--- 1/draft-ietf-dime-nat-control-12.txt 2012-01-11 01:13:57.926670987 +0100 +++ 2/draft-ietf-dime-nat-control-13.txt 2012-01-11 01:13:58.038670860 +0100 @@ -1,22 +1,22 @@ Internet Engineering Task Force F. Brockners Internet-Draft S. Bhandari Intended status: Standards Track Cisco -Expires: April 27, 2012 V. Singh +Expires: July 14, 2012 V. Singh V. Fajardo Telcordia Technologies - October 25, 2011 + January 11, 2012 Diameter Network Address and Port Translation Control Application - draft-ietf-dime-nat-control-12 + draft-ietf-dime-nat-control-13 Abstract This document describes the framework, messages, and procedures for the Diameter Network address and port translation Control Application. This Diameter application allows per endpoint control of Network Address Translators and Network Address and Port Translators, which are added to networks to cope with IPv4-address space depletion. This Diameter application allows external devices to configure and manage a Network Address Translator device - @@ -42,25 +42,25 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on April 27, 2012. + This Internet-Draft will expire on July 14, 2012. Copyright Notice - Copyright (c) 2011 IETF Trust and the persons identified as the + Copyright (c) 2012 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as @@ -794,50 +794,51 @@ QUERY_REQUEST. Figure 7 shows the protocol interaction between the DNCA Diameter peers. Two types of query requests exist. The first type of query request uses the session ID as input parameter to the query. It is to allow the DNCA Diameter peer within the NAT-controller to retrieve the current set of bindings for a specific session. The second type of query request is used to retrieve the session identifiers, along with the associated bindings, matching a criteria. This enables the DNCA Diameter peer within the NAT-controller to find those sessions, which - utilize a specific external IP-address. + utilize a specific external or internal IP-address. 1. Request a list of currently allocated NAT bindings for a particular session: On receiving a NCR, the NAT-device SHOULD look up the session information for the session ID contained in the NCR, and report all currently active NAT-bindings for the session using an NCA message with Result-Code set to DIAMETER_SUCCESS. In this case the NCR MUST NOT contain a NAT- Control-Definition AVP. Each NAT-binding is reported in a NAT- Control-Definition AVP. In case the session ID is unknown, the DNCA Diameter peer within the NAT-device MUST return an NCA message with Result-Code set to DIAMETER_UNKNOWN_SESSION_ID. - 2. Retrieve session IDs and internal IP address/port pairs for one + 2. Retrieve session IDs and bindings for internal IP-address or one or multiple external IP-address/port pairs: If the DNCA Diameter peer within the NAT-controller wishes to retrieve the session - ID(s) for one or multiple external IP-address/port pairs, it MUST - include the external IP-address/port pair(s) as part of the NAT- - Control-Definition AVP of the NCR. The external IP-address/port - pair(s) are pre-known to the controller via configuration, AAA - interactions, or other means. The session ID is not included in - the NCR or the NCA for this type of a query. The DNCA Diameter - peer within the NAT-device SHOULD report the NAT-bindings and - associated session IDs corresponding to the external IP-address/ - port pairs in an NCA message using one or multiple instances of - the NAT-Control-Definition AVP. The Result-Code is set to - DIAMETER_SUCCESS. In case an external IP-address/port pair has - no associated existing NAT-binding, the NAT-Control-Definition - AVP contained in the reply just contains the NAT-External-Address - AVP. + ID(s) for internal IP-address or one or multiple external IP- + address/port pairs, it MUST include the internal IP-address as + part of Framed-IP-Address or external IP-address/port pair(s) as + part of the NAT-External-Address AVP of the NCR. The external + IP-address/port pair(s) are pre-known to the controller via + configuration, AAA interactions, or other means. The session ID + is not included in the NCR or the NCA for this type of a query. + The DNCA Diameter peer within the NAT-device SHOULD report the + NAT-bindings and associated session IDs corresponding to the + internal IP-address or external IP-address/port pairs in an NCA + message using one or multiple instances of the NAT-Control- + Definition AVP. The Result-Code is set to DIAMETER_SUCCESS. In + case an external IP-address/port pair has no associated existing + NAT-binding, the NAT-Control-Definition AVP contained in the + reply just contains the NAT-External-Address AVP. NAT-controller (DNCA Diameter peer) NAT-device (DNCA Diameter peer) | | | | | | DNCA Session Established | | | | NCR | |------------------------------------------>| | | @@ -1825,20 +1826,21 @@ in NCRs and NCAs with NC-Request-Type set to QUERY_REQUEST. +-------------------+ | Command Code | +-----------------------------------+-------------------+ | Attribute Name NCR NCA | +-------------------------------------------------------+ |NC-Request-Type 1 1 | |NAT-Control-Install 0 0 | |NAT-Control-Remove 0 0 | |NAT-Control-Definition 0 0+ | + |NAT-External-Address 0+ 0 | |Current-NAT-Bindings 0 1 | |Duplicate-Session-Id 0 0 | +-------------------------------------------------------+ 10.3. DNCA AVP Table for Accounting Message The following table lists DNCA specific AVPs, which may or may not be present in ACR and ACA messages. +-------------------+ | Command Code | @@ -2459,21 +2461,27 @@ d. Section 13 added to provide example DNCA message exchange flows e. Added a description to provide DNCA comparison with MIDCOM f. n:1 deployment model for NAT-controllers and NAT-devices explicitly specified g. editorial changes as per IESG DISCUSS comments + Changes from -12 to -13 + + a. Section 4.3 session query updated to use NAT-External-Address for + external IP-address based query + 16. References + 16.1. Normative References [ETSIES283034] ETSI, "Telecommunications and Internet Converged Services and Protocols for Advanced Networks (TISPAN),Network Attachment Sub-System (NASS),e4 interface based on the Diameter protocol.", September 2008. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.