TOC |
|
This document defines a new Diameter application and associated command codes. The Capabilities Update application is intended to allow the dynamic update of certain Diameter peer capabilities while the peer-to-peer connection is in the open state.
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work in progress.”
This Internet-Draft will expire on December 20, 2010.
Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
1.
Introduction
2.
Specification of Requirements
3.
Diameter Protocol Considerations
4.
Capabilities Update
4.1.
Command-Code Values
4.1.1.
Capabilities-Update-Request
4.1.2.
Capabilities-Update-Answer
5.
Security Considerations
6.
IANA Considerations
6.1.
Application Identifier
6.2.
Command Codes
7.
Contributors
8.
Acknowledgements
9.
References
9.1.
Normative References
9.2.
Informative References
§
Authors' Addresses
TOC |
Capabilities exchange is an important component of the Diameter Base
Protocol [I‑D.ietf‑dime‑rfc3588bis] (Fajardo, V., Arkko, J., Loughney, J., and G. Zorn, “Diameter Base Protocol,” June 2010.),
allowing peers to exchange identities and
Diameter capabilities (protocol version number, supported Diameter
applications, security mechanisms, etc.).
As defined in RFC 3588,
however, the capabilities exchange process takes place only once, at
the inception of a transport connection between a given pair of
peers.
Therefore, if a peer's capabilities change (due to software
update, for example), the existing connection(s) must be torn down
(along with all of the associated user sessions) and restarted before
the modified capabilities can be advertised.
This document defines a new Diameter application intended to allow
the dynamic update of a subset of Diameter peer capabilities over an existing
connection.
Because the Capabilities Update application specified
herein operates over an existing transport connection, modification of
certain capabilities is prohibited.
Specifically, modifying the security mechanism in use is not allowed; if the security method
used between a pair of peers is changed the affected connection MUST
be restarted.
Discussion of this draft may be directed to the dime Working Group of the IETF
(dime@ietf.org).
TOC |
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 (Bradner, S., “Key words for use in RFCs to Indicate Requirement Levels,” March 1997.) [RFC2119].
TOC |
This section details the relationship of the Diameter Capabilities
Update application to the Diameter Base Protocol.
This document specifies Diameter Application-ID <TBD1>.
Diameter
nodes conforming to this specification MUST advertise support by
including the value <TBD1> in the Auth-Application-Id of the
Capabilities-Exchange-Request and Capabilities-Exchange-Answer commands
[I‑D.ietf‑dime‑rfc3588bis] (Fajardo, V., Arkko, J., Loughney, J., and G. Zorn, “Diameter Base Protocol,” June 2010.).
TOC |
When the capabilities of a Diameter node conforming to this
specification change, it MUST notify all of the nodes with which it
has an open transport connection
and have also advertised support for the Capabilities Update application
using the Capabilities-Update-Request (CUR)
message (Section 4.1.1 (Capabilities-Update-Request)).
This message allows the update of a peer's
capabilities (supported
Diameter applications, etc.).
A Diameter node only issues a given command to those peers that have advertised
support for the Diameter application that defines the command.
A Diameter node MUST cache the supported applications in order to
ensure that unrecognized commands and/or AVPs are not unnecessarily
sent to a peer.
The receiver of the CUR MUST determine
common applications by computing the intersection of its own set of
supported Application Id against all of the application identifier
AVPs (Auth-Application-Id, Acct-Application-Id and Vendor-Specific-
Application-Id) present in the CUR. The value of the Vendor-Id AVP
in the Vendor-Specific-Application-Id MUST NOT be used during
computation.
If the receiver of a CUR does not
have any applications in common with the sender then it MUST return a
Capabilities-Update-Answer (CUA) (Section 4.1.2 (Capabilities-Update-Answer))
with the Result-Code AVP set to
DIAMETER_NO_COMMON_APPLICATION, and SHOULD disconnect the transport
layer connection; however, if active sessions are using the
connection, peers MAY delay disconnection until the sessions can be
redirected or gracefully terminated. Note that receiving a
CUA from a peer advertising itself as a Relay (see [I‑D.ietf‑dime‑rfc3588bis] (Fajardo, V., Arkko, J., Loughney, J., and G. Zorn, “Diameter Base Protocol,” June 2010.),
Section 2.4) MUST be interpreted as having common applications with the peer.
The CUR and CUA messages MUST NOT be proxied, redirected or relayed.
Even though the CUR/CUA messages cannot be proxied, it is still possible
for an upstream agent to receive a message for which there are no
peers available to handle the application that corresponds to the
Command-Code. This could happen if, for example, the peers are too busy or down.
In such instances, the 'E' bit MUST be set in the answer
message with the Result-Code AVP set to DIAMETER_UNABLE_TO_DELIVER to
inform the downstream peer to take action (e.g., re-routing requests
to an alternate peer).
TOC |
This section defines Command-Code [I‑D.ietf‑dime‑rfc3588bis] (Fajardo, V., Arkko, J., Loughney, J., and G. Zorn, “Diameter Base Protocol,” June 2010.) values that MUST be supported by all Diameter implementations conforming to this specification. The following Command Codes are defined in this document: Capabilities-Update-Request (CUR, Section 4.1.1 (Capabilities-Update-Request)) and Capabilities-Update-Answer (CUA, Section 4.1.2 (Capabilities-Update-Answer)).
TOC |
The Capabilities-Update-Request (CUR), indicated by the Command-Code
set to <TBD2> and the Command Flags' 'R' bit set, is sent to update
local capabilities.
Upon detection of a transport failure, this message MUST NOT be sent to an alternate peer.
When Diameter is run over SCTP [RFC4960] (Stewart, R., “Stream Control Transmission Protocol,” September 2007.),
which allows connections to
span multiple interfaces and multiple IP addresses, the Capabilities-
Update-Request message MUST contain one Host-IP-Address AVP for each
potential IP address that may be locally used when transmitting
Diameter messages.
Message Format <CUR> ::= < Diameter Header: TBD2, REQ > { Origin-Host } { Origin-Realm } 1* { Host-IP-Address } { Vendor-Id } { Product-Name } [ Origin-State-Id ] * [ Supported-Vendor-Id ] * [ Auth-Application-Id ] * [ Acct-Application-Id ] * [ Vendor-Specific-Application-Id ] [ Firmware-Revision ] * [ AVP ]
TOC |
The Capabilities-Update-Answer, indicated by the Command-Code set to <TBD3> and the Command Flags' 'R' bit cleared, is sent in response to a CUR message.
Message Format <CUA> ::= < Diameter Header: TBD3 > { Origin-Host } { Origin-Realm } { Result-Code } [ Error-Message ] * [ AVP ]
TOC |
The security considerations applicable to the Diameter Base Protocol [I‑D.ietf‑dime‑rfc3588bis] (Fajardo, V., Arkko, J., Loughney, J., and G. Zorn, “Diameter Base Protocol,” June 2010.) are also applicable to this document.
TOC |
This section explains the criteria to be used by the IANA for assignment of numbers within namespaces used within this document.
TOC |
This specification assigns the value <TBD1> from the Application Identifiers namespace defined in RFC 3588. See Section 3 (Diameter Protocol Considerations) for the assignment of the namespace in this specification.
TOC |
This specification assigns the values <TBD2> and <TBD3> from the Command Codes namespace defined in RFC 3588. See Section 4.1 (Command-Code Values) for the assignment of the namespace in this specification.
TOC |
This document is based upon work done by Tina Tsou.
TOC |
Thanks to Sebastien Decugis, Niklas Neumann, Subash Comerica, Lionel Morand and Ravi for helpful discussion.
TOC |
TOC |
[I-D.ietf-dime-rfc3588bis] | Fajardo, V., Arkko, J., Loughney, J., and G. Zorn, “Diameter Base Protocol,” draft-ietf-dime-rfc3588bis-21 (work in progress), June 2010 (TXT). |
[RFC2119] | Bradner, S., “Key words for use in RFCs to Indicate Requirement Levels,” BCP 14, RFC 2119, March 1997 (TXT, HTML, XML). |
TOC |
[RFC4960] | Stewart, R., “Stream Control Transmission Protocol,” RFC 4960, September 2007 (TXT). |
TOC |
Jiao Kang | |
Huawei Technologies | |
Section B1, Huawei Industrial Base | |
Bantian, Longgang District | |
Shenzhen 518129 | |
P.R. China | |
Phone: | +86 755 2878-6690 |
Email: | kangjiao@huawei.com |
Glen Zorn | |
Network Zen | |
1463 East Republican Street | |
#358 | |
Seattle, WA 98112 | |
USA | |
Email: | gwz@net-zen.net |