Re: [alto] Some questions for alto-xdom-disc

Qiao Xiang <> Tue, 05 December 2017 04:27 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id C98271252BA; Mon, 4 Dec 2017 20:27:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.447
X-Spam-Status: No, score=-2.447 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, NORMAL_HTTP_TO_IP=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id hHRjugJ0xkRL; Mon, 4 Dec 2017 20:27:21 -0800 (PST)
Received: from ( [IPv6:2a00:1450:400c:c09::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 3724F124E15; Mon, 4 Dec 2017 20:27:21 -0800 (PST)
Received: by with SMTP id b76so18028926wmg.1; Mon, 04 Dec 2017 20:27:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=GozOvkFhAdvt6/pJo9JIPYgb2M0OV6Av1GCpuMiaVxI=; b=QCUAxau7LUYse7dWQafBp8KyPfSohJoYCQcqVBUndo/PeviiqIF+t4jGfCNJME+DIX ZEjWi98urqn3HeIFVcwLldm8Ya41ydwe55qylA47LXs1cW1fHpVc83nb/AShMw5NY786 dCkCXhiGnR2fCery5jeSdOEggo404kDCtFjXx/JPA+FVziFH9F49eFdVx3QgFfvnmCcJ JZI83sdVUizTKtpJr7EVO5lPUIxEb9eJD3q9dmBE7d6glUykNpRDHHUSad9HCd0PvRh9 mosrYRflAIzzuhokXE8DzV0iWuxOZUAIaSlZfEzs28lTC7/9/Rl7jFU83Sf2S9lzxbGZ J1Vg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=GozOvkFhAdvt6/pJo9JIPYgb2M0OV6Av1GCpuMiaVxI=; b=D12l24eseXJdPQLyvUlhehBXQ3Ocbn4/hlTPbuZKwz+2mRDrsWedBu+n3OndIDVVRK DFUZq+y0zCvcTSzmOreKc4UW8+/Jshqo4v+/do9zM2yduNlUYpgv2SBVy1csEUg8P5VI 9t+0JrTkVaXAVNU+1qy6QwrZwLQG9mrKFG06/xT0F8XmIXNFD2Li9FNtq2yYkR1+0EnQ bhaWMfSqlbg6AmF78qmy4+48f0ORunJ25/RffF67KGU7qluntU1/u4dVBTsM9spjc5Ci HiGm7+oEpQw0UwlO/ljheayWjVOTnCjLKVoTNRC+fmxJXSkbb3Hdeiueerx33XQ//yct K0Mw==
X-Gm-Message-State: AJaThX4xNtccF9UgT9/OUo26gs2ncnIjk9OKjGY07vD0KyHzVDYv0Hhk A3gA4LQSq2+VxQ4FP/u8g/hks2NCen1fWKPlA2k=
X-Google-Smtp-Source: AGs4zMYD3eS2qYH87+prn89A0vg3qbcZ3LuX0ZRPgX/go7Ie1GfCD5HcNY34eOIIb2e8llvxrdKhMx1IWWRiVZbsfUc=
X-Received: by with SMTP id e15mr34609147edd.10.1512448039607; Mon, 04 Dec 2017 20:27:19 -0800 (PST)
MIME-Version: 1.0
Received: by with HTTP; Mon, 4 Dec 2017 20:26:59 -0800 (PST)
In-Reply-To: <>
References: <> <>
From: Qiao Xiang <>
Date: Tue, 5 Dec 2017 04:26:59 +0000
Message-ID: <>
To: Sebastian Kiesel <>
Cc: xin wang <>, "" <>, IETF ALTO <>
Content-Type: multipart/alternative; boundary="f403045c2100246488055f9040e5"
Archived-At: <>
Subject: Re: [alto] Some questions for alto-xdom-disc
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Application-Layer Traffic Optimization \(alto\) WG mailing list" <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 05 Dec 2017 04:27:25 -0000

Hi Sebastian,

Tony and I just had some offline discussion on the cross-domain draft. We
feel that some parts in Sec.2.1 and Sec. 3 should be updated in the newer

In Sec. 2.1, it is written that "... It performs DNS lookups and returns
one or more URI(s) of information resources related to that IP address or
prefix,...". Tony pointed out that the word "related" is vague, and I agree
with him. From the remaining of Sec. 2, I can infer the following workflow:
given an ALTO server A, if it can provide ALTO information on an IP address
or prefix "X", it *can* choose to prepare several domain names, so that the
ALTO client can discover that "server A can provide information on
address/prefix X" via reverse DNS lookup. We both feel that this workflow
should be clearly stated to replace the vague "related to" sentence quoted

However, even with a clearer description on how each ALTO server publishes
what kind of IP addresses/prefixes it can provide information about, in my
opinion, the EPS and ECS use cases given in Sec. 3 are still questionable.
It is unclear to me what points we want to express in Sec. 3. Is it a
standard procedure specifying how ALTO client should use this discovery
process, or only a suggested, incomplete guideline?

in Sec. 3.3, it is stated that "If the ALTO client wants to do a similar
Endpoint Property query for a different IP address or prefix "Y", the whole
procedure has to be repeated,". However, assume the ALTO client first wants
to discover which ALTO server can provide information of IP,
and finds an entry with Then if it wants to get
EPS information of IP, it can still use the same ALTO

In Sec. 3.4., take the one source S1 and multiple destination D1, D2, D3,
... as an example. your design asks the client to issue a lookup in the
format of XDOMDISC(S1, "ALTO:https"), and then query the returned IRDs. But
what if there exists an ALTO server A that has endpoint cost information
for (S1, D1), but only publishes a domain name entry
D1(reversed), and A is the only server that has such
information? In this way, the ALTO client cannot get the endpoint cost of
(S1, D1) from any other ALTO servers discovered via XDOMDISC(S1,
"ALTO:https"), but it can discover server A by a query XDOMDISC(D1,

To address these issues, I agree with Richard's comments from IETF99, which
says that we should state the design objectives, principles and
requirements of cross-domain servery discovery more clearly.

Looking forward to your thoughts on these issues. Thank you very much.


On Mon, Dec 4, 2017 at 9:16 PM, Sebastian Kiesel <>

> Dear xin wang, all,
> please see below
> On Fri, Dec 01, 2017 at 04:05:47AM +0000, xin wang wrote:
> > Dear authors of alto-xdom-disc and all,
> >
> >
> > Do you have any new updates on the draft of alto-xdom-disc?
> we are working on a new version of the draft, which will give a better
> specification of the discovery procedure as such (i.e., section 2).
> We are not planning to make a change on how the procedure is supposed
> to work, just give a better explanation.
> > I know that the draft intends to address the IRD discovery issue in
> > the cross-domain setting, but I find that the cross-domain itself
> > arouse my great interest.
> Well, the immediate outcome of the procedure is one or more IRD URIs.
> However, nobody is interested in discovering IRDs as such - it is just
> an intermediate step, so you can lookup the ECS or EPS in the IRD.
> In fact, our procedure is intended to be used with the
> Endpoint Property Service and the Endpoint Cost Service.
> > Considering that each domain has one ALTO server that can give a
> > useful cost value (not default) between any two endpoints in the
> > domain for the ECS. Then, the ALTO server discovery works when a
> > client asks for the cost value between any two endpoints in the same
> > domain, as it will direct to the right ALTO server which can give cost
> > values for some endpoint-pairs. It might involve multiple ALTO servers
> > to answer a single query of ECS service but the requirement of the
> > client can be satisfied.
> >
> >
> > However, if a client asks for a cost value between two endpoints which
> > locate in different domains, then who should be able to give the cost
> > value?
> We believe that in many scenarios, the best source of information
> for costs between source IP address S and destination address D,
> is the network operator that runs the network in which S is located.
> Consequently, we believe that this network operator should be able
> to announce "if you want to do ECS(S,D) please ask the ALTO server
> at http://...some.uri..."
> > This should be a common case if we target to deploy ALTO across
> > the public Internet as you listed as one of the requirements for ALTO
> > cross-domain server discovery.
> Indeed.
> > There are basically two approaches for the issue above: one is to
> > depend each ALTO server itself to compute cost values across domains
> > (e.g., recursive sending queries to other servers); the other is to
> > set up a hierarchy structure to relay the query to an upper ALTO
> > server which is able to support ECS across domains. In either way,
> > there need substantial efforts to consider/design a protocol between
> > two ALTO servers (which is discussed a little in the Sec. 1.1.2 in
> > your draft).
> >
> > Do you think there are potential solutions can resolve the issue
> > without depending too much on the inter-ALTO-server information
> > exchanging? Or design inter-ALTO-server protocol is the best
> > direction?
> We do a classification and discussion of several approaches.
> However, we then focus on one approach, which does not need any
> communication between ALTO servers, neither using the regular ALTO
> protocol nor a to-be-defined inter-ALTO-server protocol.
> Instead, we let the ALTO client do the work.
> If an ALTO client wants to query the ECS with specific source and
> destination addresses, it has to discover an appropriate ALTO server
> first.  Then, it can ask this server, and this server is supposed to
> answer without any consultation of other servers.
> Furthermore, we want to avoid that a new "rendezvous point" or
> Internet-wide directory of ALTO servers would have to be established.
> We want to build on an existing infrastructure.
> The idea is as follows:
> Conceptually, the ECS does a query on a large N x N matrix,
> where the column headers are labeled "from IP address (or prefix)" and
> the row headers are labeled "to IP address (or prefix)".
> However, we believe that it is unlikely that a single ALTO server will
> ever accumulate so much data that it can give reasonable values for
> every element of the matrix, in an Internet-wide deployment scenario.
> Instead, we split our large matrix into many small 1 x N "column vectors".
> Each of them indicates the cost from one specific IP address (or prefix)
> to all possible IP addresses (or prefixes).  Then, we can install each
> of these column vectors on a different ALTO server. So, in total we can
> have up to N ALTO servers, each with one stripe of the overall matrix.
> Of course, one ALTO server can also host more than one column vector, so
> we may work with fewer than N servers.
> Those who control the reverse DNS for S (i.e. the mapping from IP
> address S to a host name) can put a record in the DNS pointing from S
> to the URI of that ALTO server that knows the column vector
> "from S to all possible IP addresses (or prefixes)".
> This is how we use an existing infrastructure (the DNS) for the
> discovery job.
> As I wrote above, we are working on an update to section 2.
> Could you please review section 3, which explains the interaction
> of the procedure with ECS and the other ALTO services?  Thanks!
> best regards,
> Sebastian
> _______________________________________________
> alto mailing list

Qiao Xiang
Postdoctoral Fellow,
Department of Computer Science,
Yale University