Diameter Maintenance and J. Korhonen, Ed.
Extensions (DIME) TeliaSonera
Internet-Draft H. Tschofenig
Intended status: Standards Track Nokia Siemens Networks
Expires: January 10, 2008 M. Arumaithurai
University of Goettingen
July 9, 2007
Quality of Service Attributes for Diameter and RADIUS
draft-ietf-dime-qos-attributes-01.txt
Status of this Memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on January 10, 2008.
Copyright Notice
Copyright (C) The IETF Trust (2007).
Abstract
This document extends the functionality of the Diameter Base protocol
and other Diameter applications with respect to their ability to
convey Quality of Service information. The AVPs defined in this
document are also available for Remote Authentication Dial In User
Service (RADIUS).
Korhonen, et al. Expires January 10, 2008 [Page 1]
Internet-Draft QoS attributes for Diameter July 2007
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Commands, AVPs and Advertising Application Support . . . . . . 3
3.1. Command Codes . . . . . . . . . . . . . . . . . . . . . . 3
3.2. Diameter-EAP-Request (DER) . . . . . . . . . . . . . . . . 4
3.3. Diameter-EAP-Answer (DEA) . . . . . . . . . . . . . . . . 4
3.4. Credit-Control-Request (CCR) . . . . . . . . . . . . . . . 5
3.5. Credit-Control-Answer (CCA) . . . . . . . . . . . . . . . 6
3.6. AA-Request (AAR) . . . . . . . . . . . . . . . . . . . . . 7
3.7. AA-Answer (AAA) . . . . . . . . . . . . . . . . . . . . . 8
4. Diameter QoS Defined AVPs . . . . . . . . . . . . . . . . . . 9
4.1. QoS-ID AVP . . . . . . . . . . . . . . . . . . . . . . . . 9
4.2. QoS-Flow-State AVP . . . . . . . . . . . . . . . . . . . . 9
4.3. QSPEC AVP . . . . . . . . . . . . . . . . . . . . . . . . 9
4.4. QoS-Resources AVP . . . . . . . . . . . . . . . . . . . . 10
4.5. QoS-Parameter AVP . . . . . . . . . . . . . . . . . . . . 10
4.6. Extended-QoS-Filter-Rule AVP . . . . . . . . . . . . . . . 10
4.7. QoS-Capability AVP . . . . . . . . . . . . . . . . . . . . 10
4.8. QSPEC-Type AVP . . . . . . . . . . . . . . . . . . . . . . 11
5. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
5.1. Diameter EAP with QoS Information . . . . . . . . . . . . 11
5.2. QoS Authorization . . . . . . . . . . . . . . . . . . . . 12
5.3. Diameter NASREQ with QoS Information . . . . . . . . . . . 13
5.4. Diameter Server Initiated Re-authorization of QoS . . . . 14
5.5. Diameter Credit-Control with QoS Information . . . . . . . 15
5.6. Diameter Server Initiated Credit Re-authorization . . . . 16
5.7. QoS and Credit-Control as Part of Authentication and
Authorization . . . . . . . . . . . . . . . . . . . . . . 17
6. AVP Occurrence Tables . . . . . . . . . . . . . . . . . . . . 19
6.1. DER and DEA Commands AVP Table . . . . . . . . . . . . . . 19
6.2. CCR and CCA Commands AVP Table . . . . . . . . . . . . . . 19
6.3. AAR and AAA Commands AVP Table . . . . . . . . . . . . . . 19
7. Diameter RADIUS Interoperability . . . . . . . . . . . . . . . 20
8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 20
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 20
10. Security Considerations . . . . . . . . . . . . . . . . . . . 20
11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 21
11.1. Normative References . . . . . . . . . . . . . . . . . . . 21
11.2. Informative References . . . . . . . . . . . . . . . . . . 21
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 22
Intellectual Property and Copyright Statements . . . . . . . . . . 23
Korhonen, et al. Expires January 10, 2008 [Page 2]
Internet-Draft QoS attributes for Diameter July 2007
1. Introduction
This document defines a number of Diameter Quality of Service (QoS)
related AVPs that can be used with the Diameter Base protocol, and
Diameter Credit Control, Diameter EAP and Diameter NASREQ
applications to convey Quality of Service information. The Extended-
QoS-Filter-Rule AVP thereby replaces the QoSFilterRule, defined in
RFC 3588 [RFC3588], and the QoS-Filter-Rule, defined in RFC 4005
[RFC4005].
The AVPs defined in this document are also available for Remote
Authentication Dial In User Service (RADIUS).
2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
3. Commands, AVPs and Advertising Application Support
3.1. Command Codes
This document re-uses the Diameter Base protocol [RFC3588], and
Diameter Credit-Control [RFC4006], Diameter NASREQ [RFC4072] and
Diameter EAP [RFC4005] application commands. The following commands
are re-used to carry QoS related AVPs:
Command-Name Abbrev. Code Reference
Diameter-EAP-Request DER 268 RFC 4072
Diameter-EAP-Answer DEA 268 RFC 4072
Credit-Control-Request CCR 272 RFC 4006
Credit-Control-Answer CCA 272 RFC 4006
AA-Request AAR 265 RFC 4005
AA-Answer AAA 265 RFC 4005
Figure 1: Command Codes
When the Re-Auth-Request (RAR), Re-Auth-Answer (RAA), Session-
Termination-Request (STR), Session-Termination-Answer (STA), Abort-
Korhonen, et al. Expires January 10, 2008 [Page 3]
Internet-Draft QoS attributes for Diameter July 2007
Session-Request (ASR), Abort-Session-Answer (ASA), Accounting-Request
(ACR), and Accounting-Answer (ACA) commands are used together with
this specification they follow the rules in Diameter NASREQ
[RFC4005], Diameter EAP [RFC4072], Credit-Control [RFC4006] and
Diameter Base Protocol [RFC3588]. The accounting commands use the
Application Identifier value of the respective application.
3.2. Diameter-EAP-Request (DER)
The Diameter-EAP-Request (DER) command [RFC4072], indicated by the
Command-Code field set to 268 and the 'R' bit set in the Command
Flags field, may be sent by the NAS to the Diameter server providing
network access authentication and authorization services. At the
same time as the network access authentication and authorization, the
NAS MAY request the Diameter server to authorize provisioning of QoS
resources.
The message format is the same as defined in [RFC4072] with an
addition of Diameter QoS specific AVPs. Figure 2 shows the DER
message used with the Diameter QoS AVPs:
<Diameter-EAP-Request> ::= < Diameter Header: 268, REQ, PXY >
< Session-Id >
{ Auth-Application-Id }
{ Origin-Host }
{ Origin-Realm }
{ Destination-Realm }
{ Auth-Request-Type }
[ Destination-Host ]
[ User-Name ]
[ QoS-Capability ]
* [ QoS-Resources ]
...
* [ AVP ]
Figure 2: Diameter EAP Request Command
3.3. Diameter-EAP-Answer (DEA)
The Diameter-EAP-Answer (DEA) message defined in [RFC4072], indicated
by the Command- Code field set to 268 and 'R' bit cleared in the
Command Flags field is sent in response to the Diameter-EAP-Request
message (DER). If the QoS service is successfully authorized and the
Korhonen, et al. Expires January 10, 2008 [Page 4]
Internet-Draft QoS attributes for Diameter July 2007
Diameter server was able to fulfill the QoS Authorization request (if
needed) then the response MAY include the QoS-Resources AVPs.
The message format is the same as defined in [RFC4072] with an
addition of Diameter QoS specific AVPs. Figure 3 shows the DEA
message used with the Diameter QoS AVPs:
<Diameter-EAP-Answer> ::= < Diameter Header: 268, PXY >
< Session-Id >
{ Auth-Application-Id }
{ Auth-Request-Type }
{ Result-Code }
{ Origin-Host }
{ Origin-Realm }
* [ QoS-Resources ]
[ Session-Timeout ]
[ User-Name ]
...
* [ AVP ]
Figure 3: Diameter EAP Answer Command
3.4. Credit-Control-Request (CCR)
The Credit-Control-Request (CCR) command [RFC4006], indicated by the
Command-Code field set to 272 and the 'R' bit set in the Command
Flags field, may be sent by the NAS to the Diameter-QoS server to
request QoS credit authorization for a given QoS provisioning
request. In that case the CCR command MAY also carry the QoS-
Resources AVPs.
The message format is the same as defined in [RFC4006] with an
addition of Diameter QoS specific AVPs. Figure 4 shows the CCR
message used with the Diameter QoS AVPs:
Korhonen, et al. Expires January 10, 2008 [Page 5]
Internet-Draft QoS attributes for Diameter July 2007
<Credit-Control-Request> ::= < Diameter Header: 272, REQ, PXY >
< Session-Id >
{ Auth-Application-Id }
{ Origin-Host }
{ Origin-Realm }
{ Destination-Realm }
{ Auth-Request-Type }
{ Service-Context-Id }
{ CC-Request-Type }
{ CC-Request-Number }
[ Destination-Host ]
[ User-Name ]
[ QoS-Capability ]
* [ QoS-Resources ]
...
* [ AVP ]
Figure 4: Credit Control Request Command
3.5. Credit-Control-Answer (CCA)
The Credit-Control-Answer (CCA) command [RFC4006], indicated by the
Command-Code field set to 272 and the 'R' bit set in the Command
Flags field is sent in response to the CC-Request (CCR) message to
acknowledge a CC-Request command. If the Diameter QoS server was
able to fulfill the QoS request (if needed) then the response MAY
include the QoS-Resources AVPs.
The message format is the same as defined in [RFC4006] with an
addition of Diameter QoS specific AVPs. Figure 5 shows the CCA
message used with the Diameter QoS AVPs:
Korhonen, et al. Expires January 10, 2008 [Page 6]
Internet-Draft QoS attributes for Diameter July 2007
<Credit-Control-Answer> ::= < Diameter Header: 272, PXY >
< Session-Id >
{ Result-Code }
{ Origin-Host }
{ Origin-Realm }
{ Auth-Application-Id }
{ CC-Request-Type }
{ CC-Request-Number }
[ User-Name ]
[ CC-Session-Failover ]
[ CC-Sub-Session-Id ]
[ Acct-Multi-Session-Id ]
[ Origin-State-Id ]
[ Event-Timestamp ]
* [ QoS-Resources ]
...
* [ AVP ]
Figure 5: Credit Control Answer Command
3.6. AA-Request (AAR)
The AA-Request (AAR) message, indicated by the Command-Code field set
to 265 and 'R' bit set in the Command Flags field, may be sent by the
NAS to the Diameter server providing network access configuration
services. At the same time as the network access authentication and
authorization, the NAS MAY request the Diameter server to authorize
provisioning of QoS resources.
The message format is the same as defined in [RFC4005] with an
addition of Diameter QoS specific AVPs. Figure 6 shows the AAR
message used with the Diameter QoS AVPs:
Korhonen, et al. Expires January 10, 2008 [Page 7]
Internet-Draft QoS attributes for Diameter July 2007
<AA-Request> ::= < Diameter Header: 265, REQ, PXY >
< Session-Id >
{ Auth-Application-Id }
{ Origin-Host }
{ Origin-Realm }
{ Destination-Realm }
{ Auth-Request-Type }
[ QoS-Capability ]
* [ QoS-Resources ]
[ Destination-Host ]
...
* [ AVP ]
Figure 6: AA Request Command
3.7. AA-Answer (AAA)
The AA-Answer (AAA) message, indicated by the Command-Code field set
to 265 and 'R' bit cleared in the Command Flags field is sent in
response to the AA-Request (AAR) message for confirmation of the
result of QoS provisioning. If the QoS service is successfully
authorized and the Diameter server was able to fulfill the QoS
provisioning request (if needed) then the response MAY include the
QoS-Resources AVPs.
The message format is the same as defined in [RFC4005] with an
addition of Diameter QoS specific AVPs. Figure 7 shows the AAA
message used with the Diameter QoS AVPs:
<AA-Answer> ::= < Diameter Header: 265, PXY >
< Session-Id >
{ Auth-Application-Id }
{ Auth-Request-Type }
{ Result-Code }
{ Origin-Host }
{ Origin-Realm }
* [ QoS-Resources ]
[ User-Name ]
[ Session-Timeout ]
...
* [ AVP ]
Korhonen, et al. Expires January 10, 2008 [Page 8]
Internet-Draft QoS attributes for Diameter July 2007
Figure 7: AA Answer Command
4. Diameter QoS Defined AVPs
The following table lists the Diameter AVPs used by this document,
their AVP code values, types, possible flag values, and whether the
AVP may be encrypted.
+------------------+
| AVP Flag Rules |
+-------------------------------------------------|----+---+----+----+
| AVP Section |MUST|MAY|SHLD|MUST|
| Attribute Name Code Defined Data Type | | | NOT| NOT|
+-------------------------------------------------+----+---+----+----+
|QoS-Flow-State TBD 4.2 Enumerated | |M,P| | V |
|QSPEC TBD 4.3 OctetSTring| |M,P| | V |
|QoS-ID TBD 4.1 Unsigned32 | |M,P| | V |
|Extended-QoS-Filter-Rule TBD 4.6 Grouped | |M,P| | V |
|QoS-Resources TBD 4.4 Grouped | |M,P| | V |
|QoS-Parameter TBD 4.5 Grouped | |M,P| | V |
|QoS-Capability TBD 4.7 Grouped | |M,P| | V |
|QSPEC-Type TBD 4.8 Unsigned32 | |M,P| | V |
+-------------------------------------------------+----+---+----+----+
4.1. QoS-ID AVP
The QoS-ID AVP (AVP Code TBD) is of type Unsigned32 and references
the QSPEC.
4.2. QoS-Flow-State AVP
The QoS-Flow-State AVP (AVP Code TBD) is of type Enumerated. It
gives an indication as to how the flow MUST be treated. The
Extended-QoS-Filter-Rule already provides an indicate whether a flow
is permitted or denied. This optional AVP provides additional
information about the treatment. Currently a single value is
defined; further values are available via IANA registration.
0 Pending: The filter rules are not installed but kept pending.
Subsequent signaling is necessary to active them.
4.3. QSPEC AVP
The QSPEC AVP (AVP Code TBD) is of type OctetString and contains
Quality of Service parameters. These parameters are defined in a
separate document, see [I-D.ietf-dime-qos-parameters].
Korhonen, et al. Expires January 10, 2008 [Page 9]
Internet-Draft QoS attributes for Diameter July 2007
4.4. QoS-Resources AVP
The QoS-Resources AVP (AVP Code TBD) is of type Grouped and includes
description of the resources that have been authorized or requested.
More than one QoS-Resources AVP MAY be included in a single message.
QoS-Resources ::= < AVP Header: XXX >
1* [ Extended-QoS-Filter-Rule ]
1* [ QoS-Parameter ]
[ QoS-Flow-State ]
* [ AVP ]
4.5. QoS-Parameter AVP
The QoS-Parameter AVP (AVP Code TBD) is of type Grouped and ties the
QoS-ID AVP together to the QSPEC AVP. All parameters followed by the
QSPEC-Type AVP refer to the same QoS model/profile.
QoS-Parameter ::= < AVP Header: XXX >
{ QoS-ID }
{ QSPEC-Type }
1* [ QSPEC ]
* [ AVP ]
4.6. Extended-QoS-Filter-Rule AVP
TheExtended-QoS-Filter-Rule AVP (AVP Code TBD) is of type Grouped.
The QoS filter rule associated with the QoS-ID re-uses the RADIUS
NAS-Traffic-Rule AVP [I-D.ietf-radext-filter-rules]. This AVP ties a
specific filter to a QoS-ID that in turn refers to a specific QoS-
Parameter.
Extended-QoS-Filter-Rule ::= < AVP Header: XXX >
{ QoS-ID }
{ NAS-Traffic-Rule }
* [ AVP ]
4.7. QoS-Capability AVP
The QoS-Capability AVP (AVP Code TBD) is of type Grouped and contains
a list of supported QSPEC-Types and respective AVPs.
The NAS SHOULD include this AVP from the NAS to the Diameter server
to indicate the support for this specification and for the specific
Korhonen, et al. Expires January 10, 2008 [Page 10]
Internet-Draft QoS attributes for Diameter July 2007
QoS models.
QoS-Capability ::= < AVP Header: XXX >
1* { QSPEC-Type }
* [ AVP ]
4.8. QSPEC-Type AVP
The QSPEC-Type AVP (AVP Code TBD) is of type Unsigned32 and contains
the supported QoS model or QoS profile. The value of 0 refers to the
QoS parameters described in [I-D.ietf-dime-qos-parameters]. The
values are taken from the registry defined in [I-D.ietf-nsis-qspec].
5. Examples
This section shows a number of signaling flows where QoS negotiation
and authorization is part of the conventional NASREQ, EAP or Credit-
Control applications message exchanges. These signaling flows are
meant to be examples only.
5.1. Diameter EAP with QoS Information
Figure 8 shows a simple signaling flow where a NAS (Diameter Client)
announces its QoS awareness and capabilities included into the DER
message and as part of the access authentication procedure. Upon
completion of the EAP negotiation, the Diameter Server provides a
pre-provisioned QoS profile to the NAS in the final DEA message.
Korhonen, et al. Expires January 10, 2008 [Page 11]
Internet-Draft QoS attributes for Diameter July 2007
End Diameter Diameter
Host Client server
| | |
| (initiate EAP) | |
|<------------------------------>| |
| | Diameter-EAP-Request |
| | EAP-Payload(EAP Start) |
| | QoS-Capability |
| |------------------------------->|
| | |
| | Diameter-EAP-Answer |
| Result-Code=DIAMETER_MULTI_ROUND_AUTH |
| | EAP-Payload(EAP Request #1) |
| |<-------------------------------|
| EAP Request(Identity) | |
|<-------------------------------| |
: : :
: <<<more message exchanges>>> :
: : :
| | |
| EAP Response #N | |
|------------------------------->| |
| | Diameter-EAP-Request |
| | EAP-Payload(EAP Response #N) |
| |------------------------------->|
| | |
| | Diameter-EAP-Answer |
| | Result-Code=DIAMETER_SUCCESS |
| | EAP-Payload(EAP Success) |
| | [EAP-Master-Session-Key] |
| | (authorization AVPs) |
| | QoS-Resources |
| |<-------------------------------|
| | |
| EAP Success | |
|<-------------------------------| |
| | |
Figure 8: Example of a Diameter EAP enhanced with QoS Information
5.2. QoS Authorization
Figure 9 shows an example of authorization only QoS signaling as part
of the NASREQ message exchange. The NAS provides the Diameter Server
with the QoS profile it wishes to use in the AAR message. The
Diameter Server then either authorizes the proposed QoS profile or
reject the authorization, and then informs the NAS about the
authorization result in the AAA message. In this scenario the NAS
Korhonen, et al. Expires January 10, 2008 [Page 12]
Internet-Draft QoS attributes for Diameter July 2007
does not need to include the QoS-Capability AVP in the AAR message as
the QoS-Resources AVP implicitly does the same and also the NAS is
authorizing a specific QoS profile, not a pre-provisioned one.
End Diameter
Host NAS Server
| | |
| | |
| QoS Request | |
+----------------->| |
| | |
| |AA-Request |
| |Auth-Request-Type=AUTHORIZE_ONLY
| |NASREQ-Payload |
| |QoS-Resources |
| +----------------------------->|
| | |
| | AA-Answer|
| | NASREQ-Payload(Success)|
| | QoS-Resources|
| |<-----------------------------+
| Accept | |
|<-----------------+ |
| | |
| | |
| | |
Figure 9: Example of an Authorization-Only Message Flow
5.3. Diameter NASREQ with QoS Information
Figure 10 shows a similar pre-provisioned QoS signaling as in
Figure 8 but using the NASREQ application instead of EAP application.
Korhonen, et al. Expires January 10, 2008 [Page 13]
Internet-Draft QoS attributes for Diameter July 2007
End Diameter
Host NAS Server
| | |
| Start Network | |
| Attachment | |
|<---------------->| |
| | |
| |AA-Request |
| |NASREQ-Payload |
| |QoS-Capability |
| +----------------------------->|
| | |
| | AA-Answer|
| Result-Code=DIAMETER_MULTI_ROUND_AUTH|
| NASREQ-Payload(NASREQ Request #1)|
| |<-----------------------------+
| | |
| Request | |
|<-----------------+ |
| | |
: : :
: <<<more message exchanges>>> :
: : :
| Response #N | |
+----------------->| |
| | |
| |AA-Request |
| |NASREQ-Payload ( Response #N )|
| +----------------------------->|
| | |
| | AA-Answer|
| | Result-Code=DIAMETER_SUCCESS|
| | (authorization AVPs)|
| | QoS-Resources |
| |<-----------------------------+
| | |
| Success | |
|<-----------------+ |
| | |
Figure 10: Example of a Diameter NASREQ enhanced with QoS Information
5.4. Diameter Server Initiated Re-authorization of QoS
Figure 11 shows a message exchange for a Diameter Server initiated
QoS profile re-authorization procedure. The Diameter Server sends
the NAS a RAR message requesting re-authorization for an existing
session and the NAS acknowledges it with a RAA message. The NAS that
Korhonen, et al. Expires January 10, 2008 [Page 14]
Internet-Draft QoS attributes for Diameter July 2007
is aware of its existing QoS profile and information for the ongoing
session that the Diameter Server requested for re-authorization.
Thus the NAS must initiate re-authorization of the existing QoS
profile. The re-authorization procedure is the same as in Figure 9.
End Diameter
Host NAS Server
| | |
| | |
: : :
: <<<Initial Messag Exchanges>>> :
: : :
| | |
| | RA-Request |
| |<-----------------------------+
| | |
| |RA-Answer |
| |Result-Code=DIAMETER_SUCCESS |
| +----------------------------->|
| | |
| | |
| |AA-Request |
| |NASREQ-Payload |
| |Auth-Request-Type=AUTHORIZE_ONLY
| |QoS-Capability |
| +----------------------------->|
| | |
| | AA-Answer|
| | Result-Code=DIAMETER_SUCCESS|
| | (authorization AVPs)|
| | QoS-Resources |
| |<-----------------------------+
| | |
Figure 11: Example of a Server-initiated Re-Authorization Procedure
5.5. Diameter Credit-Control with QoS Information
In this case the authorization and authentication take place at the
beginning and then when a new service request comes in the accounting
is done as per the required QoS. It's a 3GPP scenario.
Korhonen, et al. Expires January 10, 2008 [Page 15]
Internet-Draft QoS attributes for Diameter July 2007
Diameter
End User Service Element Server CC Server
(CC Client)
| Registration | AA request/answer(accounting,cc or both)|
|<----------------->|<------------------>| |
| : | | |
| : | | |
| Service Request | | |
|------------------>| | |
| | CCR(Initial,Credit-Control AVPs, |
| | QoS-capability) |
| +|---------------------------------------->|
| CC stream|| | CCA(Granted-Units)|
| || | QoS-Resources |
| +|<----------------------------------------|
| Service Delivery | | |
|<----------------->| ACR(start,Accounting AVPs) |
| : |------------------->|+ |
| : | ACA || Accounting stream |
| |<-------------------|+ |
| : | | |
| : | | |
| | CCR(Update,Used-Units) |
| |---------------------------------------->|
| | | CCA(Granted-Units)|
| | | QoS-Resources |
| |<----------------------------------------|
| : | | |
| : | | |
| End of Service | | |
|------------------>| CCR(Termination, Used-Units) |
| |---------------------------------------->|
| | | CCA |
| |<----------------------------------------|
| | ACR(stop) | |
| |------------------->| |
| | ACA | |
| |<-------------------| |
Figure 12: Example with first interrogation after user's
authorization/authentication
5.6. Diameter Server Initiated Credit Re-authorization
This example shows a Diameter Credit Control interaction whereby the
server initiates a re-authorization exchange.
Korhonen, et al. Expires January 10, 2008 [Page 16]
Internet-Draft QoS attributes for Diameter July 2007
Service Element Diameter
End User (CC Client) Server CC Server
| | | |
| | | |
: : : :
: <<<<<< Initial Message Exchanges >>>>>> :
: : : :
| | | |
| | Re-Auth-Request|
| | Auth-Application-ID = CREDIT_CONTROL|
| |Re-Auth-Request-Type = AUTHORIZE_ONLY|
| | Session-ID|
| |<------------------------------------+
| | | |
| | Re-Auth-Answer | |
| | Session-ID | |
| | Result-Code = DIAMETER_LIMITED_SUCCESS
| +------------------------------------>|
| | | |
| | CCR |
| | CC-Request-Type = UPDATE_REQUEST |
| | Used-Units | |
| |-------------------+---------------->|
| | CCA(Granted-Units)|
| | Result-Code = DIAMETER_SUCCESS|
| | QoS-Resources|
| |<------------------+-----------------|
| | | |
Figure 13: Server-Initiated Credit Re-Authorization
5.7. QoS and Credit-Control as Part of Authentication and Authorization
In this example, the Credit control is performed along with the
Authentication/Authorization message. This is usually the case in
NAS scenario.
Korhonen, et al. Expires January 10, 2008 [Page 17]
Internet-Draft QoS attributes for Diameter July 2007
Service Element Diameter
End User (CC Client) server CC Server
| (e.g. NAS) | |
| | | |
| Service Request | AA Request (CC AVPs) |
| | Credit-Control=CREDIT_AUTHORIZATION |
| | QoS-Resources | |
|------------------>|------------------->| |
| | | CCR(Initial, CC AVPs)
| | | QoS-Resources |
| | |------------------->|
| | | CCA(Granted-Units) |
| | | QoS-Resources |
| | |<-------------------|
| | AA Answer(Granted-Units) |
| | QoS-Resources | |
| Service Delivery |<-------------------| |
|<----------------->| | |
| | ACR(start,Accounting AVPs) |
| |------------------->|+ |
| | ACA || Accounting stream |
| |<-------------------|+ |
| | | |
| | | |
| | | |
| | | |
| | CCR(Update,Used-Units) |
| | QoS-Resources | CCR(Update,Used-Units)
| |------------------->| QoS-Resources |
| | |------------------->|
| | | CCA(Granted-Units) |
| | | QoS-Resources |
| | CCA(Granted-Units) |<-------------------|
| | QoS-Resources | |
| |<-------------------| |
| | | |
| | | |
| End of Service | | |
|------------------>| CCR(Termination,Used-Units) |
| |------------------->| CCR(Term.,Used-Units)
| | |------------------->|
| | | CCA |
| | CCA |<-------------------|
| |<-------------------| |
| | ACR(stop) | |
| |------------------->| |
| | ACA | |
| |<-------------------| |
Korhonen, et al. Expires January 10, 2008 [Page 18]
Internet-Draft QoS attributes for Diameter July 2007
Figure 14: Example with use of the authorization messages for the
first Diameter Credit Control interrogation
6. AVP Occurrence Tables
6.1. DER and DEA Commands AVP Table
The following table lists the Quality of Service specific AVPs
defined in this document that may be present in the DER and DEA
Commands, as defined in this document and in [RFC4072].
+---------------+
| Command-Code |
|-------+-------+
Attribute Name | DER | DEA |
-------------------------------+-------+-------+
QoS-Capability | 0-1 | 0 |
QoS-Resources | 0+ | 0+ |
+-------+-------+
Figure 15: DER and DEA Commands AVP table
6.2. CCR and CCA Commands AVP Table
The following table lists the Quality of Service specific AVPs
defined in this document that may be present in the CCR and CCA
Commands, as defined in this document and in [RFC4006].
+---------------+
| Command-Code |
|-------+-------+
Attribute Name | CCR | CCA |
-------------------------------+-------+-------+
QoS-Capability | 0-1 | 0 |
QoS-Resources | 0+ | 0+ |
+-------+-------+
Figure 16: CCR and CCA Commands AVP table
6.3. AAR and AAA Commands AVP Table
The following table lists the Quality of Service specific AVPs
defined in this document that may be present in the AAR and AAA
Commands, as defined in this document and in [RFC4005].
Korhonen, et al. Expires January 10, 2008 [Page 19]
Internet-Draft QoS attributes for Diameter July 2007
+---------------+
| Command-Code |
|-------+-------+
Attribute Name | AAR | AAA |
-------------------------------+-------+-------+
QoS-Capability | 0-1 | 0 |
QoS-Resources | 0+ | 0+ |
+-------+-------+
Figure 17: AAR and AAA Commands AVP table
7. Diameter RADIUS Interoperability
[Editor's Note: Text will be provided in a future version of this
document.]
8. Acknowledgments
We would like to thank Victor Fajardo for his comments.
9. IANA Considerations
Diameter reserves the AVP Codes 0 - 255 for RADIUS functions that are
implemented in Diameter. AVPs new to Diameter have code values of
256 and greater.
This specification assigns the values TBD-1 to TBD-2 from the AVP
Code namespace defined in RFC 3588 [RFC3588]. See Section 4 for the
newly defined AVPs.
This specification also specifies the use of AVPs in the 0 - 255
range, which are defined in 'RADIUS Types', see
http://www.iana.org/assignments/radius-types. These values are
assigned by the policy in Section 6 of RFC 2865 [RFC2865] and are
amended by RFC 3575 [RFC3575].
10. Security Considerations
This document describes the extension of Diameter for conveying
Quality of Service information. The security considerations of the
Diameter protocol itself have been discussed in RFC 3588 [RFC3588].
Use of the AVPs defined in this document MUST take into consideration
the security issues and requirements of the Diameter Base protocol.
Korhonen, et al. Expires January 10, 2008 [Page 20]
Internet-Draft QoS attributes for Diameter July 2007
11. References
11.1. Normative References
[I-D.ietf-dime-qos-parameters]
Korhonen, J. and H. Tschofenig, "Quality of Service
Parameters for Usage with the AAA Framework",
draft-ietf-dime-qos-parameters-00 (work in progress),
June 2007.
[I-D.ietf-radext-filter-rules]
Congdon, P., "RADIUS Attributes for Filtering and
Redirection", draft-ietf-radext-filter-rules-03 (work in
progress), July 2007.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC3575] Aboba, B., "IANA Considerations for RADIUS (Remote
Authentication Dial In User Service)", RFC 3575,
July 2003.
[RFC3588] Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and J.
Arkko, "Diameter Base Protocol", RFC 3588, September 2003.
[RFC4005] Calhoun, P., Zorn, G., Spence, D., and D. Mitton,
"Diameter Network Access Server Application", RFC 4005,
August 2005.
[RFC4006] Hakala, H., Mattila, L., Koskinen, J-P., Stura, M., and J.
Loughney, "Diameter Credit-Control Application", RFC 4006,
August 2005.
11.2. Informative References
[I-D.ietf-nsis-qspec]
Ash, J., "QoS NSLP QSPEC Template",
draft-ietf-nsis-qspec-17 (work in progress), July 2007.
[RFC2865] Rigney, C., Willens, S., Rubens, A., and W. Simpson,
"Remote Authentication Dial In User Service (RADIUS)",
RFC 2865, June 2000.
[RFC4072] Eronen, P., Hiller, T., and G. Zorn, "Diameter Extensible
Authentication Protocol (EAP) Application", RFC 4072,
August 2005.
Korhonen, et al. Expires January 10, 2008 [Page 21]
Internet-Draft QoS attributes for Diameter July 2007
Authors' Addresses
Jouni Korhonen (editor)
TeliaSonera
Teollisuuskatu 13
Sonera FIN-00051
Finland
Email: jouni.korhonen@teliasonera.com
Hannes Tschofenig
Nokia Siemens Networks
Otto-Hahn-Ring 6
Munich, Bavaria 81739
Germany
Email: Hannes.Tschofenig@nsn.com
URI: http://www.tschofenig.com
Mayutan Arumaithurai
University of Goettingen
Email: mayutan.arumaithurai@gmail.com
Korhonen, et al. Expires January 10, 2008 [Page 22]
Internet-Draft QoS attributes for Diameter July 2007
Full Copyright Statement
Copyright (C) The IETF Trust (2007).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
Acknowledgment
Funding for the RFC Editor function is provided by the IETF
Administrative Support Activity (IASA).
Korhonen, et al. Expires January 10, 2008 [Page 23]