draft-ietf-dime-mip6-integrated-07.txt   draft-ietf-dime-mip6-integrated-08.txt 
Diameter Maintenance and J. Korhonen, Ed. Diameter Maintenance and J. Korhonen
Extensions (DIME) TeliaSonera Extensions (DIME) TeliaSonera
Internet-Draft J. Bournelle Internet-Draft J. Bournelle
Intended status: Standards Track France Telecom R&D Intended status: Standards Track Orange Labs
Expires: May 22, 2008 H. Tschofenig Expires: August 17, 2008 H. Tschofenig
Nokia Siemens Networks Nokia Siemens Networks
C. Perkins C. Perkins
Nokia
K. Chowdhury K. Chowdhury
Starent Networks Starent Networks
November 19, 2007 February 14, 2008
Diameter Mobile IPv6: Support for Network Access Server to Diameter Diameter Mobile IPv6: Support for Network Access Server to Diameter
Server Interaction Server Interaction
draft-ietf-dime-mip6-integrated-07.txt draft-ietf-dime-mip6-integrated-08.txt
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 42 skipping to change at page 1, line 42
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on May 22, 2008. This Internet-Draft will expire on August 17, 2008.
Copyright Notice Copyright Notice
Copyright (C) The IETF Trust (2007). Copyright (C) The IETF Trust (2008).
Abstract Abstract
A Mobile IPv6 node requires a Home Agent address, a home address, and A Mobile IPv6 node requires a home agent address, a home address, and
a security association with its Home Agent before it can start a security association with its home agent before it can start
utilizing Mobile IPv6. RFC 3775 requires that some or all of these utilizing Mobile IPv6. RFC 3775 requires that some or all of these
parameters are statically configured. Mobile IPv6 bootstrapping work parameters are statically configured. Mobile IPv6 bootstrapping work
aims to make this information dynamically available to the Mobile aims to make this information dynamically available to the Mobile
Node. An important aspect of the Mobile IPv6 bootstrapping solution Node. An important aspect of the Mobile IPv6 bootstrapping solution
is to support interworking with existing authentication, is to support interworking with existing authentication,
authorization and accounting infrastructure. This document describes authorization and accounting infrastructure. This document describes
the MIPv6 bootstrapping using the Diameter Network Access Server the MIPv6 bootstrapping using the Diameter Network Access Server
(NAS) to home Authentication, Authorization and Accounting server (NAS) to home Authentication, Authorization and Accounting server
(HAAA) interface. (HAAA) interface.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
2. Terminology and Abbreviations . . . . . . . . . . . . . . . . 4 2. Terminology and Abbreviations . . . . . . . . . . . . . . . . 4
3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 3. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
4. Commands, AVPs and Advertising Application Support . . . . . . 7 4. Commands, AVPs and Advertising Application Support . . . . . . 7
4.1. Advertising Application Support . . . . . . . . . . . . . 7 4.1. Advertising Application Support . . . . . . . . . . . . . 7
4.2. Command Codes . . . . . . . . . . . . . . . . . . . . . . 7 4.2. Command Codes . . . . . . . . . . . . . . . . . . . . . . 7
4.3. Diameter-EAP-Request (DER) . . . . . . . . . . . . . . . . 8 4.3. Diameter-EAP-Request (DER) . . . . . . . . . . . . . . . . 8
4.4. Diameter-EAP-Answer (DEA) . . . . . . . . . . . . . . . . 8 4.4. Diameter-EAP-Answer (DEA) . . . . . . . . . . . . . . . . 8
4.5. AA-Request (AAR) . . . . . . . . . . . . . . . . . . . . . 9 4.5. AA-Request (AAR) . . . . . . . . . . . . . . . . . . . . . 9
4.6. AA-Answer (AAA) . . . . . . . . . . . . . . . . . . . . . 9 4.6. AA-Answer (AAA) . . . . . . . . . . . . . . . . . . . . . 9
4.7. Attribute Value Pair Definitions . . . . . . . . . . . . . 10 4.7. Attribute Value Pair Definitions . . . . . . . . . . . . . 10
4.7.1. MIP6-Agent-Info . . . . . . . . . . . . . . . . . . . 10 4.7.1. MIP6-Agent-Info . . . . . . . . . . . . . . . . . . . 10
4.7.2. MIP-Home-Agent-Address AVP . . . . . . . . . . . . . . 10 4.7.2. MIP-Home-Agent-Address AVP . . . . . . . . . . . . . . 11
4.7.3. MIP-Home-Agent-Host AVP . . . . . . . . . . . . . . . 11 4.7.3. MIP-Home-Agent-Host AVP . . . . . . . . . . . . . . . 11
4.7.4. MIP6-Home-Link-Prefix AVP . . . . . . . . . . . . . . 11 4.7.4. MIP6-Home-Link-Prefix AVP . . . . . . . . . . . . . . 11
4.7.5. MIP6-Feature-Vector AVP . . . . . . . . . . . . . . . 11 4.7.5. MIP6-Feature-Vector AVP . . . . . . . . . . . . . . . 11
5. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 5. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
5.1. Home Agent Assignment by the NAS . . . . . . . . . . . . . 12 5.1. Home Agent Assignment by the NAS . . . . . . . . . . . . . 13
5.2. Home Agent Assignment by the Diameter Server . . . . . . . 13 5.2. Home Agent Assignment by the Diameter Server . . . . . . . 14
5.3. Home Agent Assignment by NAS or Diameter Server . . . . . 14 5.3. Home Agent Assignment by NAS or Diameter Server . . . . . 14
6. AVP Occurrence Tables . . . . . . . . . . . . . . . . . . . . 15 6. AVP Occurrence Tables . . . . . . . . . . . . . . . . . . . . 16
6.1. AAR, AAA, DER and DEA Commands AVP Table . . . . . . . . . 15 6.1. AAR, AAA, DER and DEA Commands AVP Table . . . . . . . . . 16
7. MIPv6 Bootstrapping NAS to HAAA Interface AVPs . . . . . . . . 16 7. MIPv6 Bootstrapping NAS to HAAA Interface AVPs . . . . . . . . 16
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 17 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 17
8.1. Registration of new AVPs . . . . . . . . . . . . . . . . . 17 8.1. Registration of new AVPs . . . . . . . . . . . . . . . . . 17
8.2. New Registry: Mobility Capability . . . . . . . . . . . . 17 8.2. New Registry: Mobility Capability . . . . . . . . . . . . 17
9. Security Considerations . . . . . . . . . . . . . . . . . . . 17 9. Security Considerations . . . . . . . . . . . . . . . . . . . 18
10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 18 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 18
11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 18 11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 18
11.1. Normative References . . . . . . . . . . . . . . . . . . . 18 11.1. Normative References . . . . . . . . . . . . . . . . . . . 18
11.2. Informative References . . . . . . . . . . . . . . . . . . 18 11.2. Informative References . . . . . . . . . . . . . . . . . . 19
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 19 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 19
Intellectual Property and Copyright Statements . . . . . . . . . . 21 Intellectual Property and Copyright Statements . . . . . . . . . . 21
1. Introduction 1. Introduction
The Mobile IPv6 (MIPv6) specification [1] requires a Mobile Node (MN) The Mobile IPv6 (MIPv6) specification [1] requires a Mobile Node (MN)
to perform registration with a Home Agent (HA) with information about to perform registration with a home agent (HA) with information about
its current point of attachment (care-of address). The HA creates its current point of attachment (care-of address). The HA creates
and maintains binding between the MN's Home Address and the MN's and maintains binding between the MN's Home Address and the MN's
Care-of Address. Care-of Address.
In order to register with a HA, the MN needs to know some information In order to register with a HA, the MN needs to know some information
such as the Home Link prefix, the HA address, the Home Address(es), such as the Home Link prefix, the HA address, the Home Address(es),
the Home Link prefix length and security association related the Home Link prefix length and security association related
information. information.
The aforementioned information may be statically. However, static The aforementioned information may be statically configured.
provisioning of this information becomes an administrative burden for However, static provisioning becomes an administrative burden for an
an operator. Moreover, it does not address load balancing, failover, operator. Moreover, it does not address load balancing, failover,
opportunistic home link assignment and assignment of local home opportunistic home link assignment and assignment of local HAs in
agents in close proximity to the MN. Also the ability to react on close proximity to the MN. Also the ability to react to sudden
sudden environmental or topological changes is minimal. Static environmental or topological changes is minimal. Static provisioning
provisioning may not be desirable, in light of the mentioned may not be desirable, in light of these limitations.
limitations.
Dynamic assignment of MIPv6 home registration information is a Dynamic assignment of MIPv6 home registration information is a
desirable feature for ease of deployment and network maintenance. desirable feature for ease of deployment and network maintenance.
For this purpose, the AAA infrastructure, which is used for access For this purpose, the AAA infrastructure, which is used for access
authentication, can be leveraged to assign some or all of the authentication, can be leveraged to assign some or all of the
necessary parameters. The Diameter server in Access Service necessary parameters. The Diameter server in Access Service
Provider's (ASP) or in Mobility Service Provider's (MSP) network may Provider's (ASP) or in Mobility Service Provider's (MSP) network may
return these parameters to the AAA client. Regarding the return these parameters to the AAA client. Regarding the
bootstrapping procedures, the AAA client might either be the NAS, in bootstrapping procedures, the AAA client might either be the NAS, in
case of the integrated scenario, or the HA, in case of the split case of the integrated scenario, or the HA, in case of the split
skipping to change at page 5, line 42 skipping to change at page 5, line 37
A scenario where the mobility service and the network access A scenario where the mobility service and the network access
service are authorized by the same entity. service are authorized by the same entity.
Network Access Server (NAS): Network Access Server (NAS):
A device that provides an access service for a user to a network. A device that provides an access service for a user to a network.
Home AAA (HAAA): Home AAA (HAAA):
An authentication, authorization and accounting server located in An authentication, authorization and accounting server located in
user's home network. user's home network i.e., in the home realm.
Local AAA (LAAA):
An authentication, authorization and accounting proxy located in
the local (ASP) network.
Visited AAA (VAAA):
An authentication, authorization and accounting proxy located in a
visited network i.e., in the visited realm. In a roaming case,
the local Diameter proxy has the VAAA role.
3. Overview 3. Overview
This document addresses the authentication, authorization and This document addresses the authentication, authorization and
accounting functionality required by for the MIPv6 bootstrapping as accounting functionality required for the MIPv6 bootstrapping
outlined in the MIPv6 bootstrapping problem statement document [8]. solutions outlined in [8] and focuses on the Diameter based AAA
This document focuses on the Diameter based AAA functionality for the functionality for the NAS to HAAA communication.
NAS to HAAA interface.
In the integrated scenario MIPv6 bootstrapping is provided as part of In the integrated scenario MIPv6 bootstrapping is provided as part of
the network access authentication procedure. Figure 1 shows the the network access authentication procedure. Figure 1 shows the
participating entities. This document, however, only concentrates on participating entities.
the NAS, possible local Diameter proxies and the home Diameter
server.
+---------------------------+ +-----------------+ +---------------------------+ +-----------------+
|Access Service Provider | |ASA/MSA/(MSP) | |Access Service Provider | |ASA/MSA/(MSP) |
|(Mobility Service Provider)| | | |(Mobility Service Provider)| | |
| | | | | | | |
| +--------+ | | +--------+ | | +--------+ | | +--------+ |
| |Local | Diameter | | |Home | | | |Local | Diameter | | |Home | |
| |Diameter|<---------------------->|Diameter| | | |Diameter|<---------------------->|Diameter| |
| |Proxy | | | |Server | | | |Proxy | (*) | | |Server | |
| +--------+ | | +--------+ | | +--------+ | | +--------+ |
| ^ ^ | | ^ | | ^ ^ | | ^ |
| | | | | | | | | | | | |(+) |
| | | | | | | | | | | | | |
| Diameter | | v | | Diameter | | v |
| | | +-------+ | | +-------+ | | | |(+) +-------+ | | +-------+ |
| | | |Home | | | |Home | | | | | |Home | | | |Home | |
| | +-------->|Agent | | | |Agent | | | | +-------->|Agent | | | |Agent | |
| | |in ASP | | | |in MSP | | | (*)| |in ASP | | | |in MSP | |
| v +-------+ | | +-------+ | | v +-------+ | | +-------+ |
+-------+ IEEE | +-----------+ +-------+ | +-----------------+ +-------+ IEEE | +-----------+ +-------+ | +-----------------+
|Mobile | 802.1X | |NAS/Relay | |DHCPv6 | | |Mobile | 802.1X | |NAS/Relay | |DHCPv6 | |
|Node |------------|Diameter |---|Server | | |Node |------------|Diameter |---|Server | |
| | PANA,... | |Client | | | | | | PANA,... | |Client |(+)| | |
+-------+ DHCP | +-----------+ +-------+ | +-------+ DHCP | +-----------+ +-------+ |
+---------------------------+ (+) +---------------------------+
Figure 1: Mobile IPv6 Bootstrapping in the Integrated Scenario Legend:
(*): Functionality in scope of this specification
(+): Extensions described in other documents.
In a typical MIPv6 access scenario the MN is attached to an ASP's Figure 1: Mobile IPv6 Bootstrapping in the Integrated Scenario
network. During the network attachment procedure, the NAS/Diameter
client interacts with the MN.
During the time of authentication the Diameter server in the ASA/MSA In a typical MIPv6 access scenario, a MN is attached to an ASP's
detects that the user is also authorized for MIPv6 access. Based on network. During the network attachment procedure, the MN interacts
the MSA's policy, the Diameter server may return several MIPv6 with the NAS/Diameter client. Subsequently, the NAS/Diameter client
bootstrapping related parameters. interacts with the Diameter server over the NAS to HAAA interface.
Depending on the details of the bootstrapping solution interaction When the Diameter server performs the authentication and
with the DHCPv6 server may be required, as described in [11]. authorization for the network access it also determines whether the
However, the Diameter based NAS to HAAA interface described in this user is authorized to the MIPv6 service. Based on the MIPv6 service
document is not tied to DHCPv6 as the only possible way to convey authorization and user's policy profile, the Diameter server may
MIPv6 related configuration parameters from the Diameter client to return several MIPv6 bootstrapping related parameters to the NAS.
the mobile node. The NAS to HAAA interface described in this document is not tied to
DHCPv6 as the only mechanism to convey MIPv6 related configuration
parameters from the NAS/Diameter client to the mobile node.
4. Commands, AVPs and Advertising Application Support 4. Commands, AVPs and Advertising Application Support
This section describes command codes, defines AVPs and advertised
application identifiers for the Diameter MIPv6 bootstrapping in the
NAS to HAAA interface.
4.1. Advertising Application Support 4.1. Advertising Application Support
This document defines a number of MIPv6 bootstrapping NAS to HAAA This document defines a number of MIPv6 bootstrapping NAS to HAAA
interface (integrated scenario) related AVPs that can be used in interface (integrated scenario) related AVPs. These AVPs can be used
existing Diameter applications where permitted by the command ABNF with present and future Diameter applications, where permitted by the
and in all new applications. This document shows explicit examples command ABNF. This document does not define a new application. All
using NASREQ [3] and EAP [4] applications. examples in this document reuse NASREQ [3] and EAP [4] applications.
4.2. Command Codes 4.2. Command Codes
This document shows re-use of the Diameter NASREQ application [3] and This document shows re-use of the Diameter NASREQ application [3] and
the EAP application commands [4] as an example of the MIPv6 the EAP application commands [4] as an example of the MIPv6
bootstrapping NAS to HAAA interface. The following commands are used bootstrapping NAS to HAAA interface. The following commands are used
to carry MIPv6 related bootstrapping AVPs: to carry MIPv6 related bootstrapping AVPs:
Command-Name Abbrev. Code Reference Application Command-Name Abbrev. Code Reference Application
skipping to change at page 7, line 42 skipping to change at page 7, line 46
AA-Request AAR 265 RFC 4005 NASREQ AA-Request AAR 265 RFC 4005 NASREQ
AA-Answer AAA 265 RFC 4005 NASREQ AA-Answer AAA 265 RFC 4005 NASREQ
Figure 2: MIPv6 Bootstrapping NAS to HAAA Interface Command Codes Figure 2: MIPv6 Bootstrapping NAS to HAAA Interface Command Codes
When the Re-Auth-Request (RAR), Re-Auth-Answer (RAA), Session- When the Re-Auth-Request (RAR), Re-Auth-Answer (RAA), Session-
Termination-Request (STR), Session-Termination-Answer (STA), Abort- Termination-Request (STR), Session-Termination-Answer (STA), Abort-
Session-Request (ASR), Abort-Session-Answer (ASA), Accounting-Request Session-Request (ASR), Abort-Session-Answer (ASA), Accounting-Request
(ACR), and Accounting-Answer (ACA) commands are used together with (ACR), and Accounting-Answer (ACA) commands are used together with
the MIPv6 bootstrapping NAS to HAAA interface, they follow the rules the MIPv6 bootstrapping NAS to HAAA interface, they follow the rules
defined in RFC 3588 [5] and the respective used applications. The defined in RFC 3588 [5] and the rules for the specific Diameter
application the AVPs defined in this document are used with. The
accounting commands use the Application Identifier value of 3 accounting commands use the Application Identifier value of 3
(Diameter Base Accounting); the others use 0 (Diameter Common (Diameter Base Accounting); the others use 0 (Diameter Common
Messages). Messages).
All request messages SHOULD contain the User-Name AVP containing the All request messages SHOULD contain the User-Name AVP containing the
identity of the MN in NAI format. It is out of scope how the NAS identity of the MN in NAI format. It is out of scope how the NAS
finds out the MN identity However, for example, the NAS could use the finds out the MN identity. The NAS could, for example, use the MN
MN identity provided by the network access authentication mechanism. identity provided by the network access authentication mechanism.
4.3. Diameter-EAP-Request (DER) 4.3. Diameter-EAP-Request (DER)
The Diameter-EAP-Request (DER) message [4], indicated by the Command- The Diameter-EAP-Request (DER) message [4], indicated by the Command-
Code field set to 268 and the 'R' bit set in the Command Flags field, Code field set to 268 and the 'R' bit set in the Command Flags field,
is sent by the NAS to the Diameter server to initiate a network is sent by the NAS to the Diameter server to initiate a network
access authentication and authorization procedure. The DER message access authentication and authorization procedure. The DER message
format is the same as defined in [4]. The message MAY include format is the same as defined in [4]. The message MAY include
optional MIPv6 bootstrapping AVPs: optional MIPv6 bootstrapping AVPs:
skipping to change at page 10, line 41 skipping to change at page 10, line 41
contains necessary information to assign a HA to the MN. When the contains necessary information to assign a HA to the MN. When the
MIP6-Agent-Info AVP is present in a message, it MUST contain either MIP6-Agent-Info AVP is present in a message, it MUST contain either
the MIP-Home-Agent-Address AVP or the MIP-Home-Agent-Host AVP, or the MIP-Home-Agent-Address AVP or the MIP-Home-Agent-Host AVP, or
both AVPs. The grouped AVP has the following grammar: both AVPs. The grouped AVP has the following grammar:
<MIP6-Agent-Info> ::= < AVP Header: TBD > <MIP6-Agent-Info> ::= < AVP Header: TBD >
[ MIP-Home-Agent-Address ] [ MIP-Home-Agent-Address ]
[ MIP-Home-Agent-Host ] [ MIP-Home-Agent-Host ]
* [ AVP ] * [ AVP ]
If both MIP-Home-Agent-Address and MIP-Home-Agent-Host APVs are
present in the MIP6-Agent-Info, the MIP-Home-Agent-Address SHOULD
have a precedence over the MIP-Home-Agent-Host. The reason for this
recommendation is that the MIP-Home-Agent-Address points to a
specific home agent, where as the MIP-Home-Agent-Host may point to a
group of HAs located at within the same realm. A Diameter client or
an agent may use the MIP-Home-Agent-Host AVP, for instance, to find
out the realm where the HA is located.
This AVP MAY also be attached by the NAS or by intermediating
Diameter proxies in a request message when sent to the Diameter
server as a hint of a locally assigned HA. This AVP MAY also be
attached by the intermediating Diameter proxies in a reply message
from the Diameter server, if locally assigned HAs are authorized by
the Diameter server.
4.7.2. MIP-Home-Agent-Address AVP 4.7.2. MIP-Home-Agent-Address AVP
The MIP-Home-Agent-Address AVP (AVP Code 334 [6]) is of type Address The MIP-Home-Agent-Address AVP (AVP Code 334 [6]) is of type Address
and contains the HA address. The Diameter server MAY decide to and contains the HA address. The Diameter server MAY decide to
assign a HA to the MN that is in close proximity to the point of assign a HA to the MN that is in close proximity to the point of
attachment (e.g., determined by the NAS-Identifier AVP). There may attachment (e.g., determined by the NAS-Identifier AVP). There may
be other reasons for dynamically assigning HAs to the MN, for example be other reasons for dynamically assigning HAs to the MN, for example
to share the traffic load. to share the traffic load.
This AVP MAY also be attached by the NAS or by the intermediate local
Diameter proxy when sent to the Diameter server in a request message
as a hint of a locally assigned HA.
4.7.3. MIP-Home-Agent-Host AVP 4.7.3. MIP-Home-Agent-Host AVP
The MIP-Home-Agent-Host AVP (AVP Code 348 [6]) is of type Grouped and The MIP-Home-Agent-Host AVP (AVP Code 348 [6]) is of type Grouped and
contains the identity of the assigned HA. Both the Destination-Realm contains the identity of the assigned HA. Both the Destination-Realm
and the Destination-Host AVP of the HA are included in the grouped and the Destination-Host AVP of the HA are included in the grouped
AVP. The usage of this AVP is equivalent to the MIP-Home-Agent- AVP. The usage of this AVP is equivalent to the MIP-Home-Agent-
Address AVP but offers an additional level of indirection via the DNS Address AVP but offers an additional level of indirection by using
infrastructure. the DNS infrastructure.
This AVP MAY also be attached by the NAS or by the intermediate local Depending on the actual deployment and DNS configuration the
Diameter proxy when sent to the Diameter server in a request message Destination-Host AVP MAY represent one or more home agents. It is
as a hint of a locally assigned HA. RECOMMENDED that the Destination-Host AVP identifies exactly one HA.
4.7.4. MIP6-Home-Link-Prefix AVP 4.7.4. MIP6-Home-Link-Prefix AVP
The MIP6-Home-Link-Prefix AVP (AVP Code TBD) is of type OctetString The MIP6-Home-Link-Prefix AVP (AVP Code TBD) is of type OctetString
and contains the Mobile IPv6 home network prefix information in a and contains the Mobile IPv6 home network prefix information in
network byte order. The home network prefix MUST be encoded as the network byte order. The home network prefix MUST be encoded as the
8-bit prefix length information followed by the 128-bit field for the 8-bit prefix length information followed by the 128-bit field for the
available home network prefix. available home network prefix.
4.7.5. MIP6-Feature-Vector AVP 4.7.5. MIP6-Feature-Vector AVP
The MIP6-Feature-Vector AVP (AVP Code TBD) is of type Unsigned64 and The MIP6-Feature-Vector AVP (AVP Code TBD) is of type Unsigned64 and
contains a 64 bits flags field of supported capabilities of the NAS/ contains a 64 bit flags field of supported capabilities of the NAS/
ASP. Sending and receiving the MIP6-Feature-Vector AVP with value 0 ASP. Sending and receiving the MIP6-Feature-Vector AVP with value 0
MUST be supported, although that does not provide much guidance about MUST be supported, although that does not provide much guidance about
specific needs of bootstrapping. specific needs of bootstrapping.
The NAS MAY include this AVP to indicate capabilities of the NAS/ASP The NAS MAY include this AVP to indicate capabilities of the NAS/ASP
to the Diameter server. For example, the NAS may indicate that a to the Diameter server. For example, the NAS may indicate that a
local home agent can be provided. Similarly, the Diameter server MAY local HA can be provided. Similarly, the Diameter server MAY include
include this AVP to inform the NAS/ASP about which of the NAS/ASP this AVP to inform the NAS/ASP about which of the NAS/ASP indicated
indicated capabilities are supported or authorized by the ASA/MSA(/ capabilities are supported or authorized by the ASA/MSA(/MSP).
MSP).
The following capabilities are defined in this document: The following capabilities are defined in this document:
MIP6_INTEGRATED (0x0000000000000001) MIP6_INTEGRATED (0x0000000000000001)
When this flag is set by the NAS then it means that the Mobile When this flag is set by the NAS then it means that the Mobile
IPv6 integrated scenario bootstrapping functionality is supported IPv6 integrated scenario bootstrapping functionality is supported
by the NAS. When this flag is set by the Diameter server then the by the NAS. When this flag is set by the Diameter server then the
Mobile IPv6 integrated scenario bootstrapping is supported by the Mobile IPv6 integrated scenario bootstrapping is supported by the
Diameter server. Diameter server.
LOCAL_HOME_AGENT_ASSIGNMENT (0x0000000000000002) LOCAL_HOME_AGENT_ASSIGNMENT (0x0000000000000002)
When this flag is set by the NAS then a local home agent can be When this flag is set in the request message, a local home agent
assigned to the MN. When this flag is set by the Diameter server outside the home realm is requested and may be assigned to the MN.
then the assignment of location HAs is authorized by the Diameter When this flag is set by the Diameter server in the answer
server. message, then the assignment of local HAs is authorized by the
Diameter server.
A local HA may be assigned by the NAS, LAAA or VAAA depending on
the network architecture and the deployment.
The following examples show how the LOCAL_HOME_AGENT_ASSIGNMENT The following examples show how the LOCAL_HOME_AGENT_ASSIGNMENT
capability and the MIP-Home-Agent-Host AVP are used to assign a home capability and the MIP-Agent-Info AVP are used to assign HAs, either
agent. Below is an example of a request message combinations: a local HA (L-HA) or a home network HA (H-HA). Below is an example
of a request message combinations as seen by the HAAA:
LOCAL-bit HA-Address Meaning LOCAL-bit HA-Info Meaning
0 - NAS is not able to assign a local HA 0 - ASP or [LV]AAA is not able to assign a L-HA
0 ASP-HA Same as above. HA-Address must be ignored 0 L-HA Same as above. HA-Info must be ignored
1 - NAS can/wishes to assign a local HA 1 - ASP or [LV]AAA can/wishes to assign a L-HA
1 ASP-HA Same as above and NAS also provides a hint 1 L-HA Same as above but ASP or [LV]AAA also
of the assigned HA provides a hint of the assigned L-HA
Then the same as above for an answer message combinations: Then the same as above for an answer message combinations as seen by
the NAS:
LOCAL-bit HA-Address Meaning LOCAL-bit HA-Info Meaning
0 - No HA allowed -> no mobility 0 - No HA allowed -> no mobility
0 MSP-HA Local HA is not allowed. AAA assigns a HA 0 H-HA L-HA is not allowed. HAAA assigns a H-HA
1 - Local HA is allowed. No AAA assigned HA 1 - L-HA is allowed. No HAAA or [LV]AAA assigned HA
1 MSP-HA Local HA is allowed. AAA also assigns its 1 L-HA L-HA is allowed. [LV]AAA also assigns a L-HA
own HA. NAS can choose whether to assign 1 H-HA L-HA is allowed. HAAA also assigns a HA
a local HA or the AAA provided HA to the 1 H-HA L-HA is allowed. HAAA assigns a H-HA and
mobile node + L-HA [LV]AAA also assigns also a L-HA
5. Examples 5. Examples
5.1. Home Agent Assignment by the NAS 5.1. Home Agent Assignment by the NAS
In this scenario we consider the case where the NAS wishes to In this scenario we consider the case where the NAS wishes to
allocate a local HA to the MN. The NAS will also inform the Diameter allocate a local HA to the MN. The NAS will also inform the Diameter
server about the HA address it has assigned to the visiting MN (e.g., server about the HA address it has assigned to the visiting MN (e.g.,
2001:db8:1:c020::1). The Diameter-EAP-Request message therefore has 2001:db8:1:c020::1). The Diameter-EAP-Request message therefore has
the MIP6-Feature-Vector with the LOCAL_HOME_AGENT_ASSIGNMENT and the the MIP6-Feature-Vector with the LOCAL_HOME_AGENT_ASSIGNMENT and the
skipping to change at page 13, line 46 skipping to change at page 14, line 10
subscription profile, the Diameter server either accepts or rejects subscription profile, the Diameter server either accepts or rejects
the proposal of locally HA allocated by the NAS will be used. In our the proposal of locally HA allocated by the NAS will be used. In our
example, the Diameter server accepts the proposal and the the MIP6- example, the Diameter server accepts the proposal and the the MIP6-
Feature-Vector AVP with LOCAL_HOME_AGENT_ASSIGNMENT flag (together Feature-Vector AVP with LOCAL_HOME_AGENT_ASSIGNMENT flag (together
with the MIP6_INTEGRATED flag) is set and returned to the NAS. with the MIP6_INTEGRATED flag) is set and returned to the NAS.
5.2. Home Agent Assignment by the Diameter Server 5.2. Home Agent Assignment by the Diameter Server
In this scenario we consider the case where the NAS supports the In this scenario we consider the case where the NAS supports the
Diameter MIPv6 integrated scenario as defined in this document but Diameter MIPv6 integrated scenario as defined in this document but
does not offer local home agent assignment. Hence, the MIP6-Feature- does not offer local HA assignment. Hence, the MIP6-Feature-Vector
Vector AVP only has the MIP6_INTEGRATED flag set. The Diameter AVP only has the MIP6_INTEGRATED flag set. The Diameter server
server allocates a home agent to the mobile node and conveys the allocates a HA to the mobile node and conveys the address in the MIP-
address in the MIP-Home-Agent-Address AVP that is encapsulated in the Home-Agent-Address AVP that is encapsulated in the MIP6-Agent-Info
MIP6-Agent-Info AVP. Additionally, the MIP6-Feature-Vector AVP has AVP. Additionally, the MIP6-Feature-Vector AVP has the
the MIP6_INTEGRATED flag set. MIP6_INTEGRATED flag set.
Diameter Diameter
NAS Server NAS Server
| | | |
| Diameter-EAP-Request | | Diameter-EAP-Request |
| MIP6-Feature-Vector=(MIP6_INTEGRATED) | | MIP6-Feature-Vector=(MIP6_INTEGRATED) |
| Auth-Request-Type=AUTHORIZE_AUTHENTICATE | | Auth-Request-Type=AUTHORIZE_AUTHENTICATE |
| EAP-Payload(EAP Start) | | EAP-Payload(EAP Start) |
|---------------------------------------------------------------->| |---------------------------------------------------------------->|
| | | |
skipping to change at page 14, line 35 skipping to change at page 14, line 47
| EAP-Master-Session-Key | | EAP-Master-Session-Key |
| (authorization AVPs) | | (authorization AVPs) |
| ... | | ... |
|<----------------------------------------------------------------| |<----------------------------------------------------------------|
| | | |
Figure 4: Home Agent Assignment by Diameter Server Figure 4: Home Agent Assignment by Diameter Server
5.3. Home Agent Assignment by NAS or Diameter Server 5.3. Home Agent Assignment by NAS or Diameter Server
This section shows a message flows for the MIPv6 integrated scenario This section shows a message flow for the MIPv6 integrated scenario
bootstrapping where the NAS informs the Diameter server that it is bootstrapping where the NAS informs the Diameter server that it is
able to locally assign a HA to the MN. The Diameter server is also able to locally assign a HA to the MN. The Diameter server is able
able to provide a HA to the MN but also authorizes the assignment of to provide a HA to the MN but also authorizes the assignment of local
local HA. The Diameter server then replies to the NAS with HA HA. The Diameter server then replies to the NAS with HA related
related bootstrapping information. bootstrapping information.
Whether the NAS/ASP then offers a locally assigned HA or the Diameter Whether the NAS/ASP then offers a locally assigned HA or the Diameter
server assigned HA to the MN is, in this example, based on the local server assigned HA to the MN is, in this example, based on the local
ASP policy. ASP policy.
Diameter Diameter
NAS Server NAS Server
| | | |
| Diameter-EAP-Request | | Diameter-EAP-Request |
| MIP6-Feature-Vector=(LOCAL_HOME_AGENT_ASSIGNMENT | | MIP6-Feature-Vector=(LOCAL_HOME_AGENT_ASSIGNMENT |
skipping to change at page 18, line 21 skipping to change at page 18, line 36
Basavaraj Patil, Charles E. Perkins, Stefano Faccin) for their work Basavaraj Patil, Charles E. Perkins, Stefano Faccin) for their work
in context of MIPv6 Diameter interworking. Their work influenced in context of MIPv6 Diameter interworking. Their work influenced
this document. Jouni Korhonen would like to thank Academy of Finland this document. Jouni Korhonen would like to thank Academy of Finland
and TEKES MERCoNe Project for providing funding to work on this and TEKES MERCoNe Project for providing funding to work on this
document. Julien Bournelle would like to thank GET/INT since he document. Julien Bournelle would like to thank GET/INT since he
began to work on this document while he was in their employ. Authors began to work on this document while he was in their employ. Authors
would also like to acknowledge Raymond Hsu for his valuable feedback would also like to acknowledge Raymond Hsu for his valuable feedback
on local HA assignment and Wolfgang Fritsche for his thorough review. on local HA assignment and Wolfgang Fritsche for his thorough review.
Finally, we would like to Domagoj Premec for his review comments. Finally, we would like to Domagoj Premec for his review comments.
We would like to thank Alper Yegin, Robert Marks, David Frascone for
their comments at the second WGLC.
11. References 11. References
11.1. Normative References 11.1. Normative References
[1] Johnson, D., Perkins, C., and J. Arkko, "Mobility Support in [1] Johnson, D., Perkins, C., and J. Arkko, "Mobility Support in
IPv6", RFC 3775, June 2004. IPv6", RFC 3775, June 2004.
[2] Bradner, S., "Key words for use in RFCs to Indicate Requirement [2] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, March 1997. Levels", BCP 14, RFC 2119, March 1997.
skipping to change at page 19, line 5 skipping to change at page 19, line 27
August 2005. August 2005.
11.2. Informative References 11.2. Informative References
[7] Giaretta, G., Kempf, J., and V. Devarapalli, "Mobile IPv6 [7] Giaretta, G., Kempf, J., and V. Devarapalli, "Mobile IPv6
Bootstrapping in Split Scenario", RFC 5026, October 2007. Bootstrapping in Split Scenario", RFC 5026, October 2007.
[8] Patel, A. and G. Giaretta, "Problem Statement for bootstrapping [8] Patel, A. and G. Giaretta, "Problem Statement for bootstrapping
Mobile IPv6 (MIPv6)", RFC 4640, September 2006. Mobile IPv6 (MIPv6)", RFC 4640, September 2006.
[9] Giaretta, G., "AAA Goals for Mobile IPv6", [9] Giaretta, G., Guardini, I., Demaria, E., Bournelle, J., and R.
draft-ietf-mip6-aaa-ha-goals-03 (work in progress), Lopez, "AAA Goals for Mobile IPv6",
September 2006. draft-ietf-mext-aaa-ha-goals-00 (work in progress),
December 2007.
[10] Manner, J. and M. Kojo, "Mobility Related Terminology", [10] Manner, J. and M. Kojo, "Mobility Related Terminology",
RFC 3753, June 2004. RFC 3753, June 2004.
[11] Chowdhury, K. and A. Yegin, "MIP6-bootstrapping for the [11] Chowdhury, K. and A. Yegin, "MIP6-bootstrapping for the
Integrated Scenario", Integrated Scenario",
draft-ietf-mip6-bootstrapping-integrated-dhc-05 (work in draft-ietf-mip6-bootstrapping-integrated-dhc-05 (work in
progress), July 2007. progress), July 2007.
Authors' Addresses Authors' Addresses
Jouni Korhonen (editor) Jouni Korhonen
TeliaSonera TeliaSonera
Teollisuuskatu 13 Teollisuuskatu 13
Sonera FIN-00051 Sonera FIN-00051
Finland Finland
Email: jouni.korhonen@teliasonera.com Email: jouni.korhonen@teliasonera.com
Julien Bournelle Julien Bournelle
France Telecom R&D Orange Labs
38-4O rue du general Leclerc 38-4O rue du general Leclerc
Issy-Les-Moulineaux 92794 Issy-Les-Moulineaux 92794
France France
Email: julien.bournelle@orange-ftgroup.com Email: julien.bournelle@orange-ftgroup.com
Hannes Tschofenig Hannes Tschofenig
Nokia Siemens Networks Nokia Siemens Networks
Otto-Hahn-Ring 6 Linnoitustie 6
Munich, Bavaria 81739 Espoo 02600
Germany Finland
Phone: +358 (50) 4871445
Email: Hannes.Tschofenig@nsn.com Email: Hannes.Tschofenig@nsn.com
URI: http://www.tschofenig.com URI: http://www.tschofenig.com
Charles E. Perkins Charles E. Perkins
Palo Alto Systems Research Center
975 Page Mill Road, Suite 200
Palo Alto CA 94304-1003
USA
Phone: +1-650-496-4402 Phone: +1-650-496-4402
Email: charles.perkins@nokia.com Email: charliep@computer.org
Kuntal Chowdhury Kuntal Chowdhury
Starent Networks Starent Networks
30 International Place 30 International Place
Tewksbury MA 01876 Tewksbury MA 01876
US US
Phone: +1 214 550 1416 Phone: +1 214 550 1416
Email: kchowdhury@starentnetworks.com Email: kchowdhury@starentnetworks.com
Full Copyright Statement Full Copyright Statement
Copyright (C) The IETF Trust (2007). Copyright (C) The IETF Trust (2008).
This document is subject to the rights, licenses and restrictions This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors contained in BCP 78, and except as set forth therein, the authors
retain all their rights. retain all their rights.
This document and the information contained herein are provided on an This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
 End of changes. 61 change blocks. 
128 lines changed or deleted 152 lines changed or added

This html diff was produced by rfcdiff 1.34. The latest version is available from http://tools.ietf.org/tools/rfcdiff/