterprise. By treating a group of endpoints together as a single
entity in ALTO, we can achieve much greater scalability without entity in ALTO, we can achieve much greater scalability without
loosing any critical information. loosing critical information.
The Network Location endpoint property allows an ALTO Server to group The Network Location endpoint property allows an ALTO Server to group
endpoints together to indicate their proximity. The resulting set of endpoints together to indicate their proximity. The resulting set of
groupings is called the ALTO Network Map. groupings is called the ALTO Network Map.
The Network Map may also be used to communicate simple preferences. The Network Map may also be used to communicate simple preferences.
For example, an ISP may prefer that endpoints associated with the For example, an ISP may prefer that endpoints associated with the
same PoP (Point-of-Presence) in a P2P application communicate locally same PoP (Point-of-Presence) in a P2P application communicate locally
instead of communicating with endpoints in other PoPs. instead of communicating with endpoints in other PoPs. [[Comment.1:
Preferring peers within the same PID may be a reasonable default, but
some ALTO providers may prefer to discourage such peering. A flag
(e.g., attribute in the map) might be used to communicate such non-
default preferences.]]
Note that the definition of proximity varies depending on the Note that the definition of proximity varies depending on the
granularity of the ALTO algorithm. In one deployment, endpoints on granularity of the ALTO information configured by the provider. In
the same subnet may be considered close; while in another deployment, one deployment, endpoints on the same subnet may be considered close;
endpoints connected to the same PoP may be considered close. while in another deployment, endpoints connected to the same PoP may
be considered close.
4.1. PID 4.1. PID
Each group can be identified by a provider-defined Network Location Each group of Endpoints is identified by a provider-defined Network
identifier called a PID. There can be many different ways of Location identifier called a PID. There can be many different ways
grouping the endpoints and assigning PIDs. of grouping the endpoints and assigning PIDs.
Thus, a PID is a identifier providing an indirect and network- A PID is an identifier providing an indirect and network-agnostic way
agnostic way to specify a network aggregation. For example, a PID to specify a network aggregation. For example, a PID may be defined
may be defined (by the ALTO service provider) to denote a subnet, a (by the ALTO service provider) to denote a subnet, a set of subnets,
set of subnets, a metropolitan area, a PoP, an autonomous system, or a metropolitan area, a PoP, an autonomous system, or a set of
a set of autonomous systems. Aggregation of endpoints into PIDs can autonomous systems. Aggregation of endpoints into PIDs can indicate
indicate proximity. Also, aggregation can improve scalability. In proximity and can improve scalability. In particular, network
particular, network preferences (costs) may be specified between preferences (costs) may be specified between PIDs, allowing cost
PIDs, allowing cost information to be more compact and updated at a information to be more compact and updated at a smaller time scale
smaller time scale than the network aggregations themselves. than the network aggregations themselves.
The current specification considers endpoints that are identified by
an IP address. The endpoints aggregated into a PID are denoted by a
list of IP prefixes. When either an ALTO Client or ALTO Server needs
to determine which PID in a Network Map contains a particular IP
address, longest-prefix matching MUST be used.
4.2. Example Network Map 4.2. Example Network Map
Figure 2 illustrates an example Network Map. PIDs are used to Figure 2 illustrates an example Network Map. PIDs are used to
identify network-agnostic aggregations. identify network-agnostic aggregations.
.--------------------------------------------------------. .-----------------------------------------------------------.
| ALTO Network Map | | ALTO Network Map |
| | | |
| .--------------------------------. .---------------. | | .-----------------------------------. .---------------. |
| | NetLoc: PID-1 | | NetLoc: PID-2 | | | | NetLoc: PID-1 | | NetLoc: PID-2 | |
| | .---------------------------. | | ... | | | | .------------------------------. | | ... | |
| | | 128.36.0.0/16 | | `---------------` | | | | 192.0.2.0/24 | | `---------------` |
| | | .-----------------------. | | | | | | .--------------------------. | | |
| | | | Endpoint: 128.36.9.8 | | | .---------------. | | | | | Endpoint: 192.0.2.34 | | | .---------------. |
| | | `-----------------------` | | | NetLoc: PID-3 | | | | | `--------------------------` | | | NetLoc: PID-3 | |
| | `---------------------------` | | ... | | | | `------------------------------` | | ... | |
| | .---------------------------. | `---------------` | | | .------------------------------. | `---------------` |
| | | 130.132.0.0/16 | | | | | | 198.51.100.0/25 | | |
| | | .-----------------------. | | .---------------. | | | | .--------------------------. | | .---------------. |
| | | | Endpoint: 130.132.1.2 | | | | NetLoc: PID-4 | | | | | | Endpoint: 198.51.100.100 | | | | NetLoc: PID-4 | |
| | | `-----------------------` | | | ... | | | | | `--------------------------` | | | ... | |
| | `---------------------------` | `---------------` | | | `------------------------------` | `---------------` |
| `--------------------------------` | | `-----------------------------------` |
| | | |
`--------------------------------------------------------` `-----------------------------------------------------------`
Figure 2: Example Network Map Figure 2: Example Network Map
5. Path Rating 5. Cost Map
In this section we define a particular path property named Path An ALTO Server indicates preferences amongst network locations in the
Rating. form of Path Costs. Path Costs are generic costs and can be
internally computed by a network provider according to its own needs.
5.1. Path Cost An ALTO Cost Map defines Path Costs pairwise amongst sets of source
and destination network locations.
Path Rating is based on Path Cost, which conveys the preference of an One advantage of separating ALTO information into a Network Map and a
ALTO Server on communication among Network Locations. Path Costs Cost Map is that the two components can be updated at different time
have attributes: scales. For example, Network Maps may be stable for a longer time
while Cost Maps may be updated to reflect dynamic network conditions.
5.1. Cost Attributes
Path Costs have attributes:
o Type: identifies what the costs represent; o Type: identifies what the costs represent;
o Mode: identifies how the costs should be interpreted (numerical or o Mode: identifies how the costs should be interpreted (numerical or
ordinal interpretation). ordinal).
Certain queries for Cost Maps allow the ALTO Client to indicate the
desired Type and Mode.
5.1.1. Cost Type 5.1.1. Cost Type
The Type attribute indicates what the cost represents. For example, The Type attribute indicates what the cost represents. For example,
an ALTO Server could define costs representing air-miles, hop-counts, an ALTO Server could define costs representing air-miles, hop-counts,
or generic routing costs. or generic routing costs.
Cost types are indicated in protocol messages as alphanumeric Cost types are indicated in protocol messages as alphanumeric
strings. An ALTO Server MUST at least define the routing cost type strings. An ALTO Server MUST at least define the routing cost type
denoted by the string 'routingcost'. denoted by the string 'routingcost'.
Note that an ISP may internally compute routing cost using any method Note that an ISP may internally compute routing cost using any method
it chooses (including air-miles or hop-count). it chooses (including air-miles or hop-count).
If an ALTO Client requests a Cost Type that is not available, the If an ALTO Client requests a Cost Type that is not available, the
ALTO Server responds with an error as specified in Section 7.2.2.2. ALTO Server responds with an error as specified in Section 7.3.1.3.
5.1.2. Cost Mode 5.1.2. Cost Mode
The Mode attribute indicates how costs should be interpreted. For The Mode attribute indicates how costs should be interpreted. For
example, an ALTO Server could return costs that should be interpreted example, an ALTO Server could return costs that should be interpreted
as numerical values or ordinal rankings. as numerical values or ordinal rankings.
It is important to communicate such information to ALTO Clients, as It is important to communicate such information to ALTO Clients, as
certain operations may not be valid on certain costs returned by an certain operations may not be valid on certain costs returned by an
ALTO Server. For example, it is possible for an ALTO Server to ALTO Server. For example, it is possible for an ALTO Server to
return a set of IP addresses with costs indicating a ranking of the return a set of IP addresses with costs indicating a ranking of the
IP addresses. Arithmetic operations, such as summation, that would IP addresses. Arithmetic operations, such as summation, that would
make sense for numerical values, do not make sense for ordinal make sense for numerical values, do not make sense for ordinal
rankings. ALTO Clients may want to handle such costs differently. rankings. ALTO Clients may want to handle such costs differently.
Cost Modes are indicated in protocol messages as alphanumeric Cost Modes are indicated in protocol messages as alphanumeric
strings. An ALTO Server MUST at least define the modes 'numerical' strings. An ALTO Server MUST at least define the modes 'numerical'
and 'ordinal'. and 'ordinal'.
If an ALTO Client requests a cost Mode that is not supported, the If an ALTO Client requests a Cost Mode that is not supported, the
ALTO Server MUST reply with costs having Mode either 'numerical' or ALTO Server MUST reply with costs having Mode either 'numerical' or
'ordinal'. Thus, an ALTO Server must implement at least one of 'ordinal'. Thus, an ALTO Server must implement at least one of
'numerical' or 'ordinal' Costs, but it may choose which to support. 'numerical' or 'ordinal' Costs, but it may choose which to support.
ALTO Clients may choose how to handle such situations. Two ALTO Clients may choose how to handle such situations. Two
particular possibilities are to use the returned costs as-is (e.g., particular possibilities are to use the returned costs as-is (e.g.,
treat numerical costs as ordinal rankings) or ignore the ALTO treat numerical costs as ordinal rankings) or ignore the ALTO
information altogether. information altogether.
5.2. Path Rating Query 5.2. Cost Map Structure
The Path Rating Query consists of a Cost Type, a Cost Mode, a list of
Source Network Locations (note that a Network Location can be an
endpoint address or a PID), and a list of Destination Network
Locations.
Specifically, assume that a Path Rating query has a list of multiple A query for a Cost Map either explicitly or implicitly includes a
Source Network Locations, say [Src_1, Src_2, ..., Src_m], and a list list of Source Network Locations and a list of Destination Network
of multiple Destination Network Locations, say [Dst_1, Dst_2, ..., Locations. (Recall that a Network Location can be an endpoint
Dst_n], then the ALTO Server will compute the Path Cost for each address or a PID.)
communicating pair (i.e., Src_1 -> Dst_1, ..., Src_1 -> Dst_n, ...,
Src_m -> Dst_1, ..., Src_m -> Dst_n).
5.2.1. Cost Map Specifically, assume that a query has a list of multiple Source
Network Locations, say [Src_1, Src_2, ..., Src_m], and a list of
multiple Destination Network Locations, say [Dst_1, Dst_2, ...,
Dst_n].
We refer to the Response containing the m*n entries as a Cost Map. The ALTO Server will return the Path Cost for each communicating pair
(i.e., Src_1 -> Dst_1, ..., Src_1 -> Dst_n, ..., Src_m -> Dst_1, ...,
Src_m -> Dst_n). We refer to this structure as a Cost Map.
If the Cost Type is ordinal, the ranking of each communicating pair If the Cost Mode is 'ordinal', the Path Cost of each communicating
is relative to the m*n entries. pair is relative to the m*n entries.
5.2.2. Ranking List 5.3. Network Map and Cost Map Dependency
If there is a single Source Network Location, we also say that the If a Cost Map contains PIDs in the list of Source Network Locations
response is a Ranking List. or the list of Destination Network Locations, we say that the Path
Costs are generated based on a particular Network Map (which defines
the PIDs). Version Tags are introduced to ensure that ALTO Clients
are able to use consistent information even though the information is
provided in two maps.
5.2.3. Network Map and Cost Map Dependency A Version Tag is an opaque string associated with a Network Map
maintained by the ALTO Server. When the Network Map changes, the
Version Tag SHOULD also be changed. (Thus, the Version Tag is
defined similarly to HTTP's ETag.) Possibilities for generating a
Version Tag included the last-modified timestamp for the Network Map,
or a hash of its contents.
Note that if a Path Rating query contains any PID in the list of A Network Map distributed by the ALTO Server includes its Version
Source Network Locations or the list of Destination Network Tag. A Cost Map referring to PIDs also includes the Version Tag of
Locations, we say that the particular Path Rating is generated based the Network Map on which it is based.
on a particular Network Map. Version Tags are introduced to ensure
that ALTO Clients are able to use consistent information even though
the information is provided in two maps. One advantage of separating
ALTO information into a Network Map and a Cost Map is that the two
components can be updated at different time scales. For example,
Network Maps may be stable for a longer time while Cost Maps may be
updated to reflect dynamic network conditions.
6. Protocol Overview 6. Protocol Overview
6.1. Design Approach 6.1. Design Approach
The ALTO Protocol design uses a RESTful interface with the goal of The ALTO Protocol design uses a RESTful interface with the goal of
leveraging current HTTP [2] [3] implementations and infrastructure. leveraging current HTTP [2] [3] implementations and infrastructure.
ALTO messages are denoted with HTTP Content-Type "application/alto". ALTO messages are denoted with HTTP Content-Type "application/alto"
Message encodings use a structured, text-based format. The exact and use JSON [4] to encode message bodies.
encoding will be documented in a future revision, as the current
focus is overall protocol architecture and operations.
These design decisions make the protocol easier to understand and These design decisions make the protocol easier to understand and
debug, and allows for flexible ALTO Server implementation strategies. debug, and allows for flexible ALTO Server implementation strategies.
More importantly, however, this enables use of existing More importantly, however, this enables use of existing
implementations and infrastructure, and allows for simple caching and implementations and infrastructure, and allows for simple caching and
redistribution of ALTO information to increase scalability. redistribution of ALTO information to increase scalability.
6.1.1. Use of Existing Infrastructure 6.1.1. Use of Existing Infrastructure
An important design consideration for the ALTO Protocol is easy An important design consideration for the ALTO Protocol is easy
skipping to change at page 14, line 37 skipping to change at page 15, line 25
outlined above, HTTP is a natural choice. In particular, this ALTO outlined above, HTTP is a natural choice. In particular, this ALTO
Protocol design leverages: Protocol design leverages:
o the huge installed base of infrastructure, including HTTP caches, o the huge installed base of infrastructure, including HTTP caches,
o mature software implementations, o mature software implementations,
o the fact that many P2P clients already have an embedded HTTP o the fact that many P2P clients already have an embedded HTTP
client, and client, and
o authentication and encryption mechanisms in HTTP and SSL. o authentication and encryption mechanisms in HTTP and SSL/TLS.
6.1.2. ALTO Information Reuse and Redistribution 6.1.2. ALTO Information Reuse and Redistribution
ALTO information may be useful to a large number of applications and ALTO information may be useful to a large number of applications and
users. Distributing ALTO information must be efficient and not users. Distributing ALTO information must be efficient and not
become a bottleneck. Therefore, the ALTO Protocol specified in this become a bottleneck. Therefore, the ALTO Protocol specified in this
document integrates with existing HTTP caching infrastructure to document integrates with existing HTTP caching infrastructure to
allow reuse of ALTO information by ALTO Clients and reduce load on allow reuse of ALTO information by ALTO Clients and reduce load on
ALTO servers. ALTO information may also be cached or redistributed ALTO servers. ALTO information may also be cached or redistributed
using application-dependent mechanisms, such as P2P DHTs or P2P file- using application-dependent mechanisms, such as P2P DHTs or P2P file-
sharing. sharing. For example, a full Network Map may be reused by all ALTO
Clients using the ALTO Server.
For example, a full Network Map may be reused by all ALTO Clients Note that if caching or redistribution is used, the Response message
using the ALTO Server. may be returned from another (possibly third-party) entity. Reuse
and Redistribution is further discussed in Section 11.4. Protocol
support for redistribution is specified in Section 7.6.
6.2. Message Format 7. Protocol Messaging
The ALTO Protocol uses a RESTful design operating over HTTP. Both This section specifies client and server processing, as well as
Query and Response follow the standard format for HTTP Request and messages in the ALTO Protocol. Details common to ALTO Server
Response messages [2] [3]. This section provides an overview of the processing of all messages is first discussed, followed by details of
components of a Query message sent from an ALTO Client to an ALTO the individual messages.
Server, as well as the components of a Response message returned by
an ALTO Server. Note that if caching or redistribution is used, the
Response message may be returned from another (possibly third-party)
entity. Reuse and Redistrubution is further discussed in
Section 11.4.
6.2.1. Query Message 7.1. Notation
A Query message is generated by an ALTO Client and sent to an ALTO This document uses C-style struct notation to define the required and
Server. The ALTO Protocol employs the following components of the optional members of certain message components (i.e., JSON objects).
HTTP request message: Unless explicitly noted, each member of a struct are REQUIRED.
Method: Indicates operation requested by the ALTO Client (along with The types 'JSONString', 'JSONNumber', 'JSONBool' indicate the JSON
URI Path). string, number, and boolean types respectively.
URI Path: Indicates the operation requested by the ALTO Client This document only includes object members used by this
(along with Method). specification. It is possible that protocol extensions include
additional members to JSON objects defined in this document; such
additional members will be silently ignored by ALTO Servers and
Clients only implementing the base protocol defined in this document.
URI Query String Parameters: Indicates parameters for the requested 7.2. Message Format
operation. Note that in the messaging specification in Section 7,
we abbreviate these as 'URI QS Params'. Order of query string
parameters is not specified. Some parameters are restricted in
how many times they appear. We use the notation 'min..max' to
denote the the minimum and maximum times they may appear, where
'max' may be '*' to denote unbounded. If no parameters are
defined for a particular ALTO request message, the query string
MUST be empty (and there MUST be no '?' included in the URI Path).
Headers: Indicates encoding of the Body. If the HTTP body of the Request and Response follow the standard format for HTTP Request and
request is non-empty, the Content-Type header MUST be set to Response messages [2] [3].
"application/alto".
Body: Indicates additional request parameters that are not concisely The following subsections provide an overview of how ALTO Requests
representable as Query String parameters. If no Body is defined and Responses are encoded in HTTP, and discusses rationale for
for a particular ALTO request message, the HTTP request body MUST certain design decisions.
be empty.
6.2.2. Response Message 7.2.1. Protocol Versioning Approach
A Response message is generated by an ALTO Server, which corresponds The ALTO Protocol uses a simple and clean approach to versioning that
to a particular Query message. The ALTO Protocol employs the permits evolution between versions even if ALTO information is being
following components of the HTTP Response message: served as static, pre-generated files.
Status Code: Indicates either success or an error condition. In particular, it is assumed that a single host responding to ALTO
Requests implements a single protocol version. Note that virtual
hosting can be used if multiple protocol versions need to be
supported by a single physical server.
Headers: Indicates encoding of the Body and caching directives. If A common query (Server Capability, detailed in Section 7.5.1) to be
the HTTP body of the response is non-empty, the Content-Type present in all ALTO protocol versions allows an ALTO Client to
header MUST be set to "application/alto" discover additional ALTO Servers and the ALTO Protocol version number
of each.
Body: Contains data requested by the ALTO Client. This approach keeps the ALTO Server implementation free from parsing
and directing each request based on version number. Although ALTO
Requests are free from protocol version numbers, the protocol version
number is echoed in each ALTO Response to keep responses self-
contained to, for example, ease reading persisted or redistributed
ALTO responses.
6.2.3. Query and Response Body Encoding This document specifies ALTO Protocol version 1.
When the Body of a Query or Response message is not empty, it MUST 7.2.2. Request Message
contain a properly-encoded message. This section will be updated to
include common requirements when an encoding format is decided.
7. Protocol Messaging An ALTO Request is a standard HTTP Request generated by an ALTO
Client, with certain components defined by the ALTO Protocol.
This section specifies client and server processing, as well as The basic syntax of an ALTO Request is:
messages in the ALTO Protocol. Details common to ALTO Server
processing of all messages is first discussed, followed by details of
the individual messages.
Note that the primary focus of the current draft is the architecture <Method> /<Resource> HTTP/1.1
and protocol operations, and only the structure of messages is Host: <Host>
specified (without actual message encoding). Additionally, the
following details have been omitted for clarity:
o protocol version number For example:
o transaction ID GET /capability HTTP/1.1
Host: alto.example.com:6671
o map version tags 7.2.2.1. Standard HTTP Headers
o HTTP URL encoding The Host header MUST follow the standard rules for the HTTP 1.1 Host
Header.
This section will be updated as revisions are made to protocol The Content-Length header MUST follow the standard rules defined in
details and encodings. HTTP 1.1.
7.1. Client Processing The Content-Type HTTP Header MUST have value "application/alto" if
7.1.1. General Processing the Body is non-empty.
The protocol is structured in such a way that independent of the 7.2.2.2. Method and Resource
query type there are a set of general processing steps. The ALTO
Client selects a specific ALTO Server to communicate with and
establishes a TCP connection. The ALTO protocol on top of this TCP
connection MAY be secured through SSL/TLS to implement server and/or
client authentication. HTTP Basic or Digest authentication MAY
additionally be used. The client then creates and sends a query
message, which MUST be constructed as specified in Section 7.3. The
ALTO Client MUST additionally follow any HTTP encoding rules as well
as TCP transport considerations.
7.1.2. General Error Conditions Next, both the HTTP Method and URI-Path (denoted as Resource)
indicate the operation requested by the ALTO Client. In this
example, the ALTO Client is requesting basic capability information
from the ALTO Server.
In the case the client does not receive an appropriate response from 7.2.2.3. Input Parameters
the server it can choose another server to communicate or fall back
to perform peer selection without the use of ALTO information.
7.2. Server Processing Certain operations defined by the ALTO Protocol (e.g., in the Map
Filtering Service) allow the ALTO Client to supply additional input
parameters. Such input parameters are encoded in a URI-Query-String
where possible and appropriate. However, due to practical
limitations (e.g. underlying HTTP implementations may have
limitations on the total length of a URI and the Query-String is
better-suited for simple unstructured parameters and lists), some
operations in the ALTO Protocol use input parameters encoded in the
HTTP Request Body.
7.2.1. Successful Responses 7.2.3. Response Message
If a Query message is successfully processed an an ALTO response is A Response message is a standard HTTP Response generated by an ALTO
generated, the HTTP status code in the response MUST be set to 200. Server with certain components defined by the ALTO Protocol.
7.2.2. General Error Conditions The basic syntax of an ALTO Response is:
This section specifies ALTO Server behavior when it recevies a Query HTTP/1.1 <StatusCode> <StatusMsg>
message that cannot be processed due to a problem with processing the Content-Length: <ContentLength>
Query message itself. Content-Type: <ContentType>
7.2.2.1. Invalid Query Format <ALTOResponse>
If any component of the Query message is formatted incorrectly (i.e., where the HTTP Response Body is an ALTOResponse JSON Object (defined
it does not follow the formats in Section 7.3), the ALTO Server MUST in Section 7.2.3.3). For example:
return HTTP Status Code 400.
7.2.2.2. Unsupported Query HTTP/1.1 200 OK
Content-Length: 1000
Content-Type: application/alto
{
"meta" : {
"version": 1
...
},
"type" : "capability",
"data" : {
...
}
}
7.2.3.1. Standard HTTP Headers
The Content-Length header MUST follow the standard rules defined in
HTTP 1.1.
The Content-Type HTTP Header MUST have value "application/alto" if
the Body is non-empty.
7.2.3.2. Status Code and Message
The HTTP Status Code MUST indicate success or an appropriate error
condition using standard HTTP Status Codes. The HTTP Status Message
MUST follow the standard rules in HTTP 1.1.
Since the ALTO Protocol is designed as a straightforward use of HTTP
to retrieve ALTO information from a server, only HTTP Status codes
are needed. [[Comment.2: This can be changed if a need for different
application-layer status codes arises.]]
7.2.3.3. HTTP Body
The Response body MUST encode a single top-level JSON object of type
ALTOResponse:
struct {
RspMetaData meta;
JSONString type;
[RspDataType] data;
} ALTOResponse;
The ALTOResponse object has distinct sections for:
o meta information encoded in an extensible way,
o the type of ALTO Information to follow, and
o the requested ALTO Information.
7.2.3.3.1. Meta Information
Meta information is encoded as a JSON object with type RspMetaData:
struct {
JSONNumber version;
RspRedistInfo redistribution; [OPTIONAL]
} RspMetaData;
with members:
o version: the ALTO Protocol version
o redistribution: additional meta information used by ALTO
information redistribution (see Section 7.6)
7.2.3.3.2. ALTO Information
If the Response is successful (i.e., HTTP status code is 2xx), then
the "type" and "data" members of the ALTOResponse object are
REQUIRED. "type" encodes a Response-specific string which indicates
to the ALTO Client the type of data encoded in the message. The
"data" member encodes the actual Response-specific data. The
structure of this member is detailed later in this section for each
particular ALTO Response.
7.2.3.4. Signature
An ALTO Server MAY additionally supply a signature asserting that it
generated a particular response. In order to allow the signature to
be computed over the entire response message, the signature itself is
specified in an HTTP Header or Trailer (see Section 7.6.3).
7.3. General Processing
The protocol is structured in such a way that, independent of the
query type, there are a set of general processing steps. The ALTO
Client selects a specific ALTO Server with which to communicate,
establishes a TCP connection, and constructs and sends ALTO Request
messages which MUST conform to Section 7.5. In response to Request
messages, an ALTO Server constructs and sends ALTO Response messages
which also MUST conform to Section 7.5.
7.3.1. Server Responses
7.3.1.1. Successful Request
If a Request message is successfully processed and the requested ALTO
information returned by the ALTO Server, the HTTP status code in the
Response MUST be set to a valid 2xx HTTP status code.
7.3.1.2. Invalid Request Format
If any component of the Request message is formatted incorrectly
(i.e., it does not follow Section 7.5), the ALTO Server MUST return
HTTP Status Code 400.
7.3.1.3. Unsupported Request
If an ALTO Server does not support the operation indicated in the If an ALTO Server does not support the operation indicated in the
Query message, the ALTO Server MUST return HTTP Status Code 501. Request message, the ALTO Server MUST return HTTP Status Code 501.
7.2.3. Caching Parameters 7.3.2. Client Behavior
If the response generated by the ALTO Server is cachable, the ALTO 7.3.2.1. Successful Response
Server MAY include relevant HTTP headers, enabling it to be cached by
existing HTTP Caches or the ALTO Client itself.
7.3. ALTO Queries This specification does not indicate any required actions taken by
ALTO Clients upon receiving a successful response from an ALTO
Server. Although ALTO Clients are suggested to interpret the
received ALTO Information and adapt application behavior, ALTO
Clients may also choose to ignore the received information.
7.3.1. Server Capability 7.3.2.2. Error Conditions
The Server Capability query allows an ALTO Client to determine the If an ALTO Client does not receive a successful response from the
available operations of a particular ALTO Server ALTO Server, it can either choose another server or fall back to a
default behavior (e.g., perform peer selection without the use of
ALTO information).
This query MUST be supported. 7.4. HTTP Usage
7.3.1.1. Query 7.4.1. Authentication and Encryption
Method : 'GET' An ALTO Server MAY support SSL/TLS to implement server and/or client
URI Path : '/capability' authentication, as well as encryption.
7.3.1.2. Example Response Structure An ALTO Server MAY support HTTP Digest authentication.
7.4.2. Cookies
Cookies MUST NOT be used.
7.4.3. Caching Parameters
If the Response generated by the ALTO Server is cachable, the ALTO
Server MAY include 'Cache-Control' and 'Expires' HTTP headers.
If a Response generated by the ALTO Server is not cachable, the ALTO
Server MUST specify the "Cache-Control: no-cache" HTTP Header.
7.5. ALTO Requests
This section documents the individual operations supported in the
ALTO Protocol. See Section 7.2.2 and Section 7.2.3 for
specifications of HTTP Request/Response components common to all
operations in the ALTO Protocol.
Table 1 provides an summary of the HTTP Method and URI-Paths used for
ALTO Requests:
+-------------------+-------------+----------------------------+
| Service | Operation | HTTP Method and URI-Path |
+-------------------+-------------+----------------------------+
| Server Capability | Lookup | GET /capability |
| | | |
| Map | Network Map | GET /map/core/pid/net |
| Map | Cost Map | GET /map/core/cost |
| | | |
| Map Filtering | Network Map | POST /map/filter/pid/net |
| Map Filtering | Cost Map | POST /map/filter/pid/cost |
| | | |
| Endpoint Prop. | Lookup | GET /endpoint/prop/<name> |
| | | POST /endpoint/prop/lookup |
| | | |
| Endpoint Cost | Lookup | POST /endpoint/cost/lookup |
+-------------------+-------------+----------------------------+
Table 1: Overview of ALTO Requests
7.5.1. Server Capability
The Server Capability request allows an ALTO Client to determine the
functionality supported by a particular ALTO Server and references to
additional ALTO Servers provided by the ALTO Service Provider.
This operation MUST be supported by the ALTO Server.
7.5.1.1. Request Syntax
GET /capability HTTP/1.1
Host: <Host>
7.5.1.2. Response Syntax
HTTP/1.1 200 <StatusMsg>
Content-Length: <BodyLength>
Content-Type: application/alto
<ALTOResponse>
where the ALTOResponse object has "type" member equal to the string
"capability" and "data" member of type RspCapability:
enum {
map,
map_filtering,
endpoint_property,
endpoint_cost
} ServiceType; [Note: encoded as JSONString's]
struct {
JSONString type;
JSONString units;
} CostTypeDesc;
struct {
JSONString uri;
JSONNumber version;
ServiceType services<0..*>;
CostTypeDesc cost_types<0..*>; [OPTIONAL]
JSONBool cost_constraints; [OPTIONAL]
} ServerConfig;
struct {
JSONString certificate; [OPTIONAL]
} ServerMeta;
struct {
ServerConfig server_list<0..*>;
ServerMeta self;
} RspCapability;
RspCapability has members:
o server_list: Array of available ALTO Servers, detailing the URI
endpoint, version, and basic capabilities provided by each. The
array must at least contain an entry corresponding to the ALTO
Server at the URI from which it is retrieving capability
information.
o self: Object encoding additional details about the ALTO Server
itself.
ServerConfig has members:
o uri: Denotes the base HTTP URI for the ALTO Server. For example,
"http://alto-v1.example.com:6671"
o version: Denotes the protocol version implemented by the ALTO
Server.
o services: Lists the services supported by the ALTO Server. The
service names defined in this document are are "map",
"map_filtering", "endpoint_property", and "endpoint_cost".
o cost_types: Array of cost type information for additional
supported ALTO Cost types, detailing the name and units for each
supported additional type. [[Comment.3: Need to discuss IANA
implications or alternate approaches.]]
o cost_constraints: Indicates if the ALTO Server supports cost
constraints. The value 'false' is implied if this member is not
present.
ServerMeta has members:
o certificate: PEM-encoded X.509 certificate used by the ALTO Server
to sign distributed information (see Section 7.6).
7.5.1.3. Example
GET /capability HTTP/1.1
Host: alto.example.com:6671
HTTP/1.1 200 OK
Content-Length: [TODO]
Content-Type: application/alto
{ {
"instance-name": "alto.example.com", "meta" : {
"uri": "http:\/\/alto.example.com:6671", "version" : 1
"cost": [ },
{"type":"latency", "units":"ms"}, "type" : "capability",
{"type":"pDistance","units":"scalar"}, "data" : {
{"type":"bandwidth","units":"kbps"} "server_list" : [
], {
"constraint-support": false "uri": "http://alto.example.com:6671",
"version" : 1,
"services" : [ "map", "map-filtering" ],
"cost_types": [
{ "type":"latency", "units":"ms" },
{ "type":"pDistance", "units":"scalar" },
{ "type":"bandwidth", "units":"kbps" }
],
"cost_constraints": false
}
]
}
} }
7.3.2. Map Service 7.5.2. Map Service
The Map Service provides batch information to ALTO Clients in the The Map Service provides batch information to ALTO Clients in the
form of two maps: a Network Map and Cost Map. All queries in the Map form of two maps: a Network Map and Cost Map.
Service MUST be supported.
7.3.2.1. Network Map An ALTO Server MUST support the Map Service and MUST implement all
operations defined in this section.
The full Network Map is an instantiation of the Reverse Property 7.5.2.1. Network Map
Lookup where the ALTO Server lists for each PID, the network
locations (endpoints) within the PID.
7.3.2.1.1. Query The full Network Map lists for each PID, the network locations
(endpoints) within the PID.
Method : 'GET' 7.5.2.1.1. Request Syntax
URI Path : '/prop/pid/map'
7.3.2.1.2. Example Response Structure GET /map/core/pid/net HTTP/1.1
Host: <Host>
7.5.2.1.2. Response Syntax
HTTP/1.1 200 <StatusMsg>
Content-Length: <BodyLength>
Content-Type: application/alto
<ALTOResponse>
where the ALTOResponse object has "type" member equal to the string
"network_map" and "data" member of type RspNetworkMap:
struct {
CIDRString [pidname]<0..*>;
...
} NetworkMapData;
struct {
JSONString map_vtag;
NetworkMapData map;
} RspNetworkMap;
RspNetworkMap has members:
o map_vtag: The Version Tag of the Network Map (Section 5.3)
o map: The network map data itself.
NetworkMapData is a JSON object with each member representing a
single PID and its associated set of IP Prefixes (encoded as a string
in CIDR notation). A member's name is a JSONString denoting the
PID's name.
7.5.2.1.3. Example
GET /map/core/pid/net HTTP/1.1
Host: alto.example.com:6671
HTTP/1.1 200 OK
Content-Length: [TODO]
Content-Type: application/alto
{ {
"PID1" : [ "meta" : {
"128.36.1.0/24", "version" : 1
"132.130.1.0/24", },
"132.130.2.0/24" "type" : "network_map",
], "data" : {
"PID2" : [ "130.132.3.0/24" ], "map_vtag" : "1266506139",
"PID3" : [ "0.0.0.0/0" ] "map" : {
"PID1" : [
"192.0.2.0/24",
"198.51.100.0/25"
],
"PID2" : [
"198.51.100.128/25"
],
"PID3" : [
"0.0.0.0/0"
]
}
}
} }
7.3.2.2. Cost Map 7.5.2.2. Cost Map
The full Cost Map is an instantiation of the Path Rating Query where The Map Service Cost Map query is a batch operation in which the ALTO
the ALTO Server lists for each pair of source/destination PID, the Server returns the Path Cost for each pair of source/destination PID
Path Cost from the source to destination. defined by the ALTO Server.
ALTO Server provides costs using the default Cost Type The ALTO Server provides costs using the default Cost Type
('routingcost') and default Cost Mode ('numerical'). ('routingcost') and default Cost Mode ('numerical').
7.3.2.2.1. Query 7.5.2.2.1. Request Syntax
Method : 'GET' GET /map/core/pid/cost HTTP/1.1
URI Path : '/cost/pid/map' Host: <Host>
7.3.2.2.2. Example Response Structure 7.5.2.2.2. Response Syntax
HTTP/1.1 200 <StatusMsg>
Content-Length: <BodyLength>
Content-Type: application/alto
<ALTOResponse>
where the ALTOResponse object has "type" member equal to the string
"cost_map" and "data" member of type RspCostMap:
struct DstCosts {
JSONNumber [dstname];
...
};
struct {
DstCosts [srcname]<0..*>;
...
} CostMapData;
struct {
JSONString map_vtag;
JSONString cost_type;
JSONString cost_mode;
CostMapData map;
} RspCostMap;
RspCostMap has members:
o map_vtag: The Version Tag of the Network Map used to generate the
Cost Map (Section 5.3).
o cost_type: Cost Type used in the map (Section 5.1.1)
o cost_mode: Cost Mode used in the map (Section 5.1.2)
o map: The cost map data itself.
CostMapData is a JSON object with each member representing a single
Source PID. For each Source PID, a DstCosts structure denotes the
associated cost to a set of destination PIDs (Section 5.2). DstCosts
has a single member for each destination PID in the map.
7.5.2.2.3. Example
GET /map/core/pid/cost HTTP/1.1
Host: alto.example.com:6671
HTTP/1.1 200 OK
Content-Length: [TODO]
Content-Type: application/alto
{ {
"Type": "routingcost", "meta" : {
"Mode": "numerical", "version" : 1
"Map" : { },
"PID1": { "PID1": 1, "PID2": 5 , "PID3": 10 }, "type" : "cost_map",
"PID2": { "PID1": 5 , "PID2": 1 , "PID3": 15 }, "data" : {
"PID3": { "PID1": 20, "PID2": 15, "PID3": 1 } "map_vtag" : "1266506139",
} "cost_type" : "routingcost",
"cost_mode" : "numerical",
"map" : {
"PID1": { "PID1": 1, "PID2": 5, "PID3": 10 },
"PID2": { "PID1": 5, "PID2": 1, "PID3": 15 },
"PID3": { "PID1": 20, "PID2": 15, "PID3": 1 }
}
}
} }
7.3.3. Map Filtering Service 7.5.3. Map Filtering Service
The Map Filtering Service allows ALTO Clients to specify filtering The Map Filtering Service allows ALTO Clients to specify filtering
criteria to return a subset of the full maps available in the Map criteria to return a subset of the full maps available in the Map
Service. Service.
The services defined in this section are OPTIONAL. An ALTO Server MAY support the Map Filtering Service. If an ALTO
Server supports the Map Filtering Service, all operations defined in
this section MUST be implemented.
7.3.3.1. Network Map 7.5.3.1. Network Map
ALTO Clients can query for a subset of the full network map (see ALTO Clients can query for a subset of the full network map (see
Section 7.3.2.1). Section 7.5.2.1).
7.3.3.1.1. Query 7.5.3.1.1. Request Syntax
Method : 'POST' POST /map/filter/pid/net HTTP/1.1
URI Path : '/prop/pid/filter' Host: <Host>
Content-Length: <BodyLength>
7.3.3.1.2. Example Request Structure <ReqNetworkMap>
POST /prop/pid/filter ... where:
[ "PID1", "PID2" ] struct {
JSONString pids<0..*>;
} ReqNetworkMap;
7.3.3.1.3. Example Response Structure The Body of the request encodes an array of PIDs to be included in
the resulting Network Map. If the list of PIDs is empty, the ALTO
Server MUST interpret the list as if it contained a list of all
currently-defined PIDs.
7.5.3.1.2. Response Syntax
The Response syntax is identical to that of the Map Service's Network
Map Response (Section 7.5.2.1.2).
The ALTO Server MUST only include PIDs in the Response that were
specified (implicitly or explicitly) in the Request. If the Request
contains a PID name that is not currently defined by the ALTO Server,
the ALTO Server MUST behave as if the PID did not appear in the
request.
7.5.3.1.3. Example
POST /map/filter/pid/net HTTP/1.1
Host: alto.example.com:6671
Content-Length: <BodyLength>
{ {
"PID1" : [ pids: [ "PID1", "PID2" ]
"128.36.1.0/24",
"132.130.1.0/24",
"132.130.2.0/24"
],
"PID2" : [ "130.132.3.0/24" ],
"PID3" : [ "0.0.0.0/0" ]
} }
7.3.3.2. Cost Map HTTP/1.1 200 OK
Content-Length: [TODO]
Content-Type: application/alto
ALTO Clients can query for the Cost Map (see Section 7.3.2.2) based {
"meta" : {
"version" : 1
},
"type" : "network_map",
"data" : {
"map_vtag" : "1266506139",
"map" : {
"PID1" : [
"192.0.2.0/24",
"198.51.100.0/24",
],
"PID2" : [
"198.51.100.128/24",
]
}
}
}
7.5.3.2. Cost Map
ALTO Clients can query for the Cost Map (see Section 7.5.2.2) based
on additional parameters. on additional parameters.
7.3.3.2.1. Query 7.5.3.2.1. Request Syntax
Method : 'POST' POST /map/filter/pid/cost?<URI-Query-String> HTTP/1.1
URI Path : '/cost/pid/filter' Host: <Host>
URI QS Params : 'type=[costtype]' (multiplicity: 0..1)
'mode=[costmode]' (multiplicity: 0..1)
'constraint=[constraint]' (multiplicity: 0..*)
The 'constraint' parameter is optional and is to be used only if the <ReqCostMap>
ALTO service supports it. It allows a client to specify a target
numerical cost. The constraint contains two entities: (1) an
operator either 'gt' for greater than , 'lt' for less than or 'eq'
for equal to with 10 percent on either side, (2) a target numerical
cost. The numerical cost is a number that MUST be defined in the
units specified in the ALTO service configuration document obtained
from ALTO service discovery. If multiple 'constraint' parameters are
specified, the ALTO Server assumes they are related to each other
with a logical AND.
If the query does not specify the 'type' and 'mode' query string where:
parameters, then the server assumes the type to be 'routingcost' and
the mode to be 'numerical'. A Query MUST contain no more than one
'type' parameter, and no more than one 'mode' parameter.
The request body MAY specify a list of source PIDs, and a list of struct {
destination PIDs. If a list is empty, it is interpreted by the ALTO JSONString srcs<0..*>;
Server as the full set of PIDs. The ALTO Server returns costs JSONString dsts<0..*>;
between each pair of source/destination PID. } ReqCostMap;
7.3.3.2.2. Example Request Structure The Query String may contain the following parameters:
POST /cost/pid/filter o type: The requested Cost Type (Section 5.1.1). If not specified,
the default value is "routingcost". This parameter MUST NOT be
specified multiple times.
o mode: The requested Cost mode (Section 5.1.2). If not specified,
the default value is "numerical". This parameter MUST NOT be
specified multiple times.
o constraint: Defines a constraint on which elements of the Cost Map
are returned. This parameter MUST NOT be used if the Server
Capability Response (Section 7.5.1) indicates that constraint
support is not available. A constraint contains two entities
separated by whitespace (before URL encoding): (1) an operator
either 'gt' for greater than , 'lt' for less than or 'eq' for
equal to with 10 percent on either side, (2) a target numerical
cost. The numerical cost is a number that MUST be defined in the
units specified in the Server Capability Response. If multiple
'constraint' parameters are specified, the ALTO Server assumes
they are related to each other with a logical AND. If no
'constraint' parameters are specified, then the ALTO Server
returns the full Cost Map.
The Request body MAY specify a list of Source PIDs, and a list of
Destination PIDs. If a list is empty, it is interpreted by the ALTO
Server as the full set of currently-defined PIDs. The ALTO Server
returns costs between each pair of source/destination PID. If the
Request body is empty, both lists are interpreted to be empty.
7.5.3.2.2. Response Syntax
The Response syntax is identical to that of the Map Service's Cost
Map Response (Section 7.5.2.2.2).
The Response MUST NOT contain any source/destination pair that was
not indicated (implicitly or explicitly) in the Request. If the
Request contains a PID name that is not currently defined by the ALTO
Server, the ALTO Server MUST behave as if the PID did not appear in
the request.
7.5.3.2.3. Example
POST /map/filter/pid/cost?type=hopcount HTTP/1.1
Host: alto.example.com:6671
{ {
"src": [ "PID1" ], "srcs" : [ "PID1" ],
"dst": [ "PID1", "PID2", "PID3" ] "dsts" : [ "PID1", "PID2", "PID3" ]
} }
7.3.3.2.3. Example Response Structure HTTP/1.1 200 OK
Content-Length: [TODO]
Content-Type: application/alto
{ {
"Type": "routingcost", "meta" : {
"Mode": "numerical", "version" : 1
"Map" : { },
"PID1": { "PID1" : 1, "PID2": 5 , "PID3": 10 }, "type" : "cost_map",
} "data" : {
"map_vtag" : "1266506139",
"cost_type" : "hopcount",
"cost_mode" : "numerical",
"map" : {
"PID1": { "PID1": 0, "PID2": 1, "PID3": 2 }
}
}
} }
7.3.4. Endpoint Property Service 7.5.4. Endpoint Property Service
The Endpoint Property Lookup query allows an ALTO Client to query for The Endpoint Property Lookup query allows an ALTO Client to lookup
properties of Endpoints known to the ALTO Server. If the ALTO Server properties of Endpoints known to the ALTO Server. If the ALTO Server
provides the Endpoint Property Service, the ALTO Server MUST define provides the Endpoint Property Service, the ALTO Server MUST define
at least the 'pid' property for Endpoints. Additional supported at least the 'pid' property for Endpoints. [TODO: Additional
properties can be defined in the Server Capability response. supported properties can be defined in the Server Capability
response.]
The services defined in this section are OPTIONAL. An ALTO Server MAY support the Endpoint Property Service. If an ALTO
Server supports the Endpoint Property Service, all operations defined
in this section MUST be implemented.
7.3.4.1. Query 7.5.4.1. Endpoint Property Lookup
7.5.4.1.1. Request Syntax
Method : 'POST' POST /endpoint/prop/lookup?<URI-Query-String> HTTP/1.1
URI Path : '/endpoint/m' Host: <Host>
URI QS Params : 'prop=[propertyname]' (multiplicity: 1..*) Content-Length: <BodyLength>
The request body includes a list of Endpoints for which the property <ReqEndpointProp>
value should be returned. If the request body is empty, the ALTO
Server implicitly assumes that the request contains a single-element
list with the Endpoint address of the requesting client.
Also note that the 'prop' parameter may be specified multiple times where:
to query for multiple properties simultaneously. For example, the
query string could be 'prop=pid&prop=bandwidth'.
7.3.4.2. Example Request Structure struct {
JSONString endpoints<0..*>;
} ReqEndpointProp;
POST /endpoint/m?prop=pid ... The Query String may contain the following parameters:
[ "ipv4:128.36.1.34" ] o prop: The requested property type. This parameter MUST be
specified at least once, and MAY be specified multiple times
(e.g., to query for multiple different properties at once).
7.3.4.3. Example Response Structure The body encodes a list of endpoints (IP addresses) as strings.
An alternate syntax is supported for the case when properties are
requested for a single endpoint:
GET /endpoint/prop/<Endpoint>?<URI-Query-String> HTTP/1.1
Host: <Host>
where the Query String is the same as in the first form.
7.5.4.1.2. Response Syntax
HTTP/1.1 200 <StatusMsg>
Content-Length: <BodyLength>
Content-Type: application/alto
<ALTOResponse>
where the ALTOResponse object has "type" member equal to the string
"endpoint_property" and "data" member of type RspEndpointProperty:
struct {
JSONString [propertyname];
...
} EndpointProps;
struct {
EndpointProps [endpointname]<0..*>;
...
} RspEndpointProperty;
RspEndpointProperty has one member for each endpoint indicated in the
Request. The requested properties for each endpoint are encoded in a
corresponding EndpointProps object, which encodes one name/value pair
for each requested property. Note that property values are JSON
Strings. If the ALTO Server does not define a requested property for
a particular endpoint, then it MUST omit it from the Response for
only that endpoint.
7.5.4.1.3. Example
POST /endpoint/prop/lookup?prop=pid HTTP/1.1
Host: alto.example.com:6671
Content-Length: [TODO]
{ {
"ipv4:128.36.1.34" : { "pid": "PID1" } "endpoints" : [ "192.0.2.34", "203.0.113.129" ]
} }
7.3.5. Ranking Service HTTP/1.1 200 OK
Content-Length: [TODO]
Content-Type: application/alto
The Ranking Service allows ALTO Clients to supply lists of endpoints {
to an ALTO Server. The ALTO Server replies with costs (numerical or "meta" : <MetaDataObj>,
ordinal) amongst the endpoints. "type" : "endpoint_property",
"data": {
"192.0.2.34" : { "pid": "PID1" },
"203.0.113.129" : { "pid": "PID3" }
}
}
7.5.5. Endpoint Cost Service
The Endpoint Cost Service allows ALTO Clients to directly supply
endpoints to an ALTO Server. The ALTO Server replies with costs
(numerical or ordinal) amongst the endpoints.
In particular, this service allows lists of Endpoint addresses to be In particular, this service allows lists of Endpoint addresses to be
ranked (ordered) by an ALTO Server. ranked (ordered) by an ALTO Server.
The services defined in this section are OPTIONAL. An ALTO Server MAY support the Endpoint Cost Service. If an ALTO
Server supports the Endpoint Cost Service, all operations defined in
this section MUST be implemented.
7.3.5.1. Ranking Query 7.5.5.1. Endpoint Cost Lookup
7.3.5.1.1. Query 7.5.5.1.1. Request Syntax
Method : 'POST' POST /endpoint/cost/lookup?<URI-Query-String> HTTP/1.1
URI Path : '/cost/endpoint/ranking' Host: <Host>
URI QS Params : 'type=[costtype]' (multiplicity: 0..1) Content-Length: <BodyLength>
'mode=[costmode]' (multiplicity: 0..1)
'constraint=[constraint]' (multiplicity: 0..*) <ReqCostMap>
The request body includes a list of source and destination endpoints The request body includes a list of source and destination endpoints
that should be assigned a cost by the ALTO Server. The 'type', that should be assigned a cost by the ALTO Server. The allowed Query
'mode', and 'constraint' parameters behave as specified in String parameters are defined identically to Section 7.5.3.2.
Section 7.3.3.2.
The request body MUST specify a list of source Endpoints, and a list The request body MUST specify a list of source Endpoints, and a list
of destination Endpoints. If the list of source Endpoints is empty of destination Endpoints, using an structure identical to
(or it is not included), the ALTO Server MUST treat it as if it Section 7.5.3.2 with the exception that identifiers are endpoints
contained the Endpoint address of the requesting client. The list of instead of PIDs. If the list of source Endpoints is empty (or it is
destination Endpoints MUST NOT be empty. The ALTO Server returns not included), the ALTO Server MUST treat it as if it contained the
costs between each pair of source/destination Endpoint. Endpoint address of the requesting client. The list of destination
Endpoints MUST NOT be empty. The ALTO Server returns costs between
each pair of source/destination Endpoint.
7.3.5.1.2. Example Request Structure 7.5.5.1.2. Response Syntax
POST /cost/endpoint/ranking?mode=ordinal ... HTTP/1.1 200 <StatusMsg>
Content-Length: <BodyLength>
Content-Type: application/alto
<ALTOResponse>
where ALTOResponse is encoded identically to Section 7.5.2.2.2 with
the following exceptions:
o ALTO Response's "type" member must be equal to
"endpoint_cost_map",
o The "map_vtag" member of RspCostMap MUST be omitted, and
o Identifiers refer to endpoints instead of PIDs.
7.5.5.1.3. Example
POST /endpoint/cost/lookup?mode=ordinal HTTP/1.1
Host: alto.example.com:6671
Content-Length: [TODO]
{ {
"src": "ipv4:128.30.24.2" "src": [ "192.0.2.2" ],
"dst": [ "dst": [ "192.0.2.89", "198.51.100.34", "203.0.113.45" ]
"ipv4:128.30.24.89",
"ipv4:12.32.67.3",
"ipv4:130.132.33.4"
]
} }
7.3.5.1.3. Example Response Structure HTTP/1.1 200 OK
Content-Length: [TODO]
Content-Type: application/alto
{ {
"Type": "routingcost", "meta" : {
"Mode": "ordinal", "version" : 1
"Ranking" : { },
"ipv4:128.30.24.2": { "type" : "endpoint_cost_map",
"ipv4:128.30.24.89" : 1, "data" : {
"ipv4:130.132.33.4" : 2, "cost-type" : "routingcost",
"ipv4:12.32.67.3" : 3 "cost-mode" : "ordinal",
} "map" : {
} "192.0.2.2": {
"192.0.2.89" : 1,
"198.51.100.34" : 2,
"203.0.113.45" : 3
}
}
}
} }
7.6. Redistributable Responses
An ALTO Server MAY indicate that a response is suitable for
redistribution by including the "redistribution" member in the
RspMetaData JSON object of an ALTO Response message. This additional
member has type RspRedistInfo:
struct {
JSONString server;
JSONString request_uri;
JSONValue request_body;
JSONString expires;
} RspRedistInfo;
If an ALTO Server indicates the that the response is redistributable,
the Response message MUST satisfy all requirements in this section.
7.6.1. Server and Request Parameters
The ALTO Server generating the response indicates its own address and
any input parameters used to generate the response. This allows ALTO
Clients to which the information is distributed to understand the
context of the query and interpret the results. This information is
encoded in the RspRedistInfo JSON Object.
The 'server' member is REQUIRED and MUST have a value equal to the
ALTO Server's hostname and port, in a format identical to the HTTP
1.1 Host header.
The 'request_uri' member is REQUIRED and MUST specify the HTTP
Request-URI that was passed in the HTTP Request.
If the HTTP Request body was non-empty, the 'request_body' member
MUST specify full JSON value passed in the HTTP Request (note that
whitespace may differ, as long as the JSON Value is identical). If
the HTTP Request was empty, then the 'request_body' MUST NOT be
included.
Note that information about ALTO Client performing the Request and
any HTTP Headers passed in the request are not included. If any such
information or headers influence the response generated by the ALTO
Server, the response SHOULD NOT be indicated as redistributable.
7.6.2. Expiration Time
ALTO Responses marked as redistributable SHOULD indicate a time after
which the information is considered stale and should be refreshed
from the ALTO Server (or possibly another ALTO Client).
The 'expires' element is RECOMMENDED and, if present, MUST specify a
time in UTC formatted according to [5].
If an expiration time is present, the ALTO Server SHOULD ensure that
it is reasonably consistent with the expiration time that would be
computed by HTTP header fields. If the expiration time in the
'expires' element is earlier, some ALTO Clients may refresh data from
the ALTO Server earlier than expected. If the expiration time
included in the response body is later, some ALTO Clients may refresh
the data later than expected.
7.6.3. Signature
ALTO Responses marked as redistributable MUST include a signature
used to assert that the ALTO Server Provider generated the ALTO
Information.
Verification of the signature requires the ALTO Client to retrieve
the ALTO Server's public key. There are multiple possibilities to
retrieve it:
o SSL/TLS connection with the ALTO Server: The public key algorithm
and public key may be retrieved from the ALTO Server's X.509
Certificate used on an HTTPS connection between the ALTO Server
and ALTO Client.
o Included in ALTO Server's Server Capability Response: If the ALTO
Client requests from the ALTO Server over a non SSL/TLS
connection, an X.509 certificate (including the public key and
public key algorithm) can be included in the Server Capability
Response.
To reduce requirements on the underlying transport (i.e., requiring
SSL/TLS), the ALTO Protocol uses the latter option. Thus, if an ALTO
Server marks any Response as redistributable, the Server Capability
Response MUST include a PEM-encoded X.509 certificate. This
specification does not mandate any requirements on the X.509
certificate (other than consistency between its public key and the
signature in redistributable ALTO Responses), but ALTO Clients SHOULD
verify that the certificate satisfies any local policies (e.g.,
Issuer, expiration date, etc).
The ALTO Server may include the Hash Algorithm, Signature Algorithm,
and Signature in either HTTP Headers or Trailers. Headers may be
useful if Responses are pre-generated, while Trailers may be useful
if Responses are dynamically generated (e.g., to avoid buffering
large responses in memory while the hash value is computed).
The following HTTP Headers (the ALTO Server MAY specify them as HTTP
Trailers) are used to encode the Signature parameters:
X-ALTO-HashAlgorithm: <HashAlgorithm>
X-ALTO-SignatureAlgorithm: <SignatureAlgorithm>
X-ALTO-SignatureDigest: <Signature>
where <HashAlgorithm> and <SignatureAlgorithm> are an integer values
from the IANA TLS HashAlgorithm and SignatureAlgorithm registries,
and <Signature> is the corresponding PEM-encoded signature.
ALTO Clients SHOULD pass the ALTO Server Certificate, Signature, and
Signature Algorithm along with the body of the ALTO Response. The
mechanism for redistributing such information is not specified by the
ALTO Protocol, but one possibility is to add additional messages or
fields to the application's native protocol.
8. Use Cases 8. Use Cases
The sections below depict typical use cases. The sections below depict typical use cases.
8.1. ALTO Client Embedded in P2P Tracker 8.1. ALTO Client Embedded in P2P Tracker
Many P2P currently-deployed P2P systems use a Tracker to manage Many P2P currently-deployed P2P systems use a Tracker to manage
swarms and perform peer selection. P2P trackers may currently use a swarms and perform peer selection. P2P trackers may currently use a
variety of information to perform peer selection to meet application- variety of information to perform peer selection to meet application-
specific goals. By acting as an ALTO Client, an P2P tracker can use specific goals. By acting as an ALTO Client, an P2P tracker can use
skipping to change at page 24, line 36 skipping to change at page 40, line 8
| Peer 50 | <------------------ | Peer 50 | <------------------
`---------' `---------'
Figure 3: ALTO Client Embedded in P2P Tracker Figure 3: ALTO Client Embedded in P2P Tracker
Figure 3 shows an example use case where a P2P tracker is an ALTO Figure 3 shows an example use case where a P2P tracker is an ALTO
Client and applies ALTO information when selecting peers for its P2P Client and applies ALTO information when selecting peers for its P2P
clients. The example proceeds as follows: clients. The example proceeds as follows:
1. The P2P Tracker requests the Network Map covering all PIDs from 1. The P2P Tracker requests the Network Map covering all PIDs from
the ALTO Server using the Reverse Property Lookup query. The the ALTO Server using the Network Map query. The Network Map
Network Map includes the IP prefixes contained in each PID, includes the IP prefixes contained in each PID, allowing the P2P
allowing the P2P tracker to locally map P2P clients into a PIDs. tracker to locally map P2P clients into a PIDs.
2. The P2P Tracker requests the Cost Map amongst all PIDs from the 2. The P2P Tracker requests the Cost Map amongst all PIDs from the
ALTO Server. ALTO Server.
3. A P2P Client joins the swarm, and requests a peer list from the 3. A P2P Client joins the swarm, and requests a peer list from the
P2P Tracker. P2P Tracker.
4. The P2P Tracker returns a peer list to the P2P client. The 4. The P2P Tracker returns a peer list to the P2P client. The
returned peer list is computed based on the Network Map and Cost returned peer list is computed based on the Network Map and Cost
Map returned by the ALTO Server, and possibly other information Map returned by the ALTO Server, and possibly other information
skipping to change at page 27, line 14 skipping to change at page 42, line 44
3. The P2P Client connects to the peers in the order specified in 3. The P2P Client connects to the peers in the order specified in
the ranking. the ranking.
9. Discussions 9. Discussions
9.1. Discovery 9.1. Discovery
The particular mechanism by which an ALTO Client discovers its ALTO The particular mechanism by which an ALTO Client discovers its ALTO
Server is an important component to the ALTO architecture and Server is an important component to the ALTO architecture and
numerous techniques have been discussed [13] [14]. However, the numerous techniques have been discussed [15] [16]. However, the
discovery mechanism is out of scope for this document. discovery mechanism is out of scope for this document.
Some ISPs have proposed the possibility of delegation, in which an Some ISPs have proposed the possibility of delegation, in which an
ISP provides information for customer networks which do not wish to ISP provides information for customer networks which do not wish to
run Portal Servers themselves. A consideration for delegation is run Portal Servers themselves. A consideration for delegation is
that customer networks may wish to explicitly configure such that customer networks may wish to explicitly configure such
delegation. delegation.
9.2. Network Address Translation Considerations 9.2. Network Address Translation Considerations
At this day and age of NAT v4<->v4, v4<->v6 [15], and possibly At this day and age of NAT v4<->v4, v4<->v6 [17], and possibly
v6<->v6[16], a protocol should strive to be NAT friendly and minimize v6<->v6[18], a protocol should strive to be NAT friendly and minimize
carrying IP addresses in the payload, or provide a mode of operation carrying IP addresses in the payload, or provide a mode of operation
where the source IP address provide the information necessary to the where the source IP address provide the information necessary to the
server. server.
The protocol specified in this document provides a mode of operation The protocol specified in this document provides a mode of operation
where the source NL-ID is computed by the ALTO Server (via the where the source network location is computed by the ALTO Server (via
Endpoint Property Lookup interface) from the source IP address found the Endpoint Property Lookup interface) from the source IP address
in the ALTO Client query packets. This is similar to how some P2P found in the ALTO Client query packets. This is similar to how some
Trackers (e.g., BitTorrent Trackers - see "Tracker HTTP/HTTPS P2P Trackers (e.g., BitTorrent Trackers - see "Tracker HTTP/HTTPS
Protocol" in [17]). Protocol" in [19]) operate.
The ALTO client SHOULD use the Session Traversal Utilities for NAT The ALTO client SHOULD use the Session Traversal Utilities for NAT
(STUN) [4] to determine a public IP address to use as a source NL-ID. (STUN) [6] to determine a public IP address to use as a source NL-ID.
If using this method, the host MUST use the "Binding Request" message If using this method, the host MUST use the "Binding Request" message
and the resulting "XOR-MAPPED-ADDRESS" parameter that is returned in and the resulting "XOR-MAPPED-ADDRESS" parameter that is returned in
the response. Using STUN requires cooperation from a publicly the response. Using STUN requires cooperation from a publicly
accessible STUN server. Thus, the ALTO client also requires accessible STUN server. Thus, the ALTO client also requires
configuration information that identifies the STUN server, or a configuration information that identifies the STUN server, or a
domain name that can be used for STUN server discovery. To be domain name that can be used for STUN server discovery. To be
selected for this purpose, the STUN server needs to provide the selected for this purpose, the STUN server needs to provide the
public reflexive transport address of the host. public reflexive transport address of the host.
9.3. Mapping IPs to ASNs 9.3. Mapping IPs to ASNs
skipping to change at page 28, line 17 skipping to change at page 43, line 43
It may be desired for the ALTO Protocol to provide ALTO information It may be desired for the ALTO Protocol to provide ALTO information
including ASNs. Thus, ALTO Clients may need to identify the ASN for including ASNs. Thus, ALTO Clients may need to identify the ASN for
a Resource Provider to determine the cost to that Resource Provider. a Resource Provider to determine the cost to that Resource Provider.
Applications can already map IPs to ASNs using information from a BGP Applications can already map IPs to ASNs using information from a BGP
Looking Glass. To do so, they must download a file of about 1.5MB Looking Glass. To do so, they must download a file of about 1.5MB
when compressed (as of October 2008, with all information not needed when compressed (as of October 2008, with all information not needed
for IP to ASN mapping removed) and periodically (perhaps monthly) for IP to ASN mapping removed) and periodically (perhaps monthly)
refresh it. refresh it.
Alternatively, Reverse Property Lookup query defined in this document Alternatively, the Network Map query in the Map Filtering Service
could be extended to map ASNs into a set of IP prefixes. The defined in this document could be extended to map ASNs into a set of
mappings provided by the ISP would be both smaller and more IP prefixes. The mappings provided by the ISP would be both smaller
authoritative. and more authoritative.
For simplicity of implementation, it's highly desirable that clients For simplicity of implementation, it's highly desirable that clients
only have to implement exactly one mechanism of mapping IPs to ASNs. only have to implement exactly one mechanism of mapping IPs to ASNs.
9.4. Endpoint and Path Properties 9.4. Endpoint and Path Properties
An ALTO Server could make available many properties about Endpoints An ALTO Server could make available many properties about Endpoints
beyond their network location or grouping. For example, connection beyond their network location or grouping. For example, connection
type, geographical location, and others may be useful to type, geographical location, and others may be useful to
applications. The current draft focuses on network location and applications. The current draft focuses on network location and
skipping to change at page 28, line 48 skipping to change at page 44, line 28
from an ALTO Server. Specifically, the application must select which from an ALTO Server. Specifically, the application must select which
peers to use based on this and other sources of information. With peers to use based on this and other sources of information. With
this in mind, the usage of ALTO Costs is intentionally flexible, this in mind, the usage of ALTO Costs is intentionally flexible,
because: because:
Different applications may use the information differently. For Different applications may use the information differently. For
example, an application that connects to just one address may have example, an application that connects to just one address may have
a different algorithm for selecting it than an application that a different algorithm for selecting it than an application that
connects to many. connects to many.
Though initial experiments have been conducted [18], more Though initial experiments have been conducted [20], more
investigation is needed to identify other methods. investigation is needed to identify other methods.
In addition, the application might account for robustness, perhaps In addition, the application might account for robustness, perhaps
using randomized exploration to determine if it performs better using randomized exploration to determine if it performs better
without ALTO information. without ALTO information.
9.5.1. Client-based Peer Selection 9.5.1. Client-based Peer Selection
One possibility is for peer selection using ALTO costs to be done One possibility is for peer selection using ALTO costs to be done
entirely by a P2P client. The following are some techniques have entirely by a P2P client. The following are some techniques have
been proposed and/or used: been proposed and/or used:
o Prefer network locations with lower ordinal rankings (i.e., higher o Prefer network locations with lower ordinal rankings (i.e., higher
priority) [19] [8]. priority) [21] [10].
o Optimistically unchoking low-cost peers with higher probability o Optimistically unchoking low-cost peers with higher probability
[8]. [10].
9.5.2. Server-based Peer Selection 9.5.2. Server-based Peer Selection
Another possibility is for ALTO costs to be used by an Application Another possibility is for ALTO costs to be used by an Application
Tracker (e.g., BitTorrent Tracker) when returning peer lists. The Tracker (e.g., BitTorrent Tracker) when returning peer lists. The
following are techniques that have been proposed and/or used: following are techniques that have been proposed and/or used:
o Using bandwidth matching (e.g., at an Application Tracker) and o Using bandwidth matching (e.g., at an Application Tracker) and
choosing solution (within bound of optimal) with minimal network choosing solution (within bound of optimal) with minimal network
cost [18]. cost [20].
10. IANA Considerations 10. IANA Considerations
This document request the registration of a new media type: This document request the registration of a new media type:
"application/alto" "application/alto"
11. Security Considerations 11. Security Considerations
11.1. ISPs 11.1. Privacy Considerations for ISPs
ISPs must be cognizant of the network topology and provisioning ISPs must be cognizant of the network topology and provisioning
information provided through ALTO Interfaces. ISPs should evaluate information provided through ALTO Interfaces. ISPs should evaluate
how much information is revealed and the associated risks. In how much information is revealed and the associated risks. On the
particular, providing overly fine-grained information may make it one hand, providing overly fine-grained information may make it
easier for attackers to infer network topology. On the other hand, easier for attackers to infer network topology. In particular,
revealing overly coarse-grained information may not provide benefits attackers may try to infer details regarding ISPs' operational
to network efficiency or performance improvements to ALTO Clients. policies, inter-ISP business relationships, etc. by intenionally
posting a multitude of selective queries to an ALTO server (and
carefully analyzing the responses). Such sophisticated attacks may
reveal more information than an ISP hosting an ALTO server intends to
disclose. On the other hand, revealing overly coarse-grained
information may not provide benefits to network efficiency or
performance improvements to ALTO Clients.
11.2. ALTO Clients 11.2. ALTO Clients
Applications using the information must be cognizant of the Applications using the information must be cognizant of the
possibility that the information is malformed or incorrect. Even possibility that the information is malformed or incorrect. Even if
when it is correct, its use might harm the performance. When an an ALTO Server has been properly authenticated by the ALTO Client,
application concludes that it would get better performance the information provided may be malicious because the ALTO Server and
disregarding the ALTO information, the decision to discontinue the its credentials have been compromised (e.g., through malware). Other
use of ALTO information is likely best left to the user. considerations (e.g., relating to application performance) can be
found in Section 6 of [13].
ALTO Clients should also be cognizant of revealing Network Location ALTO Clients should also be cognizant of revealing Network Location
Identifiers (IP addresses or fine-grained PIDs) to the ALTO Server, Identifiers (IP addresses or fine-grained PIDs) to the ALTO Server,
as doing so may allow the ALTO Server to infer communication as doing so may allow the ALTO Server to infer communication
patterns. One possibility is for the ALTO Client to only rely on patterns. One possibility is for the ALTO Client to only rely on
Network Map for PIDs and Cost Map amongst PIDs to avoid passing IP Network Map for PIDs and Cost Map amongst PIDs to avoid passing IP
addresses of their peers to the ALTO Server. addresses of their peers to the ALTO Server.
11.3. ALTO Information In addition, ALTO clients should be cautious not to unintentionally
or indirectly disclose the resource identifier (of which they try to
improve the retrieval through ALTO-guidance), e.g., the name/
identifier of a certain video stream in P2P live streaming, to the
ALTO server. Note that the ALTO Protocol specified in this document
does not explicitly reveal any resource identifier to the ALTO
Server. However, for instance, depending on the popularity or other
specifics (such as language) of the resource, an ALTO server could
potentially deduce information about the desired resource from
information such as the Network Locations the client sends as part of
its request to the server.
An ALTO Server may optionally use authentication and encryption to 11.3. Authentication, Integrity Protection, and Encryption
protect ALTO information. SSL/TLS can provide encryption as well as
authentication of the client and server. HTTP Basic or Digest SSL/TLS can provide encryption of transmitted messages as well as
authentication of the ALTO Client and Server. HTTP Basic or Digest
authentication can provide authentication of the client (combined authentication can provide authentication of the client (combined
with SSL/TLS, it can additionally provide encryption and with SSL/TLS, it can additionally provide encryption and
authentication of the server). authentication of the server).
An ALTO Server may optionally use authentication (and potentially
encryption) to protect ALTO information it provides. This can be
achieved by digitally signing a hash of the ALTO information itself
and attaching the signature to the ALTO information. There may be
special use cases where encryption of ALTO information is desirable.
In most cases, however, information sent out by an ALTO Server is
most likely to be regarded as non-confidential information.
ISPs should be cognizant that encryption only protects ALTO ISPs should be cognizant that encryption only protects ALTO
information until it is decrypted by the intended ALTO Client. information until it is decrypted by the intended ALTO Client.
Digital Rights Management (DRM) techniques and legal agreements Digital Rights Management (DRM) techniques and legal agreements
protecting ALTO information are outside of the scope of this protecting ALTO information are outside of the scope of this
document. document.
11.4. ALTO Information Redistribution 11.4. ALTO Information Redistribution
It is possible for applications to redistribute ALTO information to It is possible for applications to redistribute ALTO information to
improve scalability. Even with such a distribution scheme, ALTO improve scalability. Even with such a distribution scheme, ALTO
Clients obtaining ALTO information must be able to validate the Clients obtaining ALTO information must be able to validate the
received ALTO information to ensure that it was actually generated by received ALTO information to ensure that it was actually generated by
the correct ALTO Server. Further, to prevent the ALTO Server from the correct ALTO Server. Further, to prevent the ALTO Server from
being a target of attack, the verification scheme must not require being a target of attack, the verification scheme must not require
ALTO Clients to contact the ALTO Server to validate every set of ALTO Clients to contact the ALTO Server to validate every set of
information. information. Note that in any case, contacting the originating ALTO
server for information validation would undermine the intended effect
of redistribution and is therefore not desirable.
Note that the redistribution scheme must additionally handle details Note that the redistribution scheme must additionally handle details
such as ensuring ALTO Clients retrieve ALTO information from the such as ensuring ALTO Clients retrieve ALTO information from the
correct ALTO Server. See [20] and [21] for further discussion. correct ALTO Server. See [22] and [23] for further discussion.
Details of a particular redistribution scheme are outside the scope Details of a particular redistribution scheme are outside the scope
of this document. of this document.
To fulfill these requirements, ALTO Information meant to be To fulfill these requirements, ALTO Information meant to be
redistributable contains a digital signature which includes a hash of redistributable contains a digital signature which includes a hash of
the ALTO information signed by the ALTO Server's private key. The the ALTO information signed by the ALTO Server with its private key.
corresponding public key should either be part of the ALTO The corresponding public key should either be part of the ALTO
information itself, or it could be included in the server capability information itself, or it could be included in the server capability
response. The public key SHOULD include the hostname of the ALTO response. The public key SHOULD include the hostname of the ALTO
Server and it SHOULD be signed by a trusted authority. Server and it SHOULD be signed by a trusted authority (i.e., in a
certificate). This an ALTO client retrieving redistributed ALTO
information to verify the correctness of the ALTO Server's signature,
given that it trusts the authority which signed the ALTO Server's
certificate. Note that in some cases this requires that the
retrieving ALTO Client must be able to derive a transitive
certificate chain (including a Root-CA) to the trusted authority
which signed the ALTO Server's certificate. This requirement may not
be possible to fulfill between every ALTO Client / ALTO Server
combination on the Internet due to the lack of a world-wide public
key infrastructure.
11.5. Denial of Service 11.5. Denial of Service
ISPs should be cognizant of the workload at the ALTO Server generated ISPs should be cognizant of the workload at the ALTO Server generated
by certain ALTO Queries, such as certain queries to the Map Filtering by certain ALTO Queries, such as certain queries to the Map Filtering
Service and Ranking Service. The Map Service allows ALTO Servers to Service and Ranking Service. In particular, queries which can be
pre-generate maps that can be useful to many ALTO Clients. generated with low effort but result in expensive workloads at the
ALTO Server could be exploited for Denial-of-Service attacks. For
instance, a simple ALTO query with n Source Network Locations and m
Destination Network Locations can be generated fairly easily but
results in the computation of n*m Path Costs between pairs by the
ALTO Server (see Section 5.2). One way to limit Denial-of-Service
attacks is to employ access control to the ALTO server. Another
possible mechanism for an ALTO Server to protect itself against a
multitude of computationally expensive bogus requests is to demand
that each ALTO Client to solve a computational puzzle first before
allocating resources for answering a request (see, e.g., [24]). The
current specification the current specification does not use such
computational puzzles, and discussion regarding tradeoffs of such an
approach would be needed before including such a technique in the
ALTO Protocol.
ISPs should also leverage the fact that the the Map Service allows
ALTO Servers to pre-generate maps that can be useful to many ALTO
Clients.
11.6. ALTO Server Access Control
In order to limit access to an ALTO server (e.g., for an ISP to only
allow its users to access its ALTO server, or to prevent Denial-of-
Service attacks by arbitrary hosts from the Internet), an ALTO server
may employ access control policies. Depending on the use-case and
scenario, an ALTO server may restrict access to its services more
strictly or rather openly (see [25] for a more detailed discussion on
this issue).
12. References 12. References
12.1. Normative References 12.1. Normative References
[1] Bradner, S., "Key words for use in RFCs to Indicate Requirement [1] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997. Levels", BCP 14, RFC 2119, March 1997.
[2] Berners-Lee, T., Fielding, R., and H. Nielsen, "Hypertext [2] Berners-Lee, T., Fielding, R., and H. Nielsen, "Hypertext
Transfer Protocol -- HTTP/1.0", RFC 1945, May 1996. Transfer Protocol -- HTTP/1.0", RFC 1945, May 1996.
[3] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., [3] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L.,
Leach, P., and T. Berners-Lee, "Hypertext Transfer Protocol -- Leach, P., and T. Berners-Lee, "Hypertext Transfer Protocol --
HTTP/1.1", RFC 2616, June 1999. HTTP/1.1", RFC 2616, June 1999.
[4] Rosenberg, J., Mahy, R., Matthews, P., and D. Wing, "Session [4] Crockford, D., "The application/json Media Type for JavaScript
Object Notation (JSON)", RFC 4627, July 2006.
[5] Klyne, G., Ed. and C. Newman, "Date and Time on the Internet:
Timestamps", RFC 3339, July 2002.
[6] Rosenberg, J., Mahy, R., Matthews, P., and D. Wing, "Session
Traversal Utilities for (NAT) (STUN)", Traversal Utilities for (NAT) (STUN)",
draft-ietf-behave-rfc3489bis-18 (work in progress), July 2008. draft-ietf-behave-rfc3489bis-18 (work in progress), July 2008.
12.2. Informative References 12.2. Informative References
[5] Kiesel, S., Popkin, L., Previdi, S., Woundy, R., and Y. Yang, [7] Kiesel, S., Popkin, L., Previdi, S., Woundy, R., and Y. Yang,
"Application-Layer Traffic Optimization (ALTO) Requirements", "Application-Layer Traffic Optimization (ALTO) Requirements",
draft-kiesel-alto-reqs-01 (work in progress), November 2008. draft-kiesel-alto-reqs-01 (work in progress), November 2008.
[6] Alimi, R., Pasko, D., Popkin, L., Wang, Y., and Y. Yang, "P4P: [8] Alimi, R., Pasko, D., Popkin, L., Wang, Y., and Y. Yang, "P4P:
Provider Portal for P2P Applications", draft-p4p-framework-00 Provider Portal for P2P Applications", draft-p4p-framework-00
(work in progress), November 2008. (work in progress), November 2008.
[7] Wang, Y., Alimi, R., Pasko, D., Popkin, L., and Y. Yang, "P4P [9] Wang, Y., Alimi, R., Pasko, D., Popkin, L., and Y. Yang, "P4P
Protocol Specification", draft-wang-alto-p4p-specification-00 Protocol Specification", draft-wang-alto-p4p-specification-00
(work in progress), March 2009. (work in progress), March 2009.
[8] Shalunov, S., Penno, R., and R. Woundy, "ALTO Information [10] Shalunov, S., Penno, R., and R. Woundy, "ALTO Information
Export Service", draft-shalunov-alto-infoexport-00 (work in Export Service", draft-shalunov-alto-infoexport-00 (work in
progress), October 2008. progress), October 2008.
[9] Das, S. and V. Narayanan, "A Client to Service Query Response [11] Das, S. and V. Narayanan, "A Client to Service Query Response
Protocol for ALTO", draft-saumitra-alto-queryresponse-00 (work Protocol for ALTO", draft-saumitra-alto-queryresponse-00 (work
in progress), March 2009. in progress), March 2009.
[10] Das, S., Narayanan, V., and L. Dondeti, "ALTO: A Multi [12] Das, S., Narayanan, V., and L. Dondeti, "ALTO: A Multi
Dimensional Peer Selection Problem", Dimensional Peer Selection Problem",
draft-saumitra-alto-multi-ps-00 (work in progress), draft-saumitra-alto-multi-ps-00 (work in progress),
October 2008. October 2008.
[11] Seedorf, J. and E. Burger, "Application-Layer Traffic [13] Seedorf, J. and E. Burger, "Application-Layer Traffic
Optimization (ALTO) Problem Statement", Optimization (ALTO) Problem Statement", RFC 5693, October 2009.
draft-marocco-alto-problem-statement-04 (work in progress),
February 2009.
[12] Yang, Y., Popkin, L., Penno, R., and S. Shalunov, "An [14] Yang, Y., Popkin, L., Penno, R., and S. Shalunov, "An
Architecture of ALTO for P2P Applications", Architecture of ALTO for P2P Applications",
draft-yang-alto-architecture-00 (work in progress), March 2009. draft-yang-alto-architecture-00 (work in progress), March 2009.
[13] Garcia, G., Tomsu, M., and Y. Wang, "ALTO Discovery Protocols", [15] Garcia, G., Tomsu, M., and Y. Wang, "ALTO Discovery Protocols",
draft-wang-alto-discovery-00 (work in progress), March 2009. draft-wang-alto-discovery-00 (work in progress), March 2009.
[14] Song, H., Even, R., Pascual, V., and Y. Zhang, "Application- [16] Song, H., Even, R., Pascual, V., and Y. Zhang, "Application-
Layer Traffic Optimization (ALTO): Discover ALTO Servers", Layer Traffic Optimization (ALTO): Discover ALTO Servers",
draft-song-alto-server-discovery-00 (work in progress), draft-song-alto-server-discovery-00 (work in progress),
March 2009. March 2009.
[15] Baker, F., Li, X., and C. Bao, "Framework for IPv4/IPv6 [17] Baker, F., Li, X., and C. Bao, "Framework for IPv4/IPv6
Translation", draft-baker-behave-v4v6-framework-02 (work in Translation", draft-baker-behave-v4v6-framework-02 (work in
progress), February 2009. progress), February 2009.
[16] Wasserman, M. and F. Baker, "IPv6-to-IPv6 Network Address [18] Wasserman, M. and F. Baker, "IPv6-to-IPv6 Network Address
Translation (NAT66)", draft-mrw-behave-nat66-02 (work in Translation (NAT66)", draft-mrw-behave-nat66-02 (work in
progress), March 2009. progress), March 2009.
[17] "Bittorrent Protocol Specification v1.0", [19] "Bittorrent Protocol Specification v1.0",
http://wiki.theory.org/BitTorrentSpecification, 2009. http://wiki.theory.org/BitTorrentSpecification, 2009.
[18] H. Xie, YR. Yang, A. Krishnamurthy, Y. Liu, and A. [20] H. Xie, YR. Yang, A. Krishnamurthy, Y. Liu, and A.
Silberschatz., "P4P: Provider Portal for (P2P) Applications", Silberschatz., "P4P: Provider Portal for (P2P) Applications",
In SIGCOMM 2008. In SIGCOMM 2008.
[19] Akonjang, O., Feldmann, A., Previdi, S., Davie, B., and D. [21] Akonjang, O., Feldmann, A., Previdi, S., Davie, B., and D.
Saucez, "The PROXIDOR Service", draft-akonjang-alto-proxidor-00 Saucez, "The PROXIDOR Service", draft-akonjang-alto-proxidor-00
(work in progress), March 2009. (work in progress), March 2009.
[20] Yingjie, G., Alimi, R., and R. Even, "ALTO information [22] Yingjie, G., Alimi, R., and R. Even, "ALTO Information
redistribution", draft-gu-alto-redistribution-00 (work in Redistribution", draft-gu-alto-redistribution-02 (work in
progress), October 2009. progress), March 2010.
[21] Stiemerling, M., "ALTO Information Redistribution Considered [23] Stiemerling, M., "ALTO Information Redistribution Considered
Harmful", draft-stiemerling-alto-info-redist-00 (work in Harmful", draft-stiemerling-alto-info-redist-00 (work in
progress), August 2009. progress), August 2009.
Appendix A. Contributors [24] Jennings, C., "Computational Puzzles for SPAM Reduction in
SIP", draft-jennings-sip-hashcash-06 (work in progress),
The people listed here should be viewed as co-authors of the July 2007.
document. Due to the limit of 5 authors per draft the co-authors
were moved to the contributors section at this point.
Obi Akonjang
DT Labs/TU Berlin/
EMail: obi@net.t-labs.tu-berlin.de
Richard Alimi
Yale University
EMail: richard.alimi@yale.edu
Saumitra M. Das
Qualcomm Inc.
EMail: saumitra@qualcomm.com
Syon Ding
China Telecom
EMail: syding@chinatelecom.com
Doug Pasko
Verizon
EMail: pasko@verizon.com
Laird Popkin
Pando Networks
EMail: laird@pando.com
Stefano Previdi
Cisco
EMail: sprevidi@cisco.com
Satish Raghunath
Juniper Networks
satishr@juniper.net
Stanislav Shalunov
BitTorrent
EMail: shalunov@bittorrent.com
Albert Tian [25] Stiemerling, M. and S. Kiesel, "ALTO Deployment
Considerations", draft-stiemerling-alto-deployments-02 (work in
progress), March 2010.
Ericsson/Redback Appendix A. ALTO Protocol Grammar
EMail: alberttian@gmail.com All of the mechanisms specified in this document are described in
both prose and an augmented Backus-Naur Form (BNF) defined in RFC
2234 [10]. Section 6.1 of RFC 2234 defines a set of core rules that
are used by this specification, and not repeated here. Implementers
need to be familiar with the notation and content of RFC 2234 in
order to understand this specification. Certain basic rules are in
uppercase, such as SP, LWS, HTAB, CRLF, DIGIT, ALPHA, etc. Angle
brackets are used within definitions to clarify the use of rule
names.
Yu-Shun Wang TODO
Microsoft Corp. Appendix B. Acknowledgments
yu-shun.wang@microsoft.com Thank you to Jan Seedorf for contributions to the Security
Considerations section.
Richard Woundy We would like to thank the following people whose input and
involvement was indispensable in achieving this merged proposal:
Comcast Obi Akonjang (DT Labs/TU Berlin),
Richard_Woundy@cable.comcast.com Saumitra M. Das (Qualcomm Inc.),
David Zhang Syon Ding (China Telecom),
PPLive Doug Pasko (Verizon),
Laird Popkin (Pando Networks),
davidzhang@pplive.com Satish Raghunath (Juniper Networks),
Yunfei Zhang Albert Tian (Ericsson/Redback),
China Mobile Yu-Shun Wang (Microsoft),
zhangyunfei@chinamobile.com David Zhang (PPLive),
Appendix B. Acknowledgements Yunfei Zhang (China Mobile).
We would like to thank the following additional people who were We would also like to thank the following additional people who were
involved in the projects that contributed to this merged document: involved in the projects that contributed to this merged document:
Alex Gerber (AT&T), Chris Griffiths (Comcast), Ramit Hora (Pando Alex Gerber (AT&T), Chris Griffiths (Comcast), Ramit Hora (Pando
Networks), Arvind Krishnamurthy (University of Washington), Marty Networks), Arvind Krishnamurthy (University of Washington), Marty
Lafferty (DCIA), Erran Li (Bell Labs), Jin Li (Microsoft), Y. Grace Lafferty (DCIA), Erran Li (Bell Labs), Jin Li (Microsoft), Y. Grace
Liu (IBM Watson), Jason Livingood (Comcast), Michael Merritt (AT&T), Liu (IBM Watson), Jason Livingood (Comcast), Michael Merritt (AT&T),
Ingmar Poese (DT Labs/TU Berlin), James Royalty (Pando Networks), Ingmar Poese (DT Labs/TU Berlin), James Royalty (Pando Networks),
Damien Saucez (UCL) Thomas Scholl (AT&T), Emilio Sepulveda Damien Saucez (UCL) Thomas Scholl (AT&T), Emilio Sepulveda
(Telefonica), Avi Silberschatz (Yale University), Hassan Sipra (Bell (Telefonica), Avi Silberschatz (Yale University), Hassan Sipra (Bell
Canada), Georgios Smaragdakis (DT Labs/TU Berlin), Haibin Song Canada), Georgios Smaragdakis (DT Labs/TU Berlin), Haibin Song
(Huawei), Oliver Spatscheck (AT&T), See-Mong Tang (Microsoft), Jia (Huawei), Oliver Spatscheck (AT&T), See-Mong Tang (Microsoft), Jia
Wang (AT&T), Hao Wang (Yale University), Ye Wang (Yale University), Wang (AT&T), Hao Wang (Yale University), Ye Wang (Yale University),
Haiyong Xie (Yale University). Haiyong Xie (Yale University).
Appendix C. Authors
[[Comment.4: RFC Editor: Please move information in this section to
the Authors' Addresses section at publication time.]]
Stefano Previdi
Cisco
Email: sprevidi@cisco.com
Stanislav Shalunov
BitTorrent
Email: shalunov@bittorrent.com
Richard Woundy
Comcast
Richard_Woundy@cable.comcast.com
Authors' Addresses Authors' Addresses
Richard Alimi (editor)
Yale University
Email: richard.alimi@yale.edu
Reinaldo Penno (editor) Reinaldo Penno (editor)
Juniper Networks Juniper Networks
1194 N Mathilda Avenue 1194 N Mathilda Avenue
Sunnyvale, CA Sunnyvale, CA
USA USA
Email: rpenno@juniper.net Email: rpenno@juniper.net
Y. Richard Yang (editor) Y. Richard Yang (editor)
Yale University Yale University
 End of changes. 230 change blocks. 
649 lines changed or deleted 1392 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/