Loop Detection in Content Delivery Networks (CDNs)
RFC 8586

Document Type RFC - Proposed Standard (April 2019; Errata)
Last updated 2019-04-25
Replaces draft-cdn-loop-prevention
Stream IETF
Formats plain text pdf htmlized with errata bibtex
Reviews
Stream WG state Submitted to IESG for Publication
Document shepherd Tommy Pauly
Shepherd write-up Show (last changed 2018-11-26)
IESG IESG state RFC 8586 (Proposed Standard)
Consensus Boilerplate Yes
Telechat date
Responsible AD Alexey Melnikov
Send notices to Patrick McManus <mcmanus@ducksong.com>, Tommy Pauly <tpauly@apple.com>
IANA IANA review state Version Changed - Review Needed
IANA action state RFC-Ed-Ack
Internet Engineering Task Force (IETF)                          S. Ludin
Request for Comments: 8586                           Akamai Technologies
Category: Standards Track                                  M. Nottingham
ISSN: 2070-1721                                                   Fastly
                                                             N. Sullivan
                                                              Cloudflare
                                                              April 2019

           Loop Detection in Content Delivery Networks (CDNs)

Abstract

   This document defines the CDN-Loop request header field for HTTP.
   CDN-Loop addresses an operational need that occurs when an HTTP
   request is intentionally forwarded between Content Delivery Networks
   (CDNs), but is then accidentally or maliciously re-routed back into
   the original CDN causing a non-terminating loop.  The new header
   field can be used to identify the error and terminate the loop.

Status of This Memo

   This is an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Further information on
   Internet Standards is available in Section 2 of RFC 7841.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   https://www.rfc-editor.org/info/rfc8586.

Copyright Notice

   Copyright (c) 2019 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Ludin, et al.                Standards Track                    [Page 1]
RFC 8586                   CDN Loop Detection                 April 2019

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
     1.1.  Relationship to Via . . . . . . . . . . . . . . . . . . .   2
     1.2.  Conventions and Definitions . . . . . . . . . . . . . . .   3
   2.  The CDN-Loop Request Header Field . . . . . . . . . . . . . .   3
   3.  Security Considerations . . . . . . . . . . . . . . . . . . .   4
   4.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   5
   5.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   5
     5.1.  Normative References  . . . . . . . . . . . . . . . . . .   5
     5.2.  Informative References  . . . . . . . . . . . . . . . . .   6
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .   6

1.  Introduction

   In modern deployments of HTTP servers, it is common to interpose
   Content Delivery Networks (CDNs) in front of origin servers to
   improve latency perceived by end users, reduce operational costs, and
   improve scalability and reliability of services.

   Often, more than one CDN is in use by a given origin.  This happens
   for a variety of reasons, such as cost savings, arranging for
   failover should one CDN have issues, or direct comparison of the
   CDNs' services.

   As a result, it is possible for forwarding CDNs to be configured in a
   "loop" accidentally; because routing is achieved through a
   combination of DNS and forwarding rules, and site configurations are
   sometimes complex and managed by several parties.

   When this happens, it is difficult to debug.  Additionally, it
   sometimes isn't accidental; loops between multiple CDNs can be used
   as an attack vector (e.g., see [loop-attack]), especially if one CDN
   unintentionally strips the loop detection headers of another.

   This specification defines the CDN-Loop HTTP request header field to
   help detect such attacks and accidents among forwarding CDNs that
   have implemented it; the header field may not be modified by their
   customers.

1.1.  Relationship to Via

   HTTP defines the Via header field in Section 5.7.1 of [RFC7230] for
   "tracking message forwards, avoiding request loops, and identifying
   the protocol capabilities of senders along the request/response
   chain."

Ludin, et al.                Standards Track                    [Page 2]
RFC 8586                   CDN Loop Detection                 April 2019

   In theory, Via could be used to identify these loops.  However, in
   practice it is not used in this fashion, because some HTTP servers
   use Via for other purposes -- in particular, some implementations
Show full document text