--- 1/draft-ietf-dime-qos-attributes-07.txt 2008-10-28 21:12:23.000000000 +0100 +++ 2/draft-ietf-dime-qos-attributes-08.txt 2008-10-28 21:12:23.000000000 +0100 @@ -1,24 +1,24 @@ Diameter Maintenance and J. Korhonen Extensions (DIME) TeliaSonera Internet-Draft H. Tschofenig Intended status: Standards Track Nokia Siemens Networks -Expires: December 28, 2008 M. Arumaithurai +Expires: May 1, 2009 M. Arumaithurai University of Goettingen M. Jones, Ed. A. Lior Bridgewater Systems - June 26, 2008 + October 28, 2008 Quality of Service Attributes for Diameter - draft-ietf-dime-qos-attributes-07.txt + draft-ietf-dime-qos-attributes-08.txt Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that @@ -29,21 +29,21 @@ and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. - This Internet-Draft will expire on December 28, 2008. + This Internet-Draft will expire on May 1, 2009. Abstract This document extends the IPFilterRule AVP functionality of the Diameter Base protocol and the functionality of the QoS-Filter-Rule AVP defined in RFC 4005. The ability to convey Quality of Service information using the AVPs defined in this document is available to existing and future Diameter applications where permitted by the command ABNF. @@ -62,75 +62,91 @@ 3.8. QoS-Rule-Precedence AVP . . . . . . . . . . . . . . . . . 6 4. Semantics of QoS Parameters . . . . . . . . . . . . . . . . . 6 5. Diameter Classifier AVPs . . . . . . . . . . . . . . . . . . . 7 5.1. Classifier AVP . . . . . . . . . . . . . . . . . . . . . . 9 5.2. Classifier-ID AVP . . . . . . . . . . . . . . . . . . . . 10 5.3. Protocol AVP . . . . . . . . . . . . . . . . . . . . . . . 10 5.4. Direction AVP . . . . . . . . . . . . . . . . . . . . . . 10 5.5. From-Spec AVP . . . . . . . . . . . . . . . . . . . . . . 10 5.6. To-Spec AVP . . . . . . . . . . . . . . . . . . . . . . . 11 5.7. Source and Destination AVPs . . . . . . . . . . . . . . . 12 - 5.7.1. Negated AVP . . . . . . . . . . . . . . . . . . . . . 13 + 5.7.1. Negated AVP . . . . . . . . . . . . . . . . . . . . . 12 5.7.2. IP-Address AVP . . . . . . . . . . . . . . . . . . . . 13 5.7.3. IP-Address-Range AVP . . . . . . . . . . . . . . . . . 13 - 5.7.4. IP-Address-Start AVP . . . . . . . . . . . . . . . . . 14 - 5.7.5. IP-Address-End AVP . . . . . . . . . . . . . . . . . . 14 + 5.7.4. IP-Address-Start AVP . . . . . . . . . . . . . . . . . 13 + 5.7.5. IP-Address-End AVP . . . . . . . . . . . . . . . . . . 13 5.7.6. IP-Address-Mask AVP . . . . . . . . . . . . . . . . . 14 5.7.7. IP-Mask-Bit-Mask-Width AVP . . . . . . . . . . . . . . 14 5.7.8. MAC-Address AVP . . . . . . . . . . . . . . . . . . . 14 5.7.9. MAC-Address-Mask AVP . . . . . . . . . . . . . . . . . 14 - 5.7.10. MAC-Address-Mask-Pattern AVP . . . . . . . . . . . . . 15 + 5.7.10. MAC-Address-Mask-Pattern AVP . . . . . . . . . . . . . 14 5.7.11. EUI64-Address AVP . . . . . . . . . . . . . . . . . . 15 5.7.12. EUI64-Address-Mask AVP . . . . . . . . . . . . . . . . 15 5.7.13. EUI64-Address-Mask-Pattern AVP . . . . . . . . . . . . 15 - 5.7.14. VLAN-ID AVP . . . . . . . . . . . . . . . . . . . . . 15 - 5.7.15. Port AVP . . . . . . . . . . . . . . . . . . . . . . . 16 - 5.7.16. Port-Range AVP . . . . . . . . . . . . . . . . . . . . 16 - 5.7.17. Port-Start AVP . . . . . . . . . . . . . . . . . . . . 16 - 5.7.18. Port-End AVP . . . . . . . . . . . . . . . . . . . . . 16 - 5.7.19. Use-Assigned-Address AVP . . . . . . . . . . . . . . . 16 - 5.8. Header Option AVPs . . . . . . . . . . . . . . . . . . . . 17 - 5.8.1. Diffserv-Code-Point AVP . . . . . . . . . . . . . . . 17 - 5.8.2. Fragmentation-Flag AVP . . . . . . . . . . . . . . . . 17 + 5.7.14. Port AVP . . . . . . . . . . . . . . . . . . . . . . . 15 + 5.7.15. Port-Range AVP . . . . . . . . . . . . . . . . . . . . 15 + 5.7.16. Port-Start AVP . . . . . . . . . . . . . . . . . . . . 16 + 5.7.17. Port-End AVP . . . . . . . . . . . . . . . . . . . . . 16 + 5.7.18. Use-Assigned-Address AVP . . . . . . . . . . . . . . . 16 + 5.8. Header Option AVPs . . . . . . . . . . . . . . . . . . . . 16 + 5.8.1. Diffserv-Code-Point AVP . . . . . . . . . . . . . . . 16 + 5.8.2. Fragmentation-Flag AVP . . . . . . . . . . . . . . . . 16 5.8.3. IP-Option AVP . . . . . . . . . . . . . . . . . . . . 17 - 5.8.4. IP-Option-Type AVP . . . . . . . . . . . . . . . . . . 18 - 5.8.5. IP-Option-Value AVP . . . . . . . . . . . . . . . . . 18 - 5.8.6. TCP-Option AVP . . . . . . . . . . . . . . . . . . . . 18 + 5.8.4. IP-Option-Type AVP . . . . . . . . . . . . . . . . . . 17 + 5.8.5. IP-Option-Value AVP . . . . . . . . . . . . . . . . . 17 + 5.8.6. TCP-Option AVP . . . . . . . . . . . . . . . . . . . . 17 5.8.7. TCP-Option-Type AVP . . . . . . . . . . . . . . . . . 18 5.8.8. TCP-Option-Value AVP . . . . . . . . . . . . . . . . . 18 5.8.9. TCP-Flags AVP . . . . . . . . . . . . . . . . . . . . 18 - 5.8.10. TCP-Flag-Type AVP . . . . . . . . . . . . . . . . . . 19 + 5.8.10. TCP-Flag-Type AVP . . . . . . . . . . . . . . . . . . 18 5.8.11. ICMP-Type . . . . . . . . . . . . . . . . . . . . . . 19 - 5.8.12. ICMP-Type-Number AVP . . . . . . . . . . . . . . . . . 20 - 5.8.13. ICMP-Code AVP . . . . . . . . . . . . . . . . . . . . 20 - 5.8.14. ETH-Option AVP . . . . . . . . . . . . . . . . . . . . 20 + 5.8.12. ICMP-Type-Number AVP . . . . . . . . . . . . . . . . . 19 + 5.8.13. ICMP-Code AVP . . . . . . . . . . . . . . . . . . . . 19 + 5.8.14. ETH-Option AVP . . . . . . . . . . . . . . . . . . . . 19 5.8.15. ETH-Proto-Type AVP . . . . . . . . . . . . . . . . . . 20 5.8.16. ETH-Ether-Type AVP . . . . . . . . . . . . . . . . . . 20 5.8.17. ETH-SAP AVP . . . . . . . . . . . . . . . . . . . . . 20 - 5.8.18. ETH-Priority-Range AVP . . . . . . . . . . . . . . . . 21 - 5.8.19. ETH-Low-Priority AVP . . . . . . . . . . . . . . . . . 21 - 5.8.20. ETH-High-Priority AVP . . . . . . . . . . . . . . . . 21 - 6. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 - 6.1. Diameter EAP with QoS Information . . . . . . . . . . . . 21 - 6.2. Diameter NASREQ with QoS Information . . . . . . . . . . . 22 - 6.3. QoS Authorization . . . . . . . . . . . . . . . . . . . . 23 - 6.4. Diameter Server Initiated Re-authorization of QoS . . . . 24 - 6.5. Diameter Credit Control with QoS Information . . . . . . . 25 - 6.6. Classifier Examples . . . . . . . . . . . . . . . . . . . 26 - 7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 27 - 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 27 - 9. Security Considerations . . . . . . . . . . . . . . . . . . . 29 - 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 29 - 10.1. Normative References . . . . . . . . . . . . . . . . . . . 29 - 10.2. Informative References . . . . . . . . . . . . . . . . . . 30 - Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 30 - Intellectual Property and Copyright Statements . . . . . . . . . . 32 + 5.8.18. VLAN-ID-Range AVP . . . . . . . . . . . . . . . . . . 20 + 5.8.19. S-VID-Start AVP . . . . . . . . . . . . . . . . . . . 21 + 5.8.20. S-VID-End AVP . . . . . . . . . . . . . . . . . . . . 21 + 5.8.21. C-VID-Start AVP . . . . . . . . . . . . . . . . . . . 22 + 5.8.22. C-VID-End AVP . . . . . . . . . . . . . . . . . . . . 22 + 5.8.23. ETH-Priority-Range AVP . . . . . . . . . . . . . . . . 22 + 5.8.24. ETH-Low-Priority AVP . . . . . . . . . . . . . . . . . 22 + 5.8.25. ETH-High-Priority AVP . . . . . . . . . . . . . . . . 22 + 6. Time Of Day AVPs . . . . . . . . . . . . . . . . . . . . . . . 22 + 6.1. Time-Of-Day-Condition AVP . . . . . . . . . . . . . . . . 23 + 6.2. Time-Of-Day-Start AVP . . . . . . . . . . . . . . . . . . 23 + 6.3. Time-Of-Day-End AVP . . . . . . . . . . . . . . . . . . . 24 + 6.4. Day-Of-Week-Mask AVP . . . . . . . . . . . . . . . . . . . 24 + 6.5. Day-Of-Month-Mask AVP . . . . . . . . . . . . . . . . . . 24 + 6.6. Month-Of-Year-Mask AVP . . . . . . . . . . . . . . . . . . 24 + 6.7. Absolute-Start-Time AVP . . . . . . . . . . . . . . . . . 25 + 6.8. Absolute-End-Time AVP . . . . . . . . . . . . . . . . . . 25 + 6.9. Timezone-Flag AVP . . . . . . . . . . . . . . . . . . . . 25 + 6.10. Timezone-Offset AVP . . . . . . . . . . . . . . . . . . . 26 + 7. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 + 7.1. Diameter EAP with QoS Information . . . . . . . . . . . . 26 + 7.2. Diameter NASREQ with QoS Information . . . . . . . . . . . 27 + 7.3. QoS Authorization . . . . . . . . . . . . . . . . . . . . 28 + 7.4. Diameter Server Initiated Re-authorization of QoS . . . . 29 + 7.5. Diameter Credit Control with QoS Information . . . . . . . 30 + 7.6. Classifier Examples . . . . . . . . . . . . . . . . . . . 31 + 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 32 + 9. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 32 + 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 32 + 11. Security Considerations . . . . . . . . . . . . . . . . . . . 34 + 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 35 + 12.1. Normative References . . . . . . . . . . . . . . . . . . . 35 + 12.2. Informative References . . . . . . . . . . . . . . . . . . 36 + Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 36 + Intellectual Property and Copyright Statements . . . . . . . . . . 38 1. Introduction This document defines a number of Diameter Quality of Service (QoS) related AVPs that can be used in existing and future Diameter applications where permitted by the command ABNF. The Extended-QoS- Filter-Rule AVP thereby replaces the IPFilterRule, defined in RFC 3588bis [I-D.ietf-dime-rfc3588bis], and the QoS-Filter-Rule, defined in RFC 4005 [RFC4005]. @@ -198,20 +214,21 @@ Management Function. This AVP uses the Classifier AVP (see Section 5) to describe traffic flows. Extended-QoS-Filter-Rule ::= < AVP Header: XXX > { QoS-Semantics } [ QoS-Profile-Template ] [ Vendor-Specific-QoS-Profile-Template ] [ QoS-Parameters ] [ QoS-Rule-Precedence ] [ Classifier ] + * [ Time-Of-Day-Condition ] * [ AVP ] Either the QoS-Profile-Template or Vendor-Specific-QoS-Profile- Template AVP MUST appear in the Extended-QoS-Filter-Rule AVP. 3.6. QoS-Semantics The QoS-Semantics AVP (AVP Code TBD) is of type Enumerated and provides the semantics for the QoS-Profile-Template and QoS- Parameters AVPs in the Extended-QoS-Filter-Rule AVP. @@ -435,41 +452,36 @@ If more than one instance of the IP address AVPs (IP-Address, IP- Address-Range, IP-Address-Mask, Use-Assigned-Address) appear in the From-Spec AVP then the source IP address of the packet must match one of the addresses represented by these AVPs. If more that one instance of the layer 2 address AVPs (MAC-Address, MAC-Address-Mask, EUI64-Address, EUI64-Address-Mask) appears in the From-Spec then the the source layer 2 address of the packet must match one of the addresses represented in these AVPs. - If more that one instance of the VLAN-ID AVP appears in the From-Spec - then the VLAN-ID of the packet must match one of the VLAN-IDs - represented in these AVPs. - If more that one instance of the port AVPs (Port, Port-Range) appears in the From-Spec AVP then the source port number must match one of the port numbers represented in these AVPs. If the IP address, MAC address and port AVPs appear in the same From- Spec AVP then the source packet must match all the specifications, i.e. match the IP address AND MAC address AND port number. From-Spec ::= < AVP Header: XXX > * [ IP-Address ] * [ IP-Address-Range ] * [ IP-Address-Mask ] * [ MAC-Address ] * [ MAC-Address-Mask] * [ EUI64-Address ] * [ EUI64-Address-Mask] - * [ VLAN-ID ] * [ Port ] * [ Port-Range ] [ Negated ] [ Use-Assigned-Address ] * [ AVP ] 5.6. To-Spec AVP The To-Spec AVP (AVP Code TBD) is a grouped AVP that specifies the Destination Specification used to match the packet. Zero or more of @@ -482,42 +494,37 @@ If more than one instance of the IP address AVPs (IP-Address, IP- Address-Range, IP-Address-Mask, Use-Assigned-Address) appear in the To-Spec AVP then the destination IP address of the packet must match one of the addresses represented by these AVPs. If more that one instance of the layer 2 address AVPs (MAC-Address, MAC-Address-Mask, EUI64-Address, EUI64-Address-Mask) appears in the To-Spec then the the destination layer 2 address of the packet must match one of the addresses represented in these AVPs. - If more that one instance of the VLAN-ID AVP appears in the From-Spec - then the VLAN-ID of the packet must match one of the VLAN-IDs - represented in these AVPs. - If more that one instance of the port AVPs (Port, Port-Range) appears in the To-Spec AVP then the destination port number must match one of the port numbers represented in these AVPs. If the IP address, MAC address and port AVPs appear in the same To- Spec AVP then the destination packet must match all the specifications, i.e. match the IP address AND MAC address AND port number. To-Spec ::= < AVP Header: XXX > * [ IP-Address ] * [ IP-Address-Range ] * [ IP-Address-Mask ] * [ MAC-Address ] * [ MAC-Address-Mask] * [ EUI64-Address ] * [ EUI64-Address-Mask] - * [ VLAN-ID ] * [ Port ] * [ Port-Range ] [ Negated ] [ Use-Assigned-Address ] * [ AVP ] 5.7. Source and Destination AVPs For packet classification the contents of the From-Spec and To-Spec can contain the following AVPs. @@ -653,61 +660,49 @@ { EUI64-Address } { EUI64-Address-Mask-Pattern } * [ AVP ] 5.7.13. EUI64-Address-Mask-Pattern AVP The EUI64-Address-Mask-Pattern AVP (AVP Code TBD) is of type OctetString. The value is a 8 octets specifying the bit positions of a EUI64 address, that are taken for matching. -5.7.14. VLAN-ID AVP - - VLAN-ID AVP (AVP Code TBD) is of type OctetString. The value is a - double octet encoded in Network Byte Order. The value of this field - specifies the matching value for the IEEE 802.1Q VLAN-ID bits. Only - the lower (i.e., rightmost) 12 bits of the specified 2 octet VLAN-ID - field are significant; the upper four bits shall be ignored for - comparison. If this field is omitted, then comparison of the IEEE - 802.1Q VLAN-ID bits for this entry is irrelevant. If this parameter - is specified for an entry, then Ethernet packets without IEEE 802.1Q - encapsulation shall not match this entry. - -5.7.15. Port AVP +5.7.14. Port AVP The Port AVP (AVP Code TBD) is of type Integer32 in the range of 0 to 65535 and specifies the TCP or UDP port number to match. -5.7.16. Port-Range AVP +5.7.15. Port-Range AVP The Port-Range AVP (AVP Code TBD) is of type Grouped and specifies an inclusive range of ports. Port-Range ::= < AVP Header: XXX > [ Port-Start ] [ Port-End ] * [ AVP ] If the Port-Start AVP is omitted then port 0 is assumed. If the Port-End AVP is omitted then port 65535 is assumed. -5.7.17. Port-Start AVP +5.7.16. Port-Start AVP The Port-Start AVP (AVP Code TBD) is of type Integer32 and specifies the first port number of an IP port range. -5.7.18. Port-End AVP +5.7.17. Port-End AVP The Port-End AVP (AVP Code TBD) is of type Integer32 and specifies the last port number of an IP port range. -5.7.19. Use-Assigned-Address AVP +5.7.18. Use-Assigned-Address AVP In some scenarios, the AAA does not know the IP address assigned to the Managed Terminal at the time that the Classifier is sent to the Classifying Entity. The Use-Assigned-Address AVP (AVP Code TBD) is of type Enumerated containing the values of True or False. When present and set to True, it represents the IP address assigned to the Managed Terminal. Value | Name ------+-------- @@ -859,88 +854,322 @@ [ICMPTYPE]. 5.8.13. ICMP-Code AVP The ICMP-Code AVP (AVP Code TBD) is of type Enumerated and the values are managed by IANA under the ICMP Type Numbers registry [ICMPTYPE]. 5.8.14. ETH-Option AVP The ETH-Option AVP (AVP Code TBD) is of type Grouped and specifies - Ethernet specific classifiers. + Ethernet specific attributes. ETH-Option ::= < AVP Header: XXX > { ETH-Proto-Type } - * [ ETH-VLAN-ID ] + * [ VLAN-ID-Range ] * [ ETH-Priority-Range ] * [ AVP ] 5.8.15. ETH-Proto-Type AVP The Eth-Proto-Type AVP (AVP Code TBD) is of type Grouped and specifies the encapsulated protocol type. ETH-Ether-Type and ETH-SAP are mutually exclusive. ETH-Proto-Type ::= < AVP Header: XXX > * [ ETH-Ether-Type ] * [ ETH-SAP ] * [ AVP ] 5.8.16. ETH-Ether-Type AVP The ETH-Ether-Type AVP (AVP Code TBD) is of type OctetString. The - value is a double octet the contains the value of the Ethertype that - the packet shall match in order to match the rule. It might be - present in case of DIX or if SNAP is present at 802.2 (SAP shall not - be present in this case). + value is a double octet the contains the value of the Ethertype field + in the packet to match. This AVP MAY be present in the case of DIX + or if SNAP is present at 802.2 but the ETH-SAP AVP MUST NOT be + present in this case. 5.8.17. ETH-SAP AVP The ETH-SAP AVP (AVP Code TBD) is of type OctetString. The value is - a double octet representing the 802.2 SAP as specified in "IEEE - Standards for Local Area Networks: Logical Link Control". The first - octet contains the DSAP and the second the SSAP. + a double octet representing the 802.2 SAP as specified in + [IEEE802.2]. The first octet contains the DSAP and the second the + SSAP. -5.8.18. ETH-Priority-Range AVP +5.8.18. VLAN-ID-Range AVP + + The VLAN-ID-Range AVP (AVP Code TBD) is of type Grouped and specifies + the VLAN range to match. VLAN identities are either specified by a + single VLAN-ID according to [IEEE802.1Q] or by a combination of + Customer and Service VLAN-IDs according to [IEEE802.1ad]. + + The single VLAN-ID is represented by the C-VID-Start and C-VID-End + AVPs and the S-VID-Start and S-VID-End AVPs SHALL be ommitted in this + case. If the VLAN-ID-Range AVP is omitted from the Classifier, then + comparison of the VLAN identity of the packet is irrelevant. + + VLAN-ID-Range ::= < AVP Header: XXX > + [ S-VID-Start ] + [ S-VID-End ] + [ C-VID-Start ] + [ C-VID-End ] + * [ AVP ] + + When the S-VID-Start AVP is present but the S-VID-End AVP is absent, + the S-VID-Start AVP value MUST equal the value of the IEEE 802.1ad + S-VID bits specified in [IEEE802.1ad] for a successful match. When + both S-VID-Start and S-VID-End AVPs are present, the value of the + IEEE 802.1ad S-VID bits MUST be greater than or equal to the S-VID- + Start AVP value and less than or equal to the S-VID-End AVP value for + a successful match. If the S-VID-Start and S-VID-End AVPs are + omitted, then existence of IEEE802.1ad encapsulation or comparison of + the IEEE 802.1ad S-VID bits is irrelevamt for this Classifier. If + the S-VID-Start and S-VID-End AVPs are specified, then Ethernet + packets without IEEE 802.1ad encapsulation MUST NOT match this + Classifier. + + When the C-VID-Start AVP is present but the C-VID-End AVP is absent, + the C-VID-Start AVP value MUST equal the value of the IEEE 802.1ad + C-VID bits specified in [IEEE802.1ad] or the IEEE 802.1Q VLAN-ID bits + specified in [IEEE802.1Q] for a successful match. When both C-VID- + Start and C-VID-End AVPs are present, the value of the IEEE 802.1ad + C-VID bits or the IEEE 802.1Q VLAN-ID bits MUST be greater than or + equal to the C-VID-Start AVP value and less than or equal to the + C-VID-End AVP value for a successful match. If the C-VID-Start and + C-VID-End AVPs are omitted, then comparison of the IEEE 802.1ad C-VID + bits or IEEE 802.1Q VLAN-ID bits for this Classifier is irrelevant. + If the C-VID-Start and C-VID-End AVPs are specified, then Ethernet + packets without IEEE 802.1ad or IEEE 802.1Q encapsulation MUST NOT + match this Classifier. + +5.8.19. S-VID-Start AVP + + The S-VID-Start AVP (AVP Code TBD) is of type Unsigned32. The value + MUST be in the range from 0 to 4095. The value of this AVP specifies + the start value of the range of S-VID VLAN-IDs to be matched. + +5.8.20. S-VID-End AVP + + The S-VID-End AVP (AVP Code TBD) is of type Unsigned32. The value + MUST be in the range from 0 to 4095. The value of this AVP specifies + the end value of the range of S-VID VLAN-IDs to be matched. + +5.8.21. C-VID-Start AVP + + The C-VID-Start AVP (AVP Code TBD) is of type Unsigned32. The value + MUST be in the range from 0 to 4095. The value of this AVP specifies + the start value of the range of C-VID VLAN-IDs to be matched. + +5.8.22. C-VID-End AVP + + The C-VID-End AVP (AVP Code TBD) is of type Unsigned32. The value + MUST be in the range from 0 to 4095. The value of this AVP specifies + the end value of the range of C-VID VLAN-IDs to be matched. + +5.8.23. ETH-Priority-Range AVP The ETH-Priority-Range AVP (AVP Code TBD) is of type Grouped and - specifies a valid priority range in between the Low-priority AVP to - the High-priority AVP specified. An Ethernet packet with IEEE 802.1D - user_priority value "priority" matches these parameters if priority - is greater than or equal to pri-low and priority is less than or - equal to pri-high. If this field is omitted, then comparison of the - IEEE 802.1D user_priority bits for this entry is irrelevant. + specifies an inclusive range to match the user_priority parameter + specified in [IEEE802.1D]. An Ethernet packet containing the + user_priority parameter matches this Classifier if the value is + greater than or equal to ETH-Low-Priority and less than or equal to + ETH-High-Priority. If this AVP is omitted, then comparison of the + IEEE 802.1D user_priority parameter for this Classifier is + irrelevant. ETH-Priority-Range ::= < AVP Header: XXX > * [ ETH-Low-Priority ] * [ ETH-High-Priority ] * [ AVP ] -5.8.19. ETH-Low-Priority AVP +5.8.24. ETH-Low-Priority AVP - The ETH-Low-Priority AVP (AVP Code TBD) is of type OctetString. The - value is a single octet with a valid range from 0 to 7. + The ETH-Low-Priority AVP (AVP Code TBD) is of type Unsigned32. The + value MUST be in the range from 0 to 7. -5.8.20. ETH-High-Priority AVP +5.8.25. ETH-High-Priority AVP - The ETH-High-Priority AVP (AVP Code TBD) is of type OctetString. The - value is a single octet with a valid range from 0 to 7. + The ETH-High-Priority AVP (AVP Code TBD) is of type Unsigned32. The + value MUST be in the range from 0 to 7. -6. Examples +6. Time Of Day AVPs + + In many QoS applications, the QoS specification applied to the + traffic flow is conditional upon the time of day when the flow was + observed. The following sections define AVPs that can be used to + express one or more time windows which determine when a QoS + specification is applicable to a traffic flow. + +6.1. Time-Of-Day-Condition AVP + + The Time-Of-Day-Condition AVP (AVP Code TBD) is of type Grouped and + specifies one or more time windows. + + Time-Of-Day-Condition ::= < AVP Header: XXX > + [ Time-Of-Day-Start ] + [ Time-Of-Day-End ] + [ Day-Of-Week-Mask ] + [ Day-Of-Month-Mask ] + [ Month-Of-Year-Mask ] + [ Absolute-Start-Time ] + [ Absolute-End-Time ] + [ Timezone-Flag ] + * [ AVP ] + + If more than one instance of this AVP is present in the Extended-QoS- + Filter-Rule AVP, the current time at QoS rule evaluation MUST be + within at least one of the time windows specified in one of the Time- + Of-Day-Condition AVPs. + + When the Time-Of-Day-Condition AVP and Classifier AVP are present in + the same Extended-QoS-Filter-Rule AVP, both the time of day and + packet classification conditions MUST match for the QoS specification + to be applied. + + For example, a time window for 9am to 5pm (local time) from Monday to + Friday would be expressed as: + + Time-Of-Day-Condition = { + Time-Of-Day-Start = 32400; + Time-Of-Day-End = 61200; + Day-Of-Week-Mask = + ( MONDAY | TUESDAY | WEDNESDAY | THURSDAY | FRIDAY ); + Timezone-Flag = LOCAL; + } + +6.2. Time-Of-Day-Start AVP + + The Time-Of-Day-Start AVP (AVP Code TBD) is of type Unsigned32. The + value MUST be in the range from 0 to 86400. The value of this AVP + specifies the start of an inclusive time window expressed as the + offset in seconds from midnight. If this AVP is absent from the + Time-Of-Day-Condition AVP, the time window starts at midnight. + +6.3. Time-Of-Day-End AVP + + The Time-Of-Day-End AVP (AVP Code TBD) is of type Unsigned32. The + value MUST be in the range from 1 to 86400. The value of this AVP + specifies the end of an inclusive time window expressed as the offset + in seconds from midnight. If this AVP is absent from the Time-Of- + Day-Condition AVP, the time window ends one second before midnight. + +6.4. Day-Of-Week-Mask AVP + + The Day-Of-Week-Mask AVP (AVP Code TBD) is of type Unsigned32. The + value is a bitmask which specifies the day of the week for the time + window to match. This document specifies the following bits: + + Bit | Name + ------+------------ + 0 | SUNDAY + 1 | MONDAY + 2 | TUESDAY + 3 | WEDNESDAY + 4 | THURSDAY + 5 | FRIDAY + 6 | SATURDAY + + The bit MUST be set for the time window to match on the corresponding + day of the week. Bit 0 is the most significant bit and unused bits + MUST be cleared. If this AVP is absent from the Time-Of-Day- + Condition AVP, the time windows match on all days of the week. + +6.5. Day-Of-Month-Mask AVP + + The Day-Of-Week-Month AVP (AVP Code TBD) is of type Unsigned32. The + value MUST be in the range from 0 to 2147483647. The value is a + bitmask which specifies the days of the month where bit 0 represents + the first day of the month through to bit 30 which represents the + last day of the month. The bit MUST be set for the time window to + match on the corresponding day of the month. Bit 0 is the most + significant bit and unused bits MUST be cleared. If this AVP is + absent from the Time-Of-Day-Condition AVP, the time windows match on + all days of the month. + +6.6. Month-Of-Year-Mask AVP + + The Month-Of-Year-Month AVP (AVP Code TBD) is of type Unsigned32. + The value is a bitmask which specifies the months of the year for the + time window to match. This document specifies the following bits: + + Bit | Name + ------+----------- + 0 | JANUARY + 1 | FEBRUARY + 2 | MARCH + 3 | APRIL + 4 | MAY + 5 | JUNE + 6 | JULY + 7 | AUGUST + 8 | SEPTEMBER + 9 | OCTOBER + 10 | NOVEMBER + 11 | DECEMBER + + The bit MUST be set for the time window to match on the corresponding + month of the year. Bit 0 is the most significant bit and unused bits + MUST be cleared. If this AVP is absent from the Time-Of-Day- + Condition AVP, the time windows match during all months of the year. + +6.7. Absolute-Start-Time AVP + + The Absolute-Start-Time AVP (AVP Code TBD) is of type Time. The + value of this AVP specifies the time in seconds since January 1, + 1900, 00:00 UTC when the time window starts. If this AVP is absent + from the Time-Of-Day-Condition AVP, the time window starts on January + 1, 1900, 00:00 UTC. + +6.8. Absolute-End-Time AVP + + The Time-Of-Day-End AVP (AVP Code TBD) is of type Time. The value of + this AVP specifies the time in seconds since January 1, 1900, 00:00 + UTC when the time window ends. If this AVP is absent from the Time- + Of-Day-Condition AVP, the time window is open-ended. + +6.9. Timezone-Flag AVP + + The Timezone-Flag AVP (AVP Code TBD) is of type Enumerated and + indicates whether the time windows are specified in UTC, local time + at the managed terminal or as an offset from UTC. If this AVP is + absent from the Time-Of-Day-Condition AVP, the time windows are in + UTC. + + This document defines the following values: + + Value | Name and Semantic + ------+-------------------------------------------------- + 0 | RESERVED + 1 | UTC - The time windows are expressed in UTC. + 2 | LOCAL - The time windows are expressed in local + | time at the Managed Terminal. + 3 | OFFSET - The time windows are expressed as an + | offset from UTC (see Timezone-Offset AVP). + +6.10. Timezone-Offset AVP + + The Timezone-Offset AVP (AVP Code TBD) is of type Integer32. The + value of this AVP MUST be in the range from -43200 to 43200. It + specifies the offset in seconds from UTC that was used to express + Time-Of-Day-Start, Time-Of-Day-End, Day-Of-Week-Mask, Day-Of-Month- + Mask and Month-Of-Year-Mask AVPs. This AVP MUST be present if the + Timezone-Flag AVP is set to OFFSET. + +7. Examples This section shows a number of signaling flows where QoS negotiation and authorization is part of the conventional NASREQ, EAP or Credit Control applications message exchanges. The signalling flows for the Diameter QoS Application are described in [I-D.ietf-dime-diameter-qos]. -6.1. Diameter EAP with QoS Information +7.1. Diameter EAP with QoS Information Figure 2 shows a simple signaling flow where a NAS (Diameter Client) announces its QoS awareness and capabilities included into the DER message and as part of the access authentication procedure. Upon completion of the EAP exchange, the Diameter Server provides a pre- provisioned QoS profile with the QoS-Semantics in the Extended-QoS- Filter-Rule AVP set to "QoS-Authorized", to the NAS in the final DEA message. End Diameter Diameter @@ -976,21 +1205,21 @@ | | (authorization AVPs) | | | QoS-Resources(QoS-Authorized) | | |<-------------------------------| | | | | EAP Success | | |<------------------------------| | | | | Figure 2: Example of a Diameter EAP enhanced with QoS Information -6.2. Diameter NASREQ with QoS Information +7.2. Diameter NASREQ with QoS Information Figure 3 shows a similar pre-provisioned QoS signaling as in Figure 2 but using the NASREQ application instead of EAP application. End Diameter Host NAS Server | | | | Start Network | | | Attachment | | |<---------------->| | @@ -1023,21 +1252,21 @@ | | (authorization AVPs)| | |QoS-Resources(QoS-Authorized) | | |<-----------------------------+ | | | | Success | | |<-----------------+ | | | | Figure 3: Example of a Diameter NASREQ enhanced with QoS Information -6.3. QoS Authorization +7.3. QoS Authorization Figure 4 shows an example of authorization only QoS signaling as part of the NASREQ message exchange. The NAS provides the Diameter server with the "QoS-Desired" QoS-Semantics AVP included in the QoS- Resources AVP. The Diameter server then either authorizes the indicated QoS or rejects the request and informs the NAS about the result. In this scenario the NAS does not need to include the QoS- Capability AVP in the AAR message as the QoS-Resources AVP implicitly does the same and also the NAS is authorizing a specific QoS profile, not a pre-provisioned one. @@ -1060,21 +1289,21 @@ | | QoS-Resources(QoS-Authorized)| | |<-----------------------------+ | Accept | | |<-----------------+ | | | | | | | | | | Figure 4: Example of an Authorization-Only Message Flow -6.4. Diameter Server Initiated Re-authorization of QoS +7.4. Diameter Server Initiated Re-authorization of QoS Figure 5 shows a message exchange for a Diameter server initiated QoS re-authorization procedure. The Diameter server sends the NAS a RAR message requesting re-authorization for an existing session and the NAS acknowledges it with a RAA message. The NAS is aware of its existing QoS profile and information for the ongoing session that the Diameter server requested for re-authorization. Thus, the NAS must initiate re-authorization of the existing QoS profile. The re- authorization procedure is the same as in Figure 4. @@ -1102,21 +1331,21 @@ | | | | | AA-Answer| | | Result-Code=DIAMETER_SUCCESS| | | (authorization AVPs)| | | QoS-Resources(QoS-Authorized)| | |<-----------------------------+ | | | Figure 5: Example of a Server-initiated Re-Authorization Procedure -6.5. Diameter Credit Control with QoS Information +7.5. Diameter Credit Control with QoS Information In this case the User is charged as soon as the Service Element (CC client) receives the service request. In this case the client uses the "QoS-Desired" QoS-Semantics parameter in the QoS-Resources AVP that it sends to the Accounitng server. The server responds with a "QoS-Available" QoS-Semantics parameter in the QoS-Resources AVP Service Element End User (CC Client) B CC Server | | | | |(1) Service Request | | | @@ -1131,27 +1360,27 @@ |<--------------------| | | |(5) Begin service | | | |<------------------------------------>| | | | | | . . . . . . . . Figure 6: Example for a One-Time Diameter Credit Control Charging Event -6.6. Classifier Examples +7.6. Classifier Examples Example: Classify all packets from hosts on subnet 12.34.56.00/24 to ports 80, 8090 or 443 on web servers 23.45.67.123, 23.45.68.124, 23.45.69.125. - Classifer = { + Classifier = { Classifier-Id = "web_svr_example"; Protocol = TCP; Direction = OUT; From-Spec = { IP-Address-Mask = { IP-Address = 12.34.56.00; IP-Bit-Mask-Width = 24; } } To-Spec = { @@ -1160,50 +1389,54 @@ IP-Address = 23.45.69.125; Port = 80; Port = 8080; Port = 443; } } Example: Any SIP signalling traffic from a device with a MAC address of 01:23:45:67:89:ab to servers with IP addresses in the range 34.56.78.90 to 34.56.78.190. - Classifer = { + Classifier = { Classifier-Id = "web_svr_example"; Protocol = UDP; Direction = OUT; From-Spec = { MAC-Address = 01:23:45:67:89:ab; } To-Spec = { IP-Address-Range = { IP-Address-Start = 34.56.78.90; IP-Address-End = 34.56.78.190; } Port = 5060; Port = 3478; Port-Range = { Port-Start = 16348; Port-End = 32768; } } } -7. Acknowledgments +8. Acknowledgments We would like to thank Victor Fajardo, Tseno Tsenov, Robert Hancock, Jukka Manner, Cornelia Kappler, Xiaoming Fu, Frank Alfano,Tolga Asveren, Mike Montemurro,Glen Zorn, Avri Doria, Dong Sun, Tina Tsou, - Pete McCann, Georgios Karagiannis and Elwyn Davies for their - comments. + Pete McCann, Georgios Karagiannis, Elwyn Davies, Max Riegel and Yong + Li for their comments. -8. IANA Considerations +9. Contributors + + Max Riegel contributed the VLAN sections. + +10. IANA Considerations IANA is requested to allocate AVP codes for the following AVPs that are defined in this document. +------------------------------------------------------------------+ | AVP Section | | Attribute Name Code Defined Data Type | +------------------------------------------------------------------+ |QoS-Capability TBD 3.1 Grouped | |QoS-Profile-Template TBD 3.2 Unsigned32 | @@ -1224,118 +1457,151 @@ |IP-Address-Start TBD 5.7.4 Address | |IP-Address-End TBD 5.7.5 Address | |IP-Address-Mask TBD 5.7.6 Grouped | |IP-Mask-Bit-Mask-Width TBD 5.7.7 OctetString | |MAC-Address TBD 5.7.8 OctetString | |MAC-Address-Mask TBD 5.7.9 Grouped | |MAC-Address-Mask-Pattern TBD 5.7.10 OctetString | |EUI64-Address TBD 5.7.11 OctetString | |EUI64-Address-Mask TBD 5.7.12 Grouped | |EUI64-Address-Mask-Pattern TBD 5.7.13 OctetString | - |VLAN-ID TBD 5.7.14 OctetString | - |Port TBD 5.7.15 Integer32 | - |Port-Range TBD 5.7.16 Grouped | - |Port-Start TBD 5.7.17 Integer32 | - |Port-End TBD 5.7.18 Integer32 | - |Use-Assigned-Address TBD 5.7.19 Enumerated | + |Port TBD 5.7.14 Integer32 | + |Port-Range TBD 5.7.15 Grouped | + |Port-Start TBD 5.7.16 Integer32 | + |Port-End TBD 5.7.17 Integer32 | + |Use-Assigned-Address TBD 5.7.18 Enumerated | |Diffserv-Code-Point TBD 5.8.1 Enumerated | |Fragmentation-Flag TBD 5.8.2 Enumerated | |IP-Option TBD 5.8.3 Grouped | |IP-Option-Type TBD 5.8.4 Enumerated | |IP-Option-Value TBD 5.8.5 OctetString | |TCP-Option TBD 5.8.6 Grouped | |TCP-Option-Type TBD 5.8.7 Enumerated | |TCP-Option-Value TBD 5.8.8 OctetString | |TCP-Flags TBD 5.8.9 Grouped | |TCP-Flag-Type TBD 5.8.10 Enumerated | |ICMP-Type TBD 5.8.11 Grouped | |ICMP-Type-Number TBD 5.8.12 Enumerated | |ICMP-Code TBD 5.8.13 Enumerated | |ETH-Option TBD 5.8.14 Grouped | |ETH-Proto-Type TBD 5.8.15 Grouped | |ETH-Ether-Type TBD 5.8.16 OctetString | |ETH-SAP TBD 5.8.17 OctetString | - |ETH-Priority-Range TBD 5.8.18 Grouped | - |ETH-Low-Priority TBD 5.8.19 OctetString | - |ETH-High-Priority TBD 5.8.20 OctetString | + |VLAN-ID-Range TBD 5.8.18 Grouped | + |S-VID-Start TBD 5.8.19 Unsigned32 | + |S-VID-End TBD 5.8.20 Unsigned32 | + |C-VID-Start TBD 5.8.21 Unsigned32 | + |C-VID-End TBD 5.8.22 Unsigned32 | + |ETH-Priority-Range TBD 5.8.23 Grouped | + |ETH-Low-Priority TBD 5.8.24 Unsigned32 | + |ETH-High-Priority TBD 5.8.25 Unsigned32 | + |Time-Of-Day-Condition TBD 6.1 Grouped | + |Time-Of-Day-Start TBD 6.2 Grouped | + |Time-Of-Day-End TBD 6.3 Unsigned32 | + |Day-Of-Week-Mask TBD 6.4 Unsigned32 | + |Day-Of-Month-Mask TBD 6.5 Unsigned32 | + |Month-Of-Year-Mask TBD 6.6 Unsigned32 | + |Absolute-Start-Time TBD 6.7 Time | + |Absolute-End-Time TBD 6.8 Time | + |Timezone-Flag TBD 6.9 Enumerated | + |Timezone-Offset TBD 6.10 Integer32 | +------------------------------------------------------------------+ IANA is also requested to allocate a registry for the QoS-Semantics. The following values are allocated by this specification. (0): QoS-Desired (1): QoS-Available (2): QoS-Reserved (3): Minimum-QoS (4): QoS-Authorized A specification is required to add a new value to the registry. A standards track document is required to depreciate, delete, or modify existing values. -9. Security Considerations +11. Security Considerations This document describes the extension of Diameter for conveying Quality of Service information. The security considerations of the Diameter protocol itself have been discussed in RFC 3588bis [I-D.ietf-dime-rfc3588bis]. Use of the AVPs defined in this document MUST take into consideration the security issues and requirements of the Diameter Base protocol. -10. References +12. References -10.1. Normative References +12.1. Normative References - [DSCP] IANA,, "Differentiated Services Field Codepoints", + [DSCP] IANA, "Differentiated Services Field Codepoints", http://www.iana.org/assignments/dscp-registry. [I-D.ietf-dime-qos-parameters] Korhonen, J. and H. Tschofenig, "Quality of Service Parameters for Usage with the AAA Framework", draft-ietf-dime-qos-parameters-06 (work in progress), May 2008. [I-D.ietf-dime-rfc3588bis] Fajardo, V., Arkko, J., Loughney, J., and G. Zorn, - "Diameter Base Protocol", draft-ietf-dime-rfc3588bis-10 - (work in progress), January 2008. + "Diameter Base Protocol", draft-ietf-dime-rfc3588bis-12 + (work in progress), September 2008. [ICMPTYPE] - IANA,, "ICMP Type Numbers", + IANA, "ICMP Type Numbers", http://www.iana.org/assignments/icmp-parameters. + [IEEE802.1D] + IEEE, "IEEE Standard for Local and metropolitan area + networks, Media Access Control (MAC) Bridges", 2004. + + [IEEE802.1Q] + IEEE, "IEEE Standard for Local and metropolitan area + networks, Virtual Bridged Local Area Networks", 2005. + + [IEEE802.1ad] + IEEE, "IEEE Standard for Local and metropolitan area + networks, Virtual Bridged Local Area Networks, Amendment + 4: Provider Bridges", 2005. + + [IEEE802.2] + IEEE, "IEEE Standard for Information technology, + Telecommunications and information exchange between + systems, Local and metropolitan area networks, Specific + requirements, Part 2: Logical Link Control", 1998. + [IPOPTIONS] - IANA,, "IP Option Numbers", + IANA, "IP Option Numbers", http://www.iana.org/assignments/ip-parameters. [PROTOCOL] - IANA,, "Protocol Types", + IANA, "Protocol Types", http://www.iana.org/assignments/protocol-numbers. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC4005] Calhoun, P., Zorn, G., Spence, D., and D. Mitton, "Diameter Network Access Server Application", RFC 4005, August 2005. [TCPOPTIONS] - IANA,, "TCP Option Numbers", + IANA, "TCP Option Numbers", http://www.iana.org/assignments/tcp-parameters. -10.2. Informative References +12.2. Informative References [I-D.ietf-dime-diameter-qos] Sun, D., McCann, P., Tschofenig, H., Tsou, T., Doria, A., and G. Zorn, "Diameter Quality of Service Application", - draft-ietf-dime-diameter-qos-05 (work in progress), - February 2008. + draft-ietf-dime-diameter-qos-06 (work in progress), + July 2008. Authors' Addresses Jouni Korhonen TeliaSonera Teollisuuskatu 13 Sonera FIN-00051 Finland Email: jouni.korhonen@teliasonera.com @@ -1346,34 +1613,34 @@ Finland Phone: +358 (50) 4871445 Email: Hannes.Tschofenig@gmx.net URI: http://www.tschofenig.priv.at Mayutan Arumaithurai University of Goettingen Email: mayutan.arumaithurai@gmail.com - Mark Jones (editor) Bridgewater Systems - 303 Terry Fox Drive + 303 Terry Fox Drive, Suite 500 Ottawa, Ontario K2K 3J1 Canada + Phone: +1 613-591-6655 Email: mark.jones@bridgewatersystems.com Avi Lior Bridgewater Systems 303 Terry Fox Drive, Suite 500 - Ottawa, Ontario - Canada K2K 3J1 + Ottawa, Ontario K2K 3J1 + Canada Phone: +1 613-591-6655 Email: avi@bridgewatersystems.com Full Copyright Statement Copyright (C) The IETF Trust (2008). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors