draft-ietf-dime-pmip6-02.txt   draft-ietf-dime-pmip6-03.txt 
Diameter Maintenance and J. Korhonen, Ed. Diameter Maintenance and J. Korhonen, Ed.
Extensions (DIME) Nokia Siemens Network Extensions (DIME) Nokia Siemens Network
Internet-Draft J. Bournelle Internet-Draft J. Bournelle
Intended status: Standards Track Orange Labs Intended status: Standards Track Orange Labs
Expires: October 18, 2009 K. Chowdhury Expires: February 25, 2010 K. Chowdhury
Starent Networks Starent Networks
A. Muhanna A. Muhanna
Nortel Nortel
U. Meyer U. Meyer
RWTH Aachen RWTH Aachen
April 16, 2009 August 24, 2009
Diameter Proxy Mobile IPv6: Mobile Access Gateway and Local Mobility Diameter Proxy Mobile IPv6: Mobile Access Gateway and Local Mobility
Anchor Interaction with Diameter Server Anchor Interaction with Diameter Server
draft-ietf-dime-pmip6-02.txt draft-ietf-dime-pmip6-03.txt
Status of this Memo Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet- other groups may also distribute working documents as Internet-
Drafts. Drafts.
skipping to change at page 1, line 40 skipping to change at page 1, line 40
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on October 18, 2009. This Internet-Draft will expire on February 25, 2010.
Copyright Notice Copyright Notice
Copyright (c) 2009 IETF Trust and the persons identified as the Copyright (c) 2009 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents in effect on the date of Provisions Relating to IETF Documents in effect on the date of
publication of this document (http://trustee.ietf.org/license-info). publication of this document (http://trustee.ietf.org/license-info).
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. and restrictions with respect to this document.
Abstract Abstract
This specification defines the Diameter support for the Proxy Mobile This specification defines Authentication, Authorization, and
IPv6 and the corresponding mobility service session setup. The Accounting interactions between Proxy Mobile IPv6 entities (both
policy information needed by the Proxy Mobile IPv6 is defined in Mobile Access Gateway and Local Mobility Anchor) and an
mobile node's policy profile, which could be downloaded from the Authentication, Authorization, and Accounting server within a Proxy
Diameter server to the Mobile Access Gateway once the mobile node Mobile IPv6 Domain. These Authentication, Authorization, and
attaches to a Proxy Mobile IPv6 Domain and performs access Accounting interactions are primarily used to download and update
authentication. During the binding update exchange between the mobile node specific policy profile information between Proxy Mobile
Mobile Access Gateway and the Local Mobility Anchor, the Local IPv6 entities and a remote policy store.
Mobility Anchor can interact with the Diameter server in order to
update the remote policy store with the mobility session related
information.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
2. Terminology and Abbreviations . . . . . . . . . . . . . . . . 4 2. Terminology and Abbreviations . . . . . . . . . . . . . . . . 4
3. Solution Overview . . . . . . . . . . . . . . . . . . . . . . 5 3. Solution Overview . . . . . . . . . . . . . . . . . . . . . . 5
4. Attribute Value Pair Definitions . . . . . . . . . . . . . . . 7 4. Generic Application Support and Command Codes . . . . . . . . 7
4.1. MIP6-Agent-Info AVP . . . . . . . . . . . . . . . . . . . 7 4.1. MAG-to-HAAA Interface . . . . . . . . . . . . . . . . . . 7
4.2. PMIP6-IPv4-Home-Address AVP . . . . . . . . . . . . . . . 7 4.2. LMA-to-HAAA Interface . . . . . . . . . . . . . . . . . . 7
4.3. MIP6-Home-Link-Prefix AVP . . . . . . . . . . . . . . . . 8 5. Attribute Value Pair Definitions . . . . . . . . . . . . . . . 8
4.4. PMIP6-DHCP-Server-Address AVP . . . . . . . . . . . . . . 8 5.1. MIP6-Agent-Info AVP . . . . . . . . . . . . . . . . . . . 8
4.5. MIP6-Feature-Vector AVP . . . . . . . . . . . . . . . . . 8 5.2. PMIP6-IPv4-Home-Address AVP . . . . . . . . . . . . . . . 9
4.6. Mobile-Node-Identifier AVP . . . . . . . . . . . . . . . . 9 5.3. MIP6-Home-Link-Prefix AVP . . . . . . . . . . . . . . . . 9
4.7. Calling-Station-Id AVP . . . . . . . . . . . . . . . . . . 9 5.4. PMIP6-DHCP-Server-Address AVP . . . . . . . . . . . . . . 10
4.8. Service-Selection AVP . . . . . . . . . . . . . . . . . . 10 5.5. MIP6-Feature-Vector AVP . . . . . . . . . . . . . . . . . 10
4.9. Service-Configuration AVP . . . . . . . . . . . . . . . . 10 5.6. Mobile-Node-Identifier AVP . . . . . . . . . . . . . . . . 11
5. Application Support and Command Codes . . . . . . . . . . . . 11 5.7. Calling-Station-Id AVP . . . . . . . . . . . . . . . . . . 11
5.1. MAG-to-HAAA Interface . . . . . . . . . . . . . . . . . . 11 5.8. Service-Selection AVP . . . . . . . . . . . . . . . . . . 11
5.2. LMA-to-HAAA Interface . . . . . . . . . . . . . . . . . . 11 5.9. Service-Configuration AVP . . . . . . . . . . . . . . . . 12
5.2.1. Authorization of the Proxy Binding Update . . . . . . 12
6. Proxy Mobile IPv6 Session Management . . . . . . . . . . . . . 12 6. Proxy Mobile IPv6 Session Management . . . . . . . . . . . . . 12
6.1. Session-Termination-Request . . . . . . . . . . . . . . . 13 6.1. Session-Termination-Request . . . . . . . . . . . . . . . 13
6.2. Session-Termination-Answer . . . . . . . . . . . . . . . . 13 6.2. Session-Termination-Answer . . . . . . . . . . . . . . . . 13
6.3. Abort-Session-Request . . . . . . . . . . . . . . . . . . 13 6.3. Abort-Session-Request . . . . . . . . . . . . . . . . . . 13
6.4. Abort-Session-Answer . . . . . . . . . . . . . . . . . . . 13 6.4. Abort-Session-Answer . . . . . . . . . . . . . . . . . . . 13
7. Attribute Value Pair Occurrence Tables . . . . . . . . . . . . 13 7. Attribute Value Pair Occurrence Tables . . . . . . . . . . . . 13
7.1. MAG-to-HAAA Interface . . . . . . . . . . . . . . . . . . 14 7.1. MAG-to-HAAA Interface . . . . . . . . . . . . . . . . . . 14
7.2. LMA-to-HAAA Interface . . . . . . . . . . . . . . . . . . 14 7.2. LMA-to-HAAA Interface . . . . . . . . . . . . . . . . . . 14
8. Example Signaling Flows . . . . . . . . . . . . . . . . . . . 14 8. Example Signaling Flows . . . . . . . . . . . . . . . . . . . 14
9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 16
9.1. Attribute Value Pair Codes . . . . . . . . . . . . . . . . 16 9.1. Attribute Value Pair Codes . . . . . . . . . . . . . . . . 16
9.2. Namespaces . . . . . . . . . . . . . . . . . . . . . . . . 16 9.2. Namespaces . . . . . . . . . . . . . . . . . . . . . . . . 17
9.3. Result-Code AVP Values . . . . . . . . . . . . . . . . . . 16 9.3. Result-Code AVP Values . . . . . . . . . . . . . . . . . . 17
10. Security Considerations . . . . . . . . . . . . . . . . . . . 16 10. Security Considerations . . . . . . . . . . . . . . . . . . . 17
11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 17 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 17
12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 17 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 17
12.1. Normative References . . . . . . . . . . . . . . . . . . . 17 12.1. Normative References . . . . . . . . . . . . . . . . . . . 17
12.2. Informative References . . . . . . . . . . . . . . . . . . 17 12.2. Informative References . . . . . . . . . . . . . . . . . . 18
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 18 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 19
1. Introduction 1. Introduction
In the Proxy Mobile IPv6 (PMIPv6) protocol [RFC5213] and IPv4 support This specification defines Authentication, Authorization, and
for Proxy Mobile IPv6 [I-D.ietf-netlmm-pmip6-ipv4-support] a Mobile Accounting (AAA) interactions between a Mobile Access Gateway (MAG)
Access Gateway (MAG) performs a proxy registration with a Local and an AAA server, and between a Local Mobility Anchor (LMA) and an
Mobility Anchor (LMA) on behalf of the mobile node (MN). In order to AAA server within a Proxy Mobile IPv6 (PMIPv6) Domain [RFC5213].
perform the proxy registration the MAG needs the IP address of the These AAA interactions are primarily used to download and update
LMA, possibly MN's Home Network Prefix(es) (MN-HNP), MN's IPv4 home mobile node (MN) specific policy profile information between PMIPv6
address (IPv4-MN-HoA), DHCP server address and other PMIPv6 specific entities (a MAG and a LMA) and a remote policy store.
information such as the allowed address configuration modes and
roaming related policies. All this information is defined in MN's
policy profile that gets downloaded from the Diameter server to the
MAG once the MN attaches to the MAG's Proxy Mobile IPv6 Domain
(PMIPv6 Domain) and performs the access authentication.
Dynamic assignment and downloading of PMIPv6 policy profile Dynamic assignment and downloading of MN's policy profile information
information is a desirable feature to ease the deployment and network to a MAG from a remote policy store is a desirable feature to ease
maintenance of larger PMIPv6 deployments. For this purpose, the the deployment and network maintenance of larger PMIPv6 domains. For
Authentication, Authorization, and Accounting (AAA) infrastructure, this purpose, the same AAA infrastructure that is used for
which is used for access authentication, can be leveraged to assign authenticating and authorizing the MN for a network access, can be
some or all of the necessary parameters. The Diameter server in the leveraged to download some or all of the necessary policy profile
Mobility Service authorizer's (MSA) network may return these information to the MAG.
parameters to the Network Access Server (NAS).
Once the MN authenticates to the network the MAG sends a Proxy Once the network has authenticated the MN, the MAG sends a Proxy
Binding Update (PBU) towards the LMA on behalf of the MN. When the Binding Update (PBU) to the LMA in order to setup a mobility session
LMA receives the PBU, the LMA may need to update the remote policy on behalf of the MN. When the LMA receives the PBU, the LMA may need
store located in the MSA with the MN's mobility session related to authorize the received PBU against the AAA infrastructure. The
information. same AAA infrastructure that can be used for the authorization of the
PBU, is also used to update the remote policy store with the LMA
provided MN specific mobility session related information.
This specification defines the Diameter support for PMIPv6. In the In the context of this specification the home AAA server (HAAA)
context of this specification the location of the subscriber policy functionality is co-located with the remote policy store. The NAS
profile equals to the home Diameter server, which is also referred as functionality may be co-located with the MAG function in the network
the home AAA server (HAAA). The NAS functionality of the MAG may be access router. Diameter [RFC3588] is the used AAA protocol.
co-located or an integral part of the MAG.
2. Terminology and Abbreviations 2. Terminology and Abbreviations
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC2119 [RFC2119]. document are to be interpreted as described in RFC2119 [RFC2119].
The general terminology used in this document can be found in The general terminology used in this document can be found in
[RFC5213] and [I-D.ietf-netlmm-pmip6-ipv4-support]. The following [RFC5213] and [I-D.ietf-netlmm-pmip6-ipv4-support]. The following
additional or clarified terms are also used in this document: additional or clarified terms are also used in this document:
skipping to change at page 5, line 27 skipping to change at page 5, line 21
3. Solution Overview 3. Solution Overview
This document addresses the AAA interactions and AAA-based session This document addresses the AAA interactions and AAA-based session
management functionality needed in the PMIPv6 Domain. This document management functionality needed in the PMIPv6 Domain. This document
defines Diameter based AAA interactions between the MAG and the HAAA, defines Diameter based AAA interactions between the MAG and the HAAA,
and between the LMA and the HAAA. and between the LMA and the HAAA.
The policy profile is downloaded from the HAAA to the MAG during the The policy profile is downloaded from the HAAA to the MAG during the
MN attachment to the PMIPv6 Domain. Figure 1 shows the participating MN attachment to the PMIPv6 Domain. Figure 1 shows the participating
network entities. This document, however, concentrates on the MAG, network entities. This document, however, concentrates on the MAG,
LMA, and the home Diameter server. LMA, and the HAAA (the home Diameter server).
+--------+ +--------+
| HAAA & | Diameter +-----+ | HAAA & | Diameter +-----+
| Policy |<---(2)-->| LMA | | Policy |<---(2)-->| LMA |
| Profile| +-----+ | Store | +-----+
+--------+ | <--- LMA-Address +--------+ | <--- LMA-Address
^ | ^ |
| // \\ | // \\
+---|------------- //---\\----------------+ +---|------------- //---\\----------------+
( | IPv4/IPv6 // \\ ) ( | IPv4/IPv6 // \\ )
( | Network // \\ ) ( | Network // \\ )
+---|-----------//---------\\-------------+ +---|-----------//---------\\-------------+
| // \\ | // \\
Diameter // <- Tunnel1 \\ <- Tunnel2 Diameter // <- Tunnel1 \\ <- Tunnel2
(1) // \\ (1) // \\
skipping to change at page 7, line 7 skipping to change at page 7, line 7
access authentication answer to the MAG. access authentication answer to the MAG.
After the MN has been successfully authenticated, the MAG sends a PBU After the MN has been successfully authenticated, the MAG sends a PBU
to the LMA based on the MN's policy profile information. Upon to the LMA based on the MN's policy profile information. Upon
receiving the PBU the LMA interacts with the HAAA and fetches the receiving the PBU the LMA interacts with the HAAA and fetches the
relevant parts of the subscriber policy profile and authorization relevant parts of the subscriber policy profile and authorization
information related to the mobility service session. In this information related to the mobility service session. In this
specification, the HAAA has the role of the PMIPv6 remote policy specification, the HAAA has the role of the PMIPv6 remote policy
store. store.
4. Attribute Value Pair Definitions 4. Generic Application Support and Command Codes
This specification does not define new Application-IDs or Command
Codes for the MAG-to-HAAA or for the LMA-to-HAAA Diameter
connections. Rather, this specification is generic to any Diameter
application (and their commands) that is suitable for a network
access authentication and authorization. Example applications
include NASREQ [RFC4005] and EAP [RFC4072].
4.1. MAG-to-HAAA Interface
The MAG-to-HAAA interactions are primarily used for bootstrapping
PMIPv6 mobility service session when a MN attaches and authenticates
to a PMIPv6 Domain. This includes the bootstrapping of PMIPv6
session related information. The same interface may also be used for
accounting. The MAG acts as a Diameter client.
Whenever the MAG sends a Diameter request message to the HAAA, the
User-Name AVP SHOULD contain the MN's identity unless the identity is
being suppressed for policy reasons - for example, when identity
hiding is in effect. The MN identity, if available, MUST be in
Network Access Identifier (NAI) [RFC4282] format. At minimum the
home realm of the MN MUST be available at the MAG when the network
access authentication takes place. Otherwise the MAG is not able to
route the Diameter request messages towards the correct HAAA. The MN
identity used on the MAG-to-HAAA interface and in the User-Name AVP
MAY entirely be related to the network access authentication, and
therefore not suitable to be used as the MN-ID mobility option value
in the subsequent PBU/PBA messages. See the related discussion on
MN's identities in Section 5.6 and in Section 4.2.
For the session management and service authorization purposes,
session state SHOULD be maintained on the MAG-to-HAAA interface. See
the discussion in Section 5.8.
4.2. LMA-to-HAAA Interface
The-LMA-to HAAA interface may be used for multiple purposes. These
include the authorization of the incoming PBU, updating the LMA
address to the HAAA, delegating the assignment of the HNP or the
IPv4-HoA to the HAAA, and for accounting and PMIPv6 session
management.
Whenever the LMA sends a Diameter request message to the HAAA, the
User-Name AVP SHOULD contain the MN's identity. The LMA MAY retrieve
the MN's identity information from the PBU MN-ID [RFC4283][RFC5213]
mobility option. The identity SHOULD be the same as used on the MAG-
to-HAAA interface, but in the case those identities differ the HAAA
MUST have a mechanism of mapping the MN identity used on the MAG-to-
HAAA interface to the identity used on the LMA-to-HAAA interface.
If the PBU contains the MN Link-Layer Identifier option, the Calling-
Station-Id AVP SHOULD be included in the request message containing
the received Link-Layer Identifier. Furthermore, if the PBU contains
the Service Selection mobility option [RFC5149], the Service-
Selection AVP SHOULD be included in the request message containing
the received service identifier.
The LMA and the HAAA use the MIP6-Home-Link-Prefix AVP to exchange
the MN-HNP when appropriate. Similarly, the LMA and the HAAA use the
PMIP6-IPv4-Home-Address AVP to exchange the IPv4-MN-HoA when
appropriate. Note that these AVPs are encapsulated inside the MIP6-
Agent-Info AVP. Which entity is actually responsible for the address
management is a deployment specific within the PMIPv6 Domain and MUST
be pre-agreed on per deployment basis.
The Auth-Request-Type AVP MUST be set to the value AUTHORIZE_ONLY.
If the HAAA is not able to authorize the subscriber's mobility
service session, then the reply message to the LMA MUST have the
Result-Code AVP set to value DIAMETER_PMIP6_AUTHORIZATION_FAILED
(TBD5) indicating a permanent failure.
The LMA-to-HAAA interface can also be used to update the selected LMA
address to the HAAA and the remote policy store during the
authorization step. This applies to the case where the MAG, for
example, discovered the LMA address using the DNS.
5. Attribute Value Pair Definitions
This section describes Attribute Value Pairs (AVPs) defined by this This section describes Attribute Value Pairs (AVPs) defined by this
specification or re-used from existing specifications in a PMIPv6 specification or re-used from existing specifications in a PMIPv6
specific way. specific way. Derived Diameter AVP Data Formats such as Address and
UTF8String are defined in Section 4.3 of RFC 3588. Grouped AVP
values are defined in Section 4.4 of RFC 3588.
4.1. MIP6-Agent-Info AVP 5.1. MIP6-Agent-Info AVP
The MIP6-Agent-Info grouped AVP (AVP Code 486) is defined in The MIP6-Agent-Info grouped AVP (AVP Code 486) is defined in
[RFC5447]. The AVP is used to carry LMA addressing related [RFC5447]. The AVP is used to carry LMA addressing related
information and a MN-HNP. This specification extends the MIP6-Agent- information and a MN-HNP. This specification extends the MIP6-Agent-
Info with the PMIP6-IPv4-Home-Address AVP using the Diameter Info with the PMIP6-IPv4-Home-Address AVP using the Diameter
extensibility rules defined in [RFC3588]. The PMIP6-IPv4-Home- extensibility rules defined in [RFC3588]. The PMIP6-IPv4-Home-
Address AVP contains the IPv4-MN-HoA. Address AVP contains the IPv4-MN-HoA.
The extended MIP6-Agent-Info AVP results to the following grouped The extended MIP6-Agent-Info AVP results to the following grouped
AVP: AVP:
MIP6-Agent-Info ::= < AVP-Header: 486 > MIP6-Agent-Info ::= < AVP-Header: 486 >
*2[ MIP-Home-Agent-Address ] *2[ MIP-Home-Agent-Address ]
[ MIP-Home-Agent-Host ] [ MIP-Home-Agent-Host ]
[ MIP6-Home-Link-Prefix ] [ MIP6-Home-Link-Prefix ]
[ PMIP6-IPv4-Home-Address ] [ PMIP6-IPv4-Home-Address ]
* [ AVP ] * [ AVP ]
4.2. PMIP6-IPv4-Home-Address AVP 5.2. PMIP6-IPv4-Home-Address AVP
The PMIP6-IPv4-Home-Address AVP (AVP Code TBD2) is of type Address The PMIP6-IPv4-Home-Address AVP (AVP Code TBD2) is of type Address
and contains an IPv4 address. This AVP is used to carry the IPv4-MN- and contains an IPv4 address. This AVP is used to carry the IPv4-MN-
HoA, if available, from the HAAA to the MAG. This AVP SHOULD only be HoA, if available, from the HAAA to the MAG. This AVP SHOULD only be
present when the MN is statically provisioned with the IPv4-MN-HoA. present when the MN is statically provisioned with the IPv4-MN-HoA.
Note that proactive dynamic assignment of the IPv4-MN-HoA by the HAAA Note that proactive dynamic assignment of the IPv4-MN-HoA by the HAAA
may result in unnecessary reservation of IPv4 address resources, may result in unnecessary reservation of IPv4 address resources,
because the MN may considerably delay or completely bypass its IPv4 because the MN may considerably delay or completely bypass its IPv4
address configuration. address configuration.
The PMIP6-IPv4-Home-Address AVP is also used on the LMA-to-HAAA The PMIP6-IPv4-Home-Address AVP is also used on the LMA-to-HAAA
interface. The AVP contains the IPv4-MN-HoA assigned to the MN. If interface. The AVP contains the IPv4-MN-HoA assigned to the MN. If
the LMA delegates the assignment of the IPv4-MN-HoA to the HAAA, the the LMA delegates the assignment of the IPv4-MN-HoA to the HAAA, the
AVP MUST contain all zeroes IPv4 address (i.e., 0.0.0.0) in the AVP MUST contain all zeroes IPv4 address (i.e., 0.0.0.0) in the
request message. If the LMA delegated the IPv4-MN-HoA assignment to request message. If the LMA delegated the IPv4-MN-HoA assignment to
the HAAA, then the AVP contains the HAAA assigned IPv4-MN-HoA in the the HAAA, then the AVP contains the HAAA assigned IPv4-MN-HoA in the
response message. response message.
4.3. MIP6-Home-Link-Prefix AVP 5.3. MIP6-Home-Link-Prefix AVP
The MIP6-Home-Link-Prefix AVP (AVP Code 125) is defined in [RFC5447]. The MIP6-Home-Link-Prefix AVP (AVP Code 125) is defined in [RFC5447].
This AVP is used to carry the MN-HNP, if available, from the HAAA to This AVP is used to carry the MN-HNP, if available, from the HAAA to
the MAG. The low 64 bits of the prefix MUST be all zeroes. the MAG. The low 64 bits of the prefix MUST be all zeroes.
The MIP6-Home-Link-Prefix AVP is also used on the LMA-to-HAAA The MIP6-Home-Link-Prefix AVP is also used on the LMA-to-HAAA
interface. The AVP contains the prefix assigned to the MN. If the interface. The AVP contains the prefix assigned to the MN. If the
LMA delegates the assignment of the MN-HNP to the HAAA, the AVP MUST LMA delegates the assignment of the MN-HNP to the HAAA, the AVP MUST
contain all zeroes address (i.e., 0::0) in the request message. If contain all zeroes address (i.e., 0::0) in the request message. If
the LMA delegated the MN-HNP assignment to the HAAA, then the AVP the LMA delegated the MN-HNP assignment to the HAAA, then the AVP
contains the HAAA assigned MNM-HNP in the response message. contains the HAAA assigned MNM-HNP in the response message.
4.4. PMIP6-DHCP-Server-Address AVP 5.4. PMIP6-DHCP-Server-Address AVP
The PMIP6-DHCP-Server-Address AVP (AVP Code TBD1) is of type Address The PMIP6-DHCP-Server-Address AVP (AVP Code TBD1) is of type Address
and contains the IP address of the DHCPv4 and/or DHCPv6 server and contains the IP address of the Dynamic Host Configuration
assigned to the MAG serving the newly attached MN. If the AVP Protocol (DHCP) server assigned to the MAG serving the newly attached
contains a DHCPv4 server address, then the Address type MUST be IPv4. MN. If the AVP contains a DHCPv4 [RFC2131] server address, then the
If the AVP contains a DHCPv6 server address, then the Address type Address type MUST be IPv4. If the AVP contains a DHCPv6 [RFC3315]
MUST be IPv6. The HAAA MAY assign a DHCP server to the MAG in server address, then the Address type MUST be IPv6. The HAAA MAY
deployments where the MAG acts as a DHCP Relay assign a DHCP server to the MAG in deployments where the MAG acts as
[I-D.ietf-netlmm-pmip6-ipv4-support]. a DHCP Relay [I-D.ietf-netlmm-pmip6-ipv4-support].
4.5. MIP6-Feature-Vector AVP 5.5. MIP6-Feature-Vector AVP
The MIP6-Feature-Vector AVP is originally defined in [RFC5447]. This The MIP6-Feature-Vector AVP is originally defined in [RFC5447]. This
document defines new capability flag bits according to the rules in document defines new capability flag bits according to the IANA rules
[RFC5447]. in RFC 5447.
PMIP6_SUPPORTED (0x0000010000000000) PMIP6_SUPPORTED (0x0000010000000000)
When the MAG/NAS sets this bit in the MIP6-Feature-Vector AVP, it When the MAG/NAS sets this bit in the MIP6-Feature-Vector AVP, it
is an indication to the HAAA that the NAS supports PMIPv6. When is an indication to the HAAA that the NAS supports PMIPv6. When
the HAAA sets this bit in the response MIP6-Feature-Vector AVP, it the HAAA sets this bit in the response MIP6-Feature-Vector AVP, it
indicates that the HAAA also has PMIPv6 support. This capability indicates that the HAAA also has PMIPv6 support. This capability
bit can also be used to allow PMIPv6 mobility support in a bit can also be used to allow PMIPv6 mobility support in a
subscription granularity. subscription granularity.
skipping to change at page 9, line 14 skipping to change at page 10, line 50
HAAA does not authorize the configuration of IPv4 address. HAAA does not authorize the configuration of IPv4 address.
LOCAL_MAG_ROUTING_SUPPORTED (0x0000040000000000) LOCAL_MAG_ROUTING_SUPPORTED (0x0000040000000000)
Direct routing of IP packets between MNs anchored to the same MAG Direct routing of IP packets between MNs anchored to the same MAG
is supported. When a MAG sets this bit in the MIP6-Feature- is supported. When a MAG sets this bit in the MIP6-Feature-
Vector, it indicates that routing IP packets between MNs anchored Vector, it indicates that routing IP packets between MNs anchored
to the same MAG is supported, without reverse tunneling packets to the same MAG is supported, without reverse tunneling packets
via the LMA or requiring any Route Optimization related signaling via the LMA or requiring any Route Optimization related signaling
(e.g. the Return Routability Procedure in [RFC3775]) prior direct (e.g. the Return Routability Procedure in [RFC3775]) prior direct
routing. If this bit is unset in the returned MIP6-Feature-Vector routing. If this bit is cleared in the returned MIP6-Feature-
AVP, the HAAA does not authorize direct routing of packets between Vector AVP, the HAAA does not authorize direct routing of packets
MNs anchored to the same MAG. This policy feature SHOULD be between MNs anchored to the same MAG. The MAG SHOULD support this
supported per MN and subscription basis. policy feature per-MN and per-subscription basis.
The MIP6-Feature-Vector AVP is also used on the LMA to HAAA The MIP6-Feature-Vector AVP is also used on the LMA to HAAA
interface. Using the capability announcement AVP it is possible to interface. Using the capability announcement AVP it is possible to
perform a simple capability negotiation between the LMA and the HAAA. perform a simple capability negotiation between the LMA and the HAAA.
Those capabilities that are announced by both parties are also known Those capabilities that are announced by both parties are also known
to be mutually supported. The capabilities listed in earlier are to be mutually supported. The capabilities listed in earlier are
also supported in the LMA to HAAA interface. The LMA to HAAA also supported in the LMA to HAAA interface. The LMA to HAAA
interface does not define any new capability values. interface does not define any new capability values.
4.6. Mobile-Node-Identifier AVP 5.6. Mobile-Node-Identifier AVP
The Mobile-Node-Identifier AVP (AVP Code TBD3) is of type UTF8String The Mobile-Node-Identifier AVP (AVP Code TBD3) is of type UTF8String
and contains the mobile node identifier (MN-Identifier, see and contains the mobile node identifier (MN-Identifier, see
[RFC5213]) in the NAI [RFC4282] format. This AVP is used on the MAG- [RFC5213]) in the NAI [RFC4282] format. This AVP is used on the MAG-
to-HAAA interface. The Mobile-Node-Identifier AV is designed for to-HAAA interface. The Mobile-Node-Identifier AV is designed for
deployments where the MAG does not have a way to find out such MN deployments where the MAG does not have a way to find out such MN
identity that could be used in subsequent PBU/PBA exchanges (e.g., identity that could be used in subsequent PBU/PBA exchanges (e.g.,
due to identity hiding during the network access authentication) or due to identity hiding during the network access authentication) or
the HAAA wants to assign periodically changing identities to the MN. the HAAA wants to assign periodically changing identities to the MN.
The Mobile-Node-Identifier AVP is returned in the answer message that The Mobile-Node-Identifier AVP is returned in the answer message that
ends a successful authentication (and possibly an authorization) ends a successful authentication (and possibly an authorization)
exchange between the MAG and the HAAA, assuming the HAAA is also able exchange between the MAG and the HAAA, assuming the HAAA is also able
to provide the MAG with the MN-Identifier in the first place. The to provide the MAG with the MN-Identifier in the first place. The
MAG MUST use the received MN-Identifier, if it has not been able to MAG MUST use the received MN-Identifier, if it has not been able to
get the mobile node identifier through other means. If the MAG get the mobile node identifier through other means. If the MAG
already has a valid mobile node identifier, then the MAG MUST already has a valid mobile node identifier, then the MAG MUST
silently discard the received MN-identifier. silently discard the received MN-identifier.
4.7. Calling-Station-Id AVP 5.7. Calling-Station-Id AVP
The Calling-Station-Id AVP (AVP Code 31) is of type UTF8String and The Calling-Station-Id AVP (AVP Code 31) is of type UTF8String and
contains a Link-Layer Identifier of the MN. This identifier contains a Link-Layer Identifier of the MN. This identifier
corresponds to the Link-Layer Identifier as defined in RFC 5213 corresponds to the Link-Layer Identifier as defined in RFC 5213
Section 2.2. and 8.6. Section 2.2. and 8.6.
4.8. Service-Selection AVP 5.8. Service-Selection AVP
The Service-Selection AVP (AVP Code TBD) is of type UTF8String and The Service-Selection AVP (AVP Code 493) is of type UTF8String and
contains a LMA provided service identifier on the LMA-to-HAAA contains a LMA provided service identifier on the LMA-to-HAAA
interface. This AVP is re-used from [I-D.ietf-dime-mip6-split]. The interface. This AVP is re-used from [I-D.ietf-dime-mip6-split]. The
service identifier may be used to assist the PBU authorization and service identifier may be used to assist the PBU authorization and
the assignment of the MN-HNP and the IPv4-MN-HoA as described in RFC the assignment of the MN-HNP and the IPv4-MN-HoA as described in RFC
5149 [RFC5149]. The identifier MUST be unique within the PMIPv6 5149 [RFC5149]. The identifier MUST be unique within the PMIPv6
Domain. In the absence of the Service-Selection AVP in the request Domain. In the absence of the Service-Selection AVP in the request
message, the HAAA may want to inform the LMA of the default service message, the HAAA may want to inform the LMA of the default service
provisioned to the MN and include the Service-Selection AVP in the provisioned to the MN and include the Service-Selection AVP in the
response message. response message.
It is also possible that the MAG receives the service selection It is also possible that the MAG receives the service selection
information from the MN, for example, via some lower layer mechanism. information from the MN, for example, via some lower layer mechanism.
In this case the MAG SHOULD include the Service-Selection AVP also in In this case the MAG MUST include the Service-Selection AVP also in
the MAG-to-HAAA request messages. In absence of the Service- the MAG-to-HAAA request messages. In absence of the Service-
Selection AVP in the MAG-to-HAAA request messages, the HAAA may want Selection AVP in the MAG-to-HAAA request messages, the HAAA may want
to inform the MAG of the default service provisioned to the MN and to inform the MAG of the default service provisioned to the MN and
include the Service-Selection AVP in the response message. include the Service-Selection AVP in the response message.
Whenever the Service-Selection AVP is included either in a request Whenever the Service-Selection AVP is included either in a request
message or in a response message, and the AAA interaction with HAAA message or in a response message, and the AAA interaction with HAAA
completes successfully, it is an indication that the HAAA also completes successfully, it is an indication that the HAAA also
authorized the MN to some service. This should be taken into account authorized the MN to some service. This should be taken into account
when considering what to include in the Auth-Request-Type AVP. when considering what to include in the Auth-Request-Type AVP.
The service selection concept supports signaling one service at time. The service selection concept supports signaling one service at time.
However, the MN policy profile MAY support multiple services being However, the MN policy profile MAY support multiple services being
used simultaneously. For this purpose, the HAAA MAY return multiple used simultaneously. For this purpose, the HAAA MAY return multiple
LMA and service pairs (see Section 4.9) to the MAG in a response LMA and service pairs (see Section 5.9) to the MAG in a response
message that ends a successful authentication (and possibly an message that ends a successful authentication (and possibly an
authorization) exchange between the MAG and the HAAA. Whenever the authorization) exchange between the MAG and the HAAA. Whenever the
MN initiates additional mobility session to another service (using a MN initiates additional mobility session to another service (using a
link layer or deployment specific method), the provisioned service link layer or deployment specific method), the provisioned service
information is already contained in the MAG. Therefore, there is no information is already contained in the MAG. Therefore, there is no
need for additional AAA signaling between the MAG and the HAAA. need for additional AAA signaling between the MAG and the HAAA.
4.9. Service-Configuration AVP 5.9. Service-Configuration AVP
The Service-Configuration AVP (AVP Code TBD4) is of type Grouped and The Service-Configuration AVP (AVP Code TBD4) is of type Grouped and
contains a service and a LMA pair. The HAAA can use this AVP to contains a service and a LMA pair. The HAAA can use this AVP to
inform the MAG of MN's subscribed services and LMAs where those inform the MAG of MN's subscribed services and LMAs where those
services are hosted in. services are hosted in.
Service-Configuration ::= < AVP-Header: TBD4 > Service-Configuration ::= < AVP-Header: TBD4 >
[ MIP6-Agent-Info ] [ MIP6-Agent-Info ]
[ Service-Selection ] [ Service-Selection ]
* [ AVP ] * [ AVP ]
5. Application Support and Command Codes
5.1. MAG-to-HAAA Interface
This specification does not define a new Application-ID for the MAG-
to-HAAA Diameter connection. Rather, this specification re-uses any
Diameter application and their commands that are used to authenticate
and authorize the MN for the network access. Example applications
include NASREQ [RFC4005] and EAP [RFC4072]. The MAG acts as a
Diameter client.
The MAG-to-HAAA interactions are primarily used for bootstrapping
PMIPv6 mobility service session when a MN attaches and authenticates
to a PMIPv6 Domain. This includes the bootstrapping of PMIPv6
session related information. The same interface may also be used for
accounting.
Whenever the MAG sends a Diameter request message to the HAAA the
User-Name AVP SHOULD contain the MN's identity. The MN identity, if
available, MUST be in Network Access Identifier (NAI) [RFC4282]
format. At minimum the home realm of the MN MUST be available at the
MAG when the network access authentication takes place. Otherwise
the MAG is not able to route the Diameter request messages towards
the correct HAAA. The MN identity used on the MAG-to-HAAA interface
and in the User-Name AVP MAY entirely be related to the network
access authentication, and therefore not suitable to be used as the
MN-ID mobility option value in the subsequent PBU/PBA messages. See
the related discussion on MN's identities in Section 4.6 and in
Section 5.2.1
For the session management and service authorization purposes,
session state SHOULD be maintained on the MAG-to-HAAA interface. See
the discussion in Section 4.8.
5.2. LMA-to-HAAA Interface
The-LMA-to HAAA interface may be used for multiple purposes. These
include the authorization of the incoming PBU, updating the LMA
address to the HAAA, accounting and PMIPv6 session management.
This specification does not define a new Application-ID for the LMA-
to-HAAA Diameter connection. Rather, this specification re-uses any
Diameter application and their commands. An example application
could be NASREQ [RFC4005]. The LMA acts as a Diameter client.
5.2.1. Authorization of the Proxy Binding Update
Whenever the LMA sends a Diameter request message to the HAAA, the
User-Name AVP SHOULD contain the MN's identity. The LMA MAY retrieve
the MN's identity information from the PBU MN-ID [RFC4283][RFC5213]
mobility option. The identity SHOULD be the same as used on the MAG-
to-HAAA interface, but in the case those identities differ the HAAA
MUST have a mechanism of mapping the MN identity used on the MAG-to-
HAAA interface to the identity used on the LMA-to-HAAA interface.
If the PBU contains the MN Link-Layer Identifier option, the Calling-
Station-Id AVP SHOULD be included in the request message containing
the received Link-Layer Identifier. Furthermore, if the PBU contains
the Service Selection mobility option [RFC5149], the Service-
Selection AVP SHOULD be included in the request message containing
the received service identifier.
The LMA and the HAAA use the MIP6-Home-Link-Prefix AVP to exchange
the MN-HNP when appropriate. Similarly, the LMA and the HAAA use the
PMIP6-IPv4-Home-Address AVP to exchange the IPv4-MN-HoA when
appropriate. Note that these AVPs are encapsulated inside the MIP6-
Agent-Info AVP. Which entity is actually responsible for the address
management is a deployment specific within the PMIPv6 Domain and MUST
be pre-agreed on per deployment basis.
The Auth-Request-Type AVP MUST be set to the value AUTHORIZE_ONLY.
If the HAAA is not able to authorize the subscriber's mobility
service session, then the reply message to the LMA MUST have the
Result-Code AVP set to value DIAMETER_PMIP6_AUTHORIZATION_FAILED
(TBD5) indicating a permanent failure.
The LMA-to-HAAA interface can also be used to update the selected LMA
address to the HAAA and the remote policy store during the
authorization step. This applies to the case where the MAG, for
example, discovered the LMA address using the DNS.
6. Proxy Mobile IPv6 Session Management 6. Proxy Mobile IPv6 Session Management
Concerning a PMIPv6 mobility session, the HAAA, the MAG and the LMA Concerning a PMIPv6 mobility session, the HAAA, the MAG and the LMA
Diameter entities SHOULD be stateful and maintain the corresponding Diameter entities SHOULD be stateful and maintain the corresponding
Authorization Session State Machine defined in [RFC3588]. If a state Authorization Session State Machine defined in [RFC3588]. If a state
is maintained, then a PMIPv6 mobility session that can be identified is maintained, then a PMIPv6 mobility session that can be identified
by any of the Binding Cache (BCE) Lookup Keys described in RFC 5213 by any of the Binding Cache (BCE) Lookup Keys described in RFC 5213
(see Sections 5.4.1.1., 5.4.1.2. and 5.4.1.3.) MUST map to a single (see Sections 5.4.1.1., 5.4.1.2. and 5.4.1.3.) MUST map to a single
Diameter Session-Id. If the PMIPv6 Domain allows further separation Diameter Session-Id. If the PMIPv6 Domain allows further separation
of sessions, for example, identified by the RFC 5213 BCE Lookup Keys of sessions, for example, identified by the RFC 5213 BCE Lookup Keys
and the service selection combination (see Section 4.8 and and the service selection combination (see Section 5.8 and
[RFC5149]), then a single Diameter Session-Id MUST map to a PMIPv6 [RFC5149]), then a single Diameter Session-Id MUST map to a PMIPv6
mobility session identified by the RFC 5213 BCE Lookup Keys and the mobility session identified by the RFC 5213 BCE Lookup Keys and the
selected service. selected service.
If both the MAG-to-HAAA and the LMA-to-HAAA interfaces are deployed If both the MAG-to-HAAA and the LMA-to-HAAA interfaces are deployed
in a PMIPv6 Domain, and a state is maintained on both interfaces, in a PMIPv6 Domain, and a state is maintained on both interfaces,
then one PMIPv6 mobility session would have two distinct Diameter then one PMIPv6 mobility session would have two distinct Diameter
sessions on the HAAA. The HAAA needs to be aware of this deployment sessions on the HAAA. The HAAA needs to be aware of this deployment
possibility and SHOULD allow multiple Diameter sessions for the same possibility and SHOULD allow multiple Diameter sessions for the same
PMIPv6 mobility session. PMIPv6 mobility session.
Diameter session termination related commands described in the Diameter session termination related commands described in the
following sections may be exchanged between the LMA and the HAAA, or following sections may be exchanged between the LMA and the HAAA, or
between the MAG and the HAAA. The actual PMIPv6 session termination between the MAG and the HAAA. The actual PMIPv6 session termination
procedures take place at PMIPv6 protocol level and are described in procedures take place at PMIPv6 protocol level and are described in
more detail in RFC 5213 and [I-D.ietf-mext-binding-revocation]. more detail in RFC 5213 and [I-D.ietf-mext-binding-revocation].
6.1. Session-Termination-Request 6.1. Session-Termination-Request
The LMA or the MAG MAY send the Session-Termination-Request (STR) The LMA or the MAG MAY send the Session-Termination-Request (STR)
command [RFC3588] to the HAAA and inform the termination of an command [RFC3588] to inform the HAAA that the termination of an
ongoing PMIPv6 session is in progress. ongoing PMIPv6 session is in progress.
6.2. Session-Termination-Answer 6.2. Session-Termination-Answer
The Session-Termination-Answer (STA) [RFC3588] is sent by the HAAA to The Session-Termination-Answer (STA) [RFC3588] is sent by the HAAA to
acknowledge the termination of a PMIPv6 session. acknowledge the termination of a PMIPv6 session.
6.3. Abort-Session-Request 6.3. Abort-Session-Request
The HAAA MAY send the Abort-Session-Request (ASR) command [RFC3588] The HAAA MAY send the Abort-Session-Request (ASR) command [RFC3588]
skipping to change at page 14, line 47 skipping to change at page 14, line 49
User-Name | 0-1 | 0-1 | User-Name | 0-1 | 0-1 |
+-------+-------+ +-------+-------+
Figure 3: LMA-to-HAAA Interface Generic Diameter Request and Answer Figure 3: LMA-to-HAAA Interface Generic Diameter Request and Answer
Commands AVPs Commands AVPs
8. Example Signaling Flows 8. Example Signaling Flows
Figure 4 shows a signaling flow example during PMIPv6 bootstrapping Figure 4 shows a signaling flow example during PMIPv6 bootstrapping
using the AAA interactions defined in this specification. In step using the AAA interactions defined in this specification. In step
(1) of this example, the MN is authenticated to PMIPv6 domain using (1) of this example, the MN is authenticated to PMIPv6 Domain using
EAP-based authentication. The MAG to the HAAA signaling uses the EAP-based authentication. The MAG to the HAAA signaling uses the
Diameter EAP Application. During step (2), the LMA uses Diameter Diameter EAP Application. During step (2), the LMA uses Diameter
NASREQ application to authorize the MN with the HAAA server. NASREQ application to authorize the MN with the HAAA server.
The MAG-to-HAAA AVPs, as listed in Section 7.1 are used during step The MAG-to-HAAA AVPs, as listed in Section 7.1 are used during step
(1). These AVPs are included only in the DER message which starts (1). These AVPs are included only in the DER message which starts
the EAP exchange and in the corresponding DEA message which the EAP exchange and in the corresponding DEA message which
successfully completes this EAP exchange. The LMA-to-HAAA AVPs, as successfully completes this EAP exchange. The LMA-to-HAAA AVPs, as
listed in Section 7.2, are used during step (2). Step (2) is used to listed in Section 7.2, are used during step (2). Step (2) is used to
authorize the MN request for the mobility service and update the HAAA authorize the MN request for the mobility service and update the HAAA
skipping to change at page 17, line 15 skipping to change at page 17, line 47
11. Acknowledgements 11. Acknowledgements
Jouni Korhonen would like to thank the TEKES GIGA program MERCoNe- Jouni Korhonen would like to thank the TEKES GIGA program MERCoNe-
project for providing funding to work on this document while he was project for providing funding to work on this document while he was
with TeliaSonera. with TeliaSonera.
12. References 12. References
12.1. Normative References 12.1. Normative References
[I-D.ietf-dime-mip6-split]
Korhonen, J., Tschofenig, H., Bournelle, J., Giaretta, G.,
and M. Nakhjiri, "Diameter Mobile IPv6: Support for Home
Agent to Diameter Server Interaction",
draft-ietf-dime-mip6-split-17 (work in progress),
April 2009.
[I-D.ietf-netlmm-pmip6-ipv4-support] [I-D.ietf-netlmm-pmip6-ipv4-support]
Wakikawa, R. and S. Gundavelli, "IPv4 Support for Proxy Wakikawa, R. and S. Gundavelli, "IPv4 Support for Proxy
Mobile IPv6", draft-ietf-netlmm-pmip6-ipv4-support-11 Mobile IPv6", draft-ietf-netlmm-pmip6-ipv4-support-15
(work in progress), April 2009. (work in progress), August 2009.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC3588] Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and J. [RFC3588] Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and J.
Arkko, "Diameter Base Protocol", RFC 3588, September 2003. Arkko, "Diameter Base Protocol", RFC 3588, September 2003.
[RFC4005] Calhoun, P., Zorn, G., Spence, D., and D. Mitton, [RFC4005] Calhoun, P., Zorn, G., Spence, D., and D. Mitton,
"Diameter Network Access Server Application", RFC 4005, "Diameter Network Access Server Application", RFC 4005,
August 2005. August 2005.
skipping to change at page 17, line 47 skipping to change at page 18, line 40
[RFC5213] Gundavelli, S., Leung, K., Devarapalli, V., Chowdhury, K., [RFC5213] Gundavelli, S., Leung, K., Devarapalli, V., Chowdhury, K.,
and B. Patil, "Proxy Mobile IPv6", RFC 5213, August 2008. and B. Patil, "Proxy Mobile IPv6", RFC 5213, August 2008.
[RFC5447] Korhonen, J., Bournelle, J., Tschofenig, H., Perkins, C., [RFC5447] Korhonen, J., Bournelle, J., Tschofenig, H., Perkins, C.,
and K. Chowdhury, "Diameter Mobile IPv6: Support for and K. Chowdhury, "Diameter Mobile IPv6: Support for
Network Access Server to Diameter Server Interaction", Network Access Server to Diameter Server Interaction",
RFC 5447, February 2009. RFC 5447, February 2009.
12.2. Informative References 12.2. Informative References
[I-D.ietf-dime-mip6-split]
Korhonen, J., Tschofenig, H., Bournelle, J., Giaretta, G.,
and M. Nakhjiri, "Diameter Mobile IPv6: Support for Home
Agent to Diameter Server Interaction",
draft-ietf-dime-mip6-split-16 (work in progress),
December 2008.
[I-D.ietf-mext-binding-revocation] [I-D.ietf-mext-binding-revocation]
Muhanna, A., Khalil, M., Gundavelli, S., Chowdhury, K., Muhanna, A., Khalil, M., Gundavelli, S., Chowdhury, K.,
and P. Yegani, "Binding Revocation for IPv6 Mobility", and P. Yegani, "Binding Revocation for IPv6 Mobility",
draft-ietf-mext-binding-revocation-05 (work in progress), draft-ietf-mext-binding-revocation-10 (work in progress),
March 2009. August 2009.
[RFC2131] Droms, R., "Dynamic Host Configuration Protocol",
RFC 2131, March 1997.
[RFC3315] Droms, R., Bound, J., Volz, B., Lemon, T., Perkins, C.,
and M. Carney, "Dynamic Host Configuration Protocol for
IPv6 (DHCPv6)", RFC 3315, July 2003.
[RFC3748] Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., and H. [RFC3748] Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., and H.
Levkowetz, "Extensible Authentication Protocol (EAP)", Levkowetz, "Extensible Authentication Protocol (EAP)",
RFC 3748, June 2004. RFC 3748, June 2004.
[RFC3775] Johnson, D., Perkins, C., and J. Arkko, "Mobility Support [RFC3775] Johnson, D., Perkins, C., and J. Arkko, "Mobility Support
in IPv6", RFC 3775, June 2004. in IPv6", RFC 3775, June 2004.
[RFC4283] Patel, A., Leung, K., Khalil, M., Akhtar, H., and K. [RFC4283] Patel, A., Leung, K., Khalil, M., Akhtar, H., and K.
Chowdhury, "Mobile Node Identifier Option for Mobile IPv6 Chowdhury, "Mobile Node Identifier Option for Mobile IPv6
 End of changes. 39 change blocks. 
188 lines changed or deleted 184 lines changed or added

This html diff was produced by rfcdiff 1.35. The latest version is available from http://tools.ietf.org/tools/rfcdiff/