Internet Engineering Task Force (IETF) J. Korhonen
Request for Comments: 5777 H. Tschofenig
Category: Standards Track Nokia Siemens Networks
ISSN: 2070-1721 M. Arumaithurai
University of Goettingen
M. Jones, Ed.
A. Lior
Bridgewater Systems
February 2010
Internet Engineering Task Force (IETF) J. Korhonen
Request for Comments: 5777 H. Tschofenig
Category: Standards Track Nokia Siemens Networks
ISSN: 2070-1721 M. Arumaithurai
University of Goettingen
M. Jones, Ed.
A. Lior
Bridgewater Systems
February 2010
Traffic Classification and Quality of Service (QoS) Attributes for Diameter
Diameter的流量分类和服务质量(QoS)属性
Abstract
摘要
This document defines a number of Diameter attribute-value pairs (AVPs) for traffic classification with actions for filtering and Quality of Service (QoS) treatment. These AVPs can be used in existing and future Diameter applications where permitted by the Augmented Backus-Naur Form (ABNF) specification of the respective Diameter command extension policy.
本文档定义了用于流量分类的多个直径属性值对(AVP),以及用于过滤和服务质量(QoS)处理的操作。这些AVP可在现有和未来的Diameter应用中使用,前提是相应Diameter命令扩展策略的扩充Backus Naur表格(ABNF)规范允许。
Status of This Memo
关于下段备忘
This is an Internet Standards Track document.
这是一份互联网标准跟踪文件。
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741.
本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。有关互联网标准的更多信息,请参见RFC 5741第2节。
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc5777.
有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc5777.
Copyright Notice
版权公告
Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved.
版权所有(c)2010 IETF信托基金和确定为文件作者的人员。版权所有。
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must
本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从该文档中提取的代码组件必须
include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
包括信托法律条款第4.e节中所述的简化BSD许可证文本,且不提供简化BSD许可证中所述的担保。
This document may contain material from IETF Documents or IETF Contributions published or made publicly available before November 10, 2008. The person(s) controlling the copyright in some of this material may not have granted the IETF Trust the right to allow modifications of such material outside the IETF Standards Process. Without obtaining an adequate license from the person(s) controlling the copyright in such materials, this document may not be modified outside the IETF Standards Process, and derivative works of it may not be created outside the IETF Standards Process, except to format it for publication as an RFC or to translate it into languages other than English.
本文件可能包含2008年11月10日之前发布或公开的IETF文件或IETF贡献中的材料。控制某些材料版权的人员可能未授予IETF信托允许在IETF标准流程之外修改此类材料的权利。在未从控制此类材料版权的人员处获得充分许可的情况下,不得在IETF标准流程之外修改本文件,也不得在IETF标准流程之外创建其衍生作品,除了将其格式化以RFC形式发布或将其翻译成英语以外的其他语言。
Table of Contents
目录
1. Introduction ....................................................3
2. Terminology .....................................................4
3. Rule Sets and Rules .............................................4
3.1. QoS-Resources AVP ..........................................5
3.2. Filter-Rule AVP ............................................5
3.3. Filter-Rule-Precedence AVP .................................6
4. Conditions ......................................................6
4.1. Traffic Classifiers ........................................6
4.1.1. Classifier AVP ......................................8
4.1.2. Classifier-ID AVP ...................................9
4.1.3. Protocol AVP ........................................9
4.1.4. Direction AVP .......................................9
4.1.5. From-Spec AVP .......................................9
4.1.6. To-Spec AVP ........................................10
4.1.7. Source and Destination AVPs ........................11
4.1.8. Header Option AVPs .................................15
4.2. Time Of Day AVPs ..........................................22
4.2.1. Time-Of-Day-Condition AVP ..........................22
4.2.2. Time-Of-Day-Start AVP ..............................23
4.2.3. Time-Of-Day-End AVP ................................23
4.2.4. Day-Of-Week-Mask AVP ...............................23
4.2.5. Day-Of-Month-Mask AVP ..............................24
4.2.6. Month-Of-Year-Mask AVP .............................24
4.2.7. Absolute-Start-Time AVP ............................25
4.2.8. Absolute-Start-Fractional-Seconds AVP ..............25
4.2.9. Absolute-End-Time AVP ..............................25
4.2.10. Absolute-End-Fractional-Seconds AVP ...............25
4.2.11. Timezone-Flag AVP .................................25
4.2.12. Timezone-Offset AVP ...............................26
5. Actions ........................................................26
1. Introduction ....................................................3
2. Terminology .....................................................4
3. Rule Sets and Rules .............................................4
3.1. QoS-Resources AVP ..........................................5
3.2. Filter-Rule AVP ............................................5
3.3. Filter-Rule-Precedence AVP .................................6
4. Conditions ......................................................6
4.1. Traffic Classifiers ........................................6
4.1.1. Classifier AVP ......................................8
4.1.2. Classifier-ID AVP ...................................9
4.1.3. Protocol AVP ........................................9
4.1.4. Direction AVP .......................................9
4.1.5. From-Spec AVP .......................................9
4.1.6. To-Spec AVP ........................................10
4.1.7. Source and Destination AVPs ........................11
4.1.8. Header Option AVPs .................................15
4.2. Time Of Day AVPs ..........................................22
4.2.1. Time-Of-Day-Condition AVP ..........................22
4.2.2. Time-Of-Day-Start AVP ..............................23
4.2.3. Time-Of-Day-End AVP ................................23
4.2.4. Day-Of-Week-Mask AVP ...............................23
4.2.5. Day-Of-Month-Mask AVP ..............................24
4.2.6. Month-Of-Year-Mask AVP .............................24
4.2.7. Absolute-Start-Time AVP ............................25
4.2.8. Absolute-Start-Fractional-Seconds AVP ..............25
4.2.9. Absolute-End-Time AVP ..............................25
4.2.10. Absolute-End-Fractional-Seconds AVP ...............25
4.2.11. Timezone-Flag AVP .................................25
4.2.12. Timezone-Offset AVP ...............................26
5. Actions ........................................................26
5.1. Treatment-Action AVP ......................................26
5.2. QoS-Profile-Id AVP ........................................27
5.3. QoS-Profile-Template AVP ..................................27
5.4. QoS-Semantics .............................................28
5.5. QoS-Parameters AVP ........................................29
5.6. Excess-Treatment AVP ......................................29
6. QoS Capability Indication ......................................29
7. Examples .......................................................30
7.1. Diameter EAP with QoS Information .........................30
7.2. Diameter NASREQ with QoS Information ......................32
7.3. QoS Authorization .........................................33
7.4. Diameter Server Initiated Re-Authorization of QoS .........33
7.5. Diameter Credit Control (CC) with QoS Information .........34
7.6. Classifier Examples .......................................35
7.7. QoS Parameter Examples ....................................37
8. Acknowledgments ................................................37
9. Contributors ...................................................37
10. IANA Considerations ...........................................38
10.1. AVP Codes ................................................38
10.2. QoS-Semantics IANA Registry ..............................39
10.3. Action ...................................................40
11. Security Considerations .......................................40
12. References ....................................................40
12.1. Normative References .....................................40
12.2. Informative References ...................................41
Appendix A. MAC and EUI64 Address Mask Usage Considerations ......42
5.1. Treatment-Action AVP ......................................26
5.2. QoS-Profile-Id AVP ........................................27
5.3. QoS-Profile-Template AVP ..................................27
5.4. QoS-Semantics .............................................28
5.5. QoS-Parameters AVP ........................................29
5.6. Excess-Treatment AVP ......................................29
6. QoS Capability Indication ......................................29
7. Examples .......................................................30
7.1. Diameter EAP with QoS Information .........................30
7.2. Diameter NASREQ with QoS Information ......................32
7.3. QoS Authorization .........................................33
7.4. Diameter Server Initiated Re-Authorization of QoS .........33
7.5. Diameter Credit Control (CC) with QoS Information .........34
7.6. Classifier Examples .......................................35
7.7. QoS Parameter Examples ....................................37
8. Acknowledgments ................................................37
9. Contributors ...................................................37
10. IANA Considerations ...........................................38
10.1. AVP Codes ................................................38
10.2. QoS-Semantics IANA Registry ..............................39
10.3. Action ...................................................40
11. Security Considerations .......................................40
12. References ....................................................40
12.1. Normative References .....................................40
12.2. Informative References ...................................41
Appendix A. MAC and EUI64 Address Mask Usage Considerations ......42
This document defines a number of Diameter attribute-value pairs (AVPs) for traffic classification with actions for filtering and Quality of Service (QoS) treatment. These AVPs can be used in existing and future Diameter applications where permitted by the Augmented Backus-Naur Form (ABNF) specification of the respective Diameter command extension policy.
本文档定义了用于流量分类的多个直径属性值对(AVP),以及用于过滤和服务质量(QoS)处理的操作。这些AVP可在现有和未来的Diameter应用中使用,前提是相应Diameter命令扩展策略的扩充Backus Naur表格(ABNF)规范允许。
The work on Quality of Service treatment and filtering via Diameter dates back to the base protocol described in RFC 3588 [RFC3588]. The filtering and QoS functionality was provided by the IPFilterRule AVP and the QoSFilterRule AVP. Both AVPs relied on syntax based on the FreeBSD ipfw tool for traffic classification. The functionality of the QoSFilterRule AVP was underspecified in RFC 3588 [RFC3588] and was later updated by RFC 4005 [RFC4005].
通过Diameter进行服务质量处理和过滤的工作可以追溯到RFC 3588[RFC3588]中描述的基本协议。过滤和QoS功能由IPFilterRule AVP和QoSFilterRule AVP提供。两个AVP都依赖基于FreeBSD ipfw工具的语法进行流量分类。QoSFilterRule AVP的功能在RFC 3588[RFC3588]中未作详细说明,随后由RFC 4005[RFC4005]进行更新。
As part of the work on updating RFC 3588, the functionality of the IPFilterRule and the QoSFilterRule was revised by the functionality offered by this document with the goals of a uniform and extensible traffic classification mechanism in a native Diameter syntax (instead
作为更新RFC 3588工作的一部分,IPFilterRule和QoSFilterRule的功能根据本文档提供的功能进行了修订,目的是以本机Diameter语法(而不是
of the free text previously used). Additionally, an extensible set of actions is provided that offers the ability for filtering and for QoS treatment, whereby the QoS functionality was extended to meet the needs of today's networking environments.
以前使用的自由文本的)。此外,还提供了一组可扩展的操作,提供了过滤和QoS处理的能力,从而扩展了QoS功能以满足当今网络环境的需要。
The QoS-Resources AVP represents a complete rule set with each rule represented by a Filter-Rule AVP. Each rule consists of information for handling conflict resolution, a conditions part and the corresponding actions to be performed if the conditions are satisfied. The AVPs responsible for expressing a condition are defined in Section 4. The capability to match all or a subset of the data traffic is provided. This includes the ability to match on Ethernet specific attributes, which was not possible with the QoS-Filter-Rule AVP. Service differentiation may be based on Ethernet priority bits, a single layer of VLAN-IDs or stacked VLAN-IDs, Logical Link Control (LLC) attributes, MAC addresses, or any combination thereof. The header fields used for Ethernet classification are defined in the IEEE802 series of specifications: [IEEE802.2], [IEEE802.1ad], [IEEE802.1Q], and [IEEE802.1D]. Additionally, time-based conditions can be expressed based on the functionality offered by the attributes in Section 4.2.
QoS资源AVP表示一个完整的规则集,每个规则由过滤规则AVP表示。每个规则包括处理冲突解决的信息、条件部分以及满足条件时要执行的相应操作。第4节定义了负责表示条件的AVP。提供了匹配所有或部分数据流量的功能。这包括能够匹配特定于以太网的属性,这在QoS过滤规则AVP中是不可能的。服务区分可以基于以太网优先级位、单层VLAN ID或堆叠VLAN ID、逻辑链路控制(LLC)属性、MAC地址或其任何组合。用于以太网分类的头字段在IEEE802系列规范[IEEE802.2]、[IEEE802.1ad]、[IEEE802.1Q]和[IEEE802.1D]中定义。此外,基于时间的条件可以根据第4.2节中属性提供的功能来表示。
The action part of a rule contains the type of traffic treatment and further description regarding QoS-related actions.
规则的操作部分包含流量处理的类型以及有关QoS相关操作的进一步描述。
The QoS policy rules are defined as Diameter encoded attribute-value pairs (AVPs) described using a modified version of the Augmented Backus-Naur Form (ABNF) (see [RFC3588]). The AVP datatypes are also taken from [RFC3588].
QoS策略规则定义为直径编码的属性值对(AVP),使用改进版的增强巴科斯-诺尔表(ABNF)进行描述(参见[RFC3588])。AVP数据类型也取自[RFC3588]。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119].
本文件中的关键词“必须”、“不得”、“要求”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照RFC 2119[RFC2119]中所述进行解释。
As mentioned in the introduction, the top-level element is the QoS-Resources AVP that encapsulates one or more Filter-Rule AVPs.
如引言中所述,顶层元素是封装一个或多个过滤规则AVP的QoS资源AVP。
The QoS-Resources AVP (AVP Code 508) is of type Grouped and contains a list of filter policy rules.
QoS资源AVP(AVP代码508)是分组的类型,并且包含过滤器策略规则的列表。
QoS-Resources ::= < AVP Header: 508 >
1*{ Filter-Rule }
* [ AVP ]
QoS-Resources ::= < AVP Header: 508 >
1*{ Filter-Rule }
* [ AVP ]
The Filter-Rule AVP (AVP Code 509) is of type Grouped and defines a specific condition and action combination.
过滤规则AVP(AVP代码509)属于分组类型,并定义特定条件和动作组合。
Filter-Rule ::= < AVP Header: 509 >
[ Filter-Rule-Precedence ]
Filter-Rule ::= < AVP Header: 509 >
[ Filter-Rule-Precedence ]
; Condition part of a Rule
; ------------------------
; Condition part of a Rule
; ------------------------
[ Classifier ] * [ Time-Of-Day-Condition ]
[分类器]*[一天中的时间条件]
; Action and Meta-Data
; --------------------
; Action and Meta-Data
; --------------------
[ Treatment-Action ]
[治疗行动]
; Info about QoS related Actions
; ------------------------------
; Info about QoS related Actions
; ------------------------------
[ QoS-Semantics ]
[ QoS-Profile-Template ]
[ QoS-Parameters ]
[ Excess-Treatment ]
[ QoS-Semantics ]
[ QoS-Profile-Template ]
[ QoS-Parameters ]
[ Excess-Treatment ]
; Extension Point
; ---------------
* [ AVP ]
; Extension Point
; ---------------
* [ AVP ]
If the QoS-Profile-Template AVP is not included in the Filter-Rule AVP and the Treatment-Action AVP is set to 'shape' or 'mark' then the default setting is assumed, namely, a setting of the Vendor-Id AVP to 0 (for IETF) and the QoS-Profile-Id AVP to zero (0) (for the profile defined in [RFC5624]). Note that the content of the QoS-Parameters are defined in the respective specification defining the QoS parameters. When the Vendor-Id AVP is set to 0 (for IETF) and the
如果QoS配置文件模板AVP不包括在过滤规则AVP中,并且治疗动作AVP设置为“形状”或“标记”,则假定默认设置,即,将供应商Id AVP设置为0(对于IETF),将QoS配置文件Id AVP设置为零(0)(对于[RFC5624]中定义的配置文件)。注意,QoS参数的内容在定义QoS参数的相应规范中定义。当供应商Id AVP设置为0(对于IETF)且
QoS-Profile-Id AVP is set to zero (0), then the AVPs included in the QoS-Parameters AVP are the AVPs defined in [RFC5624].
QoS配置文件Id AVP设置为零(0),则QoS参数AVP中包含的AVP为[RFC5624]中定义的AVP。
The Filter-Rule-Precedence AVP (AVP Code 510) is of type Unsigned32 and specifies the execution order of the rules expressed in the QoS-Resources AVP. The lower the numerical value of Filter-Rule-Precedence AVP, the higher the rule precedence. Rules with equal precedence MAY be executed in parallel if supported by the Resource Management Function. If the Filter-Rule-Precedence AVP is absent from the Filter-Rule AVP, the rules SHOULD be executed in the order in which they appear in the QoS-Resources AVP.
过滤规则优先级AVP(AVP代码510)的类型为Unsigned32,并指定在QoS资源AVP中表示的规则的执行顺序。过滤规则优先级AVP的数值越低,规则优先级越高。如果资源管理功能支持,具有同等优先级的规则可以并行执行。如果过滤规则AVP中没有过滤规则优先级AVP,则应按照规则在QoS资源AVP中出现的顺序执行这些规则。
This section describes the condition part of a rule. Two condition types are introduced by this document: packet classification conditions represented by the Classifier AVP and time of day conditions represented by the Time-Of-Day-Condition AVP.
本节介绍规则的条件部分。本文介绍了两种条件类型:由分类器AVP表示的分组分类条件和由时间条件AVP表示的时间条件。
If more than one instance of the Time-Of-Day-Condition AVP is present in the Filter-Rule AVP, the current time at rule evaluation MUST be within at least one of the time windows specified in one of the Time-Of-Day-Condition AVPs.
如果过滤规则AVP中存在一个以上的时间条件AVP实例,则规则评估的当前时间必须至少在一个时间条件AVP中指定的一个时间窗口内。
When the Time-Of-Day-Condition AVP and Classifier AVP are present in the same Filter-Rule AVP, both the time of day and packet classification conditions MUST match for the traffic treatment action to be applied.
当时间条件AVP和分类器AVP存在于同一过滤规则AVP中时,时间和分组分类条件必须匹配以应用流量处理动作。
Classifiers are used in many applications to specify how to select a subset of data packets for subsequent treatment as indicated in the action part of a rule. For example, in a QoS application, if a packet matches a classifier then that packet will be treated in accordance with a QoS specification associated with that classifier. Figure 1 shows a typical deployment.
在许多应用程序中,分类器用于指定如何选择数据包的子集进行后续处理,如规则的操作部分所示。例如,在QoS应用中,如果分组与分类器匹配,则将根据与该分类器相关联的QoS规范来处理该分组。图1显示了一个典型的部署。
+-----------+
+-----------+|
+--------+ +-------------+ +------------+||
| | IN | | | |||
| +--------->| +------------->| |||
|Managed | | Classifying | | Unmanaged |||
|Terminal| OUT | Entity | | Terminal |||
| |<---------+ |<-------------+ ||+
| | | | | |+
+--------+ +-------------+ +------------+
^
| Classifiers
|
+------+------+
| |
| AAA |
| |
+-------------+
+-----------+
+-----------+|
+--------+ +-------------+ +------------+||
| | IN | | | |||
| +--------->| +------------->| |||
|Managed | | Classifying | | Unmanaged |||
|Terminal| OUT | Entity | | Terminal |||
| |<---------+ |<-------------+ ||+
| | | | | |+
+--------+ +-------------+ +------------+
^
| Classifiers
|
+------+------+
| |
| AAA |
| |
+-------------+
Figure 1: Example of a Classifier Architecture
图1:分类器架构的示例
The managed terminal, the terminal for which the classifiers are being specified, is located on the left of the Classifying Entity. The unmanaged terminals, the terminals that receive packets from the managed terminal or send packets to the managed terminal, are located to the right side of the Classifying Entity.
被管理终端(为其指定分类器的终端)位于分类实体的左侧。非托管终端(从托管终端接收数据包或向托管终端发送数据包的终端)位于分类实体的右侧。
The Classifying Entity is responsible for classifying packets that are incoming (IN) from the managed terminal or packets outgoing (OUT) to the managed terminal.
分类实体负责对从受管终端传入(IN)或从受管终端传出(OUT)的数据包进行分类。
A classifier consists of a group of attributes that specify how to match a packet. Each set of attributes expresses values about aspects of the packet -- typically the packet header. Different protocols therefore would use different attributes.
分类器由一组属性组成,这些属性指定如何匹配数据包。每一组属性都表示有关数据包方面的值——通常是数据包头。因此,不同的协议将使用不同的属性。
In general, a classifier consists of the following:
通常,分类器由以下部分组成:
Identifier:
标识符:
The identifier uniquely identifies this classifier and may be used to reference the classifier from another structure.
标识符唯一地标识该分类器,并可用于从另一结构引用该分类器。
From:
发件人:
Specifies the rule for matching the protocol-specific source address(es) part of the packet.
指定用于匹配数据包的协议特定源地址部分的规则。
To:
致:
Specifies the rule for matching the protocol-specific destination address(es) part of the packet.
指定用于匹配数据包的协议特定目标地址部分的规则。
Protocol:
协议:
Specifies the matching protocol of the packet.
指定数据包的匹配协议。
Direction:
方向:
Specifies whether the classifier is to apply to packets flowing from the managed terminal (IN) or to packets flowing to the managed terminal (OUT) or to packets flowing in both directions.
指定分类器是应用于从受管终端(IN)流向受管终端(OUT)的数据包,还是应用于从受管终端(OUT)流向两个方向的数据包。
Options:
选项:
Attributes or properties associated with each protocol or layer, or various values specific to the header of the protocol or layer. Options allow matching on those values.
与每个协议或层关联的属性或属性,或特定于协议或层头的各种值。选项允许匹配这些值。
Each protocol type will have a specific set of attributes that can be used to specify a classifier for that protocol. These attributes will be grouped under a grouped AVP called a Classifier AVP.
每个协议类型都有一组特定的属性,可用于指定该协议的分类器。这些属性将分组在称为分类器AVP的分组AVP下。
The Classifier AVP (AVP Code 511) is a grouped AVP that consists of a set of attributes that specify how to match a packet.
分类器AVP(AVP代码511)是分组的AVP,其包括指定如何匹配分组的一组属性。
Classifier ::= < AVP Header: 511 >
{ Classifier-ID }
[ Protocol ]
[ Direction ]
* [ From-Spec ]
* [ To-Spec ]
* [ Diffserv-Code-Point ]
[ Fragmentation-Flag ]
* [ IP-Option ]
* [ TCP-Option ]
[ TCP-Flags ]
* [ ICMP-Type ]
* [ ETH-Option ]
* [ AVP ]
Classifier ::= < AVP Header: 511 >
{ Classifier-ID }
[ Protocol ]
[ Direction ]
* [ From-Spec ]
* [ To-Spec ]
* [ Diffserv-Code-Point ]
[ Fragmentation-Flag ]
* [ IP-Option ]
* [ TCP-Option ]
[ TCP-Flags ]
* [ ICMP-Type ]
* [ ETH-Option ]
* [ AVP ]
The Classifier-ID AVP (AVP Code 512) is of type OctetString and uniquely identifies the classifier. Each application will define the uniqueness scope of this identifier, e.g., unique per terminal or globally unique. Exactly one Classifier-ID AVP MUST be contained within a Classifier AVP.
分类器ID AVP(AVP代码512)是OctetString类型,并且唯一地标识分类器。每个应用程序将定义此标识符的唯一性范围,例如,每个终端唯一或全局唯一。一个分类器AVP中必须包含一个分类器ID AVP。
The Protocol AVP (AVP Code 513) is of type Enumerated and specifies the protocol being matched. The attributes included in the Classifier AVP MUST be consistent with the value of the Protocol AVP. Exactly zero or one Protocol AVP may be contained within a Classifier AVP. If the Protocol AVP is omitted from the classifier, then comparison of the protocol of the packet is irrelevant. The values for this AVP are managed by IANA under the Protocol Numbers registry as defined in [RFC2780].
协议AVP(AVP代码513)是枚举的类型,并指定要匹配的协议。分类器AVP中包含的属性必须与协议AVP的值一致。分类器AVP中可以包含恰好零个或一个协议AVP。如果从分类器中省略协议AVP,则分组的协议的比较是无关的。此AVP的值由IANA根据[RFC2780]中定义的协议编号注册表进行管理。
The Direction AVP (AVP Code 514) is of type Enumerated and specifies in which direction to apply the classifier. The values of the enumeration are "IN","OUT","BOTH". In the "IN" and "BOTH" directions, the From-Spec refers to the address of the managed terminal and the To-Spec refers to the unmanaged terminal. In the "OUT" direction, the From-Spec refers to the unmanaged terminal whereas the To-Spec refers to the managed terminal. If the Direction AVP is omitted, the classifier matches packets flowing in both directions.
方向AVP(AVP代码514)是枚举的类型,并指定应用分类器的方向。枚举的值为“IN”、“OUT”、“BOTH”。在“In”和“TWEET”方向中,From规范指的是托管终端的地址,to规范指的是非托管终端。在“OUT”方向,From规范指的是非托管终端,而to规范指的是托管终端。如果省略方向AVP,则分类器匹配在两个方向上流动的分组。
Value | Name and Semantic
------+--------------------------------------------------
0 | IN - The classifier applies to flows from the
| managed terminal.
1 | OUT - The classifier applies to flows to the
| managed terminal.
2 | BOTH - The classifier applies to flows both to
| and from the managed terminal.
Value | Name and Semantic
------+--------------------------------------------------
0 | IN - The classifier applies to flows from the
| managed terminal.
1 | OUT - The classifier applies to flows to the
| managed terminal.
2 | BOTH - The classifier applies to flows both to
| and from the managed terminal.
The From-Spec AVP (AVP Code 515) is a grouped AVP that specifies the Source Specification used to match the packet. Zero or more of these AVPs may appear in the classifier. If this AVP is absent from the classifier, then all packets are matched regardless of the source
From Spec AVP(AVP代码515)是分组的AVP,指定用于匹配数据包的源规范。分类器中可能出现零个或多个AVP。如果该AVP不在分类器中,则所有数据包都将匹配,而与源无关
address. If more than one instance of this AVP appears in the classifier, then the source of the packet can match any From-Spec AVP. The contents of this AVP are protocol specific.
住址如果分类器中出现该AVP的多个实例,则数据包的源可以与Spec AVP中的任何一个匹配。本AVP的内容是特定于协议的。
If one instance (or multiple instances) of the IP address AVP (IP-Address, IP-Address-Range, IP-Address-Mask, Use-Assigned-Address) appears in the From-Spec AVP, then the source IP address of the packet MUST match one of the addresses represented by these AVPs.
如果IP地址AVP(IP地址、IP地址范围、IP地址掩码、使用分配地址)的一个实例(或多个实例)出现在From Spec AVP中,则数据包的源IP地址必须与这些AVP表示的地址之一匹配。
If more than one instance of the layer 2 address AVPs (MAC-Address, MAC-Address-Mask, EUI64-Address, EUI64-Address-Mask) appears in the From-Spec, then the source layer 2 address of the packet MUST match one of the addresses represented in these AVPs.
如果From规范中出现多个第2层地址AVP实例(MAC地址、MAC地址掩码、EUI64地址、EUI64地址掩码),则数据包的源第2层地址必须与这些AVP中表示的地址之一匹配。
If more than one instance of the port AVPs (Port, Port-Range) appears in the From-Spec AVP, then the source port number MUST match one of the port numbers represented in these AVPs.
如果From Spec AVP中出现多个端口AVP实例(端口,端口范围),则源端口号必须与这些AVP中表示的一个端口号匹配。
If the IP address, MAC address, and port AVPs appear in the same From-Spec AVP, then the source packet MUST match all the specifications, i.e., match the IP address AND MAC address AND port number.
如果IP地址、MAC地址和端口AVP出现在Spec AVP中,则源数据包必须匹配所有规范,即匹配IP地址、MAC地址和端口号。
From-Spec ::= < AVP Header: 515 >
* [ IP-Address ]
* [ IP-Address-Range ]
* [ IP-Address-Mask ]
* [ MAC-Address ]
* [ MAC-Address-Mask]
* [ EUI64-Address ]
* [ EUI64-Address-Mask]
* [ Port ]
* [ Port-Range ]
[ Negated ]
[ Use-Assigned-Address ]
* [ AVP ]
From-Spec ::= < AVP Header: 515 >
* [ IP-Address ]
* [ IP-Address-Range ]
* [ IP-Address-Mask ]
* [ MAC-Address ]
* [ MAC-Address-Mask]
* [ EUI64-Address ]
* [ EUI64-Address-Mask]
* [ Port ]
* [ Port-Range ]
[ Negated ]
[ Use-Assigned-Address ]
* [ AVP ]
The To-Spec AVP (AVP Code 516) is a grouped AVP that specifies the Destination Specification used to match the packet. Zero or more of these AVPs may appear in the classifier. If this AVP is absent from the classifier, then all packets are matched regardless of the destination address. If more than one instance of this AVP appears in the classifier, then the destination of the packet can match any To-Spec AVP. The contents of this AVP are protocol specific.
To Spec AVP(AVP代码516)是分组的AVP,其指定用于匹配分组的目的地规范。分类器中可能出现零个或多个AVP。如果该AVP不在分类器中,则所有数据包都将被匹配,而与目标地址无关。如果分类器中出现该AVP的多个实例,则数据包的目的地可以与任何Spec AVP匹配。本AVP的内容是特定于协议的。
If one instance (or multiple instances) of the IP address AVP (IP-Address, IP-Address-Range, IP-Address-Mask, Use-Assigned-Address) appears in the To-Spec AVP, then the destination IP address of the packet MUST match one of the addresses represented by these AVPs.
如果To Spec AVP中出现IP地址AVP(IP地址、IP地址范围、IP地址掩码、使用分配地址)的一个实例(或多个实例),则数据包的目标IP地址必须与这些AVP表示的地址之一匹配。
If more than one instance of the layer 2 address AVPs (MAC-Address, MAC-Address-Mask, EUI64-Address, EUI64-Address-Mask) appears in the To-Spec, then the destination layer 2 address of the packet MUST match one of the addresses represented in these AVPs.
如果To规范中出现多个第2层地址AVP实例(MAC地址、MAC地址掩码、EUI64地址、EUI64地址掩码),则数据包的目标第2层地址必须与这些AVP中表示的地址之一匹配。
If more than one instance of the port AVPs (Port, Port-Range) appears in the To-Spec AVP, then the destination port number MUST match one of the port numbers represented in these AVPs.
如果To Spec AVP中出现多个端口AVP实例(端口、端口范围),则目标端口号必须与这些AVP中表示的一个端口号匹配。
If the IP address, MAC address, and port AVPs appear in the same To-Spec AVP, then the destination packet MUST match all the specifications, i.e., match the IP address AND MAC address AND port number.
如果IP地址、MAC地址和端口AVP出现在同一个To Spec AVP中,则目标数据包必须匹配所有规范,即匹配IP地址、MAC地址和端口号。
To-Spec ::= < AVP Header: 516 >
* [ IP-Address ]
* [ IP-Address-Range ]
* [ IP-Address-Mask ]
* [ MAC-Address ]
* [ MAC-Address-Mask]
* [ EUI64-Address ]
* [ EUI64-Address-Mask]
* [ Port ]
* [ Port-Range ]
[ Negated ]
[ Use-Assigned-Address ]
* [ AVP ]
To-Spec ::= < AVP Header: 516 >
* [ IP-Address ]
* [ IP-Address-Range ]
* [ IP-Address-Mask ]
* [ MAC-Address ]
* [ MAC-Address-Mask]
* [ EUI64-Address ]
* [ EUI64-Address-Mask]
* [ Port ]
* [ Port-Range ]
[ Negated ]
[ Use-Assigned-Address ]
* [ AVP ]
For packet classification, the contents of the From-Spec and To-Spec can contain the AVPs listed in the subsections below.
对于数据包分类,From Spec和To Spec的内容可以包含以下小节中列出的AVP。
The Negated AVP (AVP Code 517) is of type Enumerated containing the values of True or False. Exactly zero or one of these AVPs may appear in the From-Spec or To-Spec AVP.
被求反的AVP(AVP代码517)是包含真或假值的枚举类型。From Spec或To Spec AVP中可能会出现零个或一个AVP。
When set to True, the meaning of the match is inverted and the classifier will match addresses other than those specified by the From-Spec or To-Spec AVP. When set to False, or when the Negated AVP is not present, the classifier will match the addresses specified by the From-Spec or To-Spec AVP.
当设置为True时,匹配的含义将颠倒,分类器将匹配除From Spec或to Spec AVP指定的地址之外的其他地址。当设置为False时,或者当否定的AVP不存在时,分类器将匹配From Spec或to Spec AVP指定的地址。
Note that the negation does not impact the port comparisons.
请注意,否定不会影响端口比较。
Value | Name
------+--------
0 | False
1 | True
Value | Name
------+--------
0 | False
1 | True
The IP-Address AVP (AVP Code 518) is of type Address and specifies a single IP address (IPv4 or IPv6) to match.
IP地址AVP(AVP代码518)属于Address类型,并指定要匹配的单个IP地址(IPv4或IPv6)。
The IP-Address-Range AVP (AVP Code 519) is of type Grouped and specifies an inclusive IP address range.
IP地址范围AVP(AVP代码519)属于分组类型,并指定包含的IP地址范围。
IP-Address-Range ::= < AVP Header: 519 >
[ IP-Address-Start ]
[ IP-Address-End ]
* [ AVP ]
IP-Address-Range ::= < AVP Header: 519 >
[ IP-Address-Start ]
[ IP-Address-End ]
* [ AVP ]
If the IP-Address-Start AVP is not included, then the address range starts from the first valid IP address up to and including the specified IP-Address-End address.
如果不包括IP地址Start AVP,则地址范围从第一个有效IP地址开始,直到并包括指定的IP地址End地址。
If the IP-Address-End AVP is not included, then the address range starts at the address specified by the IP-Address-Start AVP and includes all the remaining valid IP addresses.
如果不包括IP地址End AVP,则地址范围从IP地址Start AVP指定的地址开始,并包括所有剩余的有效IP地址。
For the IP-Address-Range AVP to be valid, the IP-Address-Start AVP MUST contain a value that is less than that of the IP-Address-End AVP.
要使IP地址范围AVP有效,IP地址开始AVP必须包含小于IP地址结束AVP的值。
The IP-Address-Start AVP (AVP Code 520) is of type Address and specifies the first IP address (IPv4 or IPv6) of an IP address range.
IP地址Start AVP(AVP代码520)属于地址类型,并指定IP地址范围的第一个IP地址(IPv4或IPv6)。
The IP-Address-End AVP (AVP Code 521) is of type Address and specifies the last IP address (IPv4 or IPv6) of an address range.
IP地址End AVP(AVP代码521)属于地址类型,并指定地址范围的最后一个IP地址(IPv4或IPv6)。
The IP-Address-Mask AVP (AVP Code 522) is of type Grouped and specifies an IP address range using a base IP address and the bit-width of the mask. For example, a range expressed as 192.0.2.0/24 will match all IP addresses from 192.0.2.0 up to and including 192.0.2.255. The bit-width MUST be valid for the type of IP address.
IP地址掩码AVP(AVP代码522)属于分组类型,并使用基本IP地址和掩码的位宽度指定IP地址范围。例如,表示为192.0.2.0/24的范围将匹配从192.0.2.0到192.0.2.255(包括192.0.2.255)的所有IP地址。位宽度必须对IP地址的类型有效。
IP-Address-Mask ::= < AVP Header: 522 >
{ IP-Address }
{ IP-Bit-Mask-Width }
* [ AVP ]
IP-Address-Mask ::= < AVP Header: 522 >
{ IP-Address }
{ IP-Bit-Mask-Width }
* [ AVP ]
The IP-Bit-Mask-Width AVP (AVP Code 523) is of type Unsigned32. The value specifies the width of an IP address bit mask.
IP位掩码宽度AVP(AVP代码523)的类型为Unsigned32。该值指定IP地址位掩码的宽度。
The MAC-Address AVP (AVP Code 524) is of type OctetString and specifies a single layer 2 address in MAC-48 format. The value is a 6-octet encoding of the address as it would appear in the frame header.
MAC地址AVP(AVP代码524)为OctetString类型,并以MAC-48格式指定单个第2层地址。该值是地址的6位八位组编码,它将出现在帧头中。
The MAC-Address-Mask AVP (AVP Code 525) is of type Grouped and specifies a set of MAC addresses using a bit mask to indicate the bits of the MAC addresses that must fit to the specified MAC address attribute. For example, a MAC-Address-Mask with the MAC-Address as 00-10-A4-23-00-00 and with a MAC-Address-Mask-Pattern of FF-FF-FF-FF-00-00 will match all MAC addresses from 00-10-A4-23-00-00 up to and including 00-10-A4-23-FF-FF.
MAC地址掩码AVP(AVP代码525)是分组的类型,并且使用位掩码来指定一组MAC地址,以指示必须适合指定MAC地址属性的MAC地址的位。例如,MAC地址为00-10-A4-23-00-00且MAC地址掩码模式为FF-FF-FF-FF-00-00的MAC地址掩码将匹配从00-10-A4-23-00-00到00-10-A4-23-FF-FF的所有MAC地址。
Appendix A describes the considerations that should be given to the use of MAC address masks in constructing classifiers.
附录A描述了在构造分类器时应考虑的MAC地址掩码的使用。
MAC-Address-Mask ::= < AVP Header: 525 >
{ MAC-Address }
{ MAC-Address-Mask-Pattern }
* [ AVP ]
MAC-Address-Mask ::= < AVP Header: 525 >
{ MAC-Address }
{ MAC-Address-Mask-Pattern }
* [ AVP ]
The MAC-Address-Mask-Pattern AVP (AVP Code 526) is of type OctetString. The value is 6 octets specifying the bit positions of a MAC address that are taken for matching.
MAC地址掩码模式AVP(AVP代码526)是OctetString类型。该值为6个八位字节,指定用于匹配的MAC地址的位位置。
The EUI64-Address AVP (AVP Code 527) is of type OctetString and specifies a single layer 2 address in EUI-64 format. The value is an 8-octet encoding of the address as it would appear in the frame header.
EUI64地址AVP(AVP代码527)为OctetString类型,并以EUI-64格式指定单个第2层地址。该值是地址的8位八位组编码,它将出现在帧头中。
The EUI64-Address-Mask AVP (AVP Code 528) is of type Grouped and specifies a set of EUI64 addresses using a bit mask to indicate the bits of the EUI64 addresses that must fit to the specified EUI64 address attribute. For example, a EUI64-Address-Mask with the EUI64- Address as 00-10-A4-FF-FE-23-00-00 and with a EUI64-Address-Mask-Pattern of FF-FF-FF-FF-FF-FF-00-00 will match all EUI64 addresses from 00-10-A4-FF-FE-23-00-00 up to and including 00-10-A4-FF-FE-23- FF-FF.
EUI64地址掩码AVP(AVP代码528)属于分组类型,并使用位掩码指定一组EUI64地址,以指示必须适合指定EUI64地址属性的EUI64地址位。例如,EUI64地址掩码(EUI64-地址为00-10-A4-FF-FE-23-00-00)和EUI64地址掩码图案为FF-FF-FF-FF-FF-00-00)将匹配从00-10-A4-FF-FE-23-00到00-10-A4-FF-FE-23-FF-FF的所有EUI64地址。
Appendix A describes the considerations that should be given to the use of EUI64 address masks in constructing classifiers.
附录A描述了在构造分类器时使用EUI64地址掩码时应注意的事项。
EUI64-Address-Mask ::= < AVP Header: 528 >
{ EUI64-Address }
{ EUI64-Address-Mask-Pattern }
* [ AVP ]
EUI64-Address-Mask ::= < AVP Header: 528 >
{ EUI64-Address }
{ EUI64-Address-Mask-Pattern }
* [ AVP ]
The EUI64-Address-Mask-Pattern AVP (AVP Code 529) is of type OctetString. The value is 8 octets specifying the bit positions of a EUI64 address that are taken for matching.
EUI64地址掩码模式AVP(AVP代码529)为八位字符串类型。该值为8个八位字节,指定匹配所采用的EUI64地址的位位置。
The Port AVP (AVP Code 530) is of type Integer32 in the range of 0 to 65535 and specifies port numbers to match. The type of port is indicated by the value of the Protocol AVP; i.e., if Protocol AVP value is 6 (TCP), then the Port AVP represents a TCP port.
端口AVP(AVP代码530)的类型为Integer32,范围为0到65535,并指定要匹配的端口号。端口类型由协议AVP的值指示;i、 例如,如果协议AVP值为6(TCP),则端口AVP表示TCP端口。
The Port-Range AVP (AVP Code 531) is of type Grouped and specifies an inclusive range of ports. The type of the ports is indicated by the value of the Protocol AVP; i.e., if Protocol AVP value is 6 (TCP), then the Port-Range AVP represents an inclusive range of TCP ports.
端口范围AVP(AVP代码531)属于分组类型,并指定包含的端口范围。端口类型由协议AVP的值指示;i、 例如,如果协议AVP值为6(TCP),则端口范围AVP表示TCP端口的包含范围。
Port-Range ::= < AVP Header: 531 >
[ Port-Start ]
[ Port-End ]
* [ AVP ]
Port-Range ::= < AVP Header: 531 >
[ Port-Start ]
[ Port-End ]
* [ AVP ]
If the Port-Start AVP is omitted, then port 0 is assumed. If the Port-End AVP is omitted, then port 65535 is assumed.
如果省略端口Start AVP,则假定端口0。如果省略端口端AVP,则假定端口65535。
The Port-Start AVP (AVP Code 532) is of type Integer32 and specifies the first port number of an IP port range.
端口起始AVP(AVP代码532)的类型为Integer32,并指定IP端口范围的第一个端口号。
The Port-End AVP (AVP Code 533) is of type Integer32 and specifies the last port number of an IP port range.
端口端AVP(AVP代码533)的类型为Integer32,并指定IP端口范围的最后一个端口号。
In some scenarios, the AAA does not know the IP address assigned to the managed terminal at the time that the classifier is sent to the Classifying Entity. The Use-Assigned-Address AVP (AVP Code 534) is of type Enumerated containing the values of True or False. When present and set to True, it represents the IP address assigned to the managed terminal.
在某些情况下,AAA不知道在分类器被发送到分类实体时分配给受管终端的IP地址。使用分配地址AVP(AVP代码534)是枚举的类型,包含真或假的值。当存在并设置为True时,它表示分配给受管终端的IP地址。
Value | Name
------+--------
0 | False
1 | True
Value | Name
------+--------
0 | False
1 | True
The Classifier AVP may contain one or more of the following AVPs to match on the various possible IP, TCP, or ICMP header options.
分类器AVP可以包含以下一个或多个AVP,以匹配各种可能的IP、TCP或ICMP报头选项。
The Diffserv-Code-Point AVP (AVP Code 535) is of type Enumerated and specifies the Differentiated Services Field Codepoints to match in the IP header. The values are managed by IANA under the Differentiated Services Field Codepoints registry as defined in [RFC2474].
Diffserv代码点AVP(AVP代码535)属于枚举类型,并指定要在IP报头中匹配的区分服务字段代码点。这些值由IANA在[RFC2474]中定义的差异化服务字段代码点注册表下管理。
The Fragmentation-Flag AVP (AVP Code 536) is of type Enumerated and specifies the packet fragmentation flags to match in the IP header.
分段标志AVP(AVP代码536)是枚举的类型,并指定要在IP报头中匹配的分组分段标志。
Value | Name and Semantic
------+------------------------------------------------------------
0 | Don't Fragment (DF)
1 | More Fragments (MF)
Value | Name and Semantic
------+------------------------------------------------------------
0 | Don't Fragment (DF)
1 | More Fragments (MF)
The IP-Option AVP (AVP Code 537) is of type Grouped and specifies an IP header option that must be matched.
IP选项AVP(AVP代码537)属于分组类型,并指定必须匹配的IP标头选项。
IP-Option ::= < AVP Header: 537 >
{ IP-Option-Type }
* [ IP-Option-Value ]
[ Negated ]
* [ AVP ]
IP-Option ::= < AVP Header: 537 >
{ IP-Option-Type }
* [ IP-Option-Value ]
[ Negated ]
* [ AVP ]
If one or more IP-Option-Value AVPs are present, one of the values MUST match the value in the IP header option. If the IP-Option-Value AVP is absent, the option type MUST be present in the IP header but the value is wild carded.
如果存在一个或多个IP选项值AVP,则其中一个值必须与IP标头选项中的值匹配。如果IP选项值AVP不存在,则选项类型必须存在于IP标头中,但该值为通配符。
The Negated AVP is used in conjunction with the IP-Option-Value AVPs to specify IP header options that do not match specific values. The Negated AVP is used without the IP-Option-Value AVP to specify IP headers that do not contain the option type.
求反的AVP与IP选项值AVPs一起使用,以指定与特定值不匹配的IP标头选项。被否定的AVP在没有IP选项值AVP的情况下用于指定不包含选项类型的IP头。
The IP-Option-Type AVP (AVP Code 538) is of type Enumerated and the values are managed by IANA under the IP Option Numbers registry as defined in [RFC2780].
IP选项类型AVP(AVP代码538)为枚举类型,值由IANA在[RFC2780]中定义的IP选项编号注册表下管理。
The IP-Option-Value AVP (AVP Code 539) is of type OctetString and contains the option value that must be matched.
IP选项值AVP(AVP代码539)为OctetString类型,包含必须匹配的选项值。
The TCP-Option AVP (AVP Code 540) is of type Grouped and specifies a TCP header option that must be matched.
TCP选项AVP(AVP代码540)属于分组类型,并指定必须匹配的TCP标头选项。
TCP-Option ::= < AVP Header: 540 >
{ TCP-Option-Type }
* [ TCP-Option-Value ]
[ Negated ]
* [ AVP ]
TCP-Option ::= < AVP Header: 540 >
{ TCP-Option-Type }
* [ TCP-Option-Value ]
[ Negated ]
* [ AVP ]
If one or more TCP-Option-Value AVPs are present, one of the values MUST match the value in the TCP header option. If the TCP-Option-Value AVP is absent, the option type MUST be present in the TCP header but the value is wild carded.
如果存在一个或多个TCP选项值AVP,则其中一个值必须与TCP标头选项中的值匹配。如果TCP选项值AVP不存在,则选项类型必须存在于TCP标头中,但该值为通配符。
The Negated AVP is used in conjunction that the TCP-Option-Value AVPs to specify TCP header options that do not match specific values. The Negated AVP is used without the TCP-Option-Value AVP to specify TCP headers that do not contain the option type.
否定的AVP与TCP选项值AVPs一起使用,以指定与特定值不匹配的TCP头选项。否定的AVP在没有TCP选项值AVP的情况下用于指定不包含选项类型的TCP头。
The TCP-Option-Type AVP (AVP Code 541) is of type Enumerated and the values are managed by IANA under the TCP Option Numbers registry as defined in [RFC2780].
TCP选项类型AVP(AVP代码541)为枚举类型,值由IANA在[RFC2780]中定义的TCP选项编号注册表下管理。
The TCP-Option-Value AVP (AVP Code 542) is of type OctetString and contains the option value that must be matched.
TCP选项值AVP(AVP代码542)为OctetString类型,包含必须匹配的选项值。
The TCP-Flags AVP (AVP Code 543) is of type Grouped and specifies a set of TCP control flags that must be matched.
TCP标志AVP(AVP代码543)属于分组类型,并指定一组必须匹配的TCP控制标志。
TCP-Flags ::= < AVP Header: 543 >
{ TCP-Flag-Type }
[ Negated ]
* [ AVP ]
TCP-Flags ::= < AVP Header: 543 >
{ TCP-Flag-Type }
[ Negated ]
* [ AVP ]
If the Negated AVP is not present or present but set to False, the TCP-Flag-Type AVP specifies which flags MUST be set. If the Negated AVP is set to True, the TCP-Flag-Type AVP specifies which flags MUST be cleared.
如果否定的AVP不存在或不存在,但设置为False,则TCP标志类型AVP指定必须设置的标志。如果否定的AVP设置为True,则TCP标志类型AVP指定必须清除哪些标志。
The TCP-Flag-Type AVP (AVP Code 544) is of type Unsigned32 and specifies the TCP control flag types that must be matched. The first 16 bits match the TCP header format defined in [RFC3168], and the subsequent 16 bits are unused. Within the first 16 bits, bits 0 to 3 are unused and bits 4 to 15 are managed by IANA under the TCP Header Flag registry as defined in [RFC3168].
TCP标志类型AVP(AVP代码544)的类型为Unsigned32,并指定必须匹配的TCP控制标志类型。前16位与[RFC3168]中定义的TCP头格式匹配,后续16位未使用。在前16位中,位0至3未使用,位4至15由IANA在[RFC3168]中定义的TCP头标志注册表下管理。
The ICMP-Type AVP (AVP Code 545) is of type Grouped and specifies an ICMP message type that must be matched.
ICMP类型AVP(AVP代码545)属于分组类型,并指定必须匹配的ICMP消息类型。
ICMP-Type ::= < AVP Header: 545 >
{ ICMP-Type-Number }
* [ ICMP-Code ]
[ Negated ]
* [ AVP ]
ICMP-Type ::= < AVP Header: 545 >
{ ICMP-Type-Number }
* [ ICMP-Code ]
[ Negated ]
* [ AVP ]
If the ICMP-Code AVP is present, the value MUST match that in the ICMP header. If the ICMP-Code AVP is absent, the ICMP type MUST be present in the ICMP header but the code is wild carded.
如果存在ICMP代码AVP,则该值必须与ICMP标头中的值匹配。如果ICMP代码AVP不存在,ICMP头中必须存在ICMP类型,但代码为通配符。
The Negated AVP is used in conjunction with the ICMP-Code AVPs to specify ICMP codes that do not match specific values. The Negated AVP is used without the ICMP-Code AVP to specify ICMP headers that do not contain the ICMP type. As such, the Negated AVP feature applies to ICMP-Code AVP if the ICMP-Code AVP is present. If the ICMP-Code AVP is absent, the Negated AVP feature applies to the ICMP-Type-Number.
求反的AVP与ICMP代码AVP一起使用,以指定与特定值不匹配的ICMP代码。被否定的AVP在没有ICMP代码AVP的情况下用于指定不包含ICMP类型的ICMP头。因此,如果存在ICMP代码AVP,则否定AVP功能适用于ICMP代码AVP。如果没有ICMP代码AVP,则否定的AVP功能适用于ICMP类型编号。
The ICMP-Type-Number AVP (AVP Code 546) is of type Enumerated and the values are managed by IANA under the ICMP Type Numbers registry as defined in [RFC2780].
ICMP类型号AVP(AVP代码546)为枚举类型,值由IANA在[RFC2780]中定义的ICMP类型号注册表下管理。
The ICMP-Code AVP (AVP Code 547) is of type Enumerated and the values are managed by IANA under the ICMP Type Numbers registry as defined in [RFC2780].
ICMP代码AVP(AVP代码547)为枚举类型,值由IANA在[RFC2780]中定义的ICMP类型编号注册表下管理。
The ETH-Option AVP (AVP Code 548) is of type Grouped and specifies Ethernet specific attributes.
ETH选项AVP(AVP代码548)属于分组类型,并指定以太网特定属性。
ETH-Option ::= < AVP Header: 548 >
{ ETH-Proto-Type }
* [ VLAN-ID-Range ]
* [ User-Priority-Range ]
* [ AVP ]
ETH-Option ::= < AVP Header: 548 >
{ ETH-Proto-Type }
* [ VLAN-ID-Range ]
* [ User-Priority-Range ]
* [ AVP ]
The Eth-Proto-Type AVP (AVP Code 549) is of type Grouped and specifies the encapsulated protocol type. ETH-Ether-Type and ETH-SAP are mutually exclusive.
Eth原型AVP(AVP代码549)属于分组类型,并指定封装的协议类型。ETH乙醚型和ETH-SAP是互斥的。
ETH-Proto-Type ::= < AVP Header: 549 >
* [ ETH-Ether-Type ]
* [ ETH-SAP ]
* [ AVP ]
ETH-Proto-Type ::= < AVP Header: 549 >
* [ ETH-Ether-Type ]
* [ ETH-SAP ]
* [ AVP ]
The ETH-Ether-Type AVP (AVP Code 550) is of type OctetString. The value is a double octet that contains the value of the Ethertype field in the packet to match. This AVP MAY be present in the case of Digital, Intel, and Xerox (DIX) or if the Subnetwork Access Protocol (SNAP) is present at 802.2, but the ETH-SAP AVP MUST NOT be present in this case.
ETH乙醚型AVP(AVP代码550)为OctetString型。该值是一个双八位字节,其中包含要匹配的数据包中Ethertype字段的值。此AVP可能出现在Digital、Intel和Xerox(DIX)或802.2中存在子网访问协议(SNAP)的情况下,但在这种情况下,ETH-SAP AVP不得出现。
The ETH-SAP AVP (AVP Code 551) is of type OctetString. The value is a double octet representing the 802.2 SAP as specified in [IEEE802.2]. The first octet contains the Destination Service Access Point (DSAP) and the second the Source Service Access Point (SSAP).
ETH-SAP AVP(AVP代码551)为OctetString类型。该值为双八位字节,表示[IEEE802.2]中指定的802.2 SAP。第一个八位组包含目标服务接入点(DSAP),第二个八位组包含源服务接入点(SSAP)。
The VLAN-ID-Range AVP (AVP Code 552) is of type Grouped and specifies the VLAN range to match. VLAN identities are specified either by a single VLAN-ID according to [IEEE802.1Q] or by a combination of Customer and Service VLAN-IDs according to [IEEE802.1ad].
VLAN ID范围AVP(AVP代码552)属于分组类型,并指定要匹配的VLAN范围。VLAN标识根据[IEEE802.1Q]由单个VLAN-ID指定,或根据[IEEE802.1ad]由客户和服务VLAN ID的组合指定。
The single VLAN-ID is represented by the C-VID-Start and C-VID-End AVPs, and the S-VID-Start and S-VID-End AVPs SHALL be omitted in this case. If the VLAN-ID-Range AVP is omitted from the classifier, then comparison of the VLAN identity of the packet is irrelevant.
单个VLAN-ID由C-VID-Start和C-VID-End AVP表示,在这种情况下,应省略S-VID-Start和S-VID-End AVP。如果从分类器中省略了VLAN ID Range AVP,则分组的VLAN标识的比较是不相关的。
VLAN-ID-Range ::= < AVP Header: 552 >
[ S-VID-Start ]
[ S-VID-End ]
[ C-VID-Start ]
[ C-VID-End ]
* [ AVP ]
VLAN-ID-Range ::= < AVP Header: 552 >
[ S-VID-Start ]
[ S-VID-End ]
[ C-VID-Start ]
[ C-VID-End ]
* [ AVP ]
The following is the list of possible combinations of the S-VID-Start and S-VID-End AVPs and their inference:
以下是S-VID-Start和S-VID-End AVP的可能组合及其推论列表:
o If S-VID-Start AVP is present but the S-VID-End AVP is absent, the S-VID-Start AVP value MUST equal the value of the IEEE 802.1ad S-VID bits specified in [IEEE802.1ad] for a successful match.
o 如果存在S-VID-Start AVP,但不存在S-VID-End AVP,则S-VID-Start AVP值必须等于[IEEE802.1ad]中指定的IEEE 802.1ad S-VID位的值才能成功匹配。
o If S-VID-Start AVP is absent but the S-VID-End AVP is present, the S-VID-End AVP value MUST equal the value of the IEEE 802.1ad S-VID bits for a successful match.
o 如果不存在S-VID-Start AVP,但存在S-VID-End AVP,则S-VID-End AVP值必须等于IEEE 802.1ad S-VID位的值才能成功匹配。
o If both S-VID-Start and S-VID-End AVPs are present and their values are equal, the S-VID-Start AVP value MUST equal the value of the IEEE 802.1ad S-VID bits for a successful match.
o 如果S-VID-Start和S-VID-End AVP都存在且其值相等,则S-VID-Start AVP值必须等于IEEE 802.1ad S-VID位的值,才能成功匹配。
o If both S-VID-Start and S-VID-End AVPs are present and the value of S-VID-End AVP is greater than the value of the S-VID-Start AVP, the value of the IEEE 802.1ad S-VID bits MUST be greater than or equal to the S-VID-Start AVP value and less than or equal to the S-VID-End AVP value for a successful match. If the S-VID-Start and S-VID-End AVPs are specified, then Ethernet packets without IEEE 802.1ad encapsulation MUST NOT match this classifier.
o 如果S-VID-Start和S-VID-End AVP都存在,并且S-VID-End AVP的值大于S-VID-Start AVP的值,则IEEE 802.1ad S-VID位的值必须大于或等于S-VID-Start AVP值,并且小于或等于S-VID-End AVP值,以便成功匹配。如果指定了S-VID-Start和S-VID-End AVP,则没有IEEE 802.1ad封装的以太网数据包不得与此分类器匹配。
o If the S-VID-Start and S-VID-End AVPs are omitted, then existence of IEEE802.1ad encapsulation or comparison of the IEEE 802.1ad S-VID bits is irrelevant for this classifier.
o 如果省略S-VID-Start和S-VID-End avp,则IEEE802.1ad封装的存在或IEEE802.1ad S-VID比特的比较与该分类器无关。
The following is the list of possible combinations of the C-VID-Start and C-VID-End AVPs and their inference:
以下是C-VID-Start和C-VID-End AVP的可能组合及其推论列表:
o If C-VID-Start AVP is present but the C-VID-End AVP is absent, the C-VID-Start AVP value MUST equal the value of the IEEE 802.1ad C-VID bits specified in [IEEE802.1ad] or the IEEE 802.1Q VLAN-ID bits specified in [IEEE802.1Q] for a successful match.
o 如果存在C-VID-Start AVP,但不存在C-VID-End AVP,则C-VID-Start AVP值必须等于[IEEE802.1ad]中指定的IEEE 802.1ad C-VID位的值或[IEEE802.1Q]中指定的IEEE 802.1Q VLAN-ID位的值,才能成功匹配。
o If C-VID-Start AVP is absent but the C-VID-End AVP is present, the C-VID-End AVP value MUST equal the value of the IEEE 802.1ad C-VID bits or the IEEE 802.1Q VLAN-ID bits for a successful match.
o 如果不存在C-VID-Start AVP,但存在C-VID-End AVP,则C-VID-End AVP值必须等于IEEE 802.1ad C-VID位或IEEE 802.1Q VLAN-ID位的值,才能成功匹配。
o If both C-VID-Start and C-VID-End AVPs are present and their values are equal, the C-VID-Start AVP value MUST equal the value of the IEEE 802.1ad C-VID bits or the IEEE 802.1Q VLAN-ID bits for a successful match.
o 如果C-VID-Start和C-VID-End AVP均存在且其值相等,则C-VID-Start AVP值必须等于IEEE 802.1ad C-VID位或IEEE 802.1Q VLAN-ID位的值,才能成功匹配。
o If both C-VID-Start and C-VID-End AVPs are present and the value of C-VID-End AVP is greater than the value of the C-VID-Start AVP, the value of the IEEE 802.1ad C-VID bits or the IEEE 802.1Q VLAN-ID bits MUST be greater than or equal to the C-VID-Start AVP value and less than or equal to the C-VID-End AVP value for a successful match. If the C-VID-Start and C-VID-End AVPs are specified, then Ethernet packets without IEEE 802.1ad or IEEE 802.1Q encapsulation MUST NOT match this classifier.
o 如果同时存在C-VID-Start和C-VID-End AVP,且C-VID-End AVP的值大于C-VID-Start AVP的值,则IEEE 802.1ad C-VID位或IEEE 802.1Q VLAN-ID位的值必须大于或等于C-VID-Start AVP值,且小于或等于C-VID-End AVP值,以便成功匹配。如果指定了C-VID-Start和C-VID-End AVP,则没有IEEE 802.1ad或IEEE 802.1Q封装的以太网数据包不得与此分类器匹配。
o If the C-VID-Start and C-VID-End AVPs are omitted, the comparison of the IEEE 802.1ad C-VID bits or IEEE 802.1Q VLAN-ID bits for this classifier is irrelevant.
o 如果省略了C-VID-Start和C-VID-End avp,则该分类器的IEEE 802.1ad C-VID位或IEEE 802.1Q VLAN-ID位的比较是无关的。
The S-VID-Start AVP (AVP Code 553) is of type Unsigned32. The value MUST be in the range from 0 to 4095. The value of this AVP specifies the start value of the range of S-VID VLAN-IDs to be matched.
S-VID-Start AVP(AVP代码553)的类型为Unsigned32。该值必须在0到4095之间。此AVP的值指定要匹配的S-VID VLAN ID范围的起始值。
The S-VID-End AVP (AVP Code 554) is of type Unsigned32. The value MUST be in the range from 0 to 4095. The value of this AVP specifies the end value of the range of S-VID VLAN-IDs to be matched.
S-VID-End AVP(AVP代码554)的类型为Unsigned32。该值必须在0到4095之间。此AVP的值指定要匹配的S-VID VLAN ID范围的结束值。
The C-VID-Start AVP (AVP Code 555) is of type Unsigned32. The value MUST be in the range from 0 to 4095. The value of this AVP specifies the start value of the range of C-VID VLAN-IDs to be matched.
C-VID-Start AVP(AVP代码555)的类型为Unsigned32。该值必须在0到4095之间。此AVP的值指定要匹配的C-VID VLAN ID范围的起始值。
The C-VID-End AVP (AVP Code 556) is of type Unsigned32. The value MUST be in the range from 0 to 4095. The value of this AVP specifies the end value of the range of C-VID VLAN-IDs to be matched.
C-VID-End AVP(AVP代码556)的类型为Unsigned32。该值必须在0到4095之间。此AVP的值指定要匹配的C-VID VLAN ID范围的结束值。
The User-Priority-Range AVP (AVP Code 557) is of type Grouped and specifies an inclusive range to match the user_priority parameter specified in [IEEE802.1D]. An Ethernet packet containing the user_priority parameter matches this classifier if the value is greater than or equal to Low-User-Priority and less than or equal to High-User-Priority. If this AVP is omitted, then comparison of the IEEE 802.1D user_priority parameter for this classifier is irrelevant.
用户优先级范围AVP(AVP代码557)属于分组类型,并指定一个包含范围,以匹配[IEEE802.1D]中指定的用户优先级参数。如果值大于或等于低用户优先级且小于或等于高用户优先级,则包含user_priority参数的以太网数据包与该分类器匹配。如果省略此AVP,则与此分类器的IEEE 802.1D用户_优先级参数的比较无关。
User-Priority-Range ::= < AVP Header: 557 >
* [ Low-User-Priority ]
* [ High-User-Priority ]
* [ AVP ]
User-Priority-Range ::= < AVP Header: 557 >
* [ Low-User-Priority ]
* [ High-User-Priority ]
* [ AVP ]
The Low-User-Priority AVP (AVP Code 558) is of type Unsigned32. The value MUST be in the range from 0 to 7.
低用户优先级AVP(AVP代码558)的类型为Unsigned32。该值必须在0到7之间。
The High-User-Priority AVP (AVP Code 559) is of type Unsigned32. The value MUST be in the range from 0 to 7.
高用户优先级AVP(AVP代码559)的类型为Unsigned32。该值必须在0到7之间。
In many QoS applications, the QoS specification applied to the traffic flow is conditional upon the time of day when the flow was observed. The following sections define AVPs that can be used to express one or more time windows that determine when a traffic treatment action is applicable to a traffic flow.
在许多QoS应用中,应用于业务流的QoS规范取决于观察到业务流的时间。以下各节定义了可用于表示一个或多个时间窗口的AVP,这些时间窗口确定交通处理措施何时适用于交通流。
The Time-Of-Day-Condition AVP (AVP Code 560) is of type Grouped and specifies one or more time windows.
一天中的时间条件AVP(AVP代码560)属于分组类型,并指定一个或多个时间窗口。
Time-Of-Day-Condition ::= < AVP Header: 560 >
[ Time-Of-Day-Start ]
[ Time-Of-Day-End ]
[ Day-Of-Week-Mask ]
[ Day-Of-Month-Mask ]
[ Month-Of-Year-Mask ]
[ Absolute-Start-Time ]
[ Absolute-End-Time ]
[ Timezone-Flag ]
* [ AVP ]
Time-Of-Day-Condition ::= < AVP Header: 560 >
[ Time-Of-Day-Start ]
[ Time-Of-Day-End ]
[ Day-Of-Week-Mask ]
[ Day-Of-Month-Mask ]
[ Month-Of-Year-Mask ]
[ Absolute-Start-Time ]
[ Absolute-End-Time ]
[ Timezone-Flag ]
* [ AVP ]
For example, a time window for 9 a.m. to 5 p.m. (local time) from Monday to Friday would be expressed as:
例如,周一至周五上午9点至下午5点(当地时间)的时间窗口将表示为:
Time-Of-Day-Condition = {
Time-Of-Day-Start = 32400;
Time-Of-Day-End = 61200;
Day-Of-Week-Mask =
( MONDAY | TUESDAY | WEDNESDAY | THURSDAY | FRIDAY );
Timezone-Flag = LOCAL;
}
Time-Of-Day-Condition = {
Time-Of-Day-Start = 32400;
Time-Of-Day-End = 61200;
Day-Of-Week-Mask =
( MONDAY | TUESDAY | WEDNESDAY | THURSDAY | FRIDAY );
Timezone-Flag = LOCAL;
}
The Time-Of-Day-Start AVP (AVP Code 561) is of type Unsigned32. The value MUST be in the range from 0 to 86400. The value of this AVP specifies the start of an inclusive time window expressed as the offset in seconds from midnight. If this AVP is absent from the Time-Of-Day-Condition AVP, the time window starts at midnight.
一天中的时间开始AVP(AVP代码561)的类型为Unsigned32。该值必须在0到86400之间。此AVP的值指定包含时间窗口的开始,表示为从午夜开始的偏移量(秒)。如果该AVP不在一天中的时间条件AVP中,则时间窗口从午夜开始。
The Time-Of-Day-End AVP (AVP Code 562) is of type Unsigned32. The value MUST be in the range from 1 to 86400. The value of this AVP specifies the end of an inclusive time window expressed as the offset in seconds from midnight. If this AVP is absent from the Time-Of-Day-Condition AVP, the time window ends one second before midnight.
日终AVP(AVP代码562)的时间类型为Unsigned32。该值必须在1到86400之间。此AVP的值指定包含时间窗口的结束,表示为从午夜开始的偏移量(以秒为单位)。如果该AVP不在一天中的时间条件AVP中,则时间窗口在午夜前1秒结束。
The Day-Of-Week-Mask AVP (AVP Code 563) is of type Unsigned32. The value is a bit mask that specifies the day of the week for the time window to match. This document specifies the following bits:
星期几掩码AVP(AVP代码563)的类型为Unsigned32。该值是一个位掩码,用于指定时间窗口要匹配的星期几。本文件规定了以下位:
Bit | Name
------+------------
0 | SUNDAY
1 | MONDAY
2 | TUESDAY
3 | WEDNESDAY
4 | THURSDAY
5 | FRIDAY
6 | SATURDAY
Bit | Name
------+------------
0 | SUNDAY
1 | MONDAY
2 | TUESDAY
3 | WEDNESDAY
4 | THURSDAY
5 | FRIDAY
6 | SATURDAY
The bit MUST be set for the time window to match on the corresponding day of the week. Bit 0 is the least significant bit and unused bits MUST be cleared. If this AVP is absent from the Time-Of-Day-Condition AVP, the time windows match on all days of the week.
必须为时间窗口设置位,以便在一周的相应日期匹配。位0是最低有效位,必须清除未使用的位。如果该AVP不在一天中的时间条件AVP中,则时间窗口在一周中的所有天都匹配。
The Day-Of-Month AVP (AVP Code 564) is of type Unsigned32. The value MUST be in the range from 0 to 2147483647. The value is a bit mask that specifies the days of the month where bit 0 represents the first day of the month through to bit 30, which represents the last day of the month. The bit MUST be set for the time window to match on the corresponding day of the month. Bit 0 is the least significant bit and unused bits MUST be cleared. If this AVP is absent from the Time-Of-Day-Condition AVP, the time windows match on all days of the month.
月日AVP(AVP代码564)的类型为Unsigned32。该值必须在0到2147483647之间。该值是一个位掩码,用于指定月份的天数,其中位0表示月份的第一天,位30表示月份的最后一天。必须为时间窗口设置位,以匹配当月的相应日期。位0是最低有效位,必须清除未使用的位。如果该AVP不在一天中的时间条件AVP中,则时间窗口在一个月的所有日子都匹配。
The Month-Of-Year-Mask AVP (AVP Code 565) is of type Unsigned32. The value is a bit mask that specifies the months of the year for the time window to match. This document specifies the following bits:
月份掩码AVP(AVP代码565)的类型为Unsigned32。该值是一个位掩码,用于指定时间窗口要匹配的月份。本文件规定了以下位:
Bit | Name
------+-----------
0 | JANUARY
1 | FEBRUARY
2 | MARCH
3 | APRIL
4 | MAY
5 | JUNE
6 | JULY
7 | AUGUST
8 | SEPTEMBER
9 | OCTOBER
10 | NOVEMBER
11 | DECEMBER
Bit | Name
------+-----------
0 | JANUARY
1 | FEBRUARY
2 | MARCH
3 | APRIL
4 | MAY
5 | JUNE
6 | JULY
7 | AUGUST
8 | SEPTEMBER
9 | OCTOBER
10 | NOVEMBER
11 | DECEMBER
The bit MUST be set for the time window to match on the corresponding month of the year. Bit 0 is the least significant bit and unused bits MUST be cleared. If this AVP is absent from the Time-Of-Day-Condition AVP, the time windows match during all months of the year.
必须为时间窗口设置位,以便与一年中的相应月份匹配。位0是最低有效位,必须清除未使用的位。如果该AVP不在一天中的时间条件AVP中,则时间窗口在一年中的所有月份都匹配。
The Absolute-Start-Time AVP (AVP Code 566) is of type Time. The value of this AVP specifies the time in seconds since January 1, 1900, 00:00 UTC when the time window starts. If this AVP is absent from the Time-Of-Day-Condition AVP, the time window starts on January 1, 1900, 00:00 UTC.
绝对开始时间AVP(AVP代码566)为时间类型。此AVP的值指定自1900年1月1日00:00 UTC时间窗口启动以来的时间(以秒为单位)。如果该AVP不在每日时间条件AVP中,则时间窗口从1900年1月1日00:00 UTC开始。
The Absolute-Start-Fractional-Seconds AVP (AVP Code 567) is of type Unsigned32. The value specifies the fractional seconds that are added to Absolute-Start-Time value in order to determine when the time window starts. If this AVP is absent from the Time-Of-Day-Condition AVP, then the fractional seconds are assumed to be zero.
绝对启动分数秒AVP(AVP代码567)的类型为Unsigned32。该值指定添加到绝对开始时间值的分数秒,以确定时间窗口何时开始。如果该AVP不在一天中的时间条件AVP中,则假定分数秒为零。
The Time-Of-Day-End AVP (AVP Code 568) is of type Time. The value of this AVP specifies the time in seconds since January 1, 1900, 00:00 UTC when the time window ends. If this AVP is absent from the Time-Of-Day-Condition AVP, then the time window is open-ended.
日终AVP(AVP代码568)的时间类型为时间。此AVP的值指定自1900年1月1日00:00 UTC时间窗口结束后的时间(以秒为单位)。如果该AVP不在每日时间条件AVP中,则时间窗口是开放的。
The Absolute-End-Fractional-Seconds AVP (AVP Code 569) is of type Unsigned32. The value specifies the fractional seconds that are added to Absolute-End-Time value in order to determine when the time window ends. If this AVP is absent from the Time-Of-Day-Condition AVP, then the fractional seconds are assumed to be zero.
绝对结束分数秒AVP(AVP代码569)的类型为Unsigned32。该值指定添加到绝对结束时间值的分数秒,以确定时间窗口何时结束。如果该AVP不在一天中的时间条件AVP中,则假定分数秒为零。
The Timezone-Flag AVP (AVP Code 570) is of type Enumerated and indicates whether the time windows are specified in UTC, local time, at the managed terminal or as an offset from UTC. If this AVP is absent from the Time-Of-Day-Condition AVP, then the time windows are in UTC.
时区标志AVP(AVP代码570)属于枚举类型,指示时间窗口是在受管终端以UTC、本地时间或UTC偏移量指定的。如果该AVP不在每日时间条件AVP中,则时间窗口以UTC为单位。
This document defines the following values:
本文件定义了以下值:
Value | Name and Semantic
------+--------------------------------------------------
0 | UTC - The time windows are expressed in UTC.
1 | LOCAL - The time windows are expressed in local
| time at the managed terminal.
2 | OFFSET - The time windows are expressed as an
| offset from UTC (see Timezone-Offset AVP).
Value | Name and Semantic
------+--------------------------------------------------
0 | UTC - The time windows are expressed in UTC.
1 | LOCAL - The time windows are expressed in local
| time at the managed terminal.
2 | OFFSET - The time windows are expressed as an
| offset from UTC (see Timezone-Offset AVP).
The Timezone-Offset AVP (AVP Code 571) is of type Integer32. The value of this AVP MUST be in the range from -43200 to 43200. It specifies the offset in seconds from UTC that was used to express Time-Of-Day-Start, Time-Of-Day-End, Day-Of-Week-Mask, Day-Of-Month-Mask, and Month-Of-Year-Mask AVPs. This AVP MUST be present if the Timezone-Flag AVP is set to OFFSET.
The Timezone-Offset AVP (AVP Code 571) is of type Integer32. The value of this AVP MUST be in the range from -43200 to 43200. It specifies the offset in seconds from UTC that was used to express Time-Of-Day-Start, Time-Of-Day-End, Day-Of-Week-Mask, Day-Of-Month-Mask, and Month-Of-Year-Mask AVPs. This AVP MUST be present if the Timezone-Flag AVP is set to OFFSET.translate error, please retry
This section defines the actions associated with a rule.
本节定义与规则关联的操作。
The Treatment-Action AVP (AVP Code 572) is of type Enumerated and lists the actions that are associated with the condition part of a rule. The following actions are defined in this document:
治疗动作AVP(AVP代码572)属于枚举类型,并列出与规则的条件部分相关联的动作。本文件中定义了以下操作:
0: drop 1: shape 2: mark 3: permit
0:下降1:形状2:标记3:允许
drop:
删除:
This action indicates that the respective traffic MUST be dropped.
此操作表示必须丢弃相应的通信量。
shape:
形状:
[RFC2475] describes shaping as "the process of delaying packets within a traffic stream to cause it to conform to some defined traffic profile". When the action is set to 'shape', the QoS-Parameters AVP SHALL contain QoS information AVPs, such as the TMOD-1 and Bandwidth AVPs [RFC5624], that indicate how to shape the traffic described by the condition part of the rule.
[RFC2475]将整形描述为“延迟业务流中的数据包以使其符合某些定义的业务配置文件的过程”。当动作设置为“成形”时,QoS参数AVP应包含QoS信息AVP,如TMOD-1和带宽AVP[RFC5624],它们指示如何成形规则条件部分描述的流量。
mark:
作记号:
[RFC2475] describes marking as "the process of setting the DS codepoint in a packet based on defined rules". When the action is set to 'mark', the QoS-Parameters AVP SHALL contain QoS information AVPs, such as the PHB-Class AVP [RFC5624], that indicate the Diffserv marking to be applied to the traffic described by the condition part of the rule.
[RFC2475]将标记描述为“根据定义的规则在数据包中设置DS码点的过程”。当操作设置为“标记”时,QoS参数AVP应包含QoS信息AVP,如PHB类AVP[RFC5624],该信息指示将应用于规则条件部分描述的流量的区分服务标记。
permit:
许可证:
The 'permit' action is the counterpart to the 'drop' action used to allow traffic that matches the condition part of a rule to bypass.
“permit”操作与“drop”操作相对应,用于允许符合规则条件部分的流量绕过。
[RFC2475] also describes an action called 'policing' as "the process of discarding packets (by a dropper) within a traffic stream in accordance with the state of a corresponding meter enforcing a traffic profile". This behavior is modeled in the Filter-Rule through the inclusion of the Excess-Treatment AVP containing a Treatment-Action AVP set to 'drop'.
[RFC2475]还将一种称为“监管”的行为描述为“根据实施流量配置文件的相应仪表的状态,丢弃流量流中的数据包(由滴管)的过程”。该行为通过包含包含设置为“drop”的治疗动作AVP的过量治疗AVP在过滤规则中建模。
Further action values can be registered, as described in Section 10.3.
如第10.3节所述,可注册进一步的动作值。
The QoS-Profile-Id AVP (AVP Code 573) is of type Unsigned32 and contains a QoS profile template identifier. An initial QoS profile template is defined with value of 0 and can be found in [RFC5624]. The registry for the QoS profile templates is created with the same document.
QoS配置文件Id AVP(AVP代码573)的类型为Unsigned32,并且包含QoS配置文件模板标识符。初始QoS配置文件模板的定义值为0,可在[RFC5624]中找到。QoS配置文件模板的注册表是使用同一文档创建的。
The QoS-Profile-Template AVP (AVP Code 574) is of type Grouped and defines the namespace of the QoS profile (indicated in the Vendor-ID AVP) followed by the specific value for the profile.
QoS配置文件模板AVP(AVP代码574)属于分组类型,定义QoS配置文件的名称空间(在供应商ID AVP中指示),后跟配置文件的特定值。
The Vendor-Id AVP contains a 32-bit IANA Private Enterprise Number (PEN), and the QoS-Profile-Id AVP contains the template identifier assigned by the vendor. The vendor identifier of zero (0) is used for the IETF.
供应商Id AVP包含32位IANA私有企业号(PEN),QoS配置文件Id AVP包含供应商分配的模板标识符。IETF使用零(0)的供应商标识符。
QoS-Profile-Template ::= < AVP Header: 574 >
{ Vendor-Id }
{ QoS-Profile-Id }
* [ AVP ]
QoS-Profile-Template ::= < AVP Header: 574 >
{ Vendor-Id }
{ QoS-Profile-Id }
* [ AVP ]
The QoS-Semantics AVP (AVP Code 575) is of type Enumerated and provides the semantics for the QoS-Profile-Template and QoS-Parameters AVPs in the Filter-Rule AVP.
QoS语义AVP(AVP代码575)属于枚举类型,并在过滤规则AVP中为QoS概要文件模板和QoS参数AVP提供语义。
This document defines the following values:
本文件定义了以下值:
(0): QoS-Desired
(1): QoS-Available
(2): QoS-Delivered
(3): Minimum-QoS
(4): QoS-Authorized
(0): QoS-Desired
(1): QoS-Available
(2): QoS-Delivered
(3): Minimum-QoS
(4): QoS-Authorized
The semantics of the QoS parameters depend on the information provided in the list above. The semantics of the different values are as follows:
QoS参数的语义取决于上面列表中提供的信息。不同值的语义如下所示:
Object Type Direction Semantic
---------------------------------------------------------------------
QoS-Desired C->S Client requests authorization of the
indicated QoS.
QoS-Desired C<-S NA
QoS-Available C->S Admission Control at client indicates
that this QoS is available. (note 1)
QoS-Available C<-S Admission Control at server indicates
that this QoS is available. (note 2)
QoS-Delivered C->S Client is reporting the actual QoS
delivered to the terminal.
QoS-Delivered C<-S NA
Minimum-QoS C->S Client is not interested in authorizing
QoS that is lower than the indicated QoS.
Minimum-QoS C<-S Client must not provide QoS guarantees
lower than the indicated QoS.
QoS-Authorized C->S NA
QoS-Authorized C<-S Server authorizes the indicated QoS.
Object Type Direction Semantic
---------------------------------------------------------------------
QoS-Desired C->S Client requests authorization of the
indicated QoS.
QoS-Desired C<-S NA
QoS-Available C->S Admission Control at client indicates
that this QoS is available. (note 1)
QoS-Available C<-S Admission Control at server indicates
that this QoS is available. (note 2)
QoS-Delivered C->S Client is reporting the actual QoS
delivered to the terminal.
QoS-Delivered C<-S NA
Minimum-QoS C->S Client is not interested in authorizing
QoS that is lower than the indicated QoS.
Minimum-QoS C<-S Client must not provide QoS guarantees
lower than the indicated QoS.
QoS-Authorized C->S NA
QoS-Authorized C<-S Server authorizes the indicated QoS.
Legend:
图例:
C: Diameter client
S: Diameter server
NA: Not applicable to this document;
no semantic defined in this specification
C: Diameter client
S: Diameter server
NA: Not applicable to this document;
no semantic defined in this specification
Notes:
笔记:
(1) QoS-Available in this direction indicates to the server that any QoS-Authorized or Minimum-QoS must be less than this indicated QoS.
(1) 此方向上可用的QoS向服务器指示任何经授权的QoS或最低QoS必须小于此指示的QoS。
(2) QoS-Available in this direction is only useful when the AAA server performs admission control and knows about the resources in the network.
(2) 只有当AAA服务器执行准入控制并了解网络中的资源时,此方向上可用的QoS才有用。
The QoS-Parameters AVP (AVP Code 576) is of type Grouped and contains Quality of Service parameters. These parameters are defined in separate documents and depend on the indicated QoS profile template of the QoS-Profile-Template AVP. For an initial QoS parameter specification, see [RFC5624].
QoS参数AVP(AVP代码576)属于分组类型,并且包含服务质量参数。这些参数在单独的文档中定义,并取决于QoS配置文件模板AVP的指定QoS配置文件模板。有关初始QoS参数规范,请参阅[RFC5624]。
QoS-Parameters ::= < AVP Header: 576 >
* [ AVP ]
QoS-Parameters ::= < AVP Header: 576 >
* [ AVP ]
The Excess-Treatment AVP (AVP Code 577) is of type Grouped and indicates how out-of-profile traffic, i.e., traffic not covered by the original QoS-Profile-Template and QoS-Parameters AVPs, is treated. The additional Treatment-Action, QoS-Profile-Template, and QoS-Parameters AVPs carried inside the Excess-Treatment AVP provide information about the QoS treatment of the excess traffic. In case the Excess-Treatment AVP is absent, then the treatment of the out-of-profile traffic is left to the discretion of the node performing QoS treatment.
超额处理AVP(AVP代码577)属于分组类型,并指示如何处理配置文件外的业务,即原始QoS配置文件模板和QoS参数AVP未涵盖的业务。额外的处理动作、QoS配置文件模板和额外处理AVP内携带的QoS参数AVP提供关于额外业务的QoS处理的信息。在缺少过量处理AVP的情况下,则由执行QoS处理的节点自行决定对不符合配置的业务的处理。
Excess-Treatment ::= < AVP Header: 577 >
{ Treatment-Action }
[ QoS-Profile-Template ]
[ QoS-Parameters ]
* [ AVP ]
Excess-Treatment ::= < AVP Header: 577 >
{ Treatment-Action }
[ QoS-Profile-Template ]
[ QoS-Parameters ]
* [ AVP ]
The QoS-Capability AVP (AVP Code 578) is of type Grouped and contains a list of supported Quality of Service profile templates (and therefore the support of the respective parameter AVPs).
QoS能力AVP(AVP代码578)属于分组类型,并且包含受支持的服务质量简档模板列表(以及相应参数AVP的支持)。
The QoS-Capability AVP may be used for a simple announcement of the QoS capabilities and QoS profiles supported by a peer. It may also be used to negotiate a mutually supported set of QoS capabilities and
QoS能力AVP可用于对等方支持的QoS能力和QoS简档的简单公告。它还可用于协商一组相互支持的QoS功能和
QoS profiles between two peers. In such a case, handling of failed negotiations is application and/or deployment specific.
两个对等方之间的QoS配置文件。在这种情况下,失败协商的处理取决于应用程序和/或部署。
QoS-Capability ::= < AVP Header: 578 >
1*{ QoS-Profile-Template }
* [ AVP ]
QoS-Capability ::= < AVP Header: 578 >
1*{ QoS-Profile-Template }
* [ AVP ]
The QoS-Profile-Template AVP is defined in Section 5.3.
第5.3节定义了QoS配置文件模板AVP。
This section shows a number of signaling flows where QoS negotiation and authorization are part of the conventional NASREQ, EAP, or Credit Control applications message exchanges. The signaling flows for the Diameter QoS Application are described in [DIAMETER-QOS].
本节显示了许多信令流,其中QoS协商和授权是传统NASREQ、EAP或信用控制应用程序消息交换的一部分。Diameter QoS应用的信令流在[Diameter-QoS]中描述。
Figure 2 shows a simple signaling flow where a Network Access Server (NAS) (Diameter Client) announces its QoS awareness and capabilities included into the DER message and as part of the access authentication procedure. Upon completion of the EAP exchange, the Diameter server provides a pre-provisioned QoS profile with the QoS-Semantics in the Filter-Rule AVP set to 'QoS-Authorized', to the NAS in the final Diameter-EAP-Answer (DEA) message.
图2显示了一个简单的信令流,其中网络访问服务器(NAS)(Diameter客户端)宣布其QoS感知和功能包括在DER消息中,并作为访问身份验证过程的一部分。EAP交换完成后,Diameter服务器向最终Diameter EAP应答(DEA)消息中的NAS提供预配置的QoS配置文件,其中过滤规则AVP中的QoS语义设置为“QoS授权”。
End Diameter Diameter
Host Client Server
| | |
| (initiate EAP) | |
|<----------------------------->| |
| | Diameter-EAP-Request |
| | EAP-Payload(EAP Start) |
| | QoS-Capability |
| |------------------------------->|
| | |
| | Diameter-EAP-Answer |
| Result-Code=DIAMETER_MULTI_ROUND_AUTH |
| | EAP-Payload(EAP Request #1) |
| |<-------------------------------|
| EAP Request(Identity) | |
|<------------------------------| |
: : :
: <<<more message exchanges>>> :
: : :
| | |
| EAP Response #N | |
|------------------------------>| |
| | Diameter-EAP-Request |
| | EAP-Payload(EAP Response #N) |
| |------------------------------->|
| | |
| | Diameter-EAP-Answer |
| | Result-Code=DIAMETER_SUCCESS |
| | EAP-Payload(EAP Success) |
| | (authorization AVPs) |
| | QoS-Resources(QoS-Authorized) |
| |<-------------------------------|
| | |
| EAP Success | |
|<------------------------------| |
| | |
End Diameter Diameter
Host Client Server
| | |
| (initiate EAP) | |
|<----------------------------->| |
| | Diameter-EAP-Request |
| | EAP-Payload(EAP Start) |
| | QoS-Capability |
| |------------------------------->|
| | |
| | Diameter-EAP-Answer |
| Result-Code=DIAMETER_MULTI_ROUND_AUTH |
| | EAP-Payload(EAP Request #1) |
| |<-------------------------------|
| EAP Request(Identity) | |
|<------------------------------| |
: : :
: <<<more message exchanges>>> :
: : :
| | |
| EAP Response #N | |
|------------------------------>| |
| | Diameter-EAP-Request |
| | EAP-Payload(EAP Response #N) |
| |------------------------------->|
| | |
| | Diameter-EAP-Answer |
| | Result-Code=DIAMETER_SUCCESS |
| | EAP-Payload(EAP Success) |
| | (authorization AVPs) |
| | QoS-Resources(QoS-Authorized) |
| |<-------------------------------|
| | |
| EAP Success | |
|<------------------------------| |
| | |
Figure 2: Example of a Diameter EAP Enhanced with QoS Information
图2:使用QoS信息增强的Diameter EAP示例
Figure 3 shows a similar pre-provisioned QoS signaling as in Figure 2 but using the NASREQ application instead of EAP application.
图3显示了与图2中类似的预配置QoS信令,但使用NASREQ应用程序而不是EAP应用程序。
End Diameter
Host NAS Server
| | |
| Start Network | |
| Attachment | |
|<---------------->| |
| | |
| |AA-Request |
| |NASREQ-Payload |
| |QoS-Capability |
| +----------------------------->|
| | |
| | AA-Answer|
| Result-Code=DIAMETER_MULTI_ROUND_AUTH|
| NASREQ-Payload(NASREQ Request #1)|
| |<-----------------------------+
| | |
| Request | |
|<-----------------+ |
| | |
: : :
: <<<more message exchanges>>> :
: : :
| Response #N | |
+----------------->| |
| | |
| |AA-Request |
| |NASREQ-Payload ( Response #N )|
| +----------------------------->|
| | |
| | AA-Answer|
| | Result-Code=DIAMETER_SUCCESS|
| | (authorization AVPs)|
| | QoS-Resources(QoS-Authorized)|
| |<-----------------------------+
| | |
| Success | |
|<-----------------+ |
| | |
End Diameter
Host NAS Server
| | |
| Start Network | |
| Attachment | |
|<---------------->| |
| | |
| |AA-Request |
| |NASREQ-Payload |
| |QoS-Capability |
| +----------------------------->|
| | |
| | AA-Answer|
| Result-Code=DIAMETER_MULTI_ROUND_AUTH|
| NASREQ-Payload(NASREQ Request #1)|
| |<-----------------------------+
| | |
| Request | |
|<-----------------+ |
| | |
: : :
: <<<more message exchanges>>> :
: : :
| Response #N | |
+----------------->| |
| | |
| |AA-Request |
| |NASREQ-Payload ( Response #N )|
| +----------------------------->|
| | |
| | AA-Answer|
| | Result-Code=DIAMETER_SUCCESS|
| | (authorization AVPs)|
| | QoS-Resources(QoS-Authorized)|
| |<-----------------------------+
| | |
| Success | |
|<-----------------+ |
| | |
Figure 3: Example of a Diameter NASREQ Enhanced with QoS Information
图3:使用QoS信息增强的Diameter NASREQ示例
Figure 4 shows an example of authorization-only QoS signaling as part of the NASREQ message exchange. The NAS provides the Diameter server with the "QoS-Desired" QoS-Semantics AVP included in the QoS-Resources AVP. The Diameter server then either authorizes the indicated QoS or rejects the request and informs the NAS about the result. In this scenario, the NAS does not need to include the QoS-Capability AVP in the AAR message as the QoS-Resources AVP implicitly does the same and also the NAS is authorizing a specific QoS profile, not a pre-provisioned one.
图4显示了作为NASREQ消息交换一部分的仅授权QoS信令的示例。NAS向Diameter服务器提供QoS资源AVP中包含的“QoS所需”QoS语义AVP。然后,Diameter服务器授权指定的QoS或拒绝请求并将结果通知NAS。在该场景中,NAS不需要在AAR消息中包括QoS能力AVP,因为QoS资源AVP隐式地执行相同的操作,并且NAS正在授权特定的QoS配置文件,而不是预配置的配置文件。
End Diameter
Host NAS Server
| | |
| | |
| QoS Request | |
+----------------->| |
| | |
| |AA-Request |
| |Auth-Request-Type=AUTHORIZE_ONLY
| |NASREQ-Payload |
| |QoS-Resources(QoS-Desired) |
| +----------------------------->|
| | |
| | AA-Answer|
| | NASREQ-Payload(Success)|
| | QoS-Resources(QoS-Authorized)|
| |<-----------------------------+
| Accept | |
|<-----------------+ |
| | |
| | |
| | |
End Diameter
Host NAS Server
| | |
| | |
| QoS Request | |
+----------------->| |
| | |
| |AA-Request |
| |Auth-Request-Type=AUTHORIZE_ONLY
| |NASREQ-Payload |
| |QoS-Resources(QoS-Desired) |
| +----------------------------->|
| | |
| | AA-Answer|
| | NASREQ-Payload(Success)|
| | QoS-Resources(QoS-Authorized)|
| |<-----------------------------+
| Accept | |
|<-----------------+ |
| | |
| | |
| | |
Figure 4: Example of an Authorization-Only Message Flow
图4:仅授权消息流的示例
Figure 5 shows a message exchange for a Diameter server-initiated QoS re-authorization procedure. The Diameter server sends the NAS a Re-Auth Request (RAR) message requesting re-authorization for an existing session and the NAS acknowledges it with a RAA message. The NAS is aware of its existing QoS profile and information for the ongoing session that the Diameter server requested for re-
图5显示了Diameter服务器启动的QoS重新授权过程的消息交换。Diameter服务器向NAS发送重新授权请求(RAR)消息,请求对现有会话进行重新授权,NAS通过RAA消息进行确认。NAS知道其现有的QoS配置文件以及Diameter服务器请求重新配置的正在进行的会话的信息-
authorization. Thus, the NAS must initiate re-authorization of the existing QoS profile. The re-authorization procedure is the same as in Figure 4.
批准因此,NAS必须启动现有QoS配置文件的重新授权。重新授权程序与图4中的相同。
End Diameter
Host NAS Server
| | |
| | |
: : :
: <<<Initial Message Exchanges>>> :
: : :
| | |
| | RA-Request |
| |<-----------------------------+
| | |
| |RA-Answer |
| |Result-Code=DIAMETER_SUCCESS |
| +----------------------------->|
| | |
| | |
| |AA-Request |
| |NASREQ-Payload |
| |Auth-Request-Type=AUTHORIZE_ONLY
| |QoS-Resources(QoS-Desired) |
| +----------------------------->|
| | |
| | AA-Answer|
| | Result-Code=DIAMETER_SUCCESS|
| | (authorization AVPs)|
| | QoS-Resources(QoS-Authorized)|
| |<-----------------------------+
| | |
End Diameter
Host NAS Server
| | |
| | |
: : :
: <<<Initial Message Exchanges>>> :
: : :
| | |
| | RA-Request |
| |<-----------------------------+
| | |
| |RA-Answer |
| |Result-Code=DIAMETER_SUCCESS |
| +----------------------------->|
| | |
| | |
| |AA-Request |
| |NASREQ-Payload |
| |Auth-Request-Type=AUTHORIZE_ONLY
| |QoS-Resources(QoS-Desired) |
| +----------------------------->|
| | |
| | AA-Answer|
| | Result-Code=DIAMETER_SUCCESS|
| | (authorization AVPs)|
| | QoS-Resources(QoS-Authorized)|
| |<-----------------------------+
| | |
Figure 5: Example of a Server-Initiated Re-Authorization Procedure
图5:服务器启动的重新授权过程示例
In this example, the CC client includes a QoS authorization request (QoS-Semantics=QoS-Desired) in the initial Credit Control Request (CCR). The CC server responds with a Credit Control Answer (CCA), which includes the granted resources with an authorized QoS definition (QoS-Semantics=QoS-Authorized) and the CC client proceeds to deliver service with the specified QoS.
在该示例中,CC客户端在初始信用控制请求(CCR)中包括QoS授权请求(QoS语义=QoS期望)。CC服务器使用信用控制应答(CCA)进行响应,该应答包括具有授权QoS定义(QoS语义=QoS授权)的授权资源,CC客户端继续提供具有指定QoS的服务。
At the end of service, the CC client reports the units used and the QoS level at which those units were delivered (QoS-Semantics=QoS-Delivered). The end of service could occur because the credit resources granted to the user were exhausted or the service was been
在服务结束时,CC客户端报告使用的单元以及交付这些单元的QoS级别(QoS语义=QoS交付)。服务结束可能是因为授予用户的信用资源已用尽或服务已被取消
successfully delivered or the service was terminated, e.g., because the Service Element could not deliver the service at the authorized QoS level.
成功交付或服务终止,例如,因为服务元素无法以授权的QoS级别交付服务。
Service Element
End User (CC Client) CC Server
| | |
|(1) Service Request | |
|-------------------->| |
| |(2) CCR (Initial, |
| | QoS-Resources(QoS-Desired)) |
| |--------------------------------->|
| |(3) CCA (Granted-Units, |
| | QoS-Resources(QoS-Authorized))|
| |<---------------------------------|
|(4) Service Delivery | |
|<------------------->| |
| | |
|(5) End of Service | |
|-------------------->| |
| |(6) CCR (Termination, Used-Units, |
| | QoS-Resources(QoS-Delivered)) |
| |--------------------------------->|
| |(7) CCA |
| |<---------------------------------|
Service Element
End User (CC Client) CC Server
| | |
|(1) Service Request | |
|-------------------->| |
| |(2) CCR (Initial, |
| | QoS-Resources(QoS-Desired)) |
| |--------------------------------->|
| |(3) CCA (Granted-Units, |
| | QoS-Resources(QoS-Authorized))|
| |<---------------------------------|
|(4) Service Delivery | |
|<------------------->| |
| | |
|(5) End of Service | |
|-------------------->| |
| |(6) CCR (Termination, Used-Units, |
| | QoS-Resources(QoS-Delivered)) |
| |--------------------------------->|
| |(7) CCA |
| |<---------------------------------|
Figure 6: Example of a Diameter Credit Control with QoS Information
图6:具有QoS信息的Diameter信用控制示例
Example: Classify all packets from hosts on subnet 192.0.2.0/24 to ports 80, 8090 or 443 on web servers 192.0.2.123, 192.0.2.124, 192.0.2.125.
示例:将来自子网192.0.2.0/24上的主机的所有数据包分类到web服务器192.0.2.123、192.0.2.124、192.0.2.125上的端口80、8090或443。
Classifier = {
Classifier-Id = "web_svr_example";
Protocol = TCP;
Direction = OUT;
From-Spec = {
IP-Address-Mask = {
IP-Address = 192.0.2.0;
IP-Bit-Mask-Width = 24;
}
}
To-Spec = {
IP-Address = 192.0.2.123;
IP-Address = 192.0.2.124;
IP-Address = 192.0.2.125;
Port = 80;
Port = 8080;
Port = 443;
}
}
Classifier = {
Classifier-Id = "web_svr_example";
Protocol = TCP;
Direction = OUT;
From-Spec = {
IP-Address-Mask = {
IP-Address = 192.0.2.0;
IP-Bit-Mask-Width = 24;
}
}
To-Spec = {
IP-Address = 192.0.2.123;
IP-Address = 192.0.2.124;
IP-Address = 192.0.2.125;
Port = 80;
Port = 8080;
Port = 443;
}
}
Example: Any SIP signaling traffic from a device with a MAC address of 01:23:45:67:89:ab to servers with IP addresses in the range 192.0.2.90 to 192.0.2.190.
示例:从MAC地址为01:23:45:67:89:ab的设备到IP地址范围为192.0.2.90到192.0.2.190的服务器的任何SIP信令流量。
Classifier = {
Classifier-Id = "web_svr_example";
Protocol = UDP;
Direction = OUT;
From-Spec = {
MAC-Address = 01:23:45:67:89:ab;
}
To-Spec = {
IP-Address-Range = {
IP-Address-Start = 192.0.2.90;
IP-Address-End = 192.0.2.190;
}
Port = 5060;
Port = 3478;
Port-Range = {
Port-Start = 16348;
Port-End = 32768;
}
}
}
Classifier = {
Classifier-Id = "web_svr_example";
Protocol = UDP;
Direction = OUT;
From-Spec = {
MAC-Address = 01:23:45:67:89:ab;
}
To-Spec = {
IP-Address-Range = {
IP-Address-Start = 192.0.2.90;
IP-Address-End = 192.0.2.190;
}
Port = 5060;
Port = 3478;
Port-Range = {
Port-Start = 16348;
Port-End = 32768;
}
}
}
The following high-level description aims to illustrate the interworking between the Diameter QoS AVPs defined in this document and the QoS parameters defined in [RFC5624].
以下高层描述旨在说明本文件中定义的Diameter QoS AVP与[RFC5624]中定义的QoS参数之间的互通。
Consider the following example where a rule should be installed that limits traffic to 1 Mbit/s and where out-of-profile traffic shall be dropped. The Classifiers are ignored in this example.
考虑下面的示例,其中应该安装一个规则,将流量限制为1兆比特/秒,并在其中丢弃非配置流量。在本例中,分类器被忽略。
This would require the Treatment-Action AVP to be set to 'shape' and the QoS-Parameters AVP carries the Bandwidth AVP indicating the 1 Mbit/s limit. The Treatment-Action carried inside the Excess-Treatment AVP would be set to 'drop'.
这将需要将治疗动作AVP设置为“形状”,并且QoS参数AVP携带指示1mbit/s限制的带宽AVP。过量治疗AVP内进行的治疗动作将设置为“下降”。
In a second, more complex scenario, we consider traffic marking with Diffserv. In-profile traffic (of 5 Mbit/s in our example) shall be associated with a particular PHB-Class "X". Out-of-profile traffic shall belong to a different PHB-Class, in our example "Y".
在第二个更复杂的场景中,我们考虑DiffServ的业务标记。配置文件内流量(在我们的示例中为5 Mbit/s)应与特定PHB等级“X”相关联。在我们的示例“Y”中,轮廓外的流量应属于不同的PHB类别。
This configuration would require the Treatment-Action AVP to be set to 'mark'. The QoS-Parameters AVPs for the traffic conforming of the profile contains two AVPs, namely, the TMOD-1 AVP and the PHB-Class AVP. The TMOD-1 AVP describes the traffic characteristics, namely, 5 Mbit/s, and the PHB-Class AVP is set to class "X". Then, the Excess-Treatment AVP has to be included with the Treatment-Action AVP set to 'mark' and the QoS-Parameters AVP to carry another PHB-Class AVP indicating PHB-Class AVP setting to class "Y".
此配置需要将治疗动作AVP设置为“标记”。该配置文件的业务一致性的QoS参数AVP包含两个AVP,即TMOD-1 AVP和PHB类AVP。TMOD-1 AVP描述了流量特性,即5 Mbit/s,PHB级AVP设置为“X”级。然后,过度治疗AVP必须包括设置为“标记”的治疗动作AVP和QoS参数AVP,以携带另一个指示PHB类AVP设置为“Y”的PHB类AVP。
We would like to thank Victor Fajardo, Tseno Tsenov, Robert Hancock, Jukka Manner, Cornelia Kappler, Xiaoming Fu, Frank Alfano, Tolga Asveren, Mike Montemurro, Glen Zorn, Avri Doria, Dong Sun, Tina Tsou, Pete McCann, Georgios Karagiannis, Elwyn Davies, Max Riegel, Yong Li, and Eric Gray for their comments. We thank Victor Fajardo for his job as PROTO document shepherd. Finally, we would like to thank Lars Eggert, Magnus Westerlund, Adrian Farrel, Lisa Dusseault, Ralph Droms, and Eric Gray for their feedback during the IESG review phase.
我们要感谢维克多·法哈多、采诺·泽诺夫、罗伯特·汉考克、朱卡·韦德、科妮莉亚·卡普勒、傅晓明、弗兰克·阿尔法诺、托尔加·阿斯维伦、迈克·蒙特穆罗、格伦·佐恩、阿夫里·多里亚、东孙、蒂娜·邹、皮特·麦肯、乔治亚·卡拉吉安尼斯、埃尔文·戴维斯、马克斯·里格尔、永利和埃里克·格雷的评论。我们感谢维克多·法哈多作为原始文件守护者所做的工作。最后,我们要感谢Lars Eggert、Magnus Westerlund、Adrian Farrel、Lisa Dusseault、Ralph Droms和Eric Gray在IESG审查阶段提供的反馈。
Max Riegel contributed the VLAN sections.
Max Riegel贡献了VLAN部分。
IANA has allocated codes from the "AVP Codes" registry under Authentication, Authorization, and Accounting (AAA) Parameters for the following AVPs that are defined in this document.
IANA已根据本文件中定义的以下AVP的身份验证、授权和记帐(AAA)参数从“AVP代码”注册表中分配代码。
+-------------------------------------------------------------------+
| AVP Section |
| Attribute Name Code Defined Data Type |
+-------------------------------------------------------------------+
|QoS-Resources 508 3.1 Grouped |
|Filter-Rule 509 3.2 Grouped |
|Filter-Rule-Precedence 510 3.3 Unsigned32 |
|Classifier 511 4.1.1 Grouped |
|Classifier-ID 512 4.1.2 OctetString |
|Protocol 513 4.1.3 Enumerated |
|Direction 514 4.1.4 Enumerated |
|From-Spec 515 4.1.5 Grouped |
|To-Spec 516 4.1.6 Grouped |
|Negated 517 4.1.7.1 Enumerated |
|IP-Address 518 4.1.7.2 Address |
|IP-Address-Range 519 4.1.7.3 Grouped |
|IP-Address-Start 520 4.1.7.4 Address |
|IP-Address-End 521 4.1.7.5 Address |
|IP-Address-Mask 522 4.1.7.6 Grouped |
|IP-Mask-Bit-Mask-Width 523 4.1.7.7 Unsigned32 |
|MAC-Address 524 4.1.7.8 OctetString |
|MAC-Address-Mask 525 4.1.7.9 Grouped |
|MAC-Address-Mask-Pattern 526 4.1.7.10 OctetString |
|EUI64-Address 527 4.1.7.11 OctetString |
|EUI64-Address-Mask 528 4.1.7.12 Grouped |
|EUI64-Address-Mask-Pattern 529 4.1.7.13 OctetString |
|Port 530 4.1.7.14 Integer32 |
|Port-Range 531 4.1.7.15 Grouped |
|Port-Start 532 4.1.7.16 Integer32 |
|Port-End 533 4.1.7.17 Integer32 |
|Use-Assigned-Address 534 4.1.7.18 Enumerated |
|Diffserv-Code-Point 535 4.1.8.1 Enumerated |
|Fragmentation-Flag 536 4.1.8.2 Enumerated |
|IP-Option 537 4.1.8.3 Grouped |
|IP-Option-Type 538 4.1.8.4 Enumerated |
|IP-Option-Value 539 4.1.8.5 OctetString |
|TCP-Option 540 4.1.8.6 Grouped |
|TCP-Option-Type 541 4.1.8.7 Enumerated |
|TCP-Option-Value 542 4.1.8.8 OctetString |
|TCP-Flags 543 4.1.8.9 Grouped |
+-------------------------------------------------------------------+
| AVP Section |
| Attribute Name Code Defined Data Type |
+-------------------------------------------------------------------+
|QoS-Resources 508 3.1 Grouped |
|Filter-Rule 509 3.2 Grouped |
|Filter-Rule-Precedence 510 3.3 Unsigned32 |
|Classifier 511 4.1.1 Grouped |
|Classifier-ID 512 4.1.2 OctetString |
|Protocol 513 4.1.3 Enumerated |
|Direction 514 4.1.4 Enumerated |
|From-Spec 515 4.1.5 Grouped |
|To-Spec 516 4.1.6 Grouped |
|Negated 517 4.1.7.1 Enumerated |
|IP-Address 518 4.1.7.2 Address |
|IP-Address-Range 519 4.1.7.3 Grouped |
|IP-Address-Start 520 4.1.7.4 Address |
|IP-Address-End 521 4.1.7.5 Address |
|IP-Address-Mask 522 4.1.7.6 Grouped |
|IP-Mask-Bit-Mask-Width 523 4.1.7.7 Unsigned32 |
|MAC-Address 524 4.1.7.8 OctetString |
|MAC-Address-Mask 525 4.1.7.9 Grouped |
|MAC-Address-Mask-Pattern 526 4.1.7.10 OctetString |
|EUI64-Address 527 4.1.7.11 OctetString |
|EUI64-Address-Mask 528 4.1.7.12 Grouped |
|EUI64-Address-Mask-Pattern 529 4.1.7.13 OctetString |
|Port 530 4.1.7.14 Integer32 |
|Port-Range 531 4.1.7.15 Grouped |
|Port-Start 532 4.1.7.16 Integer32 |
|Port-End 533 4.1.7.17 Integer32 |
|Use-Assigned-Address 534 4.1.7.18 Enumerated |
|Diffserv-Code-Point 535 4.1.8.1 Enumerated |
|Fragmentation-Flag 536 4.1.8.2 Enumerated |
|IP-Option 537 4.1.8.3 Grouped |
|IP-Option-Type 538 4.1.8.4 Enumerated |
|IP-Option-Value 539 4.1.8.5 OctetString |
|TCP-Option 540 4.1.8.6 Grouped |
|TCP-Option-Type 541 4.1.8.7 Enumerated |
|TCP-Option-Value 542 4.1.8.8 OctetString |
|TCP-Flags 543 4.1.8.9 Grouped |
|TCP-Flag-Type 544 4.1.8.10 Unsigned32 |
|ICMP-Type 545 4.1.8.11 Grouped |
|ICMP-Type-Number 546 4.1.8.12 Enumerated |
|ICMP-Code 547 4.1.8.13 Enumerated |
|ETH-Option 548 4.1.8.14 Grouped |
|ETH-Proto-Type 549 4.1.8.15 Grouped |
|ETH-Ether-Type 550 4.1.8.16 OctetString |
|ETH-SAP 551 4.1.8.17 OctetString |
|VLAN-ID-Range 552 4.1.8.18 Grouped |
|S-VID-Start 553 4.1.8.19 Unsigned32 |
|S-VID-End 554 4.1.8.20 Unsigned32 |
|C-VID-Start 555 4.1.8.21 Unsigned32 |
|C-VID-End 556 4.1.8.22 Unsigned32 |
|User-Priority-Range 557 4.1.8.23 Grouped |
|Low-User-Priority 558 4.1.8.24 Unsigned32 |
|High-User-Priority 559 4.1.8.25 Unsigned32 |
|Time-Of-Day-Condition 560 4.2.1 Grouped |
|Time-Of-Day-Start 561 4.2.2 Unsigned32 |
|Time-Of-Day-End 562 4.2.3 Unsigned32 |
|Day-Of-Week-Mask 563 4.2.4 Unsigned32 |
|Day-Of-Month-Mask 564 4.2.5 Unsigned32 |
|Month-Of-Year-Mask 565 4.2.6 Unsigned32 |
|Absolute-Start-Time 566 4.2.7 Time |
|Absolute-Start-Fractional-Seconds 567 4.2.8 Unsigned32 |
|Absolute-End-Time 568 4.2.9 Time |
|Absolute-End-Fractional-Seconds 569 4.2.10 Unsigned32 |
|Timezone-Flag 570 4.2.11 Enumerated |
|Timezone-Offset 571 4.2.12 Integer32 |
|Treatment-Action 572 5.1 Grouped |
|QoS-Profile-Id 573 5.2 Unsigned32 |
|QoS-Profile-Template 574 5.3 Grouped |
|QoS-Semantics 575 5.4 Enumerated |
|QoS-Parameters 576 5.5 Grouped |
|Excess-Treatment 577 5.6 Grouped |
|QoS-Capability 578 6 Grouped |
+-------------------------------------------------------------------+
|TCP-Flag-Type 544 4.1.8.10 Unsigned32 |
|ICMP-Type 545 4.1.8.11 Grouped |
|ICMP-Type-Number 546 4.1.8.12 Enumerated |
|ICMP-Code 547 4.1.8.13 Enumerated |
|ETH-Option 548 4.1.8.14 Grouped |
|ETH-Proto-Type 549 4.1.8.15 Grouped |
|ETH-Ether-Type 550 4.1.8.16 OctetString |
|ETH-SAP 551 4.1.8.17 OctetString |
|VLAN-ID-Range 552 4.1.8.18 Grouped |
|S-VID-Start 553 4.1.8.19 Unsigned32 |
|S-VID-End 554 4.1.8.20 Unsigned32 |
|C-VID-Start 555 4.1.8.21 Unsigned32 |
|C-VID-End 556 4.1.8.22 Unsigned32 |
|User-Priority-Range 557 4.1.8.23 Grouped |
|Low-User-Priority 558 4.1.8.24 Unsigned32 |
|High-User-Priority 559 4.1.8.25 Unsigned32 |
|Time-Of-Day-Condition 560 4.2.1 Grouped |
|Time-Of-Day-Start 561 4.2.2 Unsigned32 |
|Time-Of-Day-End 562 4.2.3 Unsigned32 |
|Day-Of-Week-Mask 563 4.2.4 Unsigned32 |
|Day-Of-Month-Mask 564 4.2.5 Unsigned32 |
|Month-Of-Year-Mask 565 4.2.6 Unsigned32 |
|Absolute-Start-Time 566 4.2.7 Time |
|Absolute-Start-Fractional-Seconds 567 4.2.8 Unsigned32 |
|Absolute-End-Time 568 4.2.9 Time |
|Absolute-End-Fractional-Seconds 569 4.2.10 Unsigned32 |
|Timezone-Flag 570 4.2.11 Enumerated |
|Timezone-Offset 571 4.2.12 Integer32 |
|Treatment-Action 572 5.1 Grouped |
|QoS-Profile-Id 573 5.2 Unsigned32 |
|QoS-Profile-Template 574 5.3 Grouped |
|QoS-Semantics 575 5.4 Enumerated |
|QoS-Parameters 576 5.5 Grouped |
|Excess-Treatment 577 5.6 Grouped |
|QoS-Capability 578 6 Grouped |
+-------------------------------------------------------------------+
IANA has allocated a new registry under Authentication, Authorization, and Accounting (AAA) Parameters for the QoS-Semantics AVP. The following values are allocated by this specification:
IANA已根据QoS语义AVP的身份验证、授权和记帐(AAA)参数分配了一个新的注册表。本规范分配了以下值:
(0): QoS-Desired
(1): QoS-Available
(2): QoS-Delivered
(3): Minimum-QoS
(4): QoS-Authorized
(0): QoS-Desired
(1): QoS-Available
(2): QoS-Delivered
(3): Minimum-QoS
(4): QoS-Authorized
The definition of new values is subject to the Specification Required policy [RFC5226].
新值的定义受规范要求政策[RFC5226]的约束。
IANA has allocated a new registry under Authentication, Authorization, and Accounting (AAA) Parameters for the Treatment-Action AVP. The following values are allocated by this specification:
IANA已根据治疗行动AVP的身份验证、授权和记帐(AAA)参数分配了一个新的注册表。本规范分配了以下值:
0: drop 1: shape 2: mark 3: permit
0:下降1:形状2:标记3:允许
The definition of new values is subject to the Specification Required policy [RFC5226].
新值的定义受规范要求政策[RFC5226]的约束。
This document describes the extension of Diameter for conveying Quality of Service information. The security considerations of the Diameter protocol itself have been discussed in RFC 3588 [RFC3588]. Use of the AVPs defined in this document MUST take into consideration the security issues and requirements of the Diameter base protocol.
本文档描述了传输服务质量信息的直径扩展。Diameter协议本身的安全注意事项已在RFC 3588[RFC3588]中讨论过。使用本文件中定义的AVP必须考虑到Diameter base协议的安全问题和要求。
[IEEE802.1D] IEEE, "IEEE Standard for Local and metropolitan area networks, Media Access Control (MAC) Bridges", 2004.
[IEEE802.1D]IEEE,“局域网和城域网的IEEE标准,媒体访问控制(MAC)网桥”,2004年。
[IEEE802.1Q] IEEE, "IEEE Standard for Local and metropolitan area networks, Virtual Bridged Local Area Networks", 2005.
[IEEE802.1Q]IEEE,“局域网和城域网的IEEE标准,虚拟桥接局域网”,2005年。
[IEEE802.1ad] IEEE, "IEEE Standard for Local and metropolitan area networks, Virtual Bridged Local Area Networks, Amendment 4: Provider Bridges", 2005.
[IEEE802.1ad]IEEE,“局域网和城域网的IEEE标准,虚拟桥接局域网,修改件4:提供商网桥”,2005年。
[IEEE802.2] IEEE, "IEEE Standard for Information technology, Telecommunications and information exchange between systems, Local and metropolitan area networks, Specific requirements, Part 2: Logical Link Control", 1998.
[IEEE802.2]IEEE,“系统、局域网和城域网之间信息技术、电信和信息交换的IEEE标准,具体要求,第2部分:逻辑链路控制”,1998年。
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[RFC2474] Nichols, K., Blake, S., Baker, F., and D. Black, "Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers", RFC 2474, December 1998.
[RFC2474]Nichols,K.,Blake,S.,Baker,F.,和D.Black,“IPv4和IPv6头中区分服务字段(DS字段)的定义”,RFC 2474,1998年12月。
[RFC2780] Bradner, S. and V. Paxson, "IANA Allocation Guidelines For Values In the Internet Protocol and Related Headers", BCP 37, RFC 2780, March 2000.
[RFC2780]Bradner,S.和V.Paxson,“互联网协议和相关报头中值的IANA分配指南”,BCP 37,RFC 2780,2000年3月。
[RFC3168] Ramakrishnan, K., Floyd, S., and D. Black, "The Addition of Explicit Congestion Notification (ECN) to IP", RFC 3168, September 2001.
[RFC3168]Ramakrishnan,K.,Floyd,S.,和D.Black,“向IP添加显式拥塞通知(ECN)”,RFC 3168,2001年9月。
[RFC3588] Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and J. Arkko, "Diameter Base Protocol", RFC 3588, September 2003.
[RFC3588]Calhoun,P.,Loughney,J.,Guttman,E.,Zorn,G.,和J.Arkko,“直径基础协议”,RFC 3588,2003年9月。
[RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 5226, May 2008.
[RFC5226]Narten,T.和H.Alvestrand,“在RFCs中编写IANA注意事项部分的指南”,BCP 26,RFC 5226,2008年5月。
[DIAMETER-QOS] Sun, D., Ed., McCann, P., Tschofenig, H., Tsou, T., Doria, A., and G. Zorn, Ed., "Diameter Quality of Service Application", Work in Progress, October 2009.
[DIAMETER-QOS]Sun,D.,Ed.,McCann,P.,Tschofenig,H.,Tsou,T.,Doria,A.,和G.Zorn,Ed.,“DIAMETER服务质量应用”,在建工程,2009年10月。
[RFC2475] Blake, S., Black, D., Carlson, M., Davies, E., Wang, Z., and W. Weiss, "An Architecture for Differentiated Services", RFC 2475, December 1998.
[RFC2475]Blake,S.,Black,D.,Carlson,M.,Davies,E.,Wang,Z.,和W.Weiss,“差异化服务架构”,RFC 24751998年12月。
[RFC4005] Calhoun, P., Zorn, G., Spence, D., and D. Mitton, "Diameter Network Access Server Application", RFC 4005, August 2005.
[RFC4005]Calhoun,P.,Zorn,G.,Spence,D.,和D.Mitton,“Diameter网络访问服务器应用”,RFC 4005,2005年8月。
[RFC5624] Korhonen, J., Tschofenig, H., and E. Davies, "Quality of Service Parameters for Usage with Diameter", RFC 5624, August 2009.
[RFC5624]Korhonen,J.,Tschofenig,H.,和E.Davies,“直径使用的服务质量参数”,RFC 56242009年8月。
The MAC and EUI64 address bit masks are generally used in classifying devices according to Organizationally Unique Identifier (OUI) and/or address blocks specific to the OUI assignee. The bit masks are not intended to introduce a structure into the MAC or EUI64 address space that was not intended by the IEEE.
MAC和EUI64地址位掩码通常用于根据特定于OUI的组织唯一标识符(OUI)和/或地址块对设备进行分类。位掩码不打算将IEEE不打算的结构引入MAC或EUI64地址空间。
The MAC address bit mask should be defined as a contiguous series of "N" set bits followed by a contiguous series of "48 - N" clear bits, e.g., the MAC address bit mask of 0xFF00FF000000 would not be valid. Similarly, the EUI64 address bit mask should be defined as a contiguous series of "N" set bits followed by a contiguous series of "64 - N" clear bits.
MAC地址位掩码应定义为一系列连续的“N”集合位,后跟一系列连续的“48-N”清除位,例如,0xFF00FF000000的MAC地址位掩码无效。类似地,EUI64地址位掩码应定义为“N”个设置位的连续序列,后跟“64-N”个清除位的连续序列。
It should also be noted that some OUIs are assigned for use in applications that require number space management at the organization level (e.g., LLC/SNAP encoding), and are not commonly used for MAC addresses.
还应注意,一些OUI被分配用于需要在组织级别进行数字空间管理的应用程序(例如,LLC/SNAP编码),并且通常不用于MAC地址。
Authors' Addresses
作者地址
Jouni Korhonen Nokia Siemens Networks Linnoitustie 6 Espoo 02600 Finland
Jouni Korhonen诺基亚西门子网络公司芬兰Linnoitustie 6 Espoo 02600
EMail: jouni.korhonen@nsn.com
EMail: jouni.korhonen@nsn.com
Hannes Tschofenig Nokia Siemens Networks Linnoitustie 6 Espoo 02600 Finland
Hannes Tschofenig诺基亚西门子网络公司芬兰Linnoitustie 6 Espoo 02600
Phone: +358 (50) 4871445
EMail: Hannes.Tschofenig@gmx.net
URI: http://www.tschofenig.priv.at
Phone: +358 (50) 4871445
EMail: Hannes.Tschofenig@gmx.net
URI: http://www.tschofenig.priv.at
Mayutan Arumaithurai University of Goettingen
哥廷根大学
EMail: mayutan.arumaithurai@gmail.com
EMail: mayutan.arumaithurai@gmail.com
Mark Jones (editor) Bridgewater Systems 303 Terry Fox Drive, Suite 500 Ottawa, Ontario K2K 3J1 Canada
Mark Jones(编辑)Bridgewater Systems加拿大安大略省渥太华市Terry Fox大道303号500室K2K 3J1
Phone: +1 613-591-6655
EMail: mark.jones@bridgewatersystems.com
Phone: +1 613-591-6655
EMail: mark.jones@bridgewatersystems.com
Avi Lior Bridgewater Systems 303 Terry Fox Drive, Suite 500 Ottawa, Ontario K2K 3J1 Canada
Avi Lior Bridgewater Systems加拿大安大略省渥太华Terry Fox大道303号500室K2K 3J1
Phone: +1 613-591-6655
EMail: avi@bridgewatersystems.com
Phone: +1 613-591-6655
EMail: avi@bridgewatersystems.com