draft-ietf-dime-mip6-split-08.txt   draft-ietf-dime-mip6-split-09.txt 
Diameter Maintenance and J. Korhonen Diameter Maintenance and J. Korhonen
Extensions (DIME) TeliaSonera Extensions (DIME) TeliaSonera
Internet-Draft H. Tschofenig Internet-Draft H. Tschofenig
Intended status: Standards Track Nokia Siemens Networks Intended status: Standards Track Nokia Siemens Networks
Expires: November 29, 2008 J. Bournelle Expires: December 5, 2008 J. Bournelle
Orange Labs Orange Labs
G. Giaretta G. Giaretta
Qualcomm Qualcomm
M. Nakhjiri M. Nakhjiri
Motorola Motorola
May 28, 2008 June 3, 2008
Diameter Mobile IPv6: Support for Home Agent to Diameter Server Diameter Mobile IPv6: Support for Home Agent to Diameter Server
Interaction Interaction
draft-ietf-dime-mip6-split-08.txt draft-ietf-dime-mip6-split-09.txt
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 42 skipping to change at page 1, line 42
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on November 29, 2008. This Internet-Draft will expire on December 5, 2008.
Copyright Notice Copyright Notice
Copyright (C) The IETF Trust (2008). Copyright (C) The IETF Trust (2008).
Abstract Abstract
Mobile IPv6 deployments may want to bootstrap their operations Mobile IPv6 deployments may want to bootstrap their operations
dynamically based on an interaction between the Home Agent and the dynamically based on an interaction between the Home Agent and the
Diameter server of the Mobile Service Provider (MSP). This document Diameter server of the Mobile Service Provider (MSP). This document
skipping to change at page 3, line 52 skipping to change at page 3, line 52
6.6. MIP-Home-Agent-Address AVP . . . . . . . . . . . . . . . . 24 6.6. MIP-Home-Agent-Address AVP . . . . . . . . . . . . . . . . 24
6.7. MIP-Careof-Address AVP . . . . . . . . . . . . . . . . . . 24 6.7. MIP-Careof-Address AVP . . . . . . . . . . . . . . . . . . 24
6.8. MIP-Authenticator AVP . . . . . . . . . . . . . . . . . . 24 6.8. MIP-Authenticator AVP . . . . . . . . . . . . . . . . . . 24
6.9. MIP-MAC-Mobility-Data AVP . . . . . . . . . . . . . . . . 24 6.9. MIP-MAC-Mobility-Data AVP . . . . . . . . . . . . . . . . 24
6.10. MIP-Session-Key AVP . . . . . . . . . . . . . . . . . . . 24 6.10. MIP-Session-Key AVP . . . . . . . . . . . . . . . . . . . 24
6.11. MIP-MSA-Lifetime AVP . . . . . . . . . . . . . . . . . . . 25 6.11. MIP-MSA-Lifetime AVP . . . . . . . . . . . . . . . . . . . 25
6.12. MIP-MN-HA-MSA AVP . . . . . . . . . . . . . . . . . . . . 25 6.12. MIP-MN-HA-MSA AVP . . . . . . . . . . . . . . . . . . . . 25
6.13. MIP-Algorithm-Type AVP . . . . . . . . . . . . . . . . . . 25 6.13. MIP-Algorithm-Type AVP . . . . . . . . . . . . . . . . . . 25
6.14. MIP-Replay-Mode AVP . . . . . . . . . . . . . . . . . . . 25 6.14. MIP-Replay-Mode AVP . . . . . . . . . . . . . . . . . . . 25
6.15. MIP6-Feature-Vector AVP . . . . . . . . . . . . . . . . . 25 6.15. MIP6-Feature-Vector AVP . . . . . . . . . . . . . . . . . 25
6.16. MIP-Timestamp AVP . . . . . . . . . . . . . . . . . . . . 26 6.16. MIP-Timestamp AVP . . . . . . . . . . . . . . . . . . . . 27
6.17. QoS-Capability AVP . . . . . . . . . . . . . . . . . . . . 27 6.17. QoS-Capability AVP . . . . . . . . . . . . . . . . . . . . 27
6.18. QoS-Resources AVP . . . . . . . . . . . . . . . . . . . . 27 6.18. QoS-Resources AVP . . . . . . . . . . . . . . . . . . . . 27
6.19. Chargeable-User-Identity AVP . . . . . . . . . . . . . . . 27 6.19. Chargeable-User-Identity AVP . . . . . . . . . . . . . . . 27
6.20. Coupled Accounting Model Accounting AVPs . . . . . . . . . 27 6.20. Coupled Accounting Model Accounting AVPs . . . . . . . . . 27
7. Result-Code AVP Values . . . . . . . . . . . . . . . . . . . . 28 7. Result-Code AVP Values . . . . . . . . . . . . . . . . . . . . 28
7.1. Success . . . . . . . . . . . . . . . . . . . . . . . . . 28 7.1. Success . . . . . . . . . . . . . . . . . . . . . . . . . 28
7.2. Permanent Failures . . . . . . . . . . . . . . . . . . . . 28 7.2. Permanent Failures . . . . . . . . . . . . . . . . . . . . 28
8. AVP Occurrence Tables . . . . . . . . . . . . . . . . . . . . 28 8. AVP Occurrence Tables . . . . . . . . . . . . . . . . . . . . 29
8.1. AAR, AAA, DER, DEA, MRM and MAM AVP/Command-Code Table . . 29 8.1. AAR, AAA, DER, DEA, MRM and MAM AVP/Command-Code Table . . 29
8.2. Coupled Accounting Model AVP Table . . . . . . . . . . . . 29 8.2. Coupled Accounting Model AVP Table . . . . . . . . . . . . 30
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 30 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 30
9.1. Command Codes . . . . . . . . . . . . . . . . . . . . . . 30 9.1. Command Codes . . . . . . . . . . . . . . . . . . . . . . 30
9.2. AVP Codes . . . . . . . . . . . . . . . . . . . . . . . . 30 9.2. AVP Codes . . . . . . . . . . . . . . . . . . . . . . . . 31
9.3. Result-Code AVP Values . . . . . . . . . . . . . . . . . . 31 9.3. Result-Code AVP Values . . . . . . . . . . . . . . . . . . 31
9.4. Application Identifier . . . . . . . . . . . . . . . . . . 31 9.4. Application Identifier . . . . . . . . . . . . . . . . . . 31
9.5. Namespaces . . . . . . . . . . . . . . . . . . . . . . . . 31 9.5. Namespaces . . . . . . . . . . . . . . . . . . . . . . . . 31
9.6. Mobile IPv6 Status Codes . . . . . . . . . . . . . . . . . 31 9.6. Mobile IPv6 Status Codes . . . . . . . . . . . . . . . . . 32
10. Security Considerations . . . . . . . . . . . . . . . . . . . 32 10. Security Considerations . . . . . . . . . . . . . . . . . . . 32
11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 32 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 32
12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 32 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 33
12.1. Normative References . . . . . . . . . . . . . . . . . . . 32 12.1. Normative References . . . . . . . . . . . . . . . . . . . 33
12.2. Informative References . . . . . . . . . . . . . . . . . . 33 12.2. Informative References . . . . . . . . . . . . . . . . . . 34
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 34 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 34
Intellectual Property and Copyright Statements . . . . . . . . . . 36 Intellectual Property and Copyright Statements . . . . . . . . . . 36
1. Introduction 1. Introduction
Performing the Mobile IPv6 protocol [1], requires the Mobile Node Performing the Mobile IPv6 protocol [1], requires the Mobile Node
(MN) to own a Home Address (HoA) and to have an assigned Home Agent (MN) to own a Home Address (HoA) and to have an assigned Home Agent
(HA) to the MN. The MN needs to register with the HA in order to (HA) to the MN. The MN needs to register with the HA in order to
enable its reachability and mobility, when away from its home link. enable its reachability and mobility, when away from its home link.
The registration process itself may require an establishment of IPSec The registration process itself may require an establishment of IPSec
skipping to change at page 23, line 43 skipping to change at page 23, line 43
contains an SPI code which can be used with other parameters for contains an SPI code which can be used with other parameters for
identifying the security association required for the validation of identifying the security association required for the validation of
the Mobile IPv6 MN-HA Authentication Option. the Mobile IPv6 MN-HA Authentication Option.
When included in the MRM message, the Diameter server needs to return When included in the MRM message, the Diameter server needs to return
a valid MIP-MN-HA-MSA AVP in the corresponding MAM message. a valid MIP-MN-HA-MSA AVP in the corresponding MAM message.
6.5. MIP-Mobile-Node-Address AVP 6.5. MIP-Mobile-Node-Address AVP
The MIP-Mobile-Node-Address AVP (AVP Code 333) is of type Address and The MIP-Mobile-Node-Address AVP (AVP Code 333) is of type Address and
contains the Home Agent assigned IPv6 or IPv4 Home Address of the contains the HA assigned IPv6 or IPv4 Home Address of the Mobile
Mobile Node. Node.
If the MIP-Mobile-Node-Address AVP contains unspecified IPv6 address If the MIP-Mobile-Node-Address AVP contains unspecified IPv6 address
(0::0) or all zeroes IPv4 address (0.0.0.0) in a request message, (0::0) or all zeroes IPv4 address (0.0.0.0) in a request message,
then the HA expects the Diameter server to assign the Home Address in then the HA expects the Diameter server to assign the Home Address in
a subsequent answer message. If the Diameter server assigns only an a subsequent answer message. If the Diameter server assigns only an
IPv6 Home Network Prefix to the Mobile Node the lower 64 bits of the IPv6 Home Network Prefix to the Mobile Node the lower 64 bits of the
MIP-Mobile-Node-Address AVP provided address MUST be set to zero. MIP-Mobile-Node-Address AVP provided address MUST be set to zero.
This AVP is re-used from [12]. This AVP is re-used from [12].
skipping to change at page 24, line 20 skipping to change at page 24, line 20
contains the IPv6 or the IPv4 address of the HA. The HA address in a contains the IPv6 or the IPv4 address of the HA. The HA address in a
request message is the same as in the received BU message that request message is the same as in the received BU message that
triggered the authentication and authorization procedure towards the triggered the authentication and authorization procedure towards the
Diameter server. Diameter server.
If the MIP-Home-Agent-Address AVP is present in an answer message and If the MIP-Home-Agent-Address AVP is present in an answer message and
the Result-Code AVP is set to DIAMETER_SUCCESS_RELOCATE_HA, then the the Result-Code AVP is set to DIAMETER_SUCCESS_RELOCATE_HA, then the
Diameter server is indicating to the HA that it MUST initiate a HA Diameter server is indicating to the HA that it MUST initiate a HA
switch procedure towards the MN (e.g., using the procedure defined in switch procedure towards the MN (e.g., using the procedure defined in
[13]). If the Result-Code AVP is set to any other value, then the HA [13]). If the Result-Code AVP is set to any other value, then the HA
SHOULD initiate the Home Agent switch procedure towards the MN. The SHOULD initiate the HA switch procedure towards the MN. The address
address of the assigned HA is defined in the MIP-Home-Agent-Address of the assigned HA is defined in the MIP-Home-Agent-Address AVP.
AVP.
This AVP is re-used from [12]. This AVP is re-used from [12].
6.7. MIP-Careof-Address AVP 6.7. MIP-Careof-Address AVP
The MIP-Careof-Address AVP (AVP Code TBD) is of type Address and The MIP-Careof-Address AVP (AVP Code TBD) is of type Address and
contains the IPv6 Care-of Address of the Mobile Node. The HA contains the IPv6 Care-of Address of the Mobile Node. The HA
extracts this IP address from the received BU message. extracts this IP address from the received BU message.
6.8. MIP-Authenticator AVP 6.8. MIP-Authenticator AVP
skipping to change at page 26, line 6 skipping to change at page 26, line 6
The replay modes, defined in RFC 4004 [12], are supported. The replay modes, defined in RFC 4004 [12], are supported.
This AVP is re-used from [12]. This AVP is re-used from [12].
6.15. MIP6-Feature-Vector AVP 6.15. MIP6-Feature-Vector AVP
This AVP is defined in [10]. This document defines a new capability This AVP is defined in [10]. This document defines a new capability
bit for signaling the support of Mobile IPv6 route optimization. The bit for signaling the support of Mobile IPv6 route optimization. The
following capability is defined in this document: following capability is defined in this document:
RO_SUPPORTED (0x0000000800000000) MIP6_SPLIT (0x0000000100000000)
When this flag is set by the NAS then it means that the Mobile
IPv6 split scenario bootstrapping functionality is supported by
the NAS. When this flag is set by the Diameter server then the
Mobile IPv6 split scenario bootstrapping is supported by the
Diameter server.
RO_SUPPORTED (0x0000000200000000)
Route optimization is supported. When the HA sets this bit, it Route optimization is supported. When the HA sets this bit, it
indicates support for the route optimization. If this bit is indicates support for the route optimization. If this bit is
unset in the returned Mobility-Capability AVP, the AAAH does not unset in the returned Mobility-Capability AVP, the AAAH does not
authorize route optimization for the MN. authorize route optimization for the MN.
In a case the HA or the AAAH cannot authorize the use of route In a case the HA or the AAAH cannot authorize the use of route
optimization then the HA SHOULD send a Binding Acknowledgement optimization then the HA SHOULD send a Binding Acknowledgement
with a Status Code set to ACCEPTED_BUT_NO_ROUTE_OPTIMIZATION with a Status Code set to ACCEPTED_BUT_NO_ROUTE_OPTIMIZATION
(status code TBD). This Status Code indicates that the binding (status code TBD). This Status Code indicates that the binding
registration succeeded but the HA will fail all possible registration succeeded but the HA will fail all possible
subsequent route optimization attempts because of subscription or subsequent route optimization attempts because of subscription or
operator policy. operator policy.
USER_TRAFFIC_ENCRYPTION (0x0000000100000000) USER_TRAFFIC_ENCRYPTION (0x0000000400000000)
User plane traffic encryption is supported. When the HA sets this User plane traffic encryption is supported. When the HA sets this
bit, it indicates support for the user plane traffic encryption bit, it indicates support for the user plane traffic encryption
between the MN and the HA. If this bit is unset in the returned between the MN and the HA. If this bit is unset in the returned
Mobility-Capability AVP, the AAAH does not authorize user plane Mobility-Capability AVP, the AAAH does not authorize user plane
traffic encryption for the MN because of subscription or operator traffic encryption because of subscription or operator policy.
policy.
In the case the AAAH cannot authorize the use of route In the case the AAAH cannot authorize the use of user plane
optimization then the HA SHOULD send a Binding Acknowledgement traffic encryption then the HA SHOULD send a Binding
with a Status Code set to ACCEPTED_BUT_NO_TRAFFIC_ENCRYPTION Acknowledgement with a Status Code set to
(status code TBD). This Status Code indicates that the binding ACCEPTED_BUT_NO_TRAFFIC_ENCRYPTION (status code TBD). This Status
registration succeeded but the HA will silently discard all Code indicates that the binding registration succeeded but the HA
encrypted user plane packets sent by the MN to the Home Agent. will silently discard all encrypted user plane packets sent by the
MN to the HA.
VPN_GW_MODE (0x0000000200000000) VPN_GW_MODE (0x0000000800000000)
The HA is supposed to act as a IPSec VPN gateway for the user. The HA is supposed to act as a IPSec VPN gateway for the user.
When the Home Agent sets this bit, it indicates support for acting When the HA sets this bit, it indicates support for acting as a
as a standalone IPSec VPN gateway. If this bit is unset in the standalone IPSec VPN gateway. If this bit is unset in the
returned Mobility-Capability AVP, the AAAH does not authorize the returned Mobility-Capability AVP, the AAAH does not authorize the
HA to act as a standalone IPSec VPN gateway for the MN because of HA to act as a standalone IPSec VPN gateway for the MN because of
subscription or operator policy. subscription or operator policy.
6.16. MIP-Timestamp AVP 6.16. MIP-Timestamp AVP
The MIP-Timestamp AVP (AVP Code TBD) is of type Time and may contain The MIP-Timestamp AVP (AVP Code TBD) is of type Time and may contain
the timestamp value from the Mobility message replay protection the timestamp value from the Mobility message replay protection
option, defined in [3]. The HA extracts this value from the received option, defined in [3]. The HA extracts this value from the received
BU message, if available. BU message, if available.
skipping to change at page 31, line 34 skipping to change at page 31, line 48
Diameter Mobile IPv6 IKE (MIP6I) | TBD Diameter Mobile IPv6 IKE (MIP6I) | TBD
Diameter Mobile IPv6 Auth (MIP6A) | TBD Diameter Mobile IPv6 Auth (MIP6A) | TBD
9.5. Namespaces 9.5. Namespaces
This specification defines a new value to the Mobility Capability This specification defines a new value to the Mobility Capability
registry (see [10]) for use with the MIP6-Feature-Vector AVP: registry (see [10]) for use with the MIP6-Feature-Vector AVP:
Token | Value | Description Token | Value | Description
---------------------------------+----------------------+------------ ---------------------------------+----------------------+------------
RO_SUPPORTED | 0x0000000800000000 | RFC TBD MIP6_SPLIT | 0x0000000100000000 | RFC TBD
USER_TRAFFIC_ENCRYPTION | 0x0000000100000000 | RFC TBD RO_SUPPORTED | 0x0000000200000000 | RFC TBD
VPN_GW_MODE | 0x0000000200000000 | RFC TBD USER_TRAFFIC_ENCRYPTION | 0x0000000400000000 | RFC TBD
VPN_GW_MODE | 0x0000000800000000 | RFC TBD
9.6. Mobile IPv6 Status Codes 9.6. Mobile IPv6 Status Codes
This specification defines a new Mobile IPv6 [1] Status Code value. This specification defines a new Mobile IPv6 [1] Status Code value.
The Status Code must be allocated from the range 0-127: The Status Code must be allocated from the range 0-127:
Status Code | Value | Description Status Code | Value | Description
----------------------------------------+---------------+------------ ----------------------------------------+---------------+------------
ACCEPTED_BUT_NO_ROUTE_OPTIMIZATION | is set to TBD | RFC TBD ACCEPTED_BUT_NO_ROUTE_OPTIMIZATION | is set to TBD | RFC TBD
ACCEPTED_BUT_NO_TRAFFIC_ENCRYPTION | is set to TBD | RFC TBD ACCEPTED_BUT_NO_TRAFFIC_ENCRYPTION | is set to TBD | RFC TBD
 End of changes. 19 change blocks. 
33 lines changed or deleted 41 lines changed or added

This html diff was produced by rfcdiff 1.35. The latest version is available from http://tools.ietf.org/tools/rfcdiff/