Network Working Group H. Hakala Request for Comments: 4006 L. Mattila Category: Standards Track Ericsson J-P. Koskinen M. Stura J. Loughney Nokia August 2005
Network Working Group H. Hakala Request for Comments: 4006 L. Mattila Category: Standards Track Ericsson J-P. Koskinen M. Stura J. Loughney Nokia August 2005
Diameter Credit-Control Application
Diameter Credit-Control Applicationtranslate error, please retry
Status of This Memo
关于下段备忘
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
本文件规定了互联网社区的互联网标准跟踪协议,并要求进行讨论和提出改进建议。有关本协议的标准化状态和状态,请参考当前版本的“互联网官方协议标准”(STD 1)。本备忘录的分发不受限制。
Copyright Notice
版权公告
Copyright (C) The Internet Society (2005).
版权所有(C)互联网协会(2005年)。
Abstract
摘要
This document specifies a Diameter application that can be used to implement real-time credit-control for a variety of end user services such as network access, Session Initiation Protocol (SIP) services, messaging services, and download services.
本文档指定了一个Diameter应用程序,该应用程序可用于实现各种最终用户服务的实时信用控制,如网络访问、会话初始化协议(SIP)服务、消息传递服务和下载服务。
Table of Contents
目录
1. Introduction................................................. 4 1.1. Requirements Language................................. 5 1.2. Terminology........................................... 5 1.3. Advertising Application Support....................... 7 2. Architecture Models.......................................... 7 3. Credit-Control Messages...................................... 9 3.1. Credit-Control-Request (CCR) Command.................. 9 3.2. Credit-Control-Answer (CCA) Command................... 11 4. Credit-Control Application Overview.......................... 11 4.1. Service-Specific Rating Input and Interoperability.... 13 5. Session Based Credit-Control................................. 15 5.1. General Principles.................................... 15 5.2. First Interrogation................................... 21 5.3. Intermediate Interrogation............................ 27 5.4. Final Interrogation................................... 29
1. Introduction................................................. 4 1.1. Requirements Language................................. 5 1.2. Terminology........................................... 5 1.3. Advertising Application Support....................... 7 2. Architecture Models.......................................... 7 3. Credit-Control Messages...................................... 9 3.1. Credit-Control-Request (CCR) Command.................. 9 3.2. Credit-Control-Answer (CCA) Command................... 11 4. Credit-Control Application Overview.......................... 11 4.1. Service-Specific Rating Input and Interoperability.... 13 5. Session Based Credit-Control................................. 15 5.1. General Principles.................................... 15 5.2. First Interrogation................................... 21 5.3. Intermediate Interrogation............................ 27 5.4. Final Interrogation................................... 29
5.5. Server-Initiated Credit Re-Authorization.............. 30 5.6. Graceful Service Termination.......................... 32 5.7. Failure Procedures.................................... 38 6. One Time Event............................................... 41 6.1. Service Price Enquiry................................. 42 6.2. Balance Check......................................... 42 6.3. Direct Debiting....................................... 43 6.4. Refund................................................ 44 6.5. Failure Procedure..................................... 44 7. Credit-Control Application State Machine..................... 46 8. Credit-Control AVPs.......................................... 55 8.1. CC-Correlation-Id AVP................................. 58 8.2. CC-Request-Number AVP................................. 58 8.3. CC-Request-Type AVP................................... 58 8.4. CC-Session-Failover AVP............................... 59 8.5. CC-Sub-Session-Id AVP................................. 59 8.6. Check-Balance-Result AVP.............................. 60 8.7. Cost-Information AVP.................................. 60 8.8. Unit-Value AVP........................................ 61 8.9. Exponent AVP.......................................... 61 8.10. Value-Digits AVP...................................... 61 8.11. Currency-Code AVP..................................... 62 8.12. Cost-Unit AVP......................................... 62 8.13. Credit-Control AVP.................................... 62 8.14. Credit-Control-Failure-Handling AVP................... 62 8.15. Direct-Debiting-Failure-Handling AVP.................. 63 8.16. Multiple-Services-Credit-Control AVP.................. 64 8.17. Granted-Service-Unit AVP.............................. 65 8.18. Requested-Service-Unit AVP............................ 66 8.19. Used-Service-Unit AVP................................. 66 8.20. Tariff-Time-Change AVP................................ 67 8.21. CC-Time AVP........................................... 67 8.22. CC-Money AVP.......................................... 67 8.23. CC-Total-Octets AVP................................... 68 8.24. CC-Input-Octets AVP................................... 68 8.25. CC-Output-Octets AVP.................................. 68 8.26. CC-Service-Specific-Units AVP......................... 68 8.27. Tariff-Change-Usage AVP............................... 68 8.28. Service-Identifier AVP................................ 69 8.29. Rating-Group AVP...................................... 69 8.30. G-S-U-Pool-Reference AVP.............................. 69 8.31. G-S-U-Pool-Identifier AVP............................. 70 8.32. CC-Unit-Type AVP...................................... 70 8.33. Validity-Time AVP..................................... 70 8.34. Final-Unit-Indication AVP............................. 71 8.35. Final-Unit-Action AVP................................. 72 8.36. Restriction-Filter-Rule AVP........................... 72 8.37. Redirect-Server AVP................................... 73
5.5. Server-Initiated Credit Re-Authorization.............. 30 5.6. Graceful Service Termination.......................... 32 5.7. Failure Procedures.................................... 38 6. One Time Event............................................... 41 6.1. Service Price Enquiry................................. 42 6.2. Balance Check......................................... 42 6.3. Direct Debiting....................................... 43 6.4. Refund................................................ 44 6.5. Failure Procedure..................................... 44 7. Credit-Control Application State Machine..................... 46 8. Credit-Control AVPs.......................................... 55 8.1. CC-Correlation-Id AVP................................. 58 8.2. CC-Request-Number AVP................................. 58 8.3. CC-Request-Type AVP................................... 58 8.4. CC-Session-Failover AVP............................... 59 8.5. CC-Sub-Session-Id AVP................................. 59 8.6. Check-Balance-Result AVP.............................. 60 8.7. Cost-Information AVP.................................. 60 8.8. Unit-Value AVP........................................ 61 8.9. Exponent AVP.......................................... 61 8.10. Value-Digits AVP...................................... 61 8.11. Currency-Code AVP..................................... 62 8.12. Cost-Unit AVP......................................... 62 8.13. Credit-Control AVP.................................... 62 8.14. Credit-Control-Failure-Handling AVP................... 62 8.15. Direct-Debiting-Failure-Handling AVP.................. 63 8.16. Multiple-Services-Credit-Control AVP.................. 64 8.17. Granted-Service-Unit AVP.............................. 65 8.18. Requested-Service-Unit AVP............................ 66 8.19. Used-Service-Unit AVP................................. 66 8.20. Tariff-Time-Change AVP................................ 67 8.21. CC-Time AVP........................................... 67 8.22. CC-Money AVP.......................................... 67 8.23. CC-Total-Octets AVP................................... 68 8.24. CC-Input-Octets AVP................................... 68 8.25. CC-Output-Octets AVP.................................. 68 8.26. CC-Service-Specific-Units AVP......................... 68 8.27. Tariff-Change-Usage AVP............................... 68 8.28. Service-Identifier AVP................................ 69 8.29. Rating-Group AVP...................................... 69 8.30. G-S-U-Pool-Reference AVP.............................. 69 8.31. G-S-U-Pool-Identifier AVP............................. 70 8.32. CC-Unit-Type AVP...................................... 70 8.33. Validity-Time AVP..................................... 70 8.34. Final-Unit-Indication AVP............................. 71 8.35. Final-Unit-Action AVP................................. 72 8.36. Restriction-Filter-Rule AVP........................... 72 8.37. Redirect-Server AVP................................... 73
8.38. Redirect-Address-Type AVP............................. 73 8.39. Redirect-Server-Address AVP........................... 74 8.40. Multiple-Services-Indicator AVP....................... 74 8.41. Requested-Action AVP.................................. 74 8.42. Service-Context-Id AVP................................ 75 8.43. Service-Parameter-Info AVP............................ 76 8.44. Service-Parameter-Type AVP............................ 76 8.45. Service-Parameter-Value AVP........................... 77 8.46. Subscription-Id AVP................................... 77 8.47. Subscription-Id-Type AVP.............................. 77 8.48. Subscription-Id-Data AVP.............................. 78 8.49. User-Equipment-Info AVP............................... 78 8.50. User-Equipment-Info-Type AVP.......................... 78 8.50. User-Equipment-Info-Value AVP......................... 79 9. Result Code AVP Values....................................... 79 9.1. Transient Failures.................................... 79 9.2. Permanent Failures.................................... 80 10. AVP Occurrence Table......................................... 80 10.1. Credit-Control AVP Table.............................. 81 10.2. Re-Auth-Request/Answer AVP Table...................... 82 11. RADIUS/Diameter Credit-Control Interworking Model............ 82 12. IANA Considerations.......................................... 85 12.1. Application Identifier................................ 86 12.2. Command Codes......................................... 86 12.3. AVP Codes............................................. 86 12.4. Result-Code AVP Values................................ 86 12.5. CC-Request-Type AVP................................... 86 12.6. CC-Session-Failover AVP............................... 86 12.7. CC-Unit-Type AVP...................................... 87 12.8. Check-Balance-Result AVP.............................. 87 12.9. Credit-Control AVP.................................... 87 12.10. Credit-Control-Failure-Handling AVP................... 87 12.11. Direct-Debiting-Failure-Handling AVP.................. 87 12.12. Final-Unit-Action AVP................................. 87 12.13. Multiple-Services-Indicator AVP....................... 87 12.14. Redirect-Address-Type AVP............................. 88 12.15. Requested-Action AVP.................................. 88 12.16. Subscription-Id-Type AVP.............................. 88 12.17. Tariff-Change-Usage AVP............................... 88 12.18. User-Equipment-Info-Type AVP.......................... 88 13. Credit-Control Application Related Parameters................ 88 14. Security Considerations...................................... 89 14.1. Direct Connection with Redirects...................... 90 15. References................................................... 91 15.1. Normative References.................................. 91 15.2. Informative References................................ 92 16. Acknowledgements............................................. 93 Appendix A Credit-Control Sequences.............................. 94
8.38. Redirect-Address-Type AVP............................. 73 8.39. Redirect-Server-Address AVP........................... 74 8.40. Multiple-Services-Indicator AVP....................... 74 8.41. Requested-Action AVP.................................. 74 8.42. Service-Context-Id AVP................................ 75 8.43. Service-Parameter-Info AVP............................ 76 8.44. Service-Parameter-Type AVP............................ 76 8.45. Service-Parameter-Value AVP........................... 77 8.46. Subscription-Id AVP................................... 77 8.47. Subscription-Id-Type AVP.............................. 77 8.48. Subscription-Id-Data AVP.............................. 78 8.49. User-Equipment-Info AVP............................... 78 8.50. User-Equipment-Info-Type AVP.......................... 78 8.50. User-Equipment-Info-Value AVP......................... 79 9. Result Code AVP Values....................................... 79 9.1. Transient Failures.................................... 79 9.2. Permanent Failures.................................... 80 10. AVP Occurrence Table......................................... 80 10.1. Credit-Control AVP Table.............................. 81 10.2. Re-Auth-Request/Answer AVP Table...................... 82 11. RADIUS/Diameter Credit-Control Interworking Model............ 82 12. IANA Considerations.......................................... 85 12.1. Application Identifier................................ 86 12.2. Command Codes......................................... 86 12.3. AVP Codes............................................. 86 12.4. Result-Code AVP Values................................ 86 12.5. CC-Request-Type AVP................................... 86 12.6. CC-Session-Failover AVP............................... 86 12.7. CC-Unit-Type AVP...................................... 87 12.8. Check-Balance-Result AVP.............................. 87 12.9. Credit-Control AVP.................................... 87 12.10. Credit-Control-Failure-Handling AVP................... 87 12.11. Direct-Debiting-Failure-Handling AVP.................. 87 12.12. Final-Unit-Action AVP................................. 87 12.13. Multiple-Services-Indicator AVP....................... 87 12.14. Redirect-Address-Type AVP............................. 88 12.15. Requested-Action AVP.................................. 88 12.16. Subscription-Id-Type AVP.............................. 88 12.17. Tariff-Change-Usage AVP............................... 88 12.18. User-Equipment-Info-Type AVP.......................... 88 13. Credit-Control Application Related Parameters................ 88 14. Security Considerations...................................... 89 14.1. Direct Connection with Redirects...................... 90 15. References................................................... 91 15.1. Normative References.................................. 91 15.2. Informative References................................ 92 16. Acknowledgements............................................. 93 Appendix A Credit-Control Sequences.............................. 94
A.1. Flow I................................................ 94 A.2. Flow II............................................... 96 A.3. Flow III.............................................. 98 A.4. Flow IV............................................... 99 A.5. Flow V................................................ 100 A.6. Flow VI............................................... 102 A.7. Flow VII.............................................. 103 A.8. Flow VIII............................................. 105 A.9. Flow IX............................................... 107 Authors' Addresses............................................... 112 Full Copyright Statement......................................... 114
A.1. Flow I................................................ 94 A.2. Flow II............................................... 96 A.3. Flow III.............................................. 98 A.4. Flow IV............................................... 99 A.5. Flow V................................................ 100 A.6. Flow VI............................................... 102 A.7. Flow VII.............................................. 103 A.8. Flow VIII............................................. 105 A.9. Flow IX............................................... 107 Authors' Addresses............................................... 112 Full Copyright Statement......................................... 114
This document specifies a Diameter application that can be used to implement real-time credit-control for a variety of end user services such as network access, Session Initiation Protocol (SIP) services, messaging services, and download services. It provides a general solution to real-time cost and credit-control.
本文档指定了一个Diameter应用程序,该应用程序可用于实现各种最终用户服务的实时信用控制,如网络访问、会话初始化协议(SIP)服务、消息传递服务和下载服务。它为实时成本和信用控制提供了通用解决方案。
The prepaid model has been shown to be very successful, for instance, in GSM networks, where network operators offering prepaid services have experienced a substantial growth of their customer base and revenues. Prepaid services are now cropping up in many other wireless and wire line based networks.
预付费模式已被证明是非常成功的,例如,在GSM网络中,提供预付费服务的网络运营商的客户群和收入都有了大幅增长。预付费服务现在出现在许多其他无线和有线网络中。
In next generation wireless networks, additional functionality is required beyond that specified in the Diameter base protocol. For example, the 3GPP Charging and Billing requirements [3GPPCHARG] state that an application must be able to rate service information in real-time. In addition, it is necessary to check that the end user's account provides coverage for the requested service prior to initiation of that service. When an account is exhausted or expired, the user must be denied the ability to compile additional chargeable events.
在下一代无线网络中,除了Diameter基本协议中规定的功能外,还需要其他功能。例如,3GPP收费和计费要求[3GPPCHARG]规定,应用程序必须能够实时对服务信息进行评级。此外,在启动该服务之前,有必要检查最终用户的帐户是否为请求的服务提供了覆盖范围。当帐户耗尽或过期时,必须拒绝用户编译其他收费事件的能力。
A mechanism has to be provided to allow the user to be informed of the charges to be levied for a requested service. In addition, there are services such as gaming and advertising that may credit as well as debit a user account.
必须提供一种机制,允许用户了解所请求服务的收费。此外,还有一些服务,如游戏和广告,可以贷记或借记用户帐户。
The other Diameter applications provide service specific authorization, and they do not provide credit authorization for prepaid users. The credit authorization shall be generic and applicable to all the service environments required to support prepaid services.
其他Diameter应用程序提供特定于服务的授权,它们不为预付费用户提供信用授权。信用授权应是通用的,并适用于支持预付费服务所需的所有服务环境。
To fulfill these requirements, it is necessary to facilitate credit-control communication between the network element providing the service (e.g., Network Access Server, SIP Proxy, and Application Server) and a credit-control server.
为了满足这些要求,有必要促进提供服务的网元(例如,网络访问服务器、SIP代理和应用服务器)与信用控制服务器之间的信用控制通信。
The scope of this specification is the credit authorization. Service specific authorization and authentication is out of the scope.
本规范的范围为信贷授权。特定于服务的授权和身份验证超出范围。
In this document, the key words "MAY", "MUST, "MUST NOT", "OPTIONAL", "RECOMMENDED", "SHOULD", and "SHOULD NOT", are to be interpreted as described in [KEYWORDS].
在本文件中,关键词“可能”、“必须”、“不得”、“可选”、“建议”、“应该”和“不应该”应按照[关键词]中所述进行解释。
AAA
AAA
Authentication, Authorization, and Accounting
身份验证、授权和记帐
AA answer
AA答案
AA answer generically refers to a service specific authorization and authentication answer. AA answer commands are defined in service specific authorization applications, e.g., [NASREQ] and [DIAMMIP].
AA应答一般指特定于服务的授权和身份验证应答。AA应答命令在特定于服务的授权应用程序中定义,例如,[NASREQ]和[DIAMIP]。
AA request
机管局要求
AA request generically refers to a service specific authorization and authentication request. AA request commands are defined in service specific authorization applications e.g., [NASREQ] and [DIAMMIP].
AA请求一般指特定于服务的授权和身份验证请求。AA请求命令在特定于服务的授权应用程序中定义,例如[NASREQ]和[DIAMIP]。
Credit-control
信用控制
Credit-control is a mechanism that directly interacts in real-time with an account and controls or monitors the charges related to the service usage. Credit-control is a process of checking whether credit is available, credit-reservation, deduction of credit from the end user account when service is completed and refunding of reserved credit that is not used.
信用控制是一种直接与帐户实时交互并控制或监控与服务使用相关的费用的机制。信用控制是一个检查信用是否可用、信用保留、服务完成时从最终用户帐户扣除信用以及退还未使用的保留信用的过程。
Diameter Credit-control Server
Diameter信用控制服务器
A Diameter credit-control server acts as a prepaid server, performing real-time rating and credit-control. It is located in the home domain and is accessed by service elements or Diameter AAA servers in
Diameter信用控制服务器充当预付费服务器,执行实时评级和信用控制。它位于主域中,由中的服务元素或Diameter AAA服务器访问
real-time for purpose of price determination and credit-control before the service event is delivered to the end-user. It may also interact with business support systems.
在服务事件交付给最终用户之前,实时进行价格确定和信用控制。它还可以与业务支持系统交互。
Diameter Credit-control Client
Diameter信用控制客户端
A Diameter credit-control client is an entity that interacts with a credit-control server. It monitors the usage of the granted quota according to instructions returned by credit-control server.
Diameter信用控制客户端是与信用控制服务器交互的实体。它根据信用控制服务器返回的指令监视已授予配额的使用情况。
Interrogation
审问
The Diameter credit-control client uses interrogation to initiate a session based credit-control process. During the credit-control process, it is used to report the used quota and request a new one. An interrogation maps to a request/answer transaction.
Diameter信用控制客户端使用询问来启动基于会话的信用控制过程。在信用控制过程中,它用于报告已使用的配额并请求新配额。询问映射到请求/应答事务。
One-time event
一次性事件
Basically, a request/answer transaction of type event.
基本上,类型为event的请求/应答事务。
Rating
评级
The act of determining the cost of the service event.
确定服务事件成本的行为。
Service
服务
A type of task performed by a service element for an end user.
由服务元素为最终用户执行的一种任务类型。
Service Element
服务要素
A network element that provides a service to the end users. The Service Element may include the Diameter credit-control client, or another entity (e.g., RADIUS AAA server) that can act as a Credit-control client on behalf of the Service Element. In the latter case, the interface between the Service Element and the Diameter credit-control client is outside the scope of this specification. Examples of the Service Elements include Network Access Server (NAS), SIP Proxy, and Application Servers such as messaging server, content server, and gaming server.
向最终用户提供服务的网络元件。服务元素可包括Diameter信用控制客户端,或可作为代表服务元素的信用控制客户端的另一实体(例如,RADIUS AAA服务器)。在后一种情况下,服务元素和Diameter credit control客户端之间的接口不在本规范的范围内。服务元素的示例包括网络访问服务器(NAS)、SIP代理和应用服务器,如消息服务器、内容服务器和游戏服务器。
Service Event
服务事件
An event relating to a service provided to the end user.
与提供给最终用户的服务有关的事件。
Session based credit-control
基于会话的信用控制
A credit-control process that makes use of several interrogations: the first, a possible intermediate, and the final. The first interrogation is used to reserve money from the user's account and to initiate the process. The intermediate interrogations may be needed to request new quota while the service is being rendered. The final interrogation is used to exit the process. The credit-control server is required to maintain session state for session-based credit-control.
一种信用控制过程,它使用几个询问:第一个询问、一个可能的中间询问和最后一个询问。第一次询问用于从用户帐户中预留资金并启动该过程。在提供服务时,可能需要中间询问来请求新配额。最后的询问用于退出流程。信用控制服务器需要维护基于会话的信用控制的会话状态。
Diameter nodes conforming to this specification MUST advertise support by including the value of 4 in the Auth-Application-Id of the Capabilities-Exchange-Request and Capabilities-Exchange-Answer command [DIAMBASE].
符合本规范的Diameter节点必须通过在功能交换请求和功能交换应答命令[DIAMBASE]的身份验证应用程序Id中包含值4来公布支持。
The current accounting models specified in the Radius Accounting [RFC2866] and Diameter base [DIAMBASE] are not sufficient for real-time credit-control, where credit-worthiness is to be determined prior to service initiation. Also, the existing Diameter authorization applications, [NASREQ] and [DIAMMIP], only provide service authorization, but do not provide credit authorization for prepaid users. In order to support real-time credit-control, a new type of server is needed in the AAA infrastructure: Diameter credit-control server. The Diameter credit-control server is the entity responsible for credit authorization for prepaid subscribers.
Radius会计[RFC2866]和Diameter base[DIAMBASE]中规定的当前会计模型不足以进行实时信用控制,其中信用度将在服务启动之前确定。此外,现有的Diameter授权应用程序[NASREQ]和[DIAMIP]仅提供服务授权,但不为预付费用户提供信用授权。为了支持实时信用控制,AAA基础设施中需要一种新型服务器:Diameter信用控制服务器。Diameter信用控制服务器是负责预付费用户信用授权的实体。
A service element may authenticate and authorize the end user with the AAA server by using AAA protocols; e.g., RADIUS or a Diameter base protocol with a possible Diameter application.
服务元素可以通过使用AAA协议来使用AAA服务器认证和授权最终用户;e、 例如,RADIUS或具有可能的Diameter应用程序的Diameter基本协议。
Accounting protocols such as RADIUS accounting and the Diameter base accounting protocol can be used to provide accounting data to the accounting server after service is initiated, and to provide possible interim reports until service completion. However, for real-time credit-control, these authorization and accounting models are not sufficient.
记帐协议(如RADIUS记帐和Diameter base记帐协议)可用于在服务启动后向记帐服务器提供记帐数据,并在服务完成之前提供可能的临时报告。然而,对于实时信用控制,这些授权和会计模型是不够的。
When real-time credit-control is required, the credit-control client contacts the credit-control server with information about a possible service event. The credit-control process is performed to determine potential charges and to verify whether the end user's account balance is sufficient to cover the cost of the service being rendered.
当需要实时信用控制时,信用控制客户端将与信用控制服务器联系,并提供有关可能的服务事件的信息。执行信贷控制流程以确定潜在费用,并验证最终用户的账户余额是否足以支付所提供服务的成本。
Figure 1 illustrates the typical credit-control architecture, which consists of a Service Element with an embedded Diameter credit-control client, a Diameter credit-control server, and an AAA server. A Business Support System is usually deployed; it includes at least the billing functionality. The credit-control server and AAA server in this architecture model are logical entities. The real configuration can combine them into a single host. The credit-control protocol is the Diameter base protocol with the Diameter credit-control application.
图1说明了典型的信用控制体系结构,该体系结构由带有嵌入式Diameter信用控制客户端的服务元素、Diameter信用控制服务器和AAA服务器组成。通常部署业务支持系统;它至少包括计费功能。此体系结构模型中的信用控制服务器和AAA服务器是逻辑实体。真正的配置可以将它们组合到单个主机中。信用控制协议是带有Diameter信用控制应用程序的Diameter基础协议。
When an end user requests services such as SIP or messaging, the request is typically forwarded to a service element (e.g., SIP Proxy) in the user's home domain. In some cases it might be possible that the service element in the visited domain can offer services to the end user; however, a commercial agreement must exist between the visited domain and the home domain. Network access is an example of a service offered in the visited domain where the NAS, through an AAA infrastructure, authenticates and authorizes the user with the user's home network.
当最终用户请求诸如SIP或消息传递之类的服务时,该请求通常被转发到用户的主域中的服务元素(例如,SIP代理)。在某些情况下,访问域中的服务元素可能会向最终用户提供服务;但是,访问域和主域之间必须存在商业协议。网络访问是访问域中提供的服务的一个示例,其中NAS通过AAA基础设施使用用户的家庭网络对用户进行身份验证和授权。
Service Element AAA and CC +----------+ +---------+ Protocols+-----------+ +--------+ | End |<---->|+-------+|<------------>| AAA | |Business| | User | +->|| CC || | Server |->|Support | | | | || Client||<-----+ | | |System | +----------+ | |+-------+| | +-----------+ | | | +---------+ | ^ +--------+ +----------+ | | CC Protocol | ^ | End |<--+ | +-----v----+ | | User | +------>|Credit- | | +----------+ Credit-Control |Control |--------+ Protocol |Server | +----------+
Service Element AAA and CC +----------+ +---------+ Protocols+-----------+ +--------+ | End |<---->|+-------+|<------------>| AAA | |Business| | User | +->|| CC || | Server |->|Support | | | | || Client||<-----+ | | |System | +----------+ | |+-------+| | +-----------+ | | | +---------+ | ^ +--------+ +----------+ | | CC Protocol | ^ | End |<--+ | +-----v----+ | | User | +------>|Credit- | | +----------+ Credit-Control |Control |--------+ Protocol |Server | +----------+
Figure 1: Typical credit-control architecture
图1:典型的信用控制体系结构
There can be multiple credit-control servers in the system for redundancy and load balancing. The system can also contain separate rating server(s), and accounts can be located in a centralized database. To ensure that the end user's account is not debited or credited multiple times for the same service event, only one place in the credit-control system should perform duplicate detection. System internal interfaces can exist to relay messages between servers and an account manager. However, the detailed architecture of the credit-control system and its interfaces are implementation specific and are out of scope of this specification.
系统中可以有多个信用控制服务器,用于冗余和负载平衡。系统还可以包含单独的评级服务器,并且帐户可以位于集中数据库中。为确保最终用户的帐户不会因同一服务事件多次借记或贷记,信用控制系统中只有一个地方应执行重复检测。系统内部接口可用于在服务器和帐户管理器之间中继消息。然而,信贷控制系统及其接口的详细架构是具体实施的,不在本规范的范围内。
Protocol transparent Diameter relays can exist between the credit-control client and credit-control server. Also, Diameter Redirect agents that refer credit-control clients to credit-control servers and allow them to communicate directly can exist. These agents transparently support the Diameter credit-control application. The different roles of Diameter Agents are defined in Diameter base [DIAMBASE], section 2.8.
协议透明直径中继可以存在于信用控制客户端和信用控制服务器之间。此外,Diameter重定向代理可以将信用控制客户端引用到信用控制服务器,并允许它们直接通信。这些代理透明地支持Diameter信用控制应用程序。Diameter base[DIAMBASE]第2.8节定义了直径代理的不同作用。
If Diameter credit-control proxies exist between the credit-control client and the credit-control server, they MUST advertise the Diameter credit-control application support.
如果信用控制客户端和信用控制服务器之间存在Diameter信用控制代理,则它们必须公布Diameter信用控制应用程序支持。
This section defines new Diameter message Command-Code values that MUST be supported by all Diameter implementations that conform to this specification. The Command Codes are as follows:
本节定义了符合本规范的所有Diameter实现必须支持的新Diameter消息命令代码值。命令代码如下:
Command-Name Abbrev. Code Reference ----------------------------------------------------------- Credit-Control-Request CCR 272 3.1 Credit-Control-Answer CCA 272 3.2
Command-Name Abbrev. Code Reference ----------------------------------------------------------- Credit-Control-Request CCR 272 3.1 Credit-Control-Answer CCA 272 3.2
Diameter Base [DIAMBASE] defines in the section 3.2 the Command Code ABNF specification. These formats are observed in Credit-Control messages.
直径基准[DIAMBASE]在第3.2节中定义了命令代码ABNF规范。这些格式在信用控制消息中可以看到。
The Credit-Control-Request message (CCR) is indicated by the command-code field being set to 272 and the 'R' bit being set in the Command Flags field. It is used between the Diameter credit-control client and the credit-control server to request credit authorization for a given service.
信用控制请求消息(CCR)由设置为272的命令代码字段和在命令标志字段中设置的“R”位表示。它在Diameter信用控制客户端和信用控制服务器之间用于请求给定服务的信用授权。
The Auth-Application-Id MUST be set to the value 4, indicating the Diameter credit-control application.
身份验证应用程序Id必须设置为值4,表示直径信用控制应用程序。
Message Format
消息格式
<Credit-Control-Request> ::= < Diameter Header: 272, REQ, PXY > < Session-Id > { Origin-Host } { Origin-Realm } { Destination-Realm } { Auth-Application-Id } { Service-Context-Id } { CC-Request-Type } { CC-Request-Number } [ Destination-Host ] [ User-Name ] [ CC-Sub-Session-Id ] [ Acct-Multi-Session-Id ] [ Origin-State-Id ] [ Event-Timestamp ] *[ Subscription-Id ] [ Service-Identifier ] [ Termination-Cause ] [ Requested-Service-Unit ] [ Requested-Action ] *[ Used-Service-Unit ] [ Multiple-Services-Indicator ] *[ Multiple-Services-Credit-Control ] *[ Service-Parameter-Info ] [ CC-Correlation-Id ] [ User-Equipment-Info ] *[ Proxy-Info ] *[ Route-Record ] *[ AVP ]
<Credit-Control-Request> ::= < Diameter Header: 272, REQ, PXY > < Session-Id > { Origin-Host } { Origin-Realm } { Destination-Realm } { Auth-Application-Id } { Service-Context-Id } { CC-Request-Type } { CC-Request-Number } [ Destination-Host ] [ User-Name ] [ CC-Sub-Session-Id ] [ Acct-Multi-Session-Id ] [ Origin-State-Id ] [ Event-Timestamp ] *[ Subscription-Id ] [ Service-Identifier ] [ Termination-Cause ] [ Requested-Service-Unit ] [ Requested-Action ] *[ Used-Service-Unit ] [ Multiple-Services-Indicator ] *[ Multiple-Services-Credit-Control ] *[ Service-Parameter-Info ] [ CC-Correlation-Id ] [ User-Equipment-Info ] *[ Proxy-Info ] *[ Route-Record ] *[ AVP ]
The Credit-Control-Answer message (CCA) is indicated by the command-code field being set to 272 and the 'R' bit being cleared in the Command Flags field. It is used between the credit-control server and the Diameter credit-control client to acknowledge a Credit-Control-Request command.
信用控制应答消息(CCA)由设置为272的命令代码字段和清除命令标志字段中的“R”位表示。它在信用控制服务器和Diameter信用控制客户端之间用于确认信用控制请求命令。
Message Format
消息格式
<Credit-Control-Answer> ::= < Diameter Header: 272, PXY > < Session-Id > { Result-Code } { Origin-Host } { Origin-Realm } { Auth-Application-Id } { CC-Request-Type } { CC-Request-Number } [ User-Name ] [ CC-Session-Failover ] [ CC-Sub-Session-Id ] [ Acct-Multi-Session-Id ] [ Origin-State-Id ] [ Event-Timestamp ] [ Granted-Service-Unit ] *[ Multiple-Services-Credit-Control ] [ Cost-Information] [ Final-Unit-Indication ] [ Check-Balance-Result ] [ Credit-Control-Failure-Handling ] [ Direct-Debiting-Failure-Handling ] [ Validity-Time] *[ Redirect-Host] [ Redirect-Host-Usage ] [ Redirect-Max-Cache-Time ] *[ Proxy-Info ] *[ Route-Record ] *[ Failed-AVP ] *[ AVP ]
<Credit-Control-Answer> ::= < Diameter Header: 272, PXY > < Session-Id > { Result-Code } { Origin-Host } { Origin-Realm } { Auth-Application-Id } { CC-Request-Type } { CC-Request-Number } [ User-Name ] [ CC-Session-Failover ] [ CC-Sub-Session-Id ] [ Acct-Multi-Session-Id ] [ Origin-State-Id ] [ Event-Timestamp ] [ Granted-Service-Unit ] *[ Multiple-Services-Credit-Control ] [ Cost-Information] [ Final-Unit-Indication ] [ Check-Balance-Result ] [ Credit-Control-Failure-Handling ] [ Direct-Debiting-Failure-Handling ] [ Validity-Time] *[ Redirect-Host] [ Redirect-Host-Usage ] [ Redirect-Max-Cache-Time ] *[ Proxy-Info ] *[ Route-Record ] *[ Failed-AVP ] *[ AVP ]
The credit authorization process takes place before and during service delivery to the end user and generally requires the user's authentication and authorization before any request is sent to the credit-control server. The credit-control application defined in this specification supports two different credit authorization models: credit authorization with money reservation and credit
信用授权过程发生在向最终用户提供服务之前和期间,通常要求用户在向信用控制服务器发送任何请求之前进行身份验证和授权。本规范中定义的信用控制应用程序支持两种不同的信用授权模型:带货币预留的信用授权和信用授权
authorization with direct debiting. In both models, the credit-control client requests credit authorization from the credit-control server prior to allowing any service to be delivered to the end user.
直接借记授权。在这两种模型中,信用控制客户端在允许向最终用户提供任何服务之前,从信用控制服务器请求信用授权。
In the first model, the credit-control server rates the request, reserves a suitable amount of money from the user's account, and returns the corresponding amount of credit resources. Note that credit resources may not imply actual monetary credit; credit resources may be granted to the credit control client in the form of units (e.g., data volume or time) to be metered.
在第一个模型中,信用控制服务器对请求进行评级,从用户帐户中保留适当数量的资金,并返回相应数量的信用资源。请注意,信贷资源可能并不意味着实际的货币信贷;信用资源可以以计量单位(如数据量或时间)的形式授予信用控制客户。
Upon receipt of a successful credit authorization answer with a certain amount of credit resources, the credit-control client allows service delivery to the end user and starts monitoring the usage of the granted resources. When the credit resources granted to the user have been consumed or the service has been successfully delivered or terminated, the credit-control client reports back to the server the used amount. The credit-control server deducts the used amount from the end user's account; it may perform rating and make a new credit reservation if the service delivery is continuing. This process is accomplished with session based credit-control that includes the first interrogation, possible intermediate interrogations, and the final interrogation. For session based credit-control, both the credit control client and the credit-control server are required to maintain credit-control session state. Session based credit-control is described in more detail, with more variations, in section 5.
在收到具有一定数量信用资源的成功信用授权应答后,信用控制客户端允许向最终用户提供服务,并开始监控所授予资源的使用情况。当授予用户的信贷资源已被消耗或服务已成功交付或终止时,信贷控制客户端将向服务器报告已使用的金额。信用控制服务器从最终用户的帐户中扣除已使用金额;如果继续提供服务,它可以执行评级并进行新的信用保留。此过程通过基于会话的信用控制完成,包括第一次询问、可能的中间询问和最终询问。对于基于会话的信用控制,信用控制客户端和信用控制服务器都需要维护信用控制会话状态。第5节对基于会话的信用控制进行了更详细的描述,但有更多的变化。
In contrast, credit authorization with direct debiting is a single transaction process wherein the credit-control server directly deducts a suitable amount of money from the user's account as soon as the credit authorization request is received. Upon receipt of a successful credit authorization answer, the credit-control client allows service delivery to the end user. This process is accomplished with the one-time event. Session state is not maintained.
相比之下,直接借记的信用授权是一个单一的交易过程,其中信用控制服务器在收到信用授权请求后立即直接从用户的帐户中扣除适当的金额。在收到成功的信用授权应答后,信用控制客户端允许向最终用户提供服务。此过程通过一次性事件完成。未维护会话状态。
In a multi-service environment, an end user can issue an additional service request (e.g., data service) during an ongoing service (e.g., voice call) toward the same account. Alternatively, during an active multimedia session, an additional media type is added to the session, causing a new simultaneous request toward same account. Consequently, this needs to be considered when credit resources are granted to the services.
在多服务环境中,最终用户可以在正在进行的服务(例如,语音呼叫)期间向同一帐户发出额外的服务请求(例如,数据服务)。或者,在活动多媒体会话期间,会向会话添加其他媒体类型,从而导致向同一帐户同时发出新的请求。因此,在向服务提供信贷资源时,需要考虑这一点。
The credit-control application also supports operations such as service price enquiry, user's balance check, and refund of credit on the user's account. These operations are accomplished with the one-time event. Session state is not maintained.
信用控制应用程序还支持服务价格查询、用户余额检查和用户帐户信用退款等操作。这些操作通过一次性事件完成。未维护会话状态。
A flexible credit-control application specific failure handling is defined in which the home service provider can model the credit-control client behavior according to its own credit risk management policy.
定义了一种灵活的信用控制应用程序特定故障处理,其中家庭服务提供商可以根据其自身的信用风险管理策略对信用控制客户行为进行建模。
The Credit-Control-Failure-Handling AVP and the Direct-Debiting-Failure-Handling AVP are defined to determine what is done if the sending of credit-control messages to the credit-control server has been temporarily prevented. The usage of the Credit-Control-Failure-Handling AVP and the Direct-Debiting-Failure-Handling AVP allows flexibility, as failure handling for the credit-control session and one time event direct debiting may be different.
定义了信用控制故障处理AVP和直接借记故障处理AVP,以确定在暂时阻止向信用控制服务器发送信用控制消息时应采取的措施。信用控制故障处理AVP和直接借记故障处理AVP的使用允许灵活性,因为信用控制会话和一次性事件直接借记的故障处理可能不同。
The Diameter credit-control application defines the framework for credit-control; it provides generic credit-control mechanisms supporting multiple service applications. The credit-control application, therefore, does not define AVPs that could be used as input in the rating process. Listing the possible services that could use this Diameter application is out of scope for this generic mechanism.
Diameter信用控制应用程序定义了信用控制框架;它提供支持多个服务应用程序的通用信用控制机制。因此,信用控制应用程序未定义可作为评级过程输入的AVP。列出可能使用此Diameter应用程序的服务超出了此通用机制的范围。
It is reasonable to expect that a service level agreement will exist between providers of the credit-control client and the credit-control server covering the charging, services offered, roaming agreements, agreed rating input (i.e., AVPs), and so on.
可以合理预期,信用控制客户端和信用控制服务器的提供商之间将存在服务级别协议,涵盖收费、提供的服务、漫游协议、约定的评级输入(即AVP)等。
Therefore, it is assumed that a Diameter credit-control server will provide service only for Diameter credit-control clients that have agreed beforehand as to the content of credit-control messages. Naturally, it is possible that any arbitrary Diameter credit-control client can interchange credit-control messages with any Diameter credit-control server, but with a higher likelihood that unsupported services/AVPs could be present in the credit-control message, causing the server to reject the request with an appropriate result-code.
因此,假设Diameter信用控制服务器将仅为事先就信用控制消息的内容达成一致的Diameter信用控制客户端提供服务。当然,任何Diameter信用控制客户端都有可能与任何Diameter信用控制服务器交换信用控制消息,但信用控制消息中可能存在不受支持的服务/AVP的可能性更高,从而导致服务器以适当的结果代码拒绝请求。
There are two ways to provide rating input to the credit-control server: either by using AVPs or by including them in the Service-Parameter-Info AVP. The general principles for sending rating parameters are as follows:
有两种方法可以向信用控制服务器提供评级输入:使用AVP或将其包含在服务参数信息AVP中。发送额定参数的一般原则如下:
1a. The service SHOULD re-use existing AVPs if it can use AVPs defined in existing Diameter applications (e.g., NASREQ for network access services). Re-use of existing AVPs is strongly recommended in [DIAMBASE].
1a。如果服务可以使用现有Diameter应用程序中定义的AVP(例如,网络访问服务的NASREQ),则应重新使用现有AVP。[DIAMBASE]强烈建议重新使用现有AVP。
For AVPs of type Enumerated, the service may require a new value to be defined. Allocation of new AVP values is done as specified in [DIAMBASE], section 1.2.
对于枚举类型的AVP,服务可能需要定义新值。按照[DIAMBASE]第1.2节的规定分配新的AVP值。
1b. New AVPs can be defined if the existing AVPs do not provide sufficient rating information. In this case, the procedures defined in [DIAMBASE] for creating new AVPs MUST be followed.
1b。如果现有的AVP不能提供足够的评级信息,则可以定义新的AVP。在这种情况下,必须遵循[DIAMBASE]中定义的创建新AVP的程序。
1c. For services specific only to one vendor's implementation, a Vendor-Specific AVP code for Private use can be used. Where a Vendor-Specific AVP is implemented by more than one vendor, allocation of global AVPs is encouraged instead; refer to [DIAMBASE].
1c。对于仅针对一个供应商实施的服务,可以使用专用于供应商的AVP代码。如果供应商特定的AVP由多个供应商实施,则鼓励分配全球AVP;请参阅[DIAMBASE]。
2. The Service-Parameter-Info AVP MAY be used as a container to pass legacy rating information in its original encoded form (e.g., ASN.1 BER). This method can be used to avoid unnecessary conversions from an existing data format to an AVP format. In this case, the rating input is embedded in the Service-Parameter-Info AVP as defined in section 8.43.
2. 服务参数Info AVP可用作传递原始编码形式(例如,ASN.1 BER)的传统评级信息的容器。此方法可用于避免从现有数据格式到AVP格式的不必要转换。在这种情况下,额定值输入嵌入在第8.43节中定义的服务参数信息AVP中。
New service applications SHOULD favor the use of explicitly defined AVPs as described in items 1a and 1b, to simplify interoperability.
新的服务应用程序应支持使用第1a和1b项中所述的明确定义的AVP,以简化互操作性。
The service specific rating input AVPs, the contents of the Service-Parameter-Info AVP or Service-Context-Id AVP (defined in section 8.42) are not within the scope of this document. To facilitate interoperability, it is RECOMMENDED that the rating input and the values of the Service-Context-Id be coordinated via an informational RFC or other permanent and readily available reference. The specification of another cooperative standardization body (e.g., 3GPP, OMA, and 3GPP2) SHOULD be used. However, private services may be deployed that are subject to agreements between providers of the credit-control server and client. In this case, vendor specific AVPs can be used.
服务特定评级输入AVP、服务参数信息AVP或服务上下文Id AVP(定义见第8.42节)的内容不在本文件范围内。为了促进互操作性,建议通过信息RFC或其他永久性且随时可用的参考来协调评级输入和服务上下文Id的值。应使用另一个合作标准化机构(例如3GPP、OMA和3GPP2)的规范。然而,可以部署受信用控制服务器和客户端的提供者之间的协议约束的私有服务。在这种情况下,可以使用特定于供应商的AVP。
This specification, together with the above service specific documents, governs the credit-control message. Service specific documents define which existing AVPs or new AVPs are used as input to the rating process (i.e., those that do not define new credit-control applications), and thus have to be included in the Credit-Control-Request command by a Diameter credit-control client supporting a given service as *[AVP]. Should Service-Parameter-Info be used, then the service specific document MUST specify the exact content of this grouped AVP.
本规范与上述特定于服务的文件共同管理信贷控制信息。特定于服务的文档定义了哪些现有AVP或新AVP用作评级流程的输入(即未定义新信用控制应用程序的AVP),因此必须由作为*[AVP]支持给定服务的Diameter信用控制客户端包含在信用控制请求命令中。如果使用服务参数信息,则特定于服务的文档必须指定此分组AVP的确切内容。
The Service-Context-Id AVP MUST be included at the command level of a Credit-Control Request to identify the service specific document that applies to the request. The specific service or rating group the request relates to is uniquely identified by the combination of Service-Context-Id and Service-Identifier or Rating-Group.
服务上下文Id AVP必须包含在信用控制请求的命令级别,以标识应用于该请求的特定于服务的文档。请求所涉及的特定服务或分级组由服务上下文Id和服务标识符或分级组的组合唯一标识。
Diameter credit-control implementations are required to support the Mandatory rating AVPs defined in service specific documentation of the services they support, according to the 'M' bit rules in [DIAMBASE].
Diameter信用控制实施需要支持在其支持的服务的特定服务文档中定义的强制评级AVP,根据[DIAMBASE]中的“M”位规则。
If a rating input required for the rating process is incorrect in the Credit-control request, or if the credit-control server does not support the requested service context (identified by the Service-Context-Id AVP at command level), the Credit-control answer MUST contain the error code DIAMETER_RATING_FAILED. A CCA message with this error MUST contain one or more Failed-AVP AVPs containing the missing and/or unsupported AVPs that caused the failure. A Diameter credit-control client that receives the error code DIAMETER_RATING_FAILED in response to a request MUST NOT send similar requests in the future.
如果评级过程所需的评级输入在信用控制请求中不正确,或者如果信用控制服务器不支持请求的服务上下文(由命令级别的服务上下文Id AVP标识),则信用控制回答必须包含错误代码DIAMETER_rating_FAILED。出现此错误的CCA消息必须包含一个或多个故障AVP AVP,其中包含导致故障的丢失和/或不支持的AVP。收到错误代码Diameter_RATING_响应请求失败的Diameter信用控制客户端以后不得发送类似请求。
When service specific documents include RADIUS vendor specific attributes that could be used as input in the rating process, the rules described in [NASREQ] for formatting the Diameter AVP MUST be followed.
当服务特定文档包括RADIUS供应商特定属性(可在评级过程中用作输入)时,必须遵循[NASREQ]中描述的用于格式化直径AVP的规则。
For example, if the AVP code used is the vendor attribute type code, the Vendor-Specific flag MUST be set to 1 and the Vendor-ID MUST be set to the IANA Vendor identification value. The Diameter AVP data field contains only the attribute value of the RADIUS attribute.
例如,如果使用的AVP代码是供应商属性类型代码,则供应商特定标志必须设置为1,供应商ID必须设置为IANA供应商标识值。直径AVP数据字段仅包含半径属性的属性值。
For a session-based credit-control, several interrogations are needed: the first, intermediate (optional) and the final interrogations. This is illustrated in Figures 2 and 3.
对于基于会话的信用控制,需要进行多次询问:第一次、中间(可选)和最后一次询问。图2和图3对此进行了说明。
If the credit-control client performs credit-reservation before granting service to the end user, it MUST use several interrogations toward the credit-control server (i.e., session based credit-
如果信用控制客户端在向最终用户授予服务之前执行信用保留,则必须对信用控制服务器进行多次询问(即基于会话的信用)-
control). In this case, the credit-control server MUST maintain the credit-control session state.
控制)。在这种情况下,信用控制服务器必须保持信用控制会话状态。
Each credit-control session MUST have a globally unique Session-Id as defined in [DIAMBASE], which MUST NOT be changed during the lifetime of a credit-control session.
Each credit-control session MUST have a globally unique Session-Id as defined in [DIAMBASE], which MUST NOT be changed during the lifetime of a credit-control session.translate error, please retry
Certain applications require multiple credit-control sub-sessions. These applications would send messages with a constant Session-Id AVP, but with a different CC-Sub-Session-Id AVP. If several credit sub-sessions will be used, all sub-sessions MUST be closed separately before the main session is closed so that units per sub-session may be reported. The absence of this AVP implies that no sub-sessions are in use.
某些应用程序需要多个信用控制子会话。这些应用程序将发送具有固定会话Id AVP的消息,但具有不同的CC子会话Id AVP。如果将使用多个信贷子会话,则必须在主会话关闭之前分别关闭所有子会话,以便可以报告每个子会话的单位。没有此AVP意味着没有使用子会话。
Note that the service element might send a service specific re-authorization message to the AAA server due to expiration of the authorization-lifetime during an ongoing credit-control session. However, the service specific re-authorization does not influence the credit authorization that is ongoing between the credit-control client and credit-control server, as credit authorization is controlled by the burning rate of the granted quota.
请注意,由于正在进行的信用控制会话期间的授权生存期到期,服务元素可能会向AAA服务器发送特定于服务的重新授权消息。但是,特定于服务的重新授权不会影响信用控制客户端和信用控制服务器之间正在进行的信用授权,因为信用授权由授予配额的燃烧率控制。
If service specific re-authorization fails, the user will be disconnected, and the credit-control client MUST send a final interrogation to the credit-control server.
如果特定于服务的重新授权失败,用户将断开连接,信用控制客户端必须向信用控制服务器发送最终询问。
The Diameter credit-control server may seek to control the validity time of the granted quota and/or the production of intermediate interrogations. Thus, it MAY include the Validity-Time AVP in the answer message to the credit-control client. Upon expiration of the Validity-Time, the credit-control client MUST generate a credit-control update request and report the used quota to the credit-control server. It is up to the credit-control server to determine the value of the Validity-Time to be used for consumption of the granted service units. If the Validity-Time is used, its value SHOULD be given as input to set the session supervision timer Tcc (the session supervision timer MAY be set to two times the value of the Validity-Time, as defined in section 13). Since credit-control update requests are also produced at the expiry of granted service units and/or for mid-session service events, the omission of Validity-Time does not mean that intermediate interrogation for the purpose of credit-control is not performed.
Diameter信用控制服务器可寻求控制授予配额的有效时间和/或中间询问的产生。因此,它可以在到信用控制客户端的应答消息中包括有效时间AVP。有效期到期后,信用控制客户端必须生成信用控制更新请求,并将使用的配额报告给信用控制服务器。由信用控制服务器确定用于使用授权服务单元的有效时间的值。如果使用有效时间,则应将其值作为输入,以设置会话监督计时器Tcc(会话监督计时器可设置为有效时间值的两倍,如第13节所定义)。由于信用控制更新请求也是在授权服务单元到期和/或会话中服务事件时产生的,因此省略有效期并不意味着不执行用于信用控制目的的中间询问。
The Diameter credit-control server and client MAY optionally support a tariff change mechanism. The Diameter credit-control server may include a Tariff-Time-Change AVP in the answer message. Note that the granted units should be allocated based on the worst-case scenario in case of forthcoming tariff change, so that the overall reported used units would never exceed the credit reservation.
Diameter信用控制服务器和客户端可选择性地支持费率变更机制。Diameter信用控制服务器可以在应答消息中包括费率时间变化AVP。请注意,应根据即将发生的电价变化的最坏情况分配授予的单位,以便总报告使用的单位不会超过信贷保留。
When the Diameter credit-control client reports the used units and a tariff change has occurred during the reporting period, the Diameter credit-control client MUST separately itemize the units used before and after the tariff change. If the client is unable to distinguish whether units straddling the tariff change were used before or after the tariff change, the credit-control client MUST itemize those units in a third category.
当Diameter信用控制客户报告使用的机组,并且在报告期内发生了电价变化时,Diameter信用控制客户必须单独列出电价变化前后使用的机组。如果客户无法区分跨越电价变动的单位是在电价变动之前还是之后使用的,信贷控制客户必须将这些单位列为第三类。
If a client does not support the tariff change mechanism and it receives a CCA message carrying the Tariff-Time-Change AVP, it MUST terminate the credit-control session, giving a reason of DIAMETER_BAD_ANSWER in the Termination-Cause AVP.
如果客户机不支持电价变更机制,并且收到带有电价时间变更AVP的CCA消息,则必须终止信用控制会话,并在终止原因AVP中给出DIAMETER_BAD_答案的原因。
For time based services, the quota is continuously consumed at the regular rate of 60 seconds per minute. At the time when credit resources are allocated, the server already knows how many units will be consumed before the tariff time change and how many units will be consumed afterward. Similarly, the server can determine the units consumed at the before rate and the units consumed at the rate afterward in the event that the end-user closes the session before the consumption of the allotted quota. There is no need for additional traffic between client and server in the case of tariff time changes for continuous time based service. Therefore, the tariff change mechanism is not used for such services. For time-based services in which the quota is NOT continuously consumed at a regular rate, the tariff change mechanism described for volume and event units MAY be used.
对于基于时间的服务,配额以每分钟60秒的常规速率持续消耗。在分配信贷资源时,服务器已经知道在电价时间变化之前将消耗多少单位,之后将消耗多少单位。类似地,如果最终用户在消耗分配的配额之前关闭会话,服务器可以确定以之前的速率消耗的单位和以之后的速率消耗的单位。在基于连续时间的服务的收费时间发生变化的情况下,客户端和服务器之间不需要额外的流量。因此,此类服务不采用电价变动机制。对于配额不以正常速率持续消耗的基于时间的服务,可以使用针对数量和事件单位描述的费率变化机制。
When multiple services are used within the same user session and each service or group of services is subject to different cost, it is necessary to perform credit-control for each service independently. Making use of credit-control sub-sessions to achieve independent credit-control will result in increased signaling load and usage of resources in both the credit-control client and the credit-control server. For instance, during one network access session the end user may use several http-services subject to different access cost. The network access specific attributes such as the quality of service
当在同一用户会话中使用多个服务且每个服务或服务组的成本不同时,有必要对每个服务单独执行信用控制。使用信用控制子会话来实现独立的信用控制将导致信用控制客户端和信用控制服务器中的信令负载和资源使用增加。例如,在一个网络访问会话期间,最终用户可能会根据不同的访问成本使用多个http服务。网络访问的特定属性,如服务质量
(QoS) are common to all the services carried within the access bearer, but the cost of the bearer may vary depending on its content.
(QoS)对于接入承载内承载的所有服务是公共的,但是承载的成本可能根据其内容而变化。
To support these scenarios optimally, the credit-control application enables independent credit-control of multiple services in a single credit-control (sub-)session. This is achieved by including the optional Multiple-Services-Credit-Control AVP in Credit-Control-Request/Answer messages. It is possible to request and allocate resources as a credit pool shared between multiple services. The services can be grouped into rating groups in order to achieve even further aggregation of credit allocation. It is also possible to request and allocate quotas on a per service basis. Where quotas are allocated to a pool by means of the Multiple-Services-Credit-Control AVP, the quotas remain independent objects that can be re-authorized independently at any time. Quotas can also be given independent result codes, validity times, and Final-Unit-Indications.
为了最佳地支持这些场景,信用控制应用程序可以在单个信用控制(子)会话中对多个服务进行独立的信用控制。这是通过在信用控制请求/应答消息中包含可选的多服务信用控制AVP来实现的。可以请求和分配资源作为多个服务之间共享的信用池。这些服务可以分为评级组,以实现信贷分配的进一步聚合。还可以根据每个服务请求和分配配额。当配额通过多服务信用控制AVP分配给池时,配额仍然是独立的对象,可以在任何时候独立地重新授权。配额还可以给出独立的结果代码、有效时间和最终单位指示。
A Rating-Group gathers a set of services, identified by a Service-Identifier, and subject to the same cost and rating type (e.g., $0.1/minute). It is assumed that the service element is provided with Rating-Groups, Service-Identifiers, and their associated parameters that define what has to be metered by means outside the scope of this specification. (Examples of parameters associated to Service-Identifiers are IP 5-tuple and HTTP URL.) Service-Identifiers enable authorization on a per-service based credit as well as itemized reporting of service usage. It is up to the credit-control server whether to authorize credit for one or more services or for the whole rating-group. However, the client SHOULD always report used units at the finest supported level of granularity. Where quota is allocated to a rating-group, all the services belonging to that group draw from the allotted quota. The following is a graphical representation of the relationship between service-identifiers, rating-groups, credit pools, and credit-control (sub-)session.
评级组收集一组服务,由服务标识符标识,并遵循相同的成本和评级类型(例如,0.1美元/分钟)。假定服务元素具有评级组、服务标识符及其相关参数,这些参数定义了必须通过本规范范围之外的方式进行计量的内容。(与服务标识符关联的参数示例为IP 5元组和HTTP URL。)服务标识符支持基于每个服务的信用的授权以及服务使用情况的逐项报告。由信用控制服务器决定是为一项或多项服务授权信用,还是为整个评级组授权信用。但是,客户机应始终以支持的最佳粒度级别报告已使用的单元。当配额分配给评级组时,属于该组的所有服务都从分配的配额中提取。以下是服务标识符、评级组、信用池和信用控制(子)会话之间关系的图形表示。
DCC (Sub-)Session | +------------+-----------+-------------+--------------- + | | | | | Service-Id a Service-Id b Service-Id c Service-Id d.....Service-Id z \ / \ / / \ / \ / / \ / Rating-Group 1.......Rating-Group n \ / | | Quota ---------------Quota Quota | / | | / | Credit-Pool Credit-Pool
DCC (Sub-)Session | +------------+-----------+-------------+--------------- + | | | | | Service-Id a Service-Id b Service-Id c Service-Id d.....Service-Id z \ / \ / / \ / \ / / \ / Rating-Group 1.......Rating-Group n \ / | | Quota ---------------Quota Quota | / | | / | Credit-Pool Credit-Pool
If independent credit-control of multiple services is used, the validity-time and final-unit-indication SHOULD be present either in the Multiple-Services-Credit-Control AVP(s) or at command level as single AVPs. However, the Result-Code AVP MAY be present both on the command level and within the Multiple-Services-Credit-Control AVP. If the Result-Code on the command level indicates a value other than SUCCESS, then the Result-Code on command level takes precedence over any included in the Multiple-Services-Credit-Control AVP.
如果使用多个服务的独立信用控制,有效时间和最终单位指示应在多个服务信用控制AVP中或在命令级别作为单个AVP显示。然而,结果代码AVP可能存在于命令级和多服务信用控制AVP中。如果命令级别上的结果代码指示的值不是SUCCESS,则命令级别上的结果代码优先于多服务信用控制AVP中包含的任何值。
The credit-control client MUST indicate support for independent credit-control of multiple services within a (sub-)session by including the Multiple-Services-Indicator AVP in the first interrogation. A credit-control server not supporting this feature MUST treat the Multiple-Services-Indicator AVP and any received Multiple-Services-Credit-Control AVPs as invalid AVPs.
信用控制客户机必须通过在第一次询问中包括多个服务指示符AVP来表明对(子)会话中多个服务的独立信用控制的支持。不支持此功能的信用控制服务器必须将多服务指示器AVP和任何接收到的多服务信用控制AVP视为无效AVP。
If the client indicated support for independent credit-control of multiple services, a credit-control server that wishes to use the feature MUST return the granted units within the Multiple-Services-Credit-Control AVP associated to the corresponding service-identifier and/or rating-group.
如果客户表示支持多个服务的独立信用控制,则希望使用该功能的信用控制服务器必须返回与相应服务标识符和/或评级组关联的多个服务信用控制AVP中的授权单位。
To avoid a situation where several parallel (and typically also small) credit reservations must be made on the same account (i.e., credit fragmentation), and also to avoid unnecessary load on the credit-control server, it is possible to provide service units as a pool that applies to multiple services or rating groups. This is achieved by providing the service units in the form of a quota for a particular service or rating group in the Multiple-Services-Credit-Control AVP, and also by including a reference to a credit pool for that unit type.
为了避免必须在同一帐户上进行多个并行(通常也是小的)信用预订的情况(即信用碎片化),也为了避免信用控制服务器上不必要的负载,可以将服务单元作为应用于多个服务或评级组的池提供。这是通过在多服务信用控制AVP中以特定服务或评级组的配额形式提供服务单元来实现的,并且还通过包括对该单元类型的信用池的引用来实现的。
The reference includes a multiplier derived from the rating parameter, which translates from service units of a specific type to the abstract service units in the pool. For instance, if the rating parameter for service 1 is $1/MB and the rating parameter for service 2 is $0.5/MB, the multipliers could be 10 and 5 for services 1 and 2, respectively.
该引用包括从rating参数派生的乘数,该参数将特定类型的服务单元转换为池中的抽象服务单元。例如,如果服务1的评级参数为$1/MB,服务2的评级参数为$0.5/MB,那么服务1和服务2的乘数可能分别为10和5。
If S is the total service units within the pool, M1, M2, ..., Mn are the multipliers provided for services 1, 2, ..., n, and C1, C2, ..., Cn are the used resources within the session, then the pool credit is exhausted and re-authorization MUST be sought when:
如果S是池中的总服务单元,M1、M2、…、Mn是为服务1、2、…、n提供的乘数,C1、C2、…、Cn是会话中使用的资源,则池信用耗尽,并且在以下情况下必须寻求重新授权:
C1*M1 + C2*M2 + ... + Cn*Mn >= S
C1*M1 + C2*M2 + ... + Cn*Mn >= S
The total credit in the pool, S, is calculated from the quotas, which are currently allocated to the pool as follows:
池中的总积分S根据配额计算,配额当前分配给池,如下所示:
S = Q1*M1 + Q2*M2 + ... + Qn*Mn
S = Q1*M1 + Q2*M2 + ... + Qn*Mn
If services or rating groups are added to or removed from the pool, then the total credit is adjusted appropriately. Note that when the total credit is adjusted because services or rating groups are removed from the pool, the value that need to be removed is the consumed one (i.e., Cx*Mx).
如果将服务或评级组添加到池中或从池中移除,则适当调整总信用。请注意,当由于服务或评级组从池中删除而对总信用进行调整时,需要删除的值是消耗的值(即Cx*Mx)。
Re-authorizations for an individual service or rating group may be sought at any time; for example, if a 'non-pooled' quota is used up or the Validity-Time expires.
可在任何时候寻求对单个服务或评级组的重新授权;例如,如果“非池”配额用完或有效期到期。
Where multiple G-S-U-Pool-Reference AVPs (section 8.30) with the same G-S-U-Pool-Identifier are provided within a Multiple-Services-Credit-Control AVP (section 8.16) along with the Granted-Service-Unit AVP, then these MUST have different CC-Unit-Type values, and they all draw from the credit pool separately. For instance, if one multiplier for time (M1t) and one multiplier for volume (M1v) are given, then the used resources from the pool is the sum C1t*M1t + C1v*M1v, where C1t is the time unit and C1v is the volume unit.
如果多个G-S-U-Pool-Reference AVP(第8.30节)具有相同G-S-U-Pool-Identifier的多个G-S-U-Pool-Reference AVP(第8.16节)与授予的服务单元AVP一起提供在多个服务信用控制AVP(第8.16节)中,则这些AVP必须具有不同的CC单元类型值,并且它们都分别从信用池中提取。例如,如果给定一个时间乘数(M1t)和一个体积乘数(M1v),则池中使用的资源是C1t*M1t+C1v*M1v之和,其中C1t是时间单位,C1v是体积单位。
Where service units are provided within a Multiple-Services-Credit-Control AVP without a corresponding G-S-U-Pool-Reference AVP, then these are handled independently from any credit pool and from any other services or rating groups within the session.
如果在多服务信用控制AVP中提供服务单元,而没有相应的G-S-U-Pool-Reference AVP,则这些服务单元将独立于任何信用池以及会话中的任何其他服务或评级组进行处理。
The credit pool concept is an optimal tool to avoid the over-reservation effect of the basic single quota tariff time change mechanism (the mechanism described in section 5.1.1). Therefore, Diameter credit-control clients and servers implementing the independent credit-control of multiple services SHOULD leverage the credit pool concept when supporting the tariff time change. The Diameter credit-control server SHOULD include both the Tariff-Time-Change and Tariff-Change-Usage AVPs in two quota allocations in the answer message (i.e., two instances of the Multiple-Services-Credit-Control AVP). One of the granted units is allocated to be used before the potential tariff change, while the second granted units are for use after a tariff change. Both granted unit quotas MUST contain the same Service-Identifier and/or Rating-Group. This dual quota mechanism ensures that the overall reported used units would never exceed the credit reservation. The Diameter credit-control client reports both the used units before and after the tariff change in a single instance of the Multiple-Services-Credit-Control AVP.
信贷池概念是避免基本单一配额关税时间变化机制(第5.1.1节所述机制)过度保留效应的最佳工具。因此,实施多个服务独立信用控制的Diameter信用控制客户端和服务器在支持费率时间变化时应利用信用池概念。Diameter信用控制服务器应在应答消息中的两个配额分配中包括关税时间变更和关税变更使用AVP(即,多服务信用控制AVP的两个实例)。其中一个授权单元分配用于潜在电价变动之前,而第二个授权单元用于电价变动之后。两个授予的单元配额必须包含相同的服务标识符和/或评级组。这种双重配额机制确保总报告使用的单位不会超过信贷保留。Diameter credit control客户端在多服务信用控制AVP的单个实例中报告电价变化前后使用的机组。
The failure handling for credit-control sessions is defined in section 5.7 and reflected in the basic credit-control state machine in section 7. Credit-control clients and servers implementing the independent credit-control of multiple services in a (sub-)session functionality MUST ensure failure handling and general behavior fully consistent with the above mentioned sections, while maintaining the ability to handle parallel ongoing credit re-authorization within a (sub-)session. Therefore, it is RECOMMENDED that Diameter credit-control clients maintain a PendingU message queue and restart the Tx timer (section 13) every time a CCR message with the value UPDATE_REQUEST is sent while they are in PendingU state. When answers to all pending messages are received, the state machine moves to OPEN state, and Tx is stopped. Naturally, the action performed when a problem for the session is detected according to section 5.7 affects all the ongoing services (e.g., failover to a backup server if possible affect all the CCR messages with the value UPDATE_REQUEST in the PendingU queue).
信贷控制会话的故障处理在第5.7节中定义,并反映在第7节的基本信贷控制状态机中。在(子)会话功能中实现对多个服务的独立信用控制的信用控制客户端和服务器必须确保故障处理和一般行为完全符合上述章节,同时保持在(子)会话中处理并行进行的信用再授权的能力。因此,建议Diameter credit control客户端维护PendingU消息队列,并在其处于PendingU状态时,每次发送带有值UPDATE_请求的CCR消息时重新启动Tx计时器(第13节)。当收到所有未决消息的应答时,状态机将移至打开状态,并且发送停止。自然,根据第5.7节检测到会话问题时执行的操作会影响所有正在进行的服务(例如,如果可能,故障切换到备份服务器会影响PendingU队列中具有值UPDATE_请求的所有CCR消息)。
Since the client may send CCR messages with the value UPDATE_REQUEST while in PendingU (i.e., without waiting for an answer to ongoing credit re-authorization), the time space between these requests may be very short, and the server may not have received the previous request(s) yet. Therefore, in this situation the server may receive out of sequence requests and SHOULD NOT consider this an error condition. A proper answer is to be returned to each of those requests.
由于客户端可能在挂起状态下(即,不等待对正在进行的信用再授权的答复)发送带有值UPDATE_请求的CCR消息,因此这些请求之间的时间间隔可能很短,服务器可能尚未收到以前的请求。因此,在这种情况下,服务器可能接收到无序的请求,并且不应认为这是错误情况。对每一个请求都要给出正确的答案。
When session based credit-control is required (e.g., the authentication server indicated a prepaid user), the first interrogation MUST be sent before the Diameter credit-control client allows any service event to the end user. The CC-Request-Type is set to the value INITIAL_REQUEST in the request message.
当需要基于会话的信用控制时(例如,认证服务器指示预付费用户),必须在Diameter信用控制客户端允许向最终用户提供任何服务事件之前发送第一次询问。CC请求类型设置为请求消息中的值INITIAL_Request。
If the Diameter credit-control client knows the cost of the service event (e.g., a content server delivering ringing tones may know their cost) the monetary amount to be charged is included in the Requested-Service-Unit AVP. If the Diameter credit-control client does not know the cost of the service event, the Requested-Service-Unit AVP MAY contain the number of requested service events. Where the Multiple-Services-Credit-Control AVP is used, it MUST contain the Requested-Service-Unit AVP to indicate that the quota for the associated service/rating-group is requested. In the case of multiple services, the Service-Identifier AVP or the Rating-Group AVP within the Multiple-Services-Credit-Control AVP always indicates the service concerned. Additional service event information to be rated
如果Diameter credit control客户端知道服务事件的成本(例如,传送铃声的内容服务器可能知道其成本),则要收取的货币金额包括在请求的服务单元AVP中。如果Diameter信用控制客户端不知道服务事件的成本,则请求的服务单元AVP可能包含请求的服务事件的数量。如果使用多服务信用控制AVP,它必须包含请求的服务单元AVP,以指示请求相关服务/评级组的配额。在多个服务的情况下,多个服务信用控制AVP中的服务标识符AVP或评级组AVP始终指示相关的服务。待评级的其他服务事件信息
MAY be sent as service specific AVPs or MAY be sent within the Service-Parameter-Info AVP at command level. The Service-Context-Id AVP indicates the service specific document applicable to the request.
可以作为特定于服务的AVP发送,也可以在命令级别的服务参数信息AVP中发送。服务上下文Id AVP指示适用于请求的特定于服务的文档。
The Event-Timestamp AVP SHOULD be included in the request and contains the time when the service event is requested in the service element. The Subscription-Id AVP SHOULD be included to identify the end user in the credit-control server. The credit-control client MAY include the User-Equipment-Info AVP so that the credit-control server has some indication of the type and capabilities of the end user access device. How the credit-control server uses this information is outside the scope of this document.
事件时间戳AVP应包含在请求中,并包含服务元素中请求服务事件的时间。应包括订阅Id AVP,以识别信用控制服务器中的最终用户。信用控制客户端可以包括用户设备信息AVP,以便信用控制服务器具有最终用户接入设备的类型和能力的一些指示。信用控制服务器如何使用此信息超出了本文档的范围。
The credit-control server SHOULD rate the service event and make a credit-reservation from the end user's account that covers the cost of the service event. If the type of the Requested-Service-Unit AVP is money, no rating is needed, but the corresponding monetary amount is reserved from the end user's account.
信用控制服务器应该对服务事件进行评级,并从最终用户的帐户进行信用预订,以支付服务事件的成本。如果请求的服务单元AVP的类型是货币,则不需要评级,但从最终用户的帐户中保留相应的货币金额。
The credit-control server returns the Granted-Service-Unit AVP in the Answer message to the Diameter credit-control client. The Granted-Service-Unit AVP contains the amount of service units that the Diameter credit-control client can provide to the end user until a new Credit-Control-Request MUST be sent to the credit-control server. If several unit types are sent in the Answer message, the credit-control client MUST handle each unit type separately. The type of the Granted-Service-Unit AVP can be time, volume, service specific, or money, depending on the type of service event. The unit type(s) SHOULD NOT be changed within an ongoing credit-control session.
信用控制服务器将应答消息中授予的服务单元AVP返回给Diameter信用控制客户端。授权服务单位AVP包含Diameter信用控制客户端可以向最终用户提供的服务单位数量,直到必须向信用控制服务器发送新的信用控制请求为止。如果应答消息中发送了多个单位类型,则信贷控制客户端必须分别处理每个单位类型。根据服务事件的类型,授予的服务单元AVP的类型可以是时间、数量、特定服务或金钱。在正在进行的信贷控制会话中,不应更改单位类型。
There MUST be a maximum of one instance of the same unit type in one Answer message. However, if multiple quotas are conveyed to the credit-control client in the Multiple-Services-Credit-Control AVPs, it is possible to carry two instances of the same unit type associated to a service-identifier/rating-group. This is typically the case when a tariff time change is expected and the credit-control server wants to make a distinction between the granted quota before and after tariff change.
一条应答消息中最多必须有一个相同单元类型的实例。然而,如果在多服务信用控制avp中向信用控制客户端传送多个配额,则可能携带与服务标识符/评级组相关联的相同单元类型的两个实例。通常情况下,当预计电价时间发生变化,并且信用控制服务器希望在电价变化之前和之后对授予的配额进行区分时,会出现这种情况。
If the credit-control server determines that no further control is needed for the service, it MAY include the result code indicating that the credit-control is not applicable (e.g., if the service is free of charge). This result code at command level implies that the credit-control session is to be terminated.
如果信用控制服务器确定服务不需要进一步的控制,它可以包括指示信用控制不适用的结果代码(例如,如果服务是免费的)。命令级的此结果代码表示将终止信用控制会话。
The Credit-Control-Answer message MAY also include the Final-Unit-Indication AVP to indicate that the answer message contains the final
信用控制应答消息还可以包括最终单元指示AVP,以指示应答消息包含最终单元指示AVP
units for the service. After the end user has consumed these units, the Diameter credit-control-client MUST behave as described in section 5.6.
服务单位。最终用户使用这些装置后,Diameter信用控制客户机必须按照第5.6节中的说明进行操作。
This document defines two different approaches to perform the first interrogation to be used in different network architectures. The first approach uses credit-control messages after the user's authorization and authentication takes place. The second approach uses service specific authorization messages to perform the first interrogation during the user's authorization/authentication phase, and credit-control messages for the intermediate and final interrogations. If an implementation of the credit-control client supports both the methods, determining which method to use SHOULD be configurable.
本文档定义了两种不同的方法来执行在不同网络体系结构中使用的第一次询问。第一种方法在用户进行授权和身份验证后使用信用控制消息。第二种方法使用特定于服务的授权消息在用户的授权/认证阶段执行第一次询问,并使用信用控制消息执行中间和最终询问。如果信贷控制客户机的实现支持这两种方法,那么确定使用哪种方法应该是可配置的。
In service environments such as the Network Access Server (NAS), it is desired to perform the first interrogation as part of the authorization/authentication process for the sake of protocol efficiency. Further credit authorizations after the first interrogation are performed with credit-control commands defined in this specification. Implementations of credit-control clients operating in the mentioned environments SHOULD support this method. If the credit-control server and AAA server are separate physical entities, the service element sends the request messages to the AAA server, which then issues an appropriate request or proxies the received request forward to the credit-control server.
在诸如网络访问服务器(NAS)之类的服务环境中,出于协议效率的考虑,希望在授权/认证过程中执行第一次询问。在第一次询问后,使用本规范中定义的信用控制命令执行进一步的信用授权。在上述环境中运行的信用控制客户端的实现应支持此方法。如果信用控制服务器和AAA服务器是独立的物理实体,则服务元素向AAA服务器发送请求消息,然后AAA服务器发出适当的请求或将接收到的请求转发给信用控制服务器。
In other service environments, such as the 3GPP network and some SIP scenarios, there is a substantial decoupling between registration/access to the network and the actual service request (i.e., the authentication/authorization is executed once at registration/access to the network and is not executed for every service event requested by the subscriber). In these environments, it is more appropriate to perform the first interrogation after the user has been authenticated and authorized. The first, the intermediate, and the final interrogations are executed with credit-control commands defined in this specification.
在其他服务环境中,例如3GPP网络和一些SIP场景,对网络的注册/访问与实际服务请求之间存在实质性的分离(即,认证/授权在注册/访问网络时执行一次,而不是针对订户请求的每个服务事件执行)。在这些环境中,更适合在用户经过身份验证和授权后执行第一次询问。第一次询问、中间询问和最终询问使用本规范中定义的信用控制命令执行。
Other IETF standards or standards developed by other standardization bodies may define the most suitable method in their architectures.
其他IETF标准或其他标准化机构制定的标准可在其架构中定义最合适的方法。
The Diameter credit-control client in the service element may get information from the authorization server as to whether credit-control is required, based on its knowledge of the end user. If credit-control is required the credit-control server needs to be contacted prior to initiating service delivery to the end user. The
服务元素中的Diameter信用控制客户端可以基于其对最终用户的了解,从授权服务器获取关于是否需要信用控制的信息。如果需要信用控制,则在开始向最终用户提供服务之前,需要联系信用控制服务器。这个
accounting protocol and the credit-control protocol can be used in parallel. The authorization server may also determine whether the parallel accounting stream is required.
记帐协议和信用控制协议可以并行使用。授权服务器还可以确定是否需要并行记帐流。
The following diagram illustrates the case where both protocols are used in parallel and the service element sends credit-control messages directly to the credit-control server. More credit-control sequence examples are given in Annex A.
下图说明了两个协议并行使用且服务元素直接向信用控制服务器发送信用控制消息的情况。附录A中给出了更多信贷控制顺序示例。
Diameter End User Service Element AAA Server CC Server (CC Client) | Registration | AA request/answer(accounting,cc or both)| |<----------------->|<------------------>| | | : | | | | : | | | | Service Request | | | |------------------>| | | | | CCR(Initial,Credit-Control AVPs) | | +|---------------------------------------->| | CC stream|| | CCA(Granted-Units)| | +|<----------------------------------------| | Service Delivery | | | |<----------------->| ACR(start,Accounting AVPs) | | : |------------------->|+ | | : | ACA || Accounting stream | | |<-------------------|+ | | : | | | | : | | | | | CCR(Update,Used-Units) | | |---------------------------------------->| | | | CCA(Granted-Units)| | |<----------------------------------------| | : | | | | : | | | | End of Service | | | |------------------>| CCR(Termination, Used-Units) | | |---------------------------------------->| | | | CCA | | |<----------------------------------------| | | ACR(stop) | | | |------------------->| | | | ACA | | | |<-------------------| |
Diameter End User Service Element AAA Server CC Server (CC Client) | Registration | AA request/answer(accounting,cc or both)| |<----------------->|<------------------>| | | : | | | | : | | | | Service Request | | | |------------------>| | | | | CCR(Initial,Credit-Control AVPs) | | +|---------------------------------------->| | CC stream|| | CCA(Granted-Units)| | +|<----------------------------------------| | Service Delivery | | | |<----------------->| ACR(start,Accounting AVPs) | | : |------------------->|+ | | : | ACA || Accounting stream | | |<-------------------|+ | | : | | | | : | | | | | CCR(Update,Used-Units) | | |---------------------------------------->| | | | CCA(Granted-Units)| | |<----------------------------------------| | : | | | | : | | | | End of Service | | | |------------------>| CCR(Termination, Used-Units) | | |---------------------------------------->| | | | CCA | | |<----------------------------------------| | | ACR(stop) | | | |------------------->| | | | ACA | | | |<-------------------| |
Figure 2: Protocol example with first interrogation after user's authorization/authentication
图2:用户授权/认证后第一次询问的协议示例
The Diameter credit-control client in the service element MUST actively co-operate with the authorization/authentication client in the construction of the AA request by adding appropriate credit-control AVPs. The credit-control client MUST add the Credit-Control AVP to indicate credit-control capabilities and MAY add other relevant credit-control specific AVPs to the proper authorization/authentication command to perform the first interrogation toward the home Diameter AAA server. The Auth-Application-Id is set to the appropriate value, as defined in the relevant service specific authorization/authentication application document (e.g., [NASREQ], [DIAMMIP]). The home Diameter AAA server authenticates/authorizes the subscriber and determines whether credit-control is required.
服务元素中的Diameter信用控制客户端必须通过添加适当的信用控制AVP,在构建AA请求时与授权/认证客户端积极合作。信用控制客户端必须添加信用控制AVP以指示信用控制能力,并且可以将其他相关的信用控制特定AVP添加到适当的授权/认证命令中,以执行对home Diameter AAA服务器的第一次询问。认证应用程序Id设置为相关服务特定授权/认证应用程序文档中定义的适当值(例如,[NASREQ]、[DIAMIP])。home Diameter AAA服务器对订户进行身份验证/授权,并确定是否需要信用控制。
If credit-control is not required for the subscriber, the home Diameter AAA server will respond as usual, with an appropriate AA answer message. If credit-control is required for the subscriber and the Credit-Control AVP with the value set to CREDIT_AUTHORIZATION was present in the authorization request, the home AAA server MUST contact the credit-control server to perform the first interrogation. If credit-control is required for the subscriber and the Credit-Control AVP was not present in the authorization request, the home AAA server MUST send an authorization reject answer message.
如果订户不需要信用控制,home Diameter AAA服务器将像往常一样响应,并显示相应的AA应答消息。如果订户需要信用控制,并且授权请求中存在设置为credit_AUTHORIZATION的值的信用控制AVP,则家庭AAA服务器必须联系信用控制服务器以执行第一次询问。如果订户需要信用控制,且信用控制AVP未出现在授权请求中,则家庭AAA服务器必须发送授权拒绝应答消息。
The Diameter AAA server supporting credit-control is required to send the Credit-Control-Request command (CCR) defined in this document to the credit-control server. The Diameter AAA server populates the CCR based on service specific AVPs used for input to the rating process, and possibly on credit-control AVPs received in the AA request. The credit-control server will reserve money from the user's account, will rate the request and will send a Credit-Control-Answer message to the home Diameter AAA server. The answer message includes the Granted-Service-Unit AVP(s) and MAY include other credit-control specific AVPs, as appropriate. Additionally, the credit-control server MAY set the Validity-Time and MAY include the Credit-Control-Failure-Handling AVP and the Direct-Debiting-Failure-Handling AVP to determine what to do if the sending of credit-control messages to the credit-control server has been temporarily prevented.
支持信用控制的Diameter AAA服务器需要将本文档中定义的信用控制请求命令(CCR)发送到信用控制服务器。Diameter AAA服务器根据用于输入评级过程的特定于服务的AVP,以及AA请求中收到的信用控制AVP,填充CCR。信用控制服务器将从用户帐户中预留资金,对请求进行评级,并向home Diameter AAA服务器发送信用控制应答消息。应答消息包括被授予的服务单元AVP,并可酌情包括其他特定于信用控制的AVP。此外,信用控制服务器可以设置有效时间,并且可以包括信用控制失败处理AVP和直接借记失败处理AVP,以确定如果暂时阻止了向信用控制服务器发送信用控制消息,该怎么办。
Upon receiving the Credit-Control-Answer message from the credit-control server, the home Diameter AAA server will populate the AA answer with the received credit-control AVPs and with the appropriate service attributes according to the authorization/authentication specific application (e.g., [NASREQ], [DIAMMIP]). It will then forward the packet to the credit-control client. If the home Diameter AAA server receives a credit-control reject message, it will
收到来自信用控制服务器的信用控制应答消息后,home Diameter AAA服务器将根据授权/认证特定应用程序(例如,[NASREQ]、[DIAMMIP])使用收到的信用控制AVP和适当的服务属性填充AA应答。然后,它将数据包转发给信用控制客户端。如果home Diameter AAA服务器收到信用控制拒绝消息,它将
simply generate an appropriate authorization reject message to the credit-control client, including the credit-control specific error code.
只需向信用控制客户端生成适当的授权拒绝消息,包括信用控制特定的错误代码。
In this model, the credit-control client sends further credit-control messages to the credit-control server via the home Diameter AAA server. Upon receiving a successful authorization answer message with the Granted-Service-Unit AVP(s), the credit-control client will grant the service to the end user and will generate an intermediate credit-control request, as required by using credit-control commands. The CC-Request-Number of the first UPDATE_REQUEST MUST be set to 1 (for how to produce unique value for the CC-Request-Number AVP, see section 8.2).
在此模型中,信用控制客户端通过home Diameter AAA服务器向信用控制服务器发送进一步的信用控制消息。在收到带有授权服务单元AVP的成功授权应答消息后,信用控制客户端将向最终用户授权服务,并根据需要使用信用控制命令生成中间信用控制请求。第一次更新请求的CC请求编号必须设置为1(有关如何为CC请求编号AVP生成唯一值,请参阅第8.2节)。
If service specific re-authorization is performed (i.e., authorization-lifetime expires), the credit-control client MUST add to the service specific re-authorization request the Credit-Control AVP with a value set to RE_AUTHORIZATION to indicate that the credit-control server MUST NOT be contacted. When session based credit-control is used for the subscriber, a constant credit-control message stream flows through the home Diameter AAA server. The home Diameter AAA server can make use of this credit-control message flow to deduce that the user's activity is ongoing; therefore, it is recommended to set the authorization-lifetime to a reasonably high value when credit-control is used for the subscriber.
如果执行特定于服务的重新授权(即授权生命周期到期),信用控制客户端必须向特定于服务的重新授权请求中添加信用控制AVP,其值设置为“重新授权”,以指示不得联系信用控制服务器。当订户使用基于会话的信用控制时,恒定的信用控制消息流流经home Diameter AAA服务器。home Diameter AAA服务器可以利用该信用控制消息流推断用户的活动正在进行中;因此,当用户使用信用控制时,建议将授权寿命设置为合理的高值。
In this scenario, the home Diameter AAA server MUST advertise support for the credit-control application to its peers during the capability exchange process.
在这种情况下,home Diameter AAA服务器必须在能力交换过程中向其对等方公布对信用控制应用程序的支持。
The following diagram illustrates the use of authorization/authentication messages to perform the first interrogation. The parallel accounting stream is not shown in the figure.
下图说明了如何使用授权/身份验证消息执行第一次询问。图中未显示并行记帐流。
Service Element Diameter End User (CC Client) AAA Server CC Server | Service Request | AA Request (CC AVPs) | |------------------>|------------------->| | | | | CCR(Initial, CC AVPs) | | |------------------->| | | | CCA(Granted-Units) | | |<-------------------| | | AA Answer(Granted-Units) | | Service Delivery |<-------------------| | |<----------------->| | | | : | | | | : | | | | : | | | | | | | | | CCR(Update,Used-Units) | | |------------------->| CCR(Update,Used-Units) | | |------------------->| | | | CCA(Granted-Units)| | | CCA(Granted-Units)|<-------------------| | |<-------------------| | | : | | | | : | | | | End of Service | | | |------------------>| CCR(Termination,Used-Units) | | |------------------->| CCR(Term.,Used-Units) | | |------------------->| | | | CCA | | | CCA |<-------------------| | |<-------------------| |
Service Element Diameter End User (CC Client) AAA Server CC Server | Service Request | AA Request (CC AVPs) | |------------------>|------------------->| | | | | CCR(Initial, CC AVPs) | | |------------------->| | | | CCA(Granted-Units) | | |<-------------------| | | AA Answer(Granted-Units) | | Service Delivery |<-------------------| | |<----------------->| | | | : | | | | : | | | | : | | | | | | | | | CCR(Update,Used-Units) | | |------------------->| CCR(Update,Used-Units) | | |------------------->| | | | CCA(Granted-Units)| | | CCA(Granted-Units)|<-------------------| | |<-------------------| | | : | | | | : | | | | End of Service | | | |------------------>| CCR(Termination,Used-Units) | | |------------------->| CCR(Term.,Used-Units) | | |------------------->| | | | CCA | | | CCA |<-------------------| | |<-------------------| |
Figure 3: Protocol example with use of the authorization messages for the first interrogation
图3:第一次询问使用授权消息的协议示例
When all the granted service units for one unit type are spent by the end user or the Validity-Time is expired, the Diameter credit-control client MUST send a new Credit-Control-Request to the credit-control server. In the event that credit-control for multiple services is applied in one credit-control session (i.e., units associated to Service-Identifier(s) or Rating-Group are granted), a new Credit-Control-Request MUST be sent to the credit-control server when the
当最终用户使用了一种单元类型的所有授权服务单元或有效期到期时,Diameter信用控制客户端必须向信用控制服务器发送新的信用控制请求。如果在一个信用控制会话中应用了多个服务的信用控制(即,授予与服务标识符或评级组关联的单元),则必须在以下情况下向信用控制服务器发送新的信用控制请求:
credit reservation has been wholly consumed, or upon expiration of the Validity-Time. It is always up to the Diameter credit-control client to send a new request well in advance of the expiration of the previous request in order to avoid interruption in the service element. Even if the granted service units reserved by the credit-control server have not been spent upon expiration of the Validity-Time, the Diameter credit-control client MUST send a new Credit-Control-Request to the credit-control server.
信用卡预订已全部使用,或在有效期到期时使用。Diameter credit control客户端总是在前一个请求到期之前发送一个新请求,以避免服务元素中断。即使信用控制服务器保留的授权服务单元在有效期到期时尚未使用,Diameter信用控制客户端也必须向信用控制服务器发送新的信用控制请求。
There can also be mid-session service events, which might affect the rating of the current service events. In this case, a spontaneous updating (a new Credit-Control-Request) SHOULD be sent including information related to the service event even if all the granted service units have not been spent or the Validity-Time has not expired.
还可能存在中间会话服务事件,这可能会影响当前服务事件的评级。在这种情况下,应发送自发更新(新的信用控制请求),包括与服务事件相关的信息,即使所有授予的服务单元尚未使用或有效期尚未到期。
When the used units are reported to the credit-control server, the credit-control client will not have any units in its possession before new granted units are received from the credit-control server. When the new granted units are received, these units apply from the point where the measurement of the reported used units stopped. Where independent credit-control of multiple services is supported, this process may be executed for one or more services, a single rating-group, or a pool within the (sub)session.
当使用的单位报告给信用控制服务器时,在从信用控制服务器收到新的授权单位之前,信用控制客户端将不会拥有任何单位。当收到新的授权单位时,这些单位从报告使用单位的测量停止点开始应用。如果支持对多个服务进行独立的信用控制,则可以对(子)会话中的一个或多个服务、单个评级组或池执行此过程。
The CC-Request-Type AVP is set to the value UPDATE_REQUEST in the intermediate request message. The Subscription-Id AVP SHOULD be included in the intermediate message to identify the end user in the credit-control server. The Service-Context-Id AVP indicates the service specific document applicable to the request.
CC请求类型AVP设置为中间请求消息中的值UPDATE_Request。订阅Id AVP应包含在中间消息中,以标识信用控制服务器中的最终用户。服务上下文Id AVP指示适用于请求的特定于服务的文档。
The Requested-Service-Unit AVP MAY contain the new amount of requested service units. Where the Multiple-Services-Credit-Control AVP is used, it MUST contain the Requested-Service-Unit AVP if a new quota is requested for the associated service/rating-group. The Used-Service-Unit AVP contains the amount of used service units measured from the point when the service became active or, if interim interrogations are used during the session, from the point when the previous measurement ended. The same unit types used in the previous message SHOULD be used. If several unit types were included in the previous answer message, the used service units for each unit type MUST be reported.
请求的服务单元AVP可以包含请求的服务单元的新数量。在使用多服务信用控制AVP的情况下,如果为相关服务/评级组请求新配额,则必须包含请求的服务单元AVP。已用服务单位AVP包含从服务激活时开始测量的已用服务单位数量,或者,如果在会话期间使用临时询问,则包含从上一次测量结束时开始测量的已用服务单位数量。应使用上一条消息中使用的相同单元类型。如果前一个应答消息中包含多个单元类型,则必须报告每个单元类型使用的服务单元。
The Event-Timestamp AVP SHOULD be included in the request and contains the time of the event that triggered the sending of the new Credit-Control-Request.
事件时间戳AVP应包含在请求中,并包含触发发送新信用控制请求的事件的时间。
The credit-control server MUST deduct the used amount from the end user's account. It MAY rate the new request and make a new credit-reservation from the end user's account that covers the cost of the requested service event.
信用控制服务器必须从最终用户的帐户中扣除已使用金额。它可以对新请求进行评级,并从最终用户的帐户中进行新的信用预订,以支付请求的服务事件的费用。
A Credit-Control-Answer message with the CC-Request-Type AVP set to the value UPDATE_REQUEST MAY include the Cost-Information AVP containing the accumulated cost estimation for the session, without taking any credit-reservation into account.
CC请求类型AVP设置为值UPDATE_Request的信用控制应答消息可以包括包含会话的累积成本估计的成本信息AVP,而不考虑任何信用保留。
The Credit-Control-Answer message MAY also include the Final-Unit-Indication AVP to indicate that the answer message contains the final units for the service. After the end user has consumed these units, the Diameter credit-control-client MUST behave as described in section 5.6.
信用控制应答消息还可以包括最终单元指示AVP,以指示应答消息包含服务的最终单元。最终用户使用这些装置后,Diameter信用控制客户机必须按照第5.6节中的说明进行操作。
There can be several intermediate interrogations within a session.
在一个会话中可以有几个中间询问。
When the end user terminates the service session, or when the graceful service termination described in section 5.6 takes place, the Diameter credit-control client MUST send a final Credit-Control-Request message to the credit-control server. The CC-Request-Type AVP is set to the value TERMINATION_REQUEST. The Service-Context-Id AVP indicates the service specific document applicable to the request.
当最终用户终止服务会话时,或当发生第5.6节所述的正常服务终止时,Diameter信用控制客户端必须向信用控制服务器发送最终信用控制请求消息。CC请求类型AVP设置为终止请求的值。服务上下文Id AVP指示适用于请求的特定于服务的文档。
The Event-Timestamp AVP SHOULD be included in the request and contains the time when the session was terminated.
事件时间戳AVP应包含在请求中,并包含会话终止的时间。
The Used-Service-Unit AVP contains the amount of used service units measured from the point when the service became active or, if interim interrogations are used during the session, from the point when the previous measurement ended. If several unit types were included in the previous answer message, the used service units for each unit type MUST be reported.
已用服务单位AVP包含从服务激活时开始测量的已用服务单位数量,或者,如果在会话期间使用临时询问,则包含从上一次测量结束时开始测量的已用服务单位数量。如果前一个应答消息中包含多个单元类型,则必须报告每个单元类型使用的服务单元。
After final interrogation, the credit-control server MUST refund the reserved credit amount not used to the end user's account and deduct the used monetary amount from the end user's account.
最终询问后,信用控制服务器必须将未使用的保留信用金额退还给最终用户的帐户,并从最终用户的帐户中扣除已使用的货币金额。
A Credit-Control-Answer message with the CC-Request-Type set to the value TERMINATION_REQUEST MAY include the Cost-Information AVP containing the estimated total cost for the session in question.
将CC请求类型设置为值TERMINATION_Request的信用控制应答消息可以包括包含所述会话的估计总成本的成本信息AVP。
If the user logs off during an ongoing credit-control session, or if some other reason causes the user to become logged off (e.g., final-
如果用户在正在进行的信用控制会话期间注销,或者如果其他原因导致用户注销(例如,最终-
unit indication causes user logoff according to local policy), the service element, according to application specific policy, may send a Session-Termination-Request (STR) to the home Diameter AAA server as usual [DIAMBASE]. Figure 4 illustrates the case when the final-unit indication causes user logoff upon consumption of the final granted units and the generation of STR.
单元指示导致用户根据本地策略注销),根据特定于应用程序的策略,服务元素可以像往常一样向home Diameter AAA服务器发送会话终止请求(STR)[DIAMBASE]。图4说明了最终单元指示导致用户在使用最终授予的单元和生成STR时注销的情况。
Service Element AAA Server CC Server End User (CC Client) | Service Delivery | | | |<----------------->| | | | : | | | | : | | | | : | | | | | | | | | CCR(Update,Used-Units) | | |------------------->| CCR(Update,Used-Units) | | |------------------->| | | CCA(Final-Unit, Terminate) | CCA(Final-Unit, Terminate)|<-------------------| | |<-------------------| | | : | | | | : | | | | Disconnect user | | | |<------------------| CCR(Termination,Used-Units) | | |------------------->| CCR(Term.,Used-Units) | | |------------------->| | | | CCA | | | CCA |<-------------------| | |<-------------------| | | | STR | | | |------------------->| | | | STA | | | |<-------------------| |
Service Element AAA Server CC Server End User (CC Client) | Service Delivery | | | |<----------------->| | | | : | | | | : | | | | : | | | | | | | | | CCR(Update,Used-Units) | | |------------------->| CCR(Update,Used-Units) | | |------------------->| | | CCA(Final-Unit, Terminate) | CCA(Final-Unit, Terminate)|<-------------------| | |<-------------------| | | : | | | | : | | | | Disconnect user | | | |<------------------| CCR(Termination,Used-Units) | | |------------------->| CCR(Term.,Used-Units) | | |------------------->| | | | CCA | | | CCA |<-------------------| | |<-------------------| | | | STR | | | |------------------->| | | | STA | | | |<-------------------| |
Figure 4: User disconnected due to exhausted account
图4:用户由于帐户耗尽而断开连接
The Diameter credit-control application supports server-initiated re-authorization. The credit-control server MAY optionally initiate the credit re-authorization by issuing a Re-Auth-Request (RAR) as defined in the Diameter base protocol [DIAMBASE]. The Auth-Application-Id in the RAR message is set to 4 to indicate Diameter Credit Control, and the Re-Auth-Request-Type is set to AUTHORIZE_ONLY.
Diameter信用控制应用程序支持服务器启动的重新授权。信用控制服务器可以通过发出Diameter base协议[DIAMBASE]中定义的重新授权请求(RAR)来选择性地启动信用重新授权。RAR消息中的身份验证应用程序Id设置为4,以指示直径信用控制,而重新身份验证请求类型设置为仅授权。
Section 5.1.2 defines the feature to enable credit-control for multiple services within a single (sub-)session where the server can authorize credit usage at a different level of granularity. Further, the server may provide credit resources to multiple services or rating groups as a pool (see section 5.1.2 for details and definitions). Therefore, the server, based on its service logic and its knowledge of the ongoing session, can decide to request credit re-authorization for a whole (sub-)session, a single credit pool, a single service, or a single rating-group. To request credit re-authorization for a credit pool, the server includes in the RAR message the G-S-U-Pool-Identifier AVP indicating the affected pool. To request credit re-authorization for a service or a rating-group, the server includes in the RAR message the Service-Identifier AVP or the Rating-Group AVP, respectively. To request credit re-authorization for all the ongoing services within the (sub-)session, the server includes none of the above mentioned AVPs in the RAR message.
第5.1.2节定义了在单个(子)会话中为多个服务启用信用控制的功能,其中服务器可以在不同的粒度级别授权信用使用。此外,服务器可将信用资源作为一个池提供给多个服务或评级组(有关详细信息和定义,请参阅第5.1.2节)。因此,服务器可以根据其服务逻辑和对正在进行的会话的了解,决定为整个(子)会话、单个信用池、单个服务或单个评级组请求信用重新授权。为了请求信用池的信用再授权,服务器在RAR消息中包括指示受影响池的G-S-U-pool-Identifier AVP。为了请求服务或评级组的信用再授权,服务器在RAR消息中分别包括服务标识符AVP或评级组AVP。为了请求(子)会话中所有正在进行的服务的信用再授权,服务器在RAR消息中不包括上述AVP。
If a credit re-authorization is not already ongoing (i.e., the credit-control session is in Open state), a credit control client that receives an RAR message with Session-Id equal to a currently active credit-control session MUST acknowledge the request by sending the Re-Auth-Answer (RAA) message and MUST initiate the credit re-authorization toward the server by sending a Credit-Control-Request message with the CC-Request-Type AVP set to the value UPDATE_REQUEST. The Result-Code 2002 (DIAMETER_LIMITED_SUCCESS) SHOULD be used in the RAA message to indicate that an additional message (i.e., CCR message with the value UPDATE_REQUEST) is required to complete the procedure. If a quota was allocated to the service, the credit-control client MUST report the used quota in the Credit-Control-Request. Note that the end user does not need to be prompted for the credit re-authorization, since the credit re-authorization is transparent to the user (i.e., it takes place exclusively between the credit-control client and the credit-control server).
如果信用再授权尚未进行(即信用控制会话处于打开状态),则接收会话Id等于当前活动信用控制会话的RAR消息的信用控制客户端必须通过发送再授权应答(RAA)来确认请求消息,并且必须通过发送信用控制请求消息,将CC请求类型AVP设置为值UPDATE_Request,向服务器发起信用再授权。RAA消息中应使用结果代码2002(DIAMETER_LIMITED_SUCCESS),以指示完成该过程需要额外的消息(即,带有值更新请求的CCR消息)。如果为服务分配了配额,则信用控制客户端必须在信用控制请求中报告已使用的配额。请注意,无需提示最终用户进行信用再授权,因为信用再授权对用户是透明的(即,它只在信用控制客户端和信用控制服务器之间发生)。
Where multiple services in a user's session are supported, the procedure in the above paragraph will be executed at the granularity requested by the server in the RAR message.
如果支持用户会话中的多个服务,则将按照服务器在RAR消息中请求的粒度执行上面段落中的过程。
If credit re-authorization is ongoing at the time when the RAR message is received (i.e., RAR-CCR collision), the credit-control client successfully acknowledges the request but does not initiate a new credit re-authorization. The Result-Code 2001 (DIAMETER_SUCCESS) SHOULD be used in the RAA message to indicate that a credit re-authorization procedure is already ongoing (i.e., the client was in PendingU state when the RAR was received). The credit-control server SHOULD process the Credit-Control-Request as if it was received in answer to the server initiated credit re-authorization, and should
如果在收到RAR消息(即RAR-CCR冲突)时信用再授权正在进行,信用控制客户端将成功确认请求,但不会启动新的信用再授权。RAA消息中应使用结果代码2001(DIAMETER_SUCCESS),以表明信用再授权程序已经在进行中(即,收到RAR时,客户处于待处理状态)。信用控制服务器应处理信用控制请求,就像它是在响应服务器启动的信用重新授权时收到的一样,并且应
consider the server initiated credit re-authorization process successful upon reception of the Re-Auth-Answer message.
考虑服务器启动的信用重授权过程在接收到重新应答消息时成功。
When multiple services are supported in a user's session, the server may request credit re-authorization for a credit pool (or for the (sub-)session) while a credit re-authorization is already ongoing for some of the services or rating-groups. In this case, the client acknowledges the server request with an RAA message and MUST send a new Credit-Control-Request message to perform re-authorization for the remaining services/rating-groups. The Result-Code 2002 (DIAMETER_LIMITED_SUCCESS) SHOULD be used in the RAA message to indicate that an additional message (i.e., CCR message with value UPDATE_REQUEST) is required to complete the procedure. The server processes the received requests and returns an appropriate answer to both requests.
当一个用户的会话中支持多个服务时,服务器可能会请求信用池(或(子)会话)的信用重新授权,而某些服务或评级组的信用重新授权已经在进行中。在这种情况下,客户端使用RAA消息确认服务器请求,并且必须发送新的信用控制请求消息,以便对其余服务/评级组执行重新授权。RAA消息中应使用结果代码2002(DIAMETER_LIMITED_SUCCESS),以指示完成该过程需要额外的消息(即,具有值更新请求的CCR消息)。服务器处理接收到的请求,并对这两个请求返回适当的答案。
The above-defined procedures are enabled for each of the possibly active Diameter credit-control sub-sessions. The server MAY request re-authorization for an active sub-session by including the CC-Sub-Session-Id AVP in the RAR message in addition to the Session-Id AVP.
上述定义的过程针对每个可能活动的Diameter信用控制子会话启用。除了会话Id AVP之外,服务器还可以通过在RAR消息中包括CC子会话Id AVP来请求对活动子会话的重新授权。
When the user's account runs out of money, the user may not be allowed to compile additional chargeable events. However, the home service provider may offer some services; for instance, access to a service portal where it is possible to refill the account, for which the user is allowed to benefit for a limited time. The length of this time is usually dependent on the home service provider policy.
当用户的帐户耗尽资金时,可能不允许用户编译其他收费事件。然而,家庭服务提供商可以提供一些服务;例如,访问一个服务门户,在那里可以重新填充帐户,允许用户在有限的时间内受益。这段时间的长短通常取决于家庭服务提供商的策略。
This section defines the optional graceful service termination feature that MAY be supported by the credit-control server. Credit-control client implementations MUST support the Final-Unit-Indication with at least the teardown of the ongoing service session once the subscriber has consumed all the final granted units.
本节定义了信用控制服务器可能支持的可选服务终止功能。一旦订户使用了所有最终授予的单元,信用控制客户端实现必须至少支持正在进行的服务会话的拆卸,以支持最终单元指示。
Where independent credit-control of multiple services in a single credit-control (sub-)session is supported, it is possible to use the graceful service termination for each of the services/rating-groups independently. Naturally, the graceful service termination process defined in the following sub-sections will apply to the specific service/rating-group as requested by the server.
如果支持在单个信用控制(子)会话中对多个服务进行独立的信用控制,则可以独立地为每个服务/评级组使用优雅的服务终止。当然,以下小节中定义的正常服务终止过程将适用于服务器请求的特定服务/评级组。
In some service environments (e.g., NAS), the graceful service termination may be used to redirect the subscriber to a service portal for online balance refill or other services offered by the home service provider. In this case, the graceful termination process installs a set of packet filters to restrict the user's
在一些服务环境(例如,NAS)中,服务终止可用于将订户重定向到服务门户,以用于在线余额补充或家庭服务提供商提供的其他服务。在这种情况下,优雅终止过程会安装一组数据包过滤器来限制用户的访问
access capability only to/from the specified destinations. All the IP packets not matching the filters will be dropped or, possibly, re-directed to the service portal. The user may also be sent an appropriate notification as to why the access has been limited. These actions may be communicated explicitly from the server to the client or may be configured per-service at the client. Explicitly signaled redirect or restrict instructions always take precedence over configured ones.
只能访问指定目的地或从指定目的地访问。所有与筛选器不匹配的IP数据包都将被丢弃,或者可能会被重新定向到服务门户。还可以向用户发送关于访问被限制的原因的适当通知。这些操作可以从服务器显式地传送到客户端,或者可以在客户端针对每个服务进行配置。显式信号重定向或限制指令始终优先于配置的指令。
It is also possible use the graceful service termination to connect the prepaid user to a top-up server that plays an announcement and prompts the user to replenish the account. In this case, the credit-control server sends only the address of the top-up server where the prepaid user shall be connected after the final granted units have been consumed. An example of this is given in Appendix A (Flow VII).
也可以使用优雅的服务终端将预付费用户连接到充值服务器,该服务器播放公告并提示用户补充帐户。在这种情况下,信用控制服务器仅发送充值服务器的地址,预付费用户应在最终授予的单位消耗后连接充值服务器。附录A(流程VII)中给出了一个示例。
The credit-control server MAY initiate the graceful service termination by including the Final-Unit-Indication AVP in the Credit-Control-Answer to indicate that the message contains the final units for the service.
信用控制服务器可以通过在信用控制应答中包括最终单元指示AVP来启动服务终止,以指示消息包含服务的最终单元。
When the credit-control client receives the Final-Unit-Indication AVP in the answer from the server, its behavior depends on the value indicated in the Final-Unit-Action AVP. The server may request the following actions: TERMINATE, REDIRECT, or RESTRICT_ACCESS.
当信用控制客户端从服务器收到应答中的最终机组指示AVP时,其行为取决于最终机组动作AVP中指示的值。服务器可能会请求以下操作:终止、重定向或限制\u访问。
A following figure illustrates the graceful service termination procedure described in the following sub-sections.
下图说明了以下小节中描述的正常服务终止过程。
Diameter End User Service Element AAA Server CC Server (CC Client) | Service Delivery | | | |<----------------->| | | | |CCR(Update,Used-Units) | | |------------------->|CCR(Update,Used-Units) | : | |------------------->| | : | |CCA(Final-Unit,Action) | : | |<-------------------| | |CCA(Final-Unit,Action) | | |<-------------------| | | | | | | : | | | | : | | | | : | | | | /////////////// |CCR(Update,Used-Units) | |/Final Units End/->|------------------->|CCR(Update,Used-Units) |/Action and // | |------------------->| |/Restrictions // | | CCA(Validity-Time)| |/Start // | CCA(Validity-Time)|<-------------------| | ///////////// |<-------------------| | | : | | | | : | | | | Replenish Account +-------+ | |<-------------------------------------------->|Account| | | | | +-------+ | | | | RAR | | + | RAR |<===================| | | |<===================| | | | | RAA | | | ///////////// | |===================>| RAA | | /If supported / | | CCR(Update) |===================>| | /by CC Server/ | |===================>| CCR(Update) | | ///////////// | | |===================>| | | | | CCA(Granted-Unit)| | | | CCA(Granted-Unit)|<===================| | Restrictions ->+ |<===================| | | removed | | | | : | | | | OR | CCR(Update) | | | Validity-Time ->|------------------->| CCR(Update) | | expires | |------------------->| | | | CCA(Granted-Unit)| | | CCA(Granted-Unit)|<-------------------| | Restrictions ->|<-------------------| | | removed | | |
Diameter End User Service Element AAA Server CC Server (CC Client) | Service Delivery | | | |<----------------->| | | | |CCR(Update,Used-Units) | | |------------------->|CCR(Update,Used-Units) | : | |------------------->| | : | |CCA(Final-Unit,Action) | : | |<-------------------| | |CCA(Final-Unit,Action) | | |<-------------------| | | | | | | : | | | | : | | | | : | | | | /////////////// |CCR(Update,Used-Units) | |/Final Units End/->|------------------->|CCR(Update,Used-Units) |/Action and // | |------------------->| |/Restrictions // | | CCA(Validity-Time)| |/Start // | CCA(Validity-Time)|<-------------------| | ///////////// |<-------------------| | | : | | | | : | | | | Replenish Account +-------+ | |<-------------------------------------------->|Account| | | | | +-------+ | | | | RAR | | + | RAR |<===================| | | |<===================| | | | | RAA | | | ///////////// | |===================>| RAA | | /If supported / | | CCR(Update) |===================>| | /by CC Server/ | |===================>| CCR(Update) | | ///////////// | | |===================>| | | | | CCA(Granted-Unit)| | | | CCA(Granted-Unit)|<===================| | Restrictions ->+ |<===================| | | removed | | | | : | | | | OR | CCR(Update) | | | Validity-Time ->|------------------->| CCR(Update) | | expires | |------------------->| | | | CCA(Granted-Unit)| | | CCA(Granted-Unit)|<-------------------| | Restrictions ->|<-------------------| | | removed | | |
Figure 5: Optional graceful service termination procedure
图5:可选的服务终止过程
The Final-Unit-Indication AVP with Final-Unit-Action TERMINATE does not include any other information. When the subscriber has consumed the final granted units, the service element MUST terminate the service. This is the default handling applicable whenever the credit-control client receives an unsupported Final-Unit-Action value and MUST be supported by all the Diameter credit-control client implementations conforming to this specification. A final Credit-Control-Request message to the credit-control server MUST be sent if the Final-Unit-Indication AVP indicating action TERMINATE was present at command level. The CC-Request-Type AVP in the request is set to the value TERMINATION_REQUEST.
带有最终机组动作终止的最终机组指示AVP不包括任何其他信息。当订户已使用最终授予的单元时,服务元素必须终止服务。当信贷控制客户机收到不受支持的最终单位操作值时,这是适用的默认处理,并且必须得到符合本规范的所有Diameter信贷控制客户机实施的支持。如果在命令级别出现指示操作终止的最终装置指示AVP,则必须向信用控制服务器发送最终信用控制请求消息。请求中的CC请求类型AVP设置为终止请求的值。
The Final-Unit-Indication AVP with Final-Unit-Action REDIRECT indicates to the service element supporting this action that, upon consumption of the final granted units, the user MUST be re-directed to the address specified in the Redirect-Server AVP as follows.
带有最终单元操作重定向的最终单元指示AVP向支持此操作的服务元素指示,在使用最终授予的单元时,用户必须重新定向到重定向服务器AVP中指定的地址,如下所示。
The credit-control server sends the Redirect-Server AVP in the Credit-Control-Answer message. In such a case, the service element MUST redirect or connect the user to the destination specified in the Redirect-Server AVP, if possible. When the end user is redirected (by using protocols others than Diameter) to the specified server or connected to the top-up server, an additional authorization (and possibly authentication) may be needed before the subscriber can replenish the account; however, this is out of the scope of this specification.
信用控制服务器在信用控制应答消息中发送重定向服务器AVP。在这种情况下,如果可能,服务元素必须将用户重定向或连接到重定向服务器AVP中指定的目的地。当最终用户被重定向(通过使用Diameter以外的协议)到指定服务器或连接到充值服务器时,可能需要额外的授权(以及可能的身份验证),然后订户才能补充帐户;但是,这超出了本规范的范围。
In addition to the Redirect-Server AVP, the credit-control server MAY include one or more Restriction-Filter-Rule AVPs or one or more Filter-Id AVPs in the Credit-Control-Answer message to enable the user to access other services (for example, zero-rated services). In such a case, the access device MUST drop all the packets not matching the IP filters specified in the Credit-Control-Answer message and, if possible, redirect the user to the destination specified in the Redirect-Server AVP.
除了重定向服务器AVP之外,信用控制服务器可以在信用控制应答消息中包括一个或多个限制过滤规则AVP或一个或多个过滤Id AVP,以使用户能够访问其他服务(例如,零评级服务)。在这种情况下,接入设备必须丢弃与信用控制应答消息中指定的IP过滤器不匹配的所有分组,并且如果可能,将用户重定向到重定向服务器AVP中指定的目的地。
An entity other than the credit-control server may provision the access device with appropriate IP packet filters to be used in conjunction with the Diameter credit-control application. This case is considered in section 5.6.3.
除信用控制服务器之外的实体可以向接入设备提供与Diameter信用控制应用一起使用的适当IP分组过滤器。第5.6.3节考虑了这种情况。
When the final granted units have been consumed, the credit-control client MUST perform an intermediate interrogation. The purpose of this interrogation is to indicate to the credit-control server that the specified action started and to report the used units. The credit-control server MUST deduct the used amount from the end user's account but MUST NOT make a new credit reservation. The credit-control client, however, may send intermediate interrogations before all the final granted units have been consumed for which rating and money reservation may be needed; for instance, upon Validity-Time expires or upon mid-session service events that affect the rating of the current service. Therefore, the credit-control client MUST NOT include any rating related AVP in the request sent once all the final granted units have been consumed as an indication to the server that the requested final unit action started, rating and money reservation are not required (when the Multiple-Services-Credit-Control AVP is used, the Service-Identifier or Rating-Group AVPs is included to indicate the concerned services). Naturally, the Credit-Control-Answer message does not contain any granted service unit and MUST include the Validity-Time AVP to indicate to the credit-control client how long the subscriber is allowed to use network resources before a new intermediate interrogation is sent to the server.
当消耗了最终授予的单位时,信贷控制客户必须执行中间查询。此询问的目的是向信贷控制服务器指示指定操作已启动,并报告使用的单位。信用控制服务器必须从最终用户的帐户中扣除已用金额,但不得进行新的信用预订。然而,信贷控制客户可以在所有最终授予的单位被使用之前发送中间询问,可能需要对其进行评级和资金预留;例如,在有效期到期时或在影响当前服务评级的会话中服务事件发生时。因此,一旦所有最终授予的单位均已使用,信用控制客户端不得在发送的请求中包含任何与评级相关的AVP,以向服务器表明请求的最终单位操作已启动,不需要评级和资金预留(当使用多服务信用控制AVP时,包括服务标识符或评级组AVP以指示相关服务)。当然,信用控制应答消息不包含任何授予的服务单元,并且必须包含有效时间AVP,以向信用控制客户端指示在向服务器发送新的中间询问之前,允许订户使用网络资源的时间。
At the expiry of Validity-Time, the credit-control client sends a Credit-Control-Request (UPDATE_REQUEST) as usual. This message does not include the Used-Service-Unit AVP, as there is no allotted quota to report. The credit-control server processes the request and MUST perform the credit reservation. If during this time the subscriber did not replenish his/her account, whether he/she will be disconnected or will be granted access to services not controlled by a credit-control server for an unlimited time is dependent on the home service provider policy (note: the latter option implies that the service element should not remove the restriction filters upon termination of the credit-control). The server will return the appropriate Result-Code (see section 9.1) in the Credit-Control-Answer message in order to implement the policy-defined action. Otherwise, new quota will be returned, the service element MUST remove all the possible restrictions activated by the graceful service termination process and continue the credit-control session and service session as usual.
在有效期到期时,信用控制客户端像往常一样发送信用控制请求(更新请求)。此消息不包括已使用的服务单元AVP,因为没有分配的配额报告。信用控制服务器处理该请求,并且必须执行信用保留。如果在此期间订户未补充其帐户,则他/她是否将被断开连接或将被授予无限期访问不受信用控制服务器控制的服务的权限取决于家庭服务提供商的政策(注意:后一个选项意味着服务元素不应在信用控制终止时删除限制过滤器)。服务器将返回适当的结果代码(参见第9.1节)在信用控制应答消息中,以执行策略定义的操作。否则,将返回新配额,服务元素必须删除正常服务终止过程激活的所有可能限制,并像往常一样继续信用控制会话和服务会话。
The credit-control client may not wait until the expiration of the Validity-Time and may send a spontaneous update (a new Credit-Control-Request) if the service element can determine, for instance, that communication between the end user and the top-up server took place. An example of this is given in Appendix A (Figure A.8).
例如,如果服务元素能够确定最终用户和充值服务器之间发生了通信,则信用控制客户端可以不等待直到有效时间到期,并且可以发送自发更新(新的信用控制请求)。附录A(图A.8)给出了一个示例。
Note that the credit-control server may already have initiated the above-described process for the first interrogation. However, the user's account might be empty when this first interrogation is performed. In this case, the subscriber can be offered a chance to replenish the account and continue the service. The credit-control client receives a Credit-Control-Answer or service specific authorization answer with the Final-Unit-Indication and Validity-Time AVPs but no Granted-Service-Unit. It immediately starts the graceful service termination without sending any message to the server. An example of this case is illustrated in Appendix A.
注意,信用控制服务器可能已经为第一次询问启动了上述过程。但是,当执行第一次询问时,用户的帐户可能为空。在这种情况下,用户可以有机会补充帐户并继续服务。信用控制客户端收到信用控制应答或特定于服务的授权应答,带有最终单位指示和有效期AVPs,但没有授予的服务单位。它立即启动服务终止,而不向服务器发送任何消息。附录A中举例说明了这种情况。
A Final-Unit-Indication AVP with the Final-Unit-Action RESTRICT_ACCESS indicates to the device supporting this action that the user's access MUST be restricted according to the IP packet filters given in the Restriction-Filter-Rule AVP(s) or according to the IP packet filters identified by the Filter-Id AVP(s). The credit-control server SHOULD include either the Restriction-Filter-Rule AVP or the Filter-Id AVP in the Credit-Control-Answer message.
具有最终单元动作RESTRICT_ACCESS的最终单元指示AVP向支持该动作的设备指示,必须根据限制过滤器规则AVP中给出的IP分组过滤器或根据过滤器Id AVP标识的IP分组过滤器来限制用户的访问。信用控制服务器应在信用控制应答消息中包含限制筛选规则AVP或筛选Id AVP。
An entity other than the credit-control server may provision the access device with appropriate IP packet filters to be used in conjunction with the Diameter credit-control application. Such an entity may, for instance, configure the access device with IP flows to be passed when the Diameter credit-control application indicates RESTRICT_ACCESS or REDIRECT. The access device passes IP packets according to the filter rules that may have been received in the Credit-Control-Answer message in addition to those that may have been configured by the other entity. However, when the user's account cannot cover the cost of the requested service, the action taken is the responsibility of the credit-control server that controls the prepaid subscriber.
除信用控制服务器之外的实体可以向接入设备提供与Diameter信用控制应用一起使用的适当IP分组过滤器。例如,这样的实体可以使用当Diameter信用控制应用程序指示RESTRICT\u访问或重定向时要传递的IP流来配置接入设备。接入设备根据可能已经在信用控制应答消息中接收到的过滤规则以及可能已经由其他实体配置的过滤规则来传递IP分组。但是,当用户的帐户无法支付所请求服务的费用时,所采取的行动由控制预付费订户的信用控制服务器负责。
If another entity working in conjunction with the Diameter credit-control application already provisions the access device with all the required filter rules for the end user, the credit-control server presumably need not send any additional filter. Therefore, it is RECOMMENDED that credit-control server implementations supporting the graceful service termination be configurable for sending the Restriction-Filter-Rule AVP, the Filter-Id AVP, or none of the above.
如果与Diameter credit control应用程序一起工作的另一个实体已经为接入设备提供了最终用户所需的所有过滤规则,则信用控制服务器可能不需要发送任何额外的过滤。因此,建议支持优雅服务终止的信用控制服务器实现可配置为发送限制过滤器规则AVP、过滤器Id AVP或以上任何内容。
When the final granted units have been consumed, the credit-control client MUST perform an intermediate interrogation. The credit-control client and the credit-control server process this intermediate interrogation and execute subsequent procedures, as specified in the previous section for the REDIRECT action.
当消耗了最终授予的单位时,信贷控制客户必须执行中间查询。信用控制客户端和信用控制服务器处理此中间询问并执行后续过程,如前一节重定向操作所述。
The credit-control server may initiate the graceful service termination with action RESTRICT_ACCESS already for the first interrogation, as specified in the previous section for the REDIRECT action.
信用控制服务器可以启动优雅的服务终止,如前一节中针对重定向操作的规定,该操作已用于第一次询问的限制访问。
Once the subscriber replenishes the account, she presumably expects all the restrictions placed by the graceful termination procedure to be removed immediately and unlimited service' access to be resumed. For the best user experience, the credit-control server implementation MAY support the server-initiated credit re-authorization (see section 5.5). In such a case, upon the successful account top-up, the credit-control server sends the Re-Auth-Request (RAR) message to solicit the credit re-authorization. The credit-control client initiates the credit re-authorization by sending the Credit-Control-Request message with the CC-Request-Type AVP set to the value UPDATE_REQUEST. The Used-Service-Unit AVP is not included in the request, as there is no allotted quota to report. The Requested-Service-Unit AVP MAY be included in the request. After the credit-control client successfully receives the Credit-Control-Answer with new Granted-Service-Unit, all the possible restrictions activated for the purpose of the graceful service termination MUST be removed in the service element. The credit-control session and the service session continue as usual.
一旦订户补充了账户,她可能希望立即取消优雅终止程序设置的所有限制,并恢复无限服务访问。为了获得最佳用户体验,信用控制服务器实现可能支持服务器发起的信用再授权(参见第5.5节)。在这种情况下,在成功的帐户充值后,信用控制服务器发送重新授权请求(RAR)消息以请求信用重新授权。信用控制客户端通过发送信用控制请求消息,将CC Request Type AVP设置为值UPDATE_Request,启动信用再授权。请求中不包括已使用的服务单元AVP,因为没有分配的报告配额。请求的服务单元AVP可以包括在请求中。在信用控制客户端成功接收到具有新授权服务单元的信用控制应答后,必须在服务元素中删除为正常服务终止而激活的所有可能限制。信贷控制会话和服务会话照常继续。
The Credit-Control-Failure-Handling AVP (CCFH), as described in this section, determines the behavior of the credit-control client in fault situations. The CCFH may be received from the Diameter home AAA server, from the credit-control server, or may be configured locally. The CCFH value received from the home AAA server overrides the locally configured value. The CCFH value received from the credit-control server in the Credit-Control-Answer message always overrides any existing value.
如本节所述,信贷控制故障处理AVP(CCFH)确定信贷控制客户在故障情况下的行为。CCFH可以从Diameter home AAA服务器、信用控制服务器接收,或者可以在本地配置。从家庭AAA服务器接收的CCFH值覆盖本地配置的值。信用控制应答消息中从信用控制服务器接收的CCFH值始终覆盖任何现有值。
The authorization server MAY include the Accounting-Realtime-Required AVP to determine what to do if the sending of accounting records to the accounting server has been temporarily prevented, as defined in [DIAMBASE]. It is RECOMMENDED that the client complement the credit-control failure procedures with backup accounting flow toward an accounting server. By using different combinations of Accounting-Realtime-Required and Credit-Control-Failure-Handling AVPs, different safety levels can be built. For example, by choosing a Credit-Control-Failure-Handling AVP equal to CONTINUE for the credit-control flow and a Accounting-Realtime-Required AVP equal to DELIVER_AND_GRANT for the accounting flow, the service can be granted
授权服务器可能包括会计实时所需的AVP,以确定如果暂时阻止向会计服务器发送会计记录,该怎么办,如[DIAMBASE]中所定义。建议客户机使用通向记帐服务器的备份记帐流来补充信贷控制失败过程。通过使用会计实时要求和信用控制故障处理AVP的不同组合,可以建立不同的安全级别。例如,通过为信贷控制流选择等于CONTINUE的信贷控制失败处理AVP和等于DELIVER_和_GRANT的Accounting Realtime Required AVP,可以授予服务
to the end user even if the connection to the credit-control server is down, as long as the accounting server is able to collect the accounting information and information exchange is taking place between the accounting server and credit-control server.
对于最终用户,即使与信用控制服务器的连接已断开,只要会计服务器能够收集会计信息,并且会计服务器和信用控制服务器之间正在进行信息交换。
As the credit-control application is based on real-time bi-directional communication between the credit-control client and the credit-control server, the usage of alternative destinations and the buffering of messages may not be sufficient in the event of communication failures. Because the credit-control server has to maintain session states, moving the credit-control message stream to a backup server requires a complex context transfer solution. Whether the credit-control message stream is moved to a backup credit-control server during an ongoing credit-control session depends on the value of the CC-Session-Failover AVP. However, failover may occur at any point in the path between the credit-control client and the credit-control server if a transport failure is detected with a peer, as described in [DIAMBASE]. As a consequence, the credit-control server might receive duplicate messages. These duplicates or out of sequence messages can be detected in the credit-control server based on the credit-control server session state machine (section 7), Session-Id AVP, and CC-Request-Number AVP.
由于信用控制应用程序基于信用控制客户端和信用控制服务器之间的实时双向通信,因此在通信失败的情况下,使用替代目的地和消息缓冲可能不够。由于信用控制服务器必须维护会话状态,因此将信用控制消息流移动到备份服务器需要复杂的上下文传输解决方案。在正在进行的信用控制会话期间,信用控制消息流是否移动到备份信用控制服务器取决于CC会话故障转移AVP的值。但是,如[DIAMBASE]中所述,如果对等方检测到传输故障,则故障转移可能发生在信用控制客户端和信用控制服务器之间路径的任何点上。因此,信用控制服务器可能会收到重复的消息。根据信用控制服务器会话状态机(第7节)、会话Id AVP和CC请求号AVP,可以在信用控制服务器中检测到这些重复或无序消息。
If a failure occurs during an ongoing credit-control session, the credit-control client may move the credit-control message stream to an alternative server if the CC-server indicated FAILOVER_SUPPORTED in the CC-Session-Failover AVP. A secondary credit-control server name, either received from the home Diameter AAA server or configured locally, can be used as an address of the backup server. If the CC-Session-Failover AVP is set to FAILOVER_NOT_SUPPORTED, the credit-control message stream MUST NOT be moved to a backup server.
如果在正在进行的信用控制会话期间发生故障,则如果CC服务器指示CC会话故障转移AVP中支持的故障转移,则信用控制客户端可以将信用控制消息流移动到备用服务器。从home Diameter AAA服务器接收或在本地配置的辅助信用控制服务器名称可以用作备份服务器的地址。如果CC会话故障转移AVP设置为“故障转移不受支持”,则不得将信用控制消息流移动到备份服务器。
For new credit-control sessions, failover to an alternative credit-control server SHOULD be performed if possible. For instance, if an implementation of the credit-control client can determine primary credit-control server unavailability, it can establish the new credit-control sessions with a possibly available secondary credit-control server.
对于新的信用控制会话,如果可能,应执行到备用信用控制服务器的故障切换。例如,如果信用控制客户端的实现可以确定主信用控制服务器不可用,则它可以与可能可用的辅助信用控制服务器建立新的信用控制会话。
The AAA transport profile [AAATRANS] defines the application layer watchdog algorithm that enables failover from a peer that has failed and is controlled by a watchdog timer (Tw) defined in [AAATRANS]. The recommended default initial value for Tw (Twinit) is 30 seconds. Twinit may be set as low as 6 seconds; however, according to [AAATRANS], setting too low a value for Twinit is likely to result in an increased probability of duplicates, as well as an increase in spurious failover and failback attempts. The Diameter base protocol
AAA传输配置文件[AAATRANS]定义了应用层看门狗算法,该算法支持从发生故障的对等方进行故障切换,并由[AAATRANS]中定义的看门狗计时器(Tw)控制。Tw(Twinit)的建议默认初始值为30秒。Twinit可设置为低至6秒;但是,根据[AAATRANS],将Twinit的值设置得太低可能会导致重复的概率增加,以及虚假故障切换和回切尝试的增加。Diameter基协议
is common to several different types of Diameter AAA applications that may be run in the same service element. Therefore, tuning the timer Twinit to a lower value in order to satisfy the requirements of real-time applications, such as the Diameter credit-control application, will certainly cause the above mentioned problems. For prepaid services, however, the end user expects an answer from the network in a reasonable time. Thus, the Diameter credit-control client will react faster than would the underlying base protocol. Therefore this specification defines the timer Tx that is used by the credit-control client (as defined in section 13) to supervise the communication with the credit-control server. When the timer Tx elapses, the credit-control client takes an action to the end user according to the Credit-Control-Failure-Handling AVP.
对于可能在同一服务元素中运行的几种不同类型的Diameter AAA应用程序来说是通用的。因此,将计时器Twinit调整为较低的值以满足实时应用程序(如Diameter credit control应用程序)的要求,肯定会导致上述问题。然而,对于预付费服务,最终用户期望在合理的时间内从网络得到答复。因此,Diameter credit control客户端的反应速度将快于底层基本协议。因此,本规范定义了信贷控制客户端(如第13节所定义)用于监督与信贷控制服务器通信的定时器Tx。当定时器Tx过去时,信用控制客户端根据信用控制故障处理AVP向最终用户采取操作。
When Tx expires, the Diameter credit-control client always terminates the service if the Credit-Control-Failure-Handling (CCFH) AVP is set to the value TERMINATE. The credit-control session may be moved to an alternative server only if a protocol error DIAMETER_TOO_BUSY or DIAMETER_UNABLE_TO_DELIVER is received before Tx expires. Therefore, the value TERMINATE is not appropriate if proper failover behavior is desired.
Tx到期时,如果信用控制故障处理(CCFH)AVP设置为TERMINATE值,Diameter信用控制客户端始终终止服务。只有在发送到期前收到协议错误DIAMETER\u太忙或DIAMETER\u无法\u交付时,才能将信用控制会话移动到备用服务器。因此,如果需要正确的故障切换行为,则值TERMINATE不合适。
If the Credit-Control-Failure-Handling AVP is set to the value CONTINUE or RETRY_AND_TERMINATE, the service will be granted to the end user when the timer Tx expires. An answer message with granted-units may arrive later if the base protocol transport failover occurred in the path to the credit-control server. (The Twinit default value is 3 times more than the Tx recommended value.) The credit-control client SHOULD grant the service to the end user, start monitoring the resource usage, and wait for the possible late answer until the timeout of the request (e.g., 120 seconds). If the request fails and the CC-Session-Failover AVP is set to FAILOVER_NOT_SUPPORTED, the credit-control client terminates or continues the service depending on the value set in the CCFH and MUST free all the reserved resources for the credit-control session. If the protocol error DIAMETER_UNABLE_TO_DELIVER or DIAMETER_TOO_BUSY is received or the request times out and the CC-Session-Failover AVP is set to FAILOVER_SUPPORTED, the credit-control client MAY send the request to a backup server, if possible. If the credit-control client receives a successful answer from the backup server, it continues the credit-control session with such a server. If the re-transmitted request also fails, the credit-control client terminates or continues the service depending on the value set in the CCFH and MUST free all the reserved resources for the credit-control session.
如果Credit Control Failure Handling AVP(信用控制故障处理AVP)设置为值CONTINUE(继续)或RETRY(重试)和TERMINATE(终止),则当计时器Tx过期时,服务将授予最终用户。如果到信用控制服务器的路径中发生基本协议传输故障转移,则具有已授予单位的应答消息可能会稍后到达。(Twinit默认值是Tx建议值的3倍。)信用控制客户端应将服务授予最终用户,开始监控资源使用情况,并等待可能的延迟应答,直到请求超时(例如120秒)。如果请求失败且CC会话故障转移AVP设置为故障转移不受支持,则信用控制客户端根据CCFH中设置的值终止或继续服务,并且必须释放信用控制会话的所有保留资源。如果收到协议错误DIAMETER\u UNABLE\u TO\u DELIVER或DIAMETER\u TO\u BUSY,或者请求超时,并且CC会话故障转移AVP设置为Failover\u SUPPORTED,则信用控制客户端可能会将请求发送到备份服务器(如果可能)。如果信用控制客户端从备份服务器收到成功的应答,它将继续与该服务器的信用控制会话。如果重新传输的请求也失败,则信用控制客户端根据CCFH中设置的值终止或继续服务,并且必须释放信用控制会话的所有保留资源。
If a communication failure occurs during the graceful service termination procedure, the service element SHOULD always terminate the ongoing service session.
如果在正常服务终止过程中发生通信故障,服务元素应始终终止正在进行的服务会话。
If the credit-control server detects a failure during an ongoing credit-control session, it will terminate the credit-control session and return the reserved units back to the end user's account.
如果信用控制服务器在正在进行的信用控制会话期间检测到故障,它将终止信用控制会话并将保留的单元返回给最终用户的帐户。
The supervision session timer Tcc (as defined in section 13) is used in the credit-control server to supervise the credit-control session.
信用控制服务器中使用监控会话计时器Tcc(如第13节所定义)来监控信用控制会话。
In order to support failover between credit-control servers, information transfer about the credit-control session and account state SHOULD take place between the primary and the secondary credit-control server. Implementations supporting the credit-control session failover MUST also ensure proper detection of duplicate or out of sequence messages. The communication between the servers is regarded as an implementation issue and is outside of the scope of this specification.
为了支持信用控制服务器之间的故障切换,有关信用控制会话和帐户状态的信息传输应在主信用控制服务器和辅助信用控制服务器之间进行。支持信用控制会话故障切换的实现还必须确保正确检测重复或无序消息。服务器之间的通信被视为一个实现问题,不在本规范的范围内。
The one-time event is used when there is no need to maintain any state in the Diameter credit-control server; for example, enquiring about the price of the service. The use of a one-time event implies that the user has been authenticated and authorized beforehand.
当不需要维护Diameter credit control server中的任何状态时,使用一次性事件;例如,询问服务价格。使用一次性事件意味着用户事先已经过身份验证和授权。
The one time event can be used when the credit-control client wants to know the cost of the service event or to check the account balance without any credit-reservation. It can also be used for refunding service units on the user's account or for direct debiting without any credit-reservation. The one time event is shown in Figure 6.
当信贷控制客户希望了解服务事件的成本或在没有任何信贷保留的情况下检查帐户余额时,可以使用一次性事件。它还可用于退还用户帐户上的服务单位,或直接借记,无需任何信用预订。一次性事件如图6所示。
Diameter End User Service Element AAA Server CC Server (CC Client) | Service Request | | | |------------------>| | | | | CCR(Event) | | | |------------------->| CCR(Event) | | | |------------------->| | | | CCA(Granted-Units)| | | CCA(Granted-Units)|<-------------------| | Service Delivery |<-------------------| | |<----------------->| | |
Diameter End User Service Element AAA Server CC Server (CC Client) | Service Request | | | |------------------>| | | | | CCR(Event) | | | |------------------->| CCR(Event) | | | |------------------->| | | | CCA(Granted-Units)| | | CCA(Granted-Units)|<-------------------| | Service Delivery |<-------------------| | |<----------------->| | |
Figure 6: One time event
图6:一次性事件
In environments such as the 3GPP architecture, the one time event can be sent from the service element directly to the credit-control server.
在诸如3GPP架构之类的环境中,一次性事件可以从服务元素直接发送到信用控制服务器。
The credit-control client may need to know the price of the service event. Services offered by application service providers whose prices are not known in the credit-control client might exist. The end user might also want to get an estimation of the price of a service event before requesting it.
信用控制客户可能需要知道服务事件的价格。信用控制客户端中价格未知的应用程序服务提供商提供的服务可能存在。最终用户可能还希望在请求服务事件之前获得服务事件价格的估计值。
A Diameter credit-control client requesting the cost information MUST set the CC-Request-Type AVP equal to EVENT_REQUEST, include the Requested-Action AVP set to PRICE_ENQUIRY, and set the requested service event information into the Service-Identifier AVP in the Credit-Control-Request message. Additional service event information may be sent as service specific AVPs or within the Service-Parameter-Info AVP. The Service-Context-Id AVP indicates the service specific document applicable to the request.
请求成本信息的Diameter信用控制客户端必须将CC请求类型AVP设置为事件请求,将请求的操作AVP设置为价格查询,并将请求的服务事件信息设置为信用控制请求消息中的服务标识符AVP。附加服务事件信息可作为特定于服务的AVP或在服务参数信息AVP中发送。服务上下文Id AVP指示适用于请求的特定于服务的文档。
The credit-control server calculates the cost of the requested service event, but it does not perform any account balance check or credit-reservation from the account.
信用控制服务器计算请求的服务事件的成本,但它不从该帐户执行任何帐户余额检查或信用保留。
The estimated cost of the requested service event is returned to the credit-control client in the Cost-Information AVP in the Credit-Control-Answer message.
请求的服务事件的估计成本在信用控制应答消息的成本信息AVP中返回给信用控制客户端。
The Diameter credit-control client may only have to verify that the end user's account balance covers the cost of a certain service without reserving any units from the account at the time of the inquiry. This method does not guarantee that credit would be left when the Diameter credit-control client requests the debiting of the account with a separate request.
Diameter credit control客户端可能只需验证最终用户的账户余额是否涵盖某项服务的成本,而无需在查询时从账户中保留任何单位。此方法不保证Diameter credit control客户端通过单独请求借记账户时会留下信用。
A Diameter credit-control client requesting the balance check MUST set the CC-Request-Type AVP equal to EVENT_REQUEST, include a Requested-Action AVP set to CHECK_BALANCE, and include the Subscription-Id AVP in order to identify the end user in the credit-control server. The Service-Context-Id AVP indicates the service specific document applicable to the request.
请求余额检查的Diameter credit control客户端必须将CC Request Type AVP设置为等于EVENT_Request,包括请求的Action AVP设置为check_balance,并包括订阅Id AVP,以便在信用控制服务器中识别最终用户。服务上下文Id AVP指示适用于请求的特定于服务的文档。
The credit-control server makes the balance check, but it does not make any credit-reservation from the account.
信用控制服务器进行余额检查,但不从帐户进行任何信用保留。
The result of balance check (ENOUGH_CREDIT/NO_CREDIT) is returned to the credit-control client in the Check-Balance-Result AVP in the Credit-Control-Answer message.
余额检查的结果(足够的信用/没有信用)在信用控制应答消息的检查余额结果AVP中返回给信用控制客户端。
There are certain service events for which service execution is always successful in the service environment. The delay between the service invocation and the actual service delivery to the end user can be sufficiently long that the use of the session-based credit-control would lead to unreasonably long credit-control sessions. In these cases, the Diameter credit-control client can use the one-time event scenario for direct debiting. The Diameter credit-control client SHOULD be sure that the requested service event execution would be successful when this scenario is used.
在服务环境中,某些服务事件的服务执行总是成功的。服务调用和向最终用户实际交付服务之间的延迟可能足够长,以至于使用基于会话的信用控制将导致不合理的长信用控制会话。在这些情况下,Diameter credit control客户端可以使用一次性事件场景进行直接借记。Diameter credit control客户端应确保在使用此场景时请求的服务事件执行将成功。
In the Credit-Control-Request message, the CC-Request-Type is set to the value EVENT_REQUEST and the Requested-Action AVP is set to DIRECT_DEBITING. The Subscription-Id AVP SHOULD be included to identify the end user in the credit-control server. The Event-Timestamp AVP SHOULD be included in the request and contain the time when the service event is requested in the service element. The Service-Context-Id AVP indicates the service specific document applicable to the request.
在信用控制请求消息中,CC请求类型设置为值EVENT_Request,请求的动作AVP设置为DIRECT_DEBITING。应包括订阅Id AVP,以识别信用控制服务器中的最终用户。事件时间戳AVP应包含在请求中,并包含在服务元素中请求服务事件的时间。服务上下文Id AVP指示适用于请求的特定于服务的文档。
The Diameter credit-control client MAY include the monetary amount to be charged in the Requested-Service-Unit AVP, if it knows the cost of the service event. If the Diameter credit-control client does not know the cost of the service event, the Requested-Service-Unit AVP MAY contain the number of requested service events. The Service-Identifier AVP always indicates the service concerned. Additional service event information to be rated MAY be sent as service specific AVPs or within the Service-Parameter-Info AVP.
Diameter credit control客户端如果知道服务事件的成本,则可以在请求的服务单元AVP中包括要收取的货币金额。如果Diameter信用控制客户端不知道服务事件的成本,则请求的服务单元AVP可能包含请求的服务事件的数量。服务标识符AVP始终指示相关的服务。待评级的附加服务事件信息可作为特定于服务的AVP或在服务参数信息AVP中发送。
The credit-control server SHOULD rate the service event and deduct the corresponding monetary amount from the end user's account. If the type of the Requested-Service-Unit AVP is money, no rating is needed, but the corresponding monetary amount is deducted from the end user's account.
信用控制服务器应对服务事件进行评级,并从最终用户的帐户中扣除相应的金额。如果请求的服务单元AVP的类型是货币,则不需要评级,但相应的货币金额将从最终用户的帐户中扣除。
The credit-control server returns the Granted-Service-Unit AVP in the Credit-Control-Answer message to the Diameter credit-control client. The Granted-Service-Unit AVP contains the amount of service units that the Diameter credit-control client can provide to the end user. The type of the Granted-Service-Unit can be time, volume, service specific, or money, depending on the type of service event.
信用控制服务器将信用控制应答消息中授予的服务单元AVP返回给Diameter信用控制客户端。授权服务单位AVP包含Diameter信用控制客户端可向最终用户提供的服务单位数量。根据服务事件的类型,授予的服务单位的类型可以是时间、数量、特定服务或金钱。
If the credit-control server determines that no credit-control is needed for the service, it can include the result code indicating that the credit-control is not applicable (e.g., service is free of charge).
如果信用控制服务器确定服务不需要信用控制,则它可以包括指示信用控制不适用的结果代码(例如,服务是免费的)。
For informative purposes, the Credit-Control-Answer message MAY also include the Cost-Information AVP containing the estimated total cost of the requested service.
出于信息目的,信用控制应答消息还可以包括包含所请求服务的估计总成本的成本信息AVP。
Some services may refund service units to the end user's account; for example, gaming services.
某些服务可能会将服务单位退还给最终用户的帐户;例如,游戏服务。
The credit-control client MUST set CC-Request-Type to the value EVENT_REQUEST and the Requested-Action AVP to REFUND_ACCOUNT in the Credit-Control-Request message. The Subscription-Id AVP SHOULD be included to identify the end user in the credit-control server. The Service-Context-Id AVP indicates the service specific document applicable to the request.
信用控制客户端必须在信用控制请求消息中将CC请求类型设置为值事件请求和请求的操作AVP以退款账户。应包括订阅Id AVP,以识别信用控制服务器中的最终用户。服务上下文Id AVP指示适用于请求的特定于服务的文档。
The Diameter credit-control client MAY include the monetary amount to be refunded in the Requested-Service-Unit AVP. The Service-Identifier AVP always indicates the concerned service. If the Diameter credit-control client does not know the monetary amount to be refunded, in addition to the Service-Identifier AVP it MAY send service specific AVPs or the Service-Parameter-Info AVP containing additional service event information to be rated.
Diameter credit control客户端可能会在请求的服务单元AVP中包含要退款的金额。服务标识符AVP始终指示相关服务。如果Diameter信用控制客户不知道要退款的金额,除了服务标识符AVP外,它还可以发送服务特定AVP或服务参数信息AVP,其中包含要评级的其他服务事件信息。
For informative purposes, the Credit-Control-Answer message MAY also include the Cost-Information AVP containing the estimated monetary amount of refunded unit.
出于提供信息的目的,信用控制应答消息还可以包括包含退款单位的估计货币金额的成本信息AVP。
Failover to an alternative credit-control server is allowed for a one time event, as the server is not maintaining session states. For instance, if the credit-control client receives a protocol error DIAMETER_UNABLE_TO_DELIVER or DIAMETER_TOO_BUSY, it can re-send the request to an alternative server, if possible. There MAY be protocol transparent Diameter relays and redirect agents or Diameter credit-control proxies between the credit-control client and credit-control server. Failover may occur at any point in the path between the credit-control client and the credit-control server if a transport failure is detected with a peer, as described in [DIAMBASE]. Because there can be duplicate requests for various reasons, the credit-control server is responsible for real time duplicate detection. Implementation issues for duplicate detection are discussed in [DIAMBASE], Appendix C.
一次性事件允许故障切换到备用信用控制服务器,因为服务器未维护会话状态。例如,如果信用控制客户端接收到协议错误DIAMETER\u UNABLE\u TO\u DELIVER或DIAMETER\u TO\u BUSY,它可以将请求重新发送到备用服务器(如果可能)。信用控制客户端和信用控制服务器之间可能存在协议透明的Diameter中继和重定向代理或Diameter信用控制代理。如[DIAMBASE]中所述,如果对等方检测到传输故障,则故障转移可能发生在信用控制客户端和信用控制服务器之间路径的任何点上。由于各种原因可能存在重复请求,因此信用控制服务器负责实时重复检测。重复检测的实现问题在附录C的[DIAMBASE]中讨论。
When the credit-control client detects a communication failure with the credit-control server, its behavior depends on the requested action. The timer Tx (as defined in section 13) is used in the
当信用控制客户端检测到与信用控制服务器的通信故障时,其行为取决于请求的操作。定时器Tx(定义见第13节)用于
credit-control client to supervise the communication with the credit-control server.
信用控制客户端,用于监督与信用控制服务器的通信。
If the requested action is PRICE_ENQUIRY or CHECK_BALANCE and communication failure is detected, the credit-control client SHOULD forward the request messages to an alternative credit-control server, if possible. The secondary credit-control server name, if received from the home Diameter AAA server, can be used as an address of backup server.
如果请求的操作是价格查询或检查余额,并且检测到通信故障,则信用控制客户端应将请求消息转发给备用信用控制服务器(如果可能)。辅助信用控制服务器名称(如果从home Diameter AAA服务器接收)可以用作备份服务器的地址。
If the requested action is DIRECT_DEBITING, the Direct-Debiting-Failure-Handling AVP (DDFH) controls the credit-control client's behavior. The DDFH may be received from the home Diameter AAA server or may be locally configured. The credit-control server may also send the DDFH in any CCA message to be used for direct debiting events compiled thereafter. The DDFH value received from the home Diameter AAA server overrides the locally configured value, and the DDFH value received from the credit-control server in a Credit-Control-Answer message always overrides any existing value.
如果请求的操作是直接借记,则直接借记失败处理AVP(DDFH)控制信贷控制客户的行为。DDFH可以从home Diameter AAA服务器接收,也可以本地配置。信用控制服务器还可以在任何CCA消息中发送DDFH,以用于此后编译的直接借记事件。从home Diameter AAA服务器接收的DDFH值覆盖本地配置的值,并且在信用控制应答消息中从信用控制服务器接收的DDFH值始终覆盖任何现有值。
If the DDFH is set to TERMINATE_OR_BUFFER, the credit-control client SHOULD NOT grant the service if it can determine, eventually after a possible re-transmission attempt to an alternative credit-control server, from the result code or error code in the answer message that units have not been debited. Otherwise, the credit-control client SHOULD grant the service to the end user and store the request in the credit-control application level non-volatile storage. (Note that re-sending the request at a later time is not a guarantee that the service will be debited, as the user's account may be empty when the server successfully processes the request.) The credit-control client MUST mark these request messages as possible duplicates by setting the T-flag in the command header as described in [DIAMBASE], section 3.
如果DDFH被设置为终止_或_缓冲区,如果信用控制客户端在可能的重新传输尝试之后,最终能够从应答消息中的结果代码或错误代码确定未借记单位,则不应授予服务。否则,信用控制客户端应将服务授予最终用户,并将请求存储在信用控制应用程序级非易失性存储器中。(请注意,稍后重新发送请求并不能保证服务将被借记,因为当服务器成功处理请求时,用户的帐户可能为空。)信用控制客户端必须通过在[DIAMBASE]中所述的命令头中设置T标志,将这些请求消息标记为可能的重复消息,第3节。
If the Direct-Debiting-Failure-Handling AVP is set to CONTINUE, the service SHOULD be granted, even if credit-control messages cannot be delivered and messages are not buffered.
如果直接借记失败处理AVP设置为继续,则应授予服务,即使无法传递信用控制消息且消息未缓冲。
If the timer Tx expires, the credit-control client MUST continue the service and wait for a possible late answer. If the request times out, the credit-control client re-transmits the request (marked with T-flag) to a backup credit-control server, if possible. If the re-transmitted request also times out, or if a temporary error is received in answer, the credit-control client buffers the request if the value of the Direct-Debiting-Failure-Handling AVP is set to TERMINATE_OR_BUFFER. If a failed answer is received for the
如果计时器Tx过期,信用控制客户端必须继续服务并等待可能的延迟应答。如果请求超时,如果可能,信用控制客户端会将请求(用T-flag标记)重新传输到备份信用控制服务器。如果重新传输的请求也超时,或者如果在应答中收到临时错误,则如果直接借记失败处理AVP的值设置为TERMINATE_或_BUFFER,则信用控制客户端缓冲该请求。如果接收到的问题回答失败
re-transmitted request, the credit-control client frees all the resources reserved for the event message and deletes the request regardless of the value of the DDFH.
重新传输请求时,信用控制客户端释放为事件消息保留的所有资源,并删除该请求,而不考虑DDFH的值。
The Credit-Control-Request with the requested action REFUND_ACCOUNT should always be stored in the credit-control application level non-volatile storage in case of temporary failure. The credit-control client MUST mark the re-transmitted request message as a possible duplicate by setting the T-flag in the command header as described in [DIAMBASE], section 3.
带有请求的操作退款账户的信贷控制请求应始终存储在信贷控制应用程序级非易失性存储器中,以防出现临时故障。信用控制客户端必须按照[DIAMBASE]第3节中的说明,通过在命令头中设置T标志,将重新传输的请求消息标记为可能的副本。
For stored requests, the implementation may choose to limit the number of re-transmission attempts and to define a re-transmission interval.
对于存储的请求,实现可以选择限制重新传输尝试的次数并定义重新传输间隔。
Note that only one place in the credit-control system SHOULD be responsible for duplicate detection. If there is only one credit-control server within the given realm, the credit-control server may perform duplicate detection. If there is more than one credit-control server in a given realm, only one entity in the credit-control system should be responsible, to ensure that the end user's account is not debited or credited multiple times for the same service event.
请注意,信用控制系统中只有一个地方负责重复检测。如果给定领域内只有一个信用控制服务器,信用控制服务器可能会执行重复检测。如果给定领域中有多个信用控制服务器,则信用控制系统中只有一个实体负责,以确保最终用户的帐户不会因同一服务事件多次借记或贷记。
This section defines the credit-control application state machine.
本节定义信用控制应用程序状态机。
The first four state machines are to be observed by credit-control clients. The first one describes the session-based credit-control when the first interrogation is executed as part of the authorization/authentication process. The second describes the session-based credit-control when the first interrogation is executed after the authorization/authentication process. The requirements as to what state machines have to be supported are discussed in section 5.2.
信用控制客户端将观察前四个状态机。第一个描述了在作为授权/认证过程的一部分执行第一次询问时基于会话的信用控制。第二个描述了在授权/认证过程之后执行第一次询问时基于会话的信用控制。第5.2节讨论了必须支持哪些状态机的要求。
The third state machine describes the session-based credit-control for the intermediate and final interrogations. The fourth one describes the event-based credit-control. These latter state machines are to be observed by all implementations that conform to this specification.
第三个状态机描述了中间和最终询问的基于会话的信用控制。第四部分描述了基于事件的信用控制。符合本规范的所有实现都要遵守后一种状态机。
The fifth state machine describes the credit-control session from a credit-control server perspective.
第五个状态机从信用控制服务器的角度描述信用控制会话。
Any event not listed in the state machines MUST be considered an error condition, and a corresponding answer, if applicable, MUST be returned to the originator of the message.
任何未在状态机中列出的事件都必须视为错误情况,并且如果适用,必须将相应的答案返回给消息的发起人。
In the state table, the event 'Failure to send' means that the Diameter credit-control client is unable to communicate with the desired destination or, if failover procedure is supported, with a possibly defined alternative destination (e.g., the request times out and the answer message is not received). This could be due to the peer being down, or due to a physical link failure in the path to or from the credit-control server.
在状态表中,事件“发送失败”表示Diameter credit control客户端无法与所需的目标通信,或者如果支持故障转移过程,则无法与可能定义的备用目标通信(例如,请求超时且未收到应答消息)。这可能是由于对等机停机,或者由于进出信用控制服务器的路径中的物理链路故障。
The event 'Temporary error' means that the Diameter credit-control client received a protocol error notification (DIAMETER_TOO_BUSY, DIAMETER_UNABLE_TO_DELIVER, or DIAMETER_LOOP_DETECTED) in the Result-Code AVP of the Credit-Control-Answer command. The above protocol error notification may ultimately be received in answer to the re-transmitted request to a defined alternative destination, if failover is supported.
事件“临时错误”表示Diameter信用控制客户端在信用控制应答命令的结果代码AVP中收到协议错误通知(Diameter\u太忙、Diameter\u无法\u交付或检测到Diameter\u循环)。如果支持故障转移,则最终可能会收到上述协议错误通知,以响应重新传输到定义的备用目的地的请求。
The event 'Failed answer' means that the Diameter credit-control client received non-transient failure (permanent failure) notification in the Credit-Control-Answer command. The above permanent failure notification may ultimately be received in answer to the re-transmitted request to a defined alternative destination, if failover is supported.
事件“应答失败”表示Diameter信用控制客户端在信用控制应答命令中收到非暂时性故障(永久性故障)通知。如果支持故障转移,则最终可能会收到上述永久性故障通知,以响应重新传输到定义的备用目的地的请求。
The action 'store request' means that a request is stored in the credit-control application level non-volatile storage.
操作“存储请求”表示请求存储在信贷控制应用程序级非易失性存储器中。
The event 'Not successfully processed' means that the credit-control server could not process the message; e.g., due to an unknown end user, account being empty, or errors defined in [DIAMBASE].
事件“未成功处理”表示信用控制服务器无法处理该消息;e、 例如,由于未知的最终用户、帐户为空或[DIAMBASE]中定义的错误。
The event 'User service terminated' can be triggered by various reasons, e.g., normal user termination, network failure, and ASR (Abort-Session-Request). The Termination-Cause AVP contains information about the termination reason, as specified in [DIAMBASE].
“用户服务终止”事件可由各种原因触发,例如,正常用户终止、网络故障和ASR(中止会话请求)。终止原因AVP包含[DIAMBASE]中规定的有关终止原因的信息。
The Tx timer, which is used to control the waiting time in the credit-control client in the Pending state, is stopped upon exit of the Pending state. The stopping of the Tx timer is omitted in the state machine when the new state is Idle, as moving to Idle state implies the clearing of the session and all the variables associated to it.
Tx定时器用于控制处于挂起状态的信用控制客户端中的等待时间,在挂起状态退出时停止。当新状态为Idle时,状态机中的Tx定时器停止被忽略,因为移动到Idle状态意味着清除会话和与之相关的所有变量。
The states PendingI, PendingU, PendingT, PendingE, and PendingB stand for pending states to wait for an answer to a credit-control request related to Initial, Update, Termination, Event, or Buffered request, respectively.
PendingI、PendingU、PendingT、PendingE和PendingB状态分别代表等待与初始、更新、终止、事件或缓冲请求相关的信用控制请求的响应的挂起状态。
The acronyms CCFH and DDFH stand for Credit-Control-Failure-Handling and Direct-Debiting-Failure-Handling, respectively.
首字母缩写CCFH和DDFH分别代表信用控制失败处理和直接借记失败处理。
In the following state machine table, the failover to a secondary server upon 'Temporary error' or 'Failure to send' is not explicitly described. Moving an ongoing credit-control message stream to an alternative server is, however, possible if the CC-Session-Failover AVP is set to FAILOVER_SUPPORTED, as described in section 5.7.
在下面的状态机表中,未明确描述“临时错误”或“发送失败”时到辅助服务器的故障切换。但是,如果如第5.7节所述,将CC会话故障转移AVP设置为支持故障转移,则可以将正在进行的信用控制消息流移动到备用服务器。
Re-sending a credit-control event to an alternative server is supported as described in section 6.5.
如第6.5节所述,支持向备用服务器重新发送信用控制事件。
CLIENT, SESSION BASED for the first interrogation with AA request
客户端,基于会话,用于AA请求的第一次询问
State Event Action New State --------------------------------------------------------------- Idle Client or device requests Send PendingI access/service AA request with added CC AVPs, start Tx
State Event Action New State --------------------------------------------------------------- Idle Client or device requests Send PendingI access/service AA request with added CC AVPs, start Tx
PendingI Successful AA req. Grant Open answer received service to end user, stop Tx
PendingI成功的AA请求。向最终用户授予开放式应答接收服务,停止发送
PendingI Tx expired Disconnect Idle user/dev
PendingI Tx过期断开空闲用户/开发
PendingI Failed AA answer received Disconnect Idle user/dev
PendingI失败AA应答收到断开空闲用户/开发
PendingI AA answer Grant Idle received with result code service equal to CREDIT_CONTROL_ to end user NOT_APPLICABLE
收到PendingI AA应答授予空闲,结果代码服务等于贷记u控制uu给最终用户不适用
PendingI User service terminated Queue PendingI termination event
PendingI用户服务终止队列PendingI终止事件
PendingI Change in rating condition Queue PendingI changed rating condition event
PendingI额定值条件更改队列PendingI更改额定值条件事件
CLIENT, SESSION BASED for the first interrogation with CCR
客户端,基于会话,用于使用CCR进行第一次询问
State Event Action New State ----------------------------------------------------------------
State Event Action New State ----------------------------------------------------------------
Idle Client or device requests Send PendingI access/service CC initial req., start Tx
空闲客户端或设备请求发送PendingI访问/服务CC初始请求,启动发送
PendingI Successful CC initial Stop Tx Open answer received
收到PendingI成功CC初始停止Tx打开应答
PendingI Failure to send, or Grant Idle temporary error and service to CCFH equal to CONTINUE end user
PendingI未能向CCFH发送或授予空闲临时错误和服务,等同于继续最终用户
PendingI Failure to send, or Terminate Idle temporary error and end user's CCFH equal to TERMINATE service or to RETRY_AND_TERMINATE
PendingI未能发送或终止空闲临时错误,最终用户的CCFH等于终止服务或重试_和_终止
PendingI Tx expired and CCFH Terminate Idle equal to TERMINATE end user's service
PendingI Tx过期,CCFH终止空闲等于终止最终用户服务
PendingI Tx expired and CCFH equal Grant PendingI to CONTINUE or to service to RETRY_AND_TERMINATE end user
PendingI Tx已过期,CCFH等于授予PendingI继续或服务以重试和终止最终用户
PendingI CC initial answer Terminate Idle received with result code end user's END_USER_SERVICE_DENIED or service USER_UNKNOWN
收到PendingI CC初始应答终止空闲,结果代码为最终用户的最终用户服务被拒绝或服务用户未知
PendingI CC initial answer Grant Idle received with result code service equal to CREDIT_CONTROL_ to end user NOT_APPLICABLE
收到PendingI CC初始应答授予空闲,结果代码服务等于贷记u控制uu给最终用户不适用
PendingI Failed CC initial answer Grant Idle received and CCFH equal to service to CONTINUE end user
PendingI失败,收到CC初始应答授权空闲,CCFH等于服务继续最终用户
PendingI Failed CC initial answer Terminate Idle received and CCFH equal end user's to TERMINATE or to service RETRY_AND_TERMINATE
PendingI失败CC初始应答终止收到空闲,CCFH等于最终用户的终止或服务重试和终止
PendingI User service terminated Queue PendingI termination event
PendingI用户服务终止队列PendingI终止事件
PendingI Change in rating condition Queue PendingI changed rating condition event
PendingI额定值条件更改队列PendingI更改额定值条件事件
CLIENT, SESSION BASED for intermediate and final interrogations
客户端,基于会话,用于中间和最终询问
State Event Action New State ----------------------------------------------------------------
State Event Action New State ----------------------------------------------------------------
Open Granted unit elapses Send PendingU and no final unit CC update indication received req., start Tx
开放式授权装置经过发送挂起且未收到最终装置CC更新指示请求,开始发送
Open Granted unit elapses Terminate PendingT and final unit action end user's equal to TERMINATE service, send received CC termination req.
开放授权单元终止等待和最终单元操作最终用户等于终止服务,发送收到的CC终止请求。
Open Change in rating condition Send PendingU in queue CC update req., Start Tx
在队列CC update req.Start Tx.中打开额定值条件更改发送待处理
Open Service terminated in queue Send PendingT CC termination req.
在队列发送挂起CC终止请求中终止的开放服务。
Open Change in rating condition Send PendingU or Validity-Time elapses CC update req., Start Tx
打开额定值条件更改发送挂起或有效时间经过CC更新请求,开始发送
Open User service terminated Send PendingT CC termination req.
打开用户服务终止发送等待CC终止请求。
Open RAR received Send RAA PendingU followed by CC update req., start Tx
打开RAR接收发送RAA PendingU,然后是CC更新请求,开始发送
PendingU Successful CC update Stop Tx Open answer received
收到等待成功的CC更新停止Tx打开应答
PendingU Failure to send, or Grant Idle temporary error and service to CCFH equal to CONTINUE end user
PendingU未能向CCFH发送或授予空闲临时错误和服务,等同于继续最终用户
PendingU Failure to send, or Terminate Idle temporary error and end user's CCFH equal to TERMINATE service or to RETRY_AND_TERMINATE
PendingU发送或终止空闲临时错误失败,最终用户的CCFH等于终止服务或重试_和_终止
PendingU Tx expired and CCFH Terminate Idle equal to TERMINATE end user's service
PendingU Tx过期,CCFH终止空闲等于终止最终用户服务
PendingU Tx expired and CCFH equal Grant PendingU to CONTINUE or to service to RETRY_AND_TERMINATE end user
PendingU Tx已过期,CCFH同等授权PendingU继续或服务,以重试并终止最终用户
PendingU CC update answer Terminate Idle received with result code end user's END_USER_SERVICE_DENIED service
收到PendingU CC update answer Terminate Idle,结果代码为最终用户的最终用户服务拒绝服务
PendingU CC update answer Grant Idle received with result code service equal to CREDIT_CONTROL_ to end user NOT_APPLICABLE
收到PendingU CC update answer Grant Idle,结果代码服务等于贷记_CONTROL uu给最终用户不适用
PendingU Failed CC update Grant Idle answer received and service to CCFH equal to CONTINUE end user
PendingU失败的CC更新已接收到授权空闲应答,向CCFH提供的服务等于继续最终用户
PendingU Failed CC update Terminate Idle answer received and CCFH end user's equal to TERMINATE or service to RETRY_AND_TERMINATE
收到PendingU失败的CC update Terminate Idle应答,且CCFH最终用户等于Terminate或服务要重试_和_Terminate
PendingU User service terminated Queue PendingU termination event
PendingU用户服务终止队列PendingU终止事件
PendingU Change in rating Queue PendingU condition changed rating condition event
分级队列中的挂起更改挂起条件更改分级条件事件
PendingU RAR received Send RAA PendingU
等待RAR收到发送RAA等待RAR
PendingT Successful CC Idle termination answer received
收到等待成功的CC空闲终止应答
PendingT Failure to send, temporary Idle error, or failed answer
等待发送失败、临时空闲错误或应答失败
PendingT Change in rating condition PendingT
待决额定条件的变化待决
CLIENT, EVENT BASED
客户端,基于事件
State Event Action New State ---------------------------------------------------------------- Idle Client or device requests Send PendingE a one-time service CC event req., Start Tx
State Event Action New State ---------------------------------------------------------------- Idle Client or device requests Send PendingE a one-time service CC event req., Start Tx
Idle Request in storage Send PendingB stored request
存储中的空闲请求发送挂起B存储请求
PendingE Successful CC event Grant Idle answer received service to end user
PendingE成功CC事件向最终用户授予空闲应答接收服务
PendingE Failure to send, temporary Indicate Idle error, failed CC event service answer received, or error Tx expired; requested action CHECK_BALANCE or PRICE_ENQUIRY
PendingE发送失败、临时指示空闲错误、收到CC事件服务应答失败或错误发送过期;请求的行动检查\余额或价格查询
PendingE CC event answer Terminate Idle received with result code end user's END_USER_SERVICE_DENIED or service USER_UNKNOWN and Tx running
收到PendingE CC事件应答Terminate Idle,结果代码为最终用户的最终用户服务被拒绝,或服务用户未知且Tx正在运行
PendingE CC event answer Grant Idle received with result code service CREDIT_CONTROL_NOT_APPLICABLE; to end requested action user DIRECT_DEBITING
收到PendingE CC事件应答授权空闲,结果代码服务信用控制不适用;结束请求的操作用户直接借记
PendingE Failure to send, temporary Grant Idle error, or failed CC event service answer received; requested to end action DIRECT_DEBITING; user DDFH equal to CONTINUE
PendingE发送失败、临时授权空闲错误或接收到失败的CC事件服务应答;要求结束直接借记的行动;用户DDFH等于继续
PendingE Failed CC event Terminate Idle answer received or temporary end user's error; requested action service DIRECT_DEBITING; DDFH equal to TERMINATE_OR_BUFFER and Tx running
PendingE失败CC事件终止收到的空闲应答或临时最终用户错误;请求的行动服务直接借记;DDFH等于终止_或_缓冲区并运行Tx
PendingE Tx expired; requested Grant PendingE action DIRECT_DEBITING service to end user
PendingE Tx已过期;请求向最终用户授予挂起行动直接借记服务
PendingE Failure to send; requested Store Idle action DIRECT_DEBITING; request with DDFH equal to T-flag TERMINATE_OR_BUFFER
未决未能发送;请求的存储空闲操作直接借记;DDFH等于T标志终止\u或\u缓冲区的请求
PendingE Temporary error; requested Store Idle action DIRECT_DEBITING; request DDFH equal to TERMINATE_OR_BUFFER; Tx expired
悬而未决的暂时性错误;请求的存储空闲操作直接借记;请求DDFH等于终止_或_缓冲区;Tx过期
PendingE Failed answer or answer Idle received with result code END_USER_SERVICE DENIED or USER_UNKNOWN; requested action DIRECT_DEBITING; Tx expired
接收到PendingE失败的应答或应答空闲,结果代码END_USER_服务被拒绝或USER_未知;请求的操作直接借记;Tx过期
PendingE Failed CC event answer Indicate Idle received; requested service action REFUND_ACCOUNT error and delete request
PendingE失败的CC事件应答指示接收到空闲;请求的服务操作退款\u帐户错误和删除请求
PendingE Failure to send or Store Idle Tx expired; requested request action REFUND_ACCOUNT with T-flag
暂停发送或存储空闲发送失效;带T标志的请求操作退款账户
PendingE Temporary error, Store Idle and requested action request REFUND_ACCOUNT
挂起临时错误,存储空闲和请求的操作请求退款\u帐户
PendingB Successful CC answer Delete Idle received request
PendingB成功CC应答删除收到的空闲请求
PendingB Failed CC answer Delete Idle received request
PendingB未通过CC应答删除收到的空闲请求
PendingB Failure to send or Idle temporary error
PendingB发送失败或空闲临时错误
SERVER, SESSION AND EVENT BASED
基于服务器、会话和事件
State Event Action New State ----------------------------------------------------------------
State Event Action New State ----------------------------------------------------------------
Idle CC initial request Send Open received and successfully CC initial processed answer, reserve units, start Tcc
空闲CC初始请求发送打开收到并成功CC初始处理应答,保留单位,启动Tcc
Idle CC initial request Send Idle received but not CC initial successfully processed answer with Result-Code != SUCCESS
Idle CC initial request Send Idle received但未成功处理CC initial应答,结果代码!=成功
Idle CC event request Send Idle received and successfully CC event processed answer
Idle CC event request Send Idle received and successfully CC event processed Response
Idle CC event request Send Idle received but not CC event successfully processed answer with Result-Code != SUCCESS
Idle CC event request Send Idle received,但未成功处理CC event应答,结果代码!=成功
Open CC update request Send CC Open received and successfully update answer, processed debit used units, reserve new units, restart Tcc
Open CC update request Send CC Open received并成功更新应答,已处理借项已用单位,保留新单位,重新启动Tcc
Open CC update request Send Idle received but not CC update successfully processed answer with Result-Code != SUCCESS, debit used units
Open CC update request Send Idle received但未成功处理CC update应答,结果代码!=成功,借记已用单位
Open CC termination request Send Idle received and successfully CC termin. processed answer, Stop Tcc, debit used units
打开抄送终止请求发送空闲接收并成功抄送终止。已处理的应答、停止Tcc、借记已用单位
Open CC termination request Send Idle received but not CC termin. successfully processed answer with Result-Code != SUCCESS, debit used units
打开CC终止请求发送空闲接收,但未打开CC终端。已成功处理结果代码为的答案!=成功,借记已用单位
Open Session supervision timer Tcc Release Idle expired reserved units
打开会话监控计时器Tcc释放空闲过期保留单元
This section defines the credit-control AVPs that are specific to Diameter credit-control application and that MAY be included in the Diameter credit-control messages.
本节定义了特定于Diameter信用控制应用程序且可能包含在Diameter信用控制消息中的信用控制AVP。
The AVPs defined in this section MAY also be included in authorization commands defined in authorization-specific applications, such as [NASREQ] and [DIAMMIP], if the first interrogation is performed as part of the authorization/authentication process, as described in section 5.2.
如第5.2节所述,如果第一次询问是作为授权/认证过程的一部分执行的,则本节中定义的AVP也可包括在授权特定应用程序(如[NASREQ]和[DIAMIP])中定义的授权命令中。
The Diameter AVP rules are defined in the Diameter Base [DIAMBASE], section 4. These AVP rules are observed in AVPs defined in this section.
直径AVP规则在直径基准[DIAMBASE]第4节中定义。这些AVP规则在本节定义的AVP中得到遵守。
The following table describes the Diameter AVPs defined in the credit-control application, their AVP Code values, types, possible flag values, and whether the AVP MAY be encrypted. The Diameter base [DIAMBASE] specifies the AVP Flag rules for AVPs in section 4.5.
下表描述了信贷控制应用程序中定义的Diameter AVP、其AVP代码值、类型、可能的标志值,以及AVP是否可以加密。直径基准[DIAMBASE]规定了第4.5节中AVP的AVP标志规则。
+--------------------+ | AVP Flag rules | |----+-----+----+----|----+ AVP Section | | |SHLD|MUST| | Attribute Name Code Defined Data Type |MUST| MAY | NOT|NOT |Encr| -----------------------------------------|----+-----+----+----|----| CC-Correlation-Id 411 8.1 OctetString| | P,M | | V | Y | CC-Input-Octets 412 8.24 Unsigned64 | M | P | | V | Y | CC-Money 413 8.22 Grouped | M | P | | V | Y | CC-Output-Octets 414 8.25 Unsigned64 | M | P | | V | Y | CC-Request-Number 415 8.2 Unsigned32 | M | P | | V | Y | CC-Request-Type 416 8.3 Enumerated | M | P | | V | Y | CC-Service- 417 8.26 Unsigned64 | M | P | | V | Y | Specific-Units | | | | | | CC-Session- 418 8.4 Enumerated | M | P | | V | Y | Failover | | | | | | CC-Sub-Session-Id 419 8.5 Unsigned64 | M | P | | V | Y | CC-Time 420 8.21 Unsigned32 | M | P | | V | Y | CC-Total-Octets 421 8.23 Unsigned64 | M | P | | V | Y | CC-Unit-Type 454 8.32 Enumerated | M | P | | V | Y | Check-Balance- 422 8.6 Enumerated | M | P | | V | Y | Result | | | | | | Cost-Information 423 8.7 Grouped | M | P | | V | Y | Cost-Unit 424 8.12 UTF8String | M | P | | V | Y | Credit-Control 426 8.13 Enumerated | M | P | | V | Y | Credit-Control- 427 8.14 Enumerated | M | P | | V | Y | Failure-Handling | | | | | | Currency-Code 425 8.11 Unsigned32 | M | P | | V | Y | Direct-Debiting- 428 8.15 Enumerated | M | P | | V | Y | Failure-Handling | | | | | | Exponent 429 8.9 Integer32 | M | P | | V | Y | Final-Unit-Action 449 8.35 Enumerated | M | P | | V | Y | Final-Unit- 430 8.34 Grouped | M | P | | V | Y | Indication | | | | | | Granted-Service- 431 8.17 Grouped | M | P | | V | Y | Unit | | | | | | G-S-U-Pool- 453 8.31 Unsigned32 | M | P | | V | Y | Identifier | | | | | |
+--------------------+ | AVP Flag rules | |----+-----+----+----|----+ AVP Section | | |SHLD|MUST| | Attribute Name Code Defined Data Type |MUST| MAY | NOT|NOT |Encr| -----------------------------------------|----+-----+----+----|----| CC-Correlation-Id 411 8.1 OctetString| | P,M | | V | Y | CC-Input-Octets 412 8.24 Unsigned64 | M | P | | V | Y | CC-Money 413 8.22 Grouped | M | P | | V | Y | CC-Output-Octets 414 8.25 Unsigned64 | M | P | | V | Y | CC-Request-Number 415 8.2 Unsigned32 | M | P | | V | Y | CC-Request-Type 416 8.3 Enumerated | M | P | | V | Y | CC-Service- 417 8.26 Unsigned64 | M | P | | V | Y | Specific-Units | | | | | | CC-Session- 418 8.4 Enumerated | M | P | | V | Y | Failover | | | | | | CC-Sub-Session-Id 419 8.5 Unsigned64 | M | P | | V | Y | CC-Time 420 8.21 Unsigned32 | M | P | | V | Y | CC-Total-Octets 421 8.23 Unsigned64 | M | P | | V | Y | CC-Unit-Type 454 8.32 Enumerated | M | P | | V | Y | Check-Balance- 422 8.6 Enumerated | M | P | | V | Y | Result | | | | | | Cost-Information 423 8.7 Grouped | M | P | | V | Y | Cost-Unit 424 8.12 UTF8String | M | P | | V | Y | Credit-Control 426 8.13 Enumerated | M | P | | V | Y | Credit-Control- 427 8.14 Enumerated | M | P | | V | Y | Failure-Handling | | | | | | Currency-Code 425 8.11 Unsigned32 | M | P | | V | Y | Direct-Debiting- 428 8.15 Enumerated | M | P | | V | Y | Failure-Handling | | | | | | Exponent 429 8.9 Integer32 | M | P | | V | Y | Final-Unit-Action 449 8.35 Enumerated | M | P | | V | Y | Final-Unit- 430 8.34 Grouped | M | P | | V | Y | Indication | | | | | | Granted-Service- 431 8.17 Grouped | M | P | | V | Y | Unit | | | | | | G-S-U-Pool- 453 8.31 Unsigned32 | M | P | | V | Y | Identifier | | | | | |
G-S-U-Pool- 457 8.30 Grouped | M | P | | V | Y | Reference | | | | | | Multiple-Services 456 8.16 Grouped | M | P | | V | Y | -Credit-Control | | | | | | Multiple-Services 455 8.40 Enumerated | M | P | | V | Y | -Indicator | | | | | | Rating-Group 432 8.29 Unsigned32 | M | P | | V | Y | Redirect-Address 433 8.38 Enumerated | M | P | | V | Y | -Type | | | | | | Redirect-Server 434 8.37 Grouped | M | P | | V | Y | Redirect-Server 435 8.39 UTF8String | M | P | | V | Y | -Address | | | | | | Requested-Action 436 8.41 Enumerated | M | P | | V | Y | Requested-Service 437 8.18 Grouped | M | P | | V | Y | -Unit | | | | | | Restriction 438 8.36 IPFiltrRule| M | P | | V | Y | -Filter-Rule | | | | | | Service-Context 461 8.42 UTF8String | M | P | | V | Y | -Id | | | | | | Service- 439 8.28 Unsigned32 | M | P | | V | Y | Identifier | | | | | | Service-Parameter 440 8.43 Grouped | | P,M | | V | Y | -Info | | | | | | Service- 441 8.44 Unsigned32 | | P,M | | V | Y | Parameter-Type | | | | | | Service- 442 8.45 OctetString| | P,M | | V | Y | Parameter-Value | | | | | | Subscription-Id 443 8.46 Grouped | M | P | | V | Y | Subscription-Id 444 8.48 UTF8String | M | P | | V | Y | -Data | | | | | | Subscription-Id 450 8.47 Enumerated | M | P | | V | Y | -Type | | | | | | Tariff-Change 452 8.27 Enumerated | M | P | | V | Y | -Usage | | | | | | Tariff-Time 451 8.20 Time | M | P | | V | Y | -Change | | | | | | Unit-Value 445 8.8 Grouped | M | P | | V | Y | Used-Service-Unit 446 8.19 Grouped | M | P | | V | Y | User-Equipment 458 8.49 Grouped | | P,M | | V | Y | -Info | | | | | | User-Equipment 459 8.50 Enumerated | | P,M | | V | Y | -Info-Type | | | | | | User-Equipment 460 8.51 OctetString| | P,M | | V | Y | -Info-Value | | | | | | Value-Digits 447 8.10 Integer64 | M | P | | V | Y | Validity-Time 448 8.33 Unsigned32 | M | P | | V | Y |
G-S-U-Pool- 457 8.30 Grouped | M | P | | V | Y | Reference | | | | | | Multiple-Services 456 8.16 Grouped | M | P | | V | Y | -Credit-Control | | | | | | Multiple-Services 455 8.40 Enumerated | M | P | | V | Y | -Indicator | | | | | | Rating-Group 432 8.29 Unsigned32 | M | P | | V | Y | Redirect-Address 433 8.38 Enumerated | M | P | | V | Y | -Type | | | | | | Redirect-Server 434 8.37 Grouped | M | P | | V | Y | Redirect-Server 435 8.39 UTF8String | M | P | | V | Y | -Address | | | | | | Requested-Action 436 8.41 Enumerated | M | P | | V | Y | Requested-Service 437 8.18 Grouped | M | P | | V | Y | -Unit | | | | | | Restriction 438 8.36 IPFiltrRule| M | P | | V | Y | -Filter-Rule | | | | | | Service-Context 461 8.42 UTF8String | M | P | | V | Y | -Id | | | | | | Service- 439 8.28 Unsigned32 | M | P | | V | Y | Identifier | | | | | | Service-Parameter 440 8.43 Grouped | | P,M | | V | Y | -Info | | | | | | Service- 441 8.44 Unsigned32 | | P,M | | V | Y | Parameter-Type | | | | | | Service- 442 8.45 OctetString| | P,M | | V | Y | Parameter-Value | | | | | | Subscription-Id 443 8.46 Grouped | M | P | | V | Y | Subscription-Id 444 8.48 UTF8String | M | P | | V | Y | -Data | | | | | | Subscription-Id 450 8.47 Enumerated | M | P | | V | Y | -Type | | | | | | Tariff-Change 452 8.27 Enumerated | M | P | | V | Y | -Usage | | | | | | Tariff-Time 451 8.20 Time | M | P | | V | Y | -Change | | | | | | Unit-Value 445 8.8 Grouped | M | P | | V | Y | Used-Service-Unit 446 8.19 Grouped | M | P | | V | Y | User-Equipment 458 8.49 Grouped | | P,M | | V | Y | -Info | | | | | | User-Equipment 459 8.50 Enumerated | | P,M | | V | Y | -Info-Type | | | | | | User-Equipment 460 8.51 OctetString| | P,M | | V | Y | -Info-Value | | | | | | Value-Digits 447 8.10 Integer64 | M | P | | V | Y | Validity-Time 448 8.33 Unsigned32 | M | P | | V | Y |
The CC-Correlation-Id AVP (AVP Code 411) is of type OctetString and contains information to correlate credit-control requests generated for different components of the service; e.g., transport and service level. The one who allocates the Service-Context-Id (i.e., unique identifier of a service specific document) is also responsible for defining the content and encoding of the CC-Correlation-Id AVP.
CC Correlation Id AVP(AVP代码411)是OctetString类型,并且包含用于关联为服务的不同组件生成的信用控制请求的信息;e、 例如,运输和服务水平。分配服务上下文Id(即,特定于服务的文档的唯一标识符)的人还负责定义CC Correlation Id AVP的内容和编码。
The CC-Request-Number AVP (AVP Code 415) is of type Unsigned32 and identifies this request within one session. As Session-Id AVPs are globally unique, the combination of Session-Id and CC-Request-Number AVPs is also globally unique and can be used in matching credit-control messages with confirmations. An easy way to produce unique numbers is to set the value to 0 for a credit-control request of type INITIAL_REQUEST and EVENT_REQUEST and to set the value to 1 for the first UPDATE_REQUEST, to 2 for the second, and so on until the value for TERMINATION_REQUEST is one more than for the last UPDATE_REQUEST.
CC请求号AVP(AVP代码415)的类型为Unsigned32,并且在一个会话内标识该请求。由于会话Id AVP是全局唯一的,会话Id和CC请求号AVP的组合也是全局唯一的,可用于将信用控制消息与确认匹配。生成唯一数字的一种简单方法是,对于类型为INITIAL_request和EVENT_request的信用控制请求,将值设置为0,对于第一个更新_请求,将值设置为1,对于第二个更新_请求,将值设置为2,依此类推,直到终止_请求的值比最后一个更新_请求的值多一个。
The CC-Request-Type AVP (AVP Code 416) is of type Enumerated and contains the reason for sending the credit-control request message. It MUST be present in all Credit-Control-Request messages. The following values are defined for the CC-Request-Type AVP:
CC请求类型AVP(AVP代码416)属于枚举类型,并且包含发送信用控制请求消息的原因。它必须出现在所有信用控制请求消息中。为CC请求类型AVP定义了以下值:
INITIAL_REQUEST 1 An Initial request is used to initiate a credit-control session, and contains credit control information that is relevant to the initiation.
初始请求1初始请求用于启动信用控制会话,并包含与启动相关的信用控制信息。
UPDATE_REQUEST 2 An Update request contains credit-control information for an existing credit-control session. Update credit-control requests SHOULD be sent every time a credit-control re-authorization is needed at the expiry of the allocated quota or validity time. Further, additional service-specific events MAY trigger a spontaneous Update request.
更新请求2更新请求包含现有信用控制会话的信用控制信息。每次在分配的配额或有效期到期时需要信用控制重新授权时,都应发送更新信用控制请求。此外,附加的特定于服务的事件可能触发自发的更新请求。
TERMINATION_REQUEST 3 A Termination request is sent to terminate a credit-control session and contains credit-control information relevant to the existing session.
终止请求3发送终止请求以终止信用控制会话,并包含与现有会话相关的信用控制信息。
EVENT_REQUEST 4 An Event request is used when there is no need to maintain any credit-control session state in the credit-control server. This request contains all information relevant to the service, and is the only request of the service. The reason for the Event request is further detailed in the Requested-Action AVP. The Requested-Action AVP MUST be included in the Credit-Control-Request message when CC-Request-Type is set to EVENT_REQUEST.
事件\ U请求4当不需要在信用控制服务器中维护任何信用控制会话状态时,使用事件请求。此请求包含与服务相关的所有信息,是服务的唯一请求。事件请求的原因将在请求的操作AVP中进一步详细说明。当CC Request Type设置为EVENT_Request时,请求的操作AVP必须包含在信贷控制请求消息中。
The CC-Session-Failover AVP (AVP Code 418) is type of Enumerated and contains information as to whether moving the credit-control message stream to a backup server during an ongoing credit-control session is supported. In communication failures, the credit-control message streams can be moved to an alternative destination if the credit-control server supports failover to an alternative server. The secondary credit-control server name, if received from the home Diameter AAA server, can be used as an address of the backup server. An implementation is not required to support moving a credit-control message stream to an alternative server, as this also requires moving information related to the credit-control session to backup server.
CC会话故障转移AVP(AVP代码418)是枚举的类型,并且包含关于是否支持在正在进行的信用控制会话期间将信用控制消息流移动到备份服务器的信息。在通信故障中,如果信用控制服务器支持故障切换到备用服务器,则信用控制消息流可以移动到备用目标。辅助信用控制服务器名称(如果从home Diameter AAA服务器接收)可以用作备份服务器的地址。不需要实现来支持将信用控制消息流移动到备用服务器,因为这还需要将与信用控制会话相关的信息移动到备份服务器。
The following values are defined for the CC-Session-Failover AVP:
为CC会话故障转移AVP定义了以下值:
FAILOVER_NOT_SUPPORTED 0 When the CC-Session-Failover AVP is set to FAILOVER_NOT_SUPPORTED, the credit-control message stream MUST NOT to be moved to an alternative destination in the case of communication failure.
故障转移\u不受支持0当CC会话故障转移AVP设置为故障转移\u不受支持时,在通信失败的情况下,不得将信用控制消息流移动到备用目标。
This is the default behavior if the AVP isn't included in the reply from the authorization or credit-control server.
如果来自授权或信用控制服务器的回复中未包含AVP,则这是默认行为。
FAILOVER_SUPPORTED 1 When the CC-Session-Failover AVP is set to FAILOVER_SUPPORTED, the credit-control message stream SHOULD be moved to an alternative destination in the case of communication failure. Moving the credit-control message stream to a backup server MAY require that information related to the credit-control session should also be forwarded to alternative server.
FAILOVER_SUPPORTED 1当CC会话故障转移AVP设置为FAILOVER_SUPPORTED时,在通信失败的情况下,应将信用控制消息流移动到备用目标。将信用控制消息流移动到备份服务器可能需要将与信用控制会话相关的信息也转发到备用服务器。
The CC-Sub-Session-Id AVP (AVP Code 419) is of type Unsigned64 and contains the credit-control sub-session identifier. The combination of the Session-Id and this AVP MUST be unique per sub-session, and
CC子会话Id AVP(AVP代码419)的类型为Unsigned64,包含信用控制子会话标识符。会话Id和此AVP的组合在每个子会话中必须是唯一的,并且
the value of this AVP MUST be monotonically increased by one for all new sub-sessions. The absence of this AVP implies that no sub-sessions are in use.
对于所有新的子会话,该AVP的值必须单调增加1。没有此AVP意味着没有使用子会话。
The Check Balance Result AVP (AVP Code 422) is of type Enumerated and contains the result of the balance check. This AVP is applicable only when the Requested-Action AVP indicates CHECK_BALANCE in the Credit-Control-Request command.
检查余额结果AVP(AVP代码422)属于枚举类型,并且包含余额检查的结果。仅当请求的操作AVP在信贷控制请求命令中指示检查余额时,此AVP才适用。
The following values are defined for the Check-Balance-Result AVP.
以下值是为校验平衡结果AVP定义的。
ENOUGH_CREDIT 0 There is enough credit in the account to cover the requested service.
足够的信用0帐户中有足够的信用来支付请求的服务。
NO_CREDIT 1 There isn't enough credit in the account to cover the requested service.
没有信用1帐户中没有足够的信用来支付请求的服务。
The Cost-Information AVP (AVP Code 423) is of type Grouped, and it is used to return the cost information of a service, which the credit-control client can transfer transparently to the end user. The included Unit-Value AVP contains the cost estimate (always type of money) of the service, in the case of price enquiry, or the accumulated cost estimation, in the case of credit-control session.
成本信息AVP(AVP代码423)是分组的类型,用于返回服务的成本信息,信用控制客户端可以将该信息透明地传输给最终用户。包含的单位价值AVP包含服务的成本估算(始终为货币类型),如果是询价,或者是累计成本估算(如果是信用控制会话)。
The Currency-Code specifies in which currency the cost was given. The Cost-Unit specifies the unit when the service cost is a cost per unit (e.g., cost for the service is $1 per minute).
货币代码指定成本以何种货币计算。成本单位指定服务成本为单位成本时的单位(例如,服务成本为每分钟1美元)。
When the Requested-Action AVP with value PRICE_ENQUIRY is included in the Credit-Control-Request command, the Cost-Information AVP sent in the succeeding Credit-Control-Answer command contains the cost estimation of the requested service, without any reservation being made.
当信用控制请求命令中包含请求的带有价值价格查询的操作AVP时,在后续信用控制应答命令中发送的成本信息AVP包含请求服务的成本估算,而不进行任何保留。
The Cost-Information AVP included in the Credit-Control-Answer command with the CC-Request-Type set to UPDATE_REQUEST contains the accumulated cost estimation for the session, without taking any credit reservation into account.
信用控制应答命令中包含的成本信息AVP(CC Request Type设置为UPDATE_Request)包含会话的累积成本估算,而不考虑任何信用保留。
The Cost-Information AVP included in the Credit-Control-Answer command with the CC-Request-Type set to EVENT_REQUEST or TERMINATION_REQUEST contains the estimated total cost for the requested service.
信用控制应答命令中包含的成本信息AVP(CC请求类型设置为事件请求或终止请求)包含所请求服务的估计总成本。
It is defined as follows (per the grouped-avp-def of RFC 3588 [DIAMBASE]):
其定义如下(根据RFC 3588[DIAMBASE]的分组avp def):
Cost-Information ::= < AVP Header: 423 > { Unit-Value } { Currency-Code } [ Cost-Unit ]
Cost-Information ::= < AVP Header: 423 > { Unit-Value } { Currency-Code } [ Cost-Unit ]
Unit-Value AVP is of type Grouped (AVP Code 445) and specifies the units as decimal value. The Unit-Value is a value with an exponent; i.e., Unit-Value = Value-Digits AVP * 10^Exponent. This representation avoids unwanted rounding off. For example, the value of 2,3 is represented as Value-Digits = 23 and Exponent = -1. The absence of the exponent part MUST be interpreted as an exponent equal to zero.
单位值AVP为分组类型(AVP代码445),并将单位指定为十进制值。单位值是具有指数的值;i、 例如,单位值=数值位数AVP*10^指数。这种表示避免了不必要的舍入。例如,2,3的值表示为数值位数=23,指数=1。没有指数部分必须解释为指数等于零。
It is defined as follows (per the grouped-avp-def of RFC 3588 [DIAMBASE]):
其定义如下(根据RFC 3588[DIAMBASE]的分组avp def):
Unit-Value ::= < AVP Header: 445 > { Value-Digits } [ Exponent ]
Unit-Value ::= < AVP Header: 445 > { Value-Digits } [ Exponent ]
Exponent AVP is of type Integer32 (AVP Code 429) and contains the exponent value to be applied for the Value-Digit AVP within the Unit-Value AVP.
指数AVP的类型为Integer32(AVP代码429),包含要应用于单位值AVP内的数值数字AVP的指数值。
The Value-Digits AVP is of type Integer64 (AVP Code 447) and contains the significant digits of the number. If decimal values are needed to present the units, the scaling MUST be indicated with the related Exponent AVP. For example, for the monetary amount $ 0.05 the value of Value-Digits AVP MUST be set to 5, and the scaling MUST be indicated with the Exponent AVP set to -2.
数值数字AVP的类型为Integer64(AVP代码447),包含数字的有效位。如果需要十进制值来表示单位,则必须用相关指数AVP指示缩放比例。例如,对于货币金额$0.05,值位AVP的值必须设置为5,并且必须使用指数AVP设置为-2来指示缩放。
The Currency-Code AVP (AVP Code 425) is of type Unsigned32 and contains a currency code that specifies in which currency the values of AVPs containing monetary units were given. It is specified by using the numeric values defined in the ISO 4217 standard [ISO4217].
货币代码AVP(AVP代码425)的类型为Unsigned32,并包含一个货币代码,该代码指定包含货币单位的AVP值是以何种货币给出的。它通过使用ISO 4217标准[ISO4217]中定义的数值来指定。
The Cost-Unit AVP (AVP Code 424) is of type UTF8String, and it is used to display a human readable string to the end user. It specifies the applicable unit to the Cost-Information when the service cost is a cost per unit (e.g., cost of the service is $1 per minute). The Cost-Unit can be minutes, hours, days, kilobytes, megabytes, etc.
成本单位AVP(AVP代码424)为UTF8String类型,用于向最终用户显示人类可读的字符串。当服务成本为每单位成本(例如,服务成本为每分钟1美元)时,它指定了成本信息的适用单位。成本单位可以是分钟、小时、天、千字节、兆字节等。
The Credit-Control AVP (AVP Code 426) is of type Enumerated and MUST be included in AA requests when the service element has credit-control capabilities.
信用控制AVP(AVP代码426)属于枚举类型,当服务元素具有信用控制功能时,必须将其包括在AA请求中。
CREDIT_AUTHORIZATION 0 If the home Diameter AAA server determines that the user has prepaid subscription, this value indicates that the credit-control server MUST be contacted to perform the first interrogation. The value of the Credit-Control AVP MUST always be set to 0 in an AA request sent to perform the first interrogation and to initiate a new credit-control session.
CREDIT_AUTHORIZATION 0如果home Diameter AAA服务器确定用户具有预付费订阅,则此值表示必须联系信用控制服务器以执行第一次询问。在发送的AA请求中,信用控制AVP的值必须始终设置为0,以执行第一次询问并启动新的信用控制会话。
RE_AUTHORIZATION 1 This value indicates to the Diameter AAA server that a credit-control session is ongoing for the subscriber and that the credit-control server MUST not be contacted. The Credit-Control AVP set to the value of 1 is to be used only when the first interrogation has been successfully performed and the credit-control session is ongoing (i.e., re-authorization triggered by Authorization-Lifetime). This value MUST NOT be used in an AA request sent to perform the first interrogation.
RE_AUTHORIZATION 1此值向Diameter AAA服务器指示订户的信用控制会话正在进行,并且不得联系信用控制服务器。设置为1的信用控制AVP仅在第一次询问已成功执行且信用控制会话正在进行(即,由授权寿命触发的重新授权)时使用。此值不得用于发送以执行第一次询问的AA请求。
The Credit-Control-Failure-Handling AVP (AVP Code 427) is of type Enumerated. The credit-control client uses information in this AVP to decide what to do if sending credit-control messages to the credit-control server has been, for instance, temporarily prevented due to a network problem. Depending on the service logic, the credit-control server can order the client to terminate the service
信用控制故障处理AVP(AVP代码427)属于枚举类型。信用控制客户端使用此AVP中的信息来决定在向信用控制服务器发送信用控制消息(例如,由于网络问题而暂时被阻止)时要做什么。根据服务逻辑,信用控制服务器可以命令客户端终止服务
immediately when there is a reason to believe that the service cannot be charged, or to try failover to an alternative server, if possible. Then the server could either terminate or grant the service, should the alternative connection also fail.
如果有理由相信服务无法收费,或尝试故障切换到备用服务器(如果可能),则立即进行。然后,如果备用连接也失败,服务器可以终止或授予服务。
TERMINATE 0 When the Credit-Control-Failure-Handling AVP is set to TERMINATE, the service MUST only be granted for as long as there is a connection to the credit-control server. If the credit-control client does not receive any Credit-Control-Answer message within the Tx timer (as defined in section 13), the credit-control request is regarded as failed, and the end user's service session is terminated.
终止0当Credit Control Failure Handling AVP设置为TERMINATE时,只有在与Credit Control server建立连接的情况下,才能授予该服务。如果信用控制客户端在发送计时器(如第13节所定义)内未收到任何信用控制应答消息,则信用控制请求被视为失败,最终用户的服务会话终止。
This is the default behavior if the AVP isn't included in the reply from the authorization or credit-control server.
如果来自授权或信用控制服务器的回复中未包含AVP,则这是默认行为。
CONTINUE 1 When the Credit-Control-Failure-Handling AVP is set to CONTINUE, the credit-control client SHOULD re-send the request to an alternative server in the case of transport or temporary failures, provided that a failover procedure is supported in the credit-control server and the credit-control client, and that an alternative server is available. Otherwise, the service SHOULD be granted, even if credit-control messages can't be delivered.
继续1当信用控制故障处理AVP设置为继续时,如果信用控制服务器和信用控制客户端中支持故障切换过程,则信用控制客户端应在传输或临时故障的情况下将请求重新发送到备用服务器,并且有一个替代服务器可用。否则,即使无法传递信用控制消息,也应授予服务。
RETRY_AND_TERMINATE 2 When the Credit-Control-Failure-Handling AVP is set to RETRY_AND_TERMINATE, the credit-control client SHOULD re-send the request to an alternative server in the case of transport or temporary failures, provided that a failover procedure is supported in the credit-control server and the credit-control client, and that an alternative server is available. Otherwise, the service SHOULD not be granted when the credit-control messages can't be delivered.
RETRY_和_TERMINATE 2当信用控制故障处理AVP设置为RETRY_和_TERMINATE时,如果发生传输或临时故障,信用控制客户端应将请求重新发送到备用服务器,前提是信用控制服务器和信用控制客户端中支持故障切换过程,并且有一个替代服务器可用。否则,当信用控制消息无法传递时,不应授予服务。
The Direct-Debiting-Failure-Handling AVP (AVP Code 428) is of type Enumerated. The credit-control client uses information in this AVP to decide what to do if sending credit-control messages (Requested-Action AVP set to DIRECT_DEBITING) to the credit-control server has been, for instance, temporarily prevented due to a network problem.
直接借记故障处理AVP(AVP代码428)属于枚举类型。例如,如果由于网络问题暂时阻止向信用控制服务器发送信用控制消息(请求的操作AVP设置为DIRECT_DEBITING),信用控制客户端将使用此AVP中的信息来决定要做什么。
TERMINATE_OR_BUFFER 0 When the Direct-Debiting-Failure-Handling AVP is set to TERMINATE_OR_BUFFER, the service MUST be granted for as long as there is a connection to the credit-control server. If the
终止\u或\u缓冲区0当直接借记失败处理AVP设置为终止\u或\u缓冲区时,只要与信用控制服务器有连接,就必须授予服务。如果
credit-control client does not receive any Credit-Control-Answer message within the Tx timer (as defined in section 13) the credit-control request is regarded as failed. The client SHOULD terminate the service if it can determine from the failed answer that units have not been debited. Otherwise the credit-control client SHOULD grant the service, store the request in application level non-volatile storage, and try to re-send the request. These requests MUST be marked as possible duplicates by setting the T-flag in the command header as described in [DIAMBASE] section 3.
信用控制客户端在发送计时器(如第13节所定义)内未收到任何信用控制应答消息。信用控制请求被视为失败。如果客户可以从失败的回答中确定未借记单位,则应终止服务。否则,信用控制客户端应授予服务,将请求存储在应用程序级非易失性存储器中,并尝试重新发送请求。必须按照[DIAMBASE]第3节中的说明,通过在命令头中设置T标志,将这些请求标记为可能的重复请求。
This is the default behavior if the AVP isn't included in the reply from the authorization server.
如果来自授权服务器的回复中未包含AVP,则这是默认行为。
CONTINUE 1 When the Direct-Debiting-Failure-Handling AVP is set to CONTINUE, the service SHOULD be granted, even if credit-control messages can't be delivered, and the request should be deleted.
继续1当直接借记失败处理AVP设置为继续时,即使无法传递信用控制消息,也应授予服务,并且应删除请求。
Multiple-Services-Credit-Control AVP (AVP Code 456) is of type Grouped and contains the AVPs related to the independent credit-control of multiple services feature. Note that each instance of this AVP carries units related to one or more services or related to a single rating group.
多服务信用控制AVP(AVP代码456)属于分组类型,包含与多服务独立信用控制功能相关的AVP。请注意,此AVP的每个实例都包含与一个或多个服务相关的单元或与单个评级组相关的单元。
The Service-Identifier and the Rating-Group AVPs are used to associate the granted units to a given service or rating group. If both the Service-Identifier and the Rating-Group AVPs are included, the target of the service units is always the service(s) indicated by the value of the Service-Identifier AVP(s). If only the Rating-Group-Id AVP is present, the Multiple-Services-Credit-Control AVP relates to all the services that belong to the specified rating group.
服务标识符和评级组AVP用于将授予的单位与给定的服务或评级组相关联。如果包括服务标识符和评级组AVP,则服务单元的目标始终是由服务标识符AVP的值指示的服务。如果仅存在评级组Id AVP,则多服务信用控制AVP与属于指定评级组的所有服务相关。
The G-S-U-Pool-Reference AVP allows the server to specify a G-S-U-Pool-Identifier identifying a credit pool within which the units of the specified type are considered pooled. If a G-S-U-Pool-Reference AVP is present, then actual service units of the specified type MUST also be present. For example, if the G-S-U-Pool-Reference AVP specifies Unit-Type TIME, then the CC-Time AVP MUST be present.
G-S-U-Pool-Reference AVP允许服务器指定一个G-S-U-Pool-Identifier,标识一个信贷池,在该信贷池中,指定类型的单位被视为池。如果存在G-S-U-Pool-Reference AVP,则还必须存在指定类型的实际服务单元。例如,如果G-S-U-Pool-Reference AVP指定单位类型时间,则CC TIME AVP必须存在。
The Requested-Service-Unit AVP MAY contain the amount of requested service units or the requested monetary value. It MUST be present in the initial interrogation and within the intermediate interrogations in which new quota is requested. If the credit-control client does not include the Requested-Service-Unit AVP in a request command, because for instance, it has determined that the end-user terminated
请求的服务单位AVP可以包含请求的服务单位的数量或请求的货币价值。它必须出现在初始询问和请求新配额的中间询问中。如果信用控制客户端未在请求命令中包括请求的服务单元AVP,例如,因为它已确定最终用户已终止
the service, the server MUST debit the used amount from the user's account but MUST NOT return a new quota in the corresponding answer. The Validity-Time, Result-Code, and Final-Unit-Indication AVPs MAY be present in an answer command as defined in sections 5.1.2 and 5.6 for the graceful service termination.
对于服务,服务器必须从用户帐户中扣除已使用的金额,但不得在相应的回答中返回新配额。有效时间、结果代码和最终装置指示AVP可出现在第5.1.2节和第5.6节中定义的应答命令中,用于正常服务终止。
When both the Tariff-Time-Change and Tariff-Change-Usage AVPs are present, the server MUST include two separate instances of the Multiple-Services-Credit-Control AVP with the Granted-Service-Unit AVP associated to the same service-identifier and/or rating-group. Where the two quotas are associated to the same pool or to different pools, the credit pooling mechanism defined in section 5.1.2 applies. The Tariff-Change-Usage AVP MUST NOT be included in request commands to report used units before, and after tariff time change the Used-Service-Unit AVP MUST be used.
当电价时间变化和电价变化使用AVP都存在时,服务器必须包括多服务信用控制AVP的两个单独实例,且授权服务单元AVP与同一服务标识符和/或评级组关联。如果两个配额关联到同一个池或不同的池,则第5.1.2节中定义的信贷池机制适用。电价变更使用AVP不得包含在报告电价时间变更之前和之后已用机组的请求命令中,必须使用已用服务机组AVP。
A server not implementing the independent credit-control of multiple services functionality MUST treat the Multiple-Services-Credit-Control AVP as an invalid AVP.
未实现多服务独立信用控制功能的服务器必须将多服务信用控制AVP视为无效AVP。
The Multiple-Services-Control AVP is defined as follows (per the grouped-avp-def of RFC 3588 [DIAMBASE]):
多业务控制AVP定义如下(根据RFC 3588[DIAMBASE]的分组AVP定义):
Multiple-Services-Credit-Control ::= < AVP Header: 456 > [ Granted-Service-Unit ] [ Requested-Service-Unit ] *[ Used-Service-Unit ] [ Tariff-Change-Usage ] *[ Service-Identifier ] [ Rating-Group ] *[ G-S-U-Pool-Reference ] [ Validity-Time ] [ Result-Code ] [ Final-Unit-Indication ] *[ AVP ]
Multiple-Services-Credit-Control ::= < AVP Header: 456 > [ Granted-Service-Unit ] [ Requested-Service-Unit ] *[ Used-Service-Unit ] [ Tariff-Change-Usage ] *[ Service-Identifier ] [ Rating-Group ] *[ G-S-U-Pool-Reference ] [ Validity-Time ] [ Result-Code ] [ Final-Unit-Indication ] *[ AVP ]
Granted-Service-Unit AVP (AVP Code 431) is of type Grouped and contains the amount of units that the Diameter credit-control client can provide to the end user until the service must be released or the new Credit-Control-Request must be sent. A client is not required to implement all the unit types, and it must treat unknown or unsupported unit types in the answer message as an incorrect CCA answer. In this case, the client MUST terminate the credit-control session and indicate in the Termination-Cause AVP reason DIAMETER_BAD_ANSWER.
授权服务单位AVP(AVP代码431)属于分组类型,包含Diameter信用控制客户端可以向最终用户提供的单位数量,直到必须发布服务或发送新的信用控制请求为止。客户端不需要实现所有单元类型,它必须将应答消息中的未知或不支持的单元类型视为不正确的CCA应答。在这种情况下,客户必须终止信用控制会话,并在终止原因AVP原因DIAMETER\u BAD\u答案中指出。
The Granted-Service-Unit AVP is defined as follows (per the grouped-avp-def of RFC 3588 [DIAMBASE]):
授权服务单元AVP定义如下(根据RFC 3588[DIAMBASE]的分组AVP定义):
Granted-Service-Unit ::= < AVP Header: 431 > [ Tariff-Time-Change ] [ CC-Time ] [ CC-Money ] [ CC-Total-Octets ] [ CC-Input-Octets ] [ CC-Output-Octets ] [ CC-Service-Specific-Units ] *[ AVP ]
Granted-Service-Unit ::= < AVP Header: 431 > [ Tariff-Time-Change ] [ CC-Time ] [ CC-Money ] [ CC-Total-Octets ] [ CC-Input-Octets ] [ CC-Output-Octets ] [ CC-Service-Specific-Units ] *[ AVP ]
The Requested-Service-Unit AVP (AVP Code 437) is of type Grouped and contains the amount of requested units specified by the Diameter credit-control client. A server is not required to implement all the unit types, and it must treat unknown or unsupported unit types as invalid AVPs.
请求的服务单元AVP(AVP代码437)属于分组类型,包含Diameter信用控制客户端指定的请求单元数量。服务器不需要实现所有单元类型,它必须将未知或不受支持的单元类型视为无效AVP。
The Requested-Service-Unit AVP is defined as follows (per the grouped-avp-def of RFC 3588 [DIAMBASE]):
请求的服务单元AVP定义如下(根据RFC 3588[DIAMBASE]的分组AVP def):
Requested-Service-Unit ::= < AVP Header: 437 > [ CC-Time ] [ CC-Money ] [ CC-Total-Octets ] [ CC-Input-Octets ] [ CC-Output-Octets ] [ CC-Service-Specific-Units ] *[ AVP ]
Requested-Service-Unit ::= < AVP Header: 437 > [ CC-Time ] [ CC-Money ] [ CC-Total-Octets ] [ CC-Input-Octets ] [ CC-Output-Octets ] [ CC-Service-Specific-Units ] *[ AVP ]
The Used-Service-Unit AVP is of type Grouped (AVP Code 446) and contains the amount of used units measured from the point when the service became active or, if interim interrogations are used during the session, from the point when the previous measurement ended.
使用的服务单元AVP为分组类型(AVP代码446),包含从服务激活时点或(如果在会话期间使用临时询问)从上一次测量结束时开始测量的使用单元量。
The Used-Service-Unit AVP is defined as follows (per the grouped-avp-def of RFC 3588 [DIAMBASE]):
使用的维修装置AVP定义如下(根据RFC 3588[DIAMBASE]的分组AVP def):
Used-Service-Unit ::= < AVP Header: 446 > [ Tariff-Change-Usage ] [ CC-Time ] [ CC-Money ] [ CC-Total-Octets ] [ CC-Input-Octets ] [ CC-Output-Octets ] [ CC-Service-Specific-Units ] *[ AVP ]
Used-Service-Unit ::= < AVP Header: 446 > [ Tariff-Change-Usage ] [ CC-Time ] [ CC-Money ] [ CC-Total-Octets ] [ CC-Input-Octets ] [ CC-Output-Octets ] [ CC-Service-Specific-Units ] *[ AVP ]
The Tariff-Time-Change AVP (AVP Code 451) is of type Time. It is sent from the server to the client and includes the time in seconds since January 1, 1900, 00:00 UTC, when the tariff of the service will be changed.
电价时间变化AVP(AVP代码451)为时间类型。它从服务器发送到客户端,并包括自1900年1月1日00:00 UTC起的时间(以秒为单位),该时间将更改服务的费率。
The tariff change mechanism is optional for the client and server, and it is not used for time-based services defined in section 5. If a client does not support the tariff time change mechanism, it MUST treat Tariff-Time-Change AVP in the answer message as an incorrect CCA answer. In this case, the client terminates the credit-control session and indicates in the Termination-Cause AVP reason DIAMETER_BAD_ANSWER.
费率变更机制对于客户端和服务器是可选的,不用于第5节中定义的基于时间的服务。如果客户机不支持费率时间更改机制,则必须将应答消息中的费率时间更改AVP视为不正确的CCA应答。在这种情况下,客户机终止信用控制会话,并在终止原因AVP原因DIAMETER\u BAD\u答案中指出。
Omission of this AVP means that no tariff change is to be reported.
省略本AVP意味着不报告电价变化。
The CC-Time AVP (AVP Code 420) is of type Unsigned32 and indicates the length of the requested, granted, or used time in seconds.
CC Time AVP(AVP代码420)的类型为Unsigned32,表示请求、授予或使用的时间长度(以秒为单位)。
The CC-Money AVP (AVP Code 413) is of type Grouped and specifies the monetary amount in the given currency. The Currency-Code AVP SHOULD be included. It is defined as follows (per the grouped-avp-def of RFC 3588 [DIAMBASE]):
CC Money AVP(AVP代码413)属于分组类型,指定给定货币的货币金额。应包括货币代码AVP。其定义如下(根据RFC 3588[DIAMBASE]的分组avp def):
CC-Money ::= < AVP Header: 413 > { Unit-Value } [ Currency-Code ]
CC-Money ::= < AVP Header: 413 > { Unit-Value } [ Currency-Code ]
The CC-Total-Octets AVP (AVP Code 421) is of type Unsigned64 and contains the total number of requested, granted, or used octets regardless of the direction (sent or received).
CC Total Octets AVP(AVP代码421)的类型为Unsigned64,包含请求、授予或使用的八位字节总数,而不管方向(发送或接收)。
The CC-Input-Octets AVP (AVP Code 412) is of type Unsigned64 and contains the number of requested, granted, or used octets that can be/have been received from the end user.
CC输入八位字节AVP(AVP代码412)的类型为Unsigned64,包含可以/已经从最终用户接收到的请求、授权或使用的八位字节数。
The CC-Output-Octets AVP (AVP Code 414) is of type Unsigned64 and contains the number of requested, granted, or used octets that can be/have been sent to the end user.
CC输出八位字节AVP(AVP代码414)的类型为Unsigned64,包含可以/已经发送给最终用户的请求、授权或使用的八位字节数。
The CC-Service-Specific-Units AVP (AVP Code 417) is of type Unsigned64 and specifies the number of service-specific units (e.g., number of events, points) given in a selected service. The service-specific units always refer to the service identified in the Service-Identifier AVP (or Rating-Group AVP when the Multiple-Services-Credit-Control AVP is used).
CC服务特定单元AVP(AVP代码417)的类型为Unsigned64,并指定所选服务中给定的服务特定单元数(例如,事件数、点数)。服务特定单元始终指服务标识符AVP(或使用多服务信用控制AVP时的评级组AVP)中标识的服务。
The Tariff-Change-Usage AVP (AVP Code 452) is of type Enumerated and defines whether units are used before or after a tariff change, or whether the units straddled a tariff change during the reporting period. Omission of this AVP means that no tariff change has occurred.
电价变动使用AVP(AVP代码452)属于列举类型,定义了电价变动之前或之后是否使用机组,或者机组是否在报告期内跨越电价变动。省略本AVP意味着未发生任何关税变化。
In addition, when present in answer messages as part of the Multiple-Services-Credit-Control AVP, this AVP defines whether units are allocated to be used before or after a tariff change event.
此外,当作为多服务信用控制AVP的一部分出现在应答消息中时,该AVP定义了在电价变更事件之前或之后是否分配了要使用的单元。
When the Tariff-Time-Change AVP is present, omission of this AVP in answer messages means that the single quota mechanism applies.
当电价时间变化AVP存在时,应答消息中省略该AVP意味着采用单一配额机制。
Tariff-Change-Usage can be one of the following:
电价变更用途可以是以下情况之一:
UNIT_BEFORE_TARIFF_CHANGE 0 When present in the Multiple-Services-Credit-Control AVP, this value indicates the amount of the units allocated for use before a tariff change occurs.
电价变动前的单位电价变动0当存在于多服务信用控制AVP中时,该值表示电价变动发生前分配使用的单位数量。
When present in the Used-Service-Unit AVP, this value indicates the amount of resource units used before a tariff change had occurred.
当存在于已使用的服务单元AVP中时,该值表示在电价发生变化之前已使用的资源单元数量。
UNIT_AFTER_TARIFF_CHANGE 1 When present in the Multiple-Services-Credit-Control AVP, this value indicates the amount of the units allocated for use after a tariff change occurs.
电价变动后的单位电价变动1当出现在多服务信贷控制AVP中时,该值表示电价变动后分配使用的单位数量。
When present in the Used-Service-Unit AVP, this value indicates the amount of resource units used after tariff change had occurred.
当存在于已使用的服务单元AVP中时,该值表示发生电价变化后使用的资源单元数量。
UNIT_INDETERMINATE 2 The used unit contains the amount of units that straddle the tariff change (e.g., the metering process reports to the credit-control client in blocks of n octets, and one block straddled the tariff change). This value is to be used only in the Used-Service-Unit AVP.
UNIT_Undeterminate 2使用的单位包含跨越电价变化的单位数量(例如,计量过程以n个八位字节的块向信贷控制客户报告,一个块跨越电价变化)。该值仅用于已使用的维修单元AVP。
The Service-Identifier AVP is of type Unsigned32 (AVP Code 439) and contains the identifier of a service. The specific service the request relates to is uniquely identified by the combination of Service-Context-Id and Service-Identifier AVPs.
服务标识符AVP的类型为Unsigned32(AVP代码439),并且包含服务的标识符。请求所涉及的特定服务由服务上下文Id和服务标识符AVPs的组合唯一标识。
A usage example of this AVP is illustrated in Appendix A (Flow IX).
附录A(流程IX)中说明了该AVP的使用示例。
The Rating-Group AVP is of type Unsigned32 (AVP Code 432) and contains the identifier of a rating group. All the services subject to the same rating type are part of the same rating group. The specific rating group the request relates to is uniquely identified by the combination of Service-Context-Id and Rating-Group AVPs.
评级组AVP的类型为Unsigned32(AVP代码432),包含评级组的标识符。属于同一评级类型的所有服务均属于同一评级组。请求所涉及的特定评级组由服务上下文Id和评级组AVP的组合唯一标识。
A usage example of this AVP is illustrated in Appendix A (Flow IX).
附录A(流程IX)中说明了该AVP的使用示例。
The G-S-U-Pool-Reference AVP (AVP Code 457) is of type Grouped. It is used in the Credit-Control-Answer message, and associates the Granted-Service-Unit AVP within which it appears with a credit pool within the session.
G-S-U-Pool-Reference AVP(AVP代码457)为分组型。它在信用控制应答消息中使用,并将出现在其中的授权服务单元AVP与会话中的信用池相关联。
The G-S-U-Pool-Identifier AVP specifies the credit pool from which credit is drawn for this unit type.
G-S-U-Pool-Identifier AVP指定从中为此单位类型提取信用的信用池。
The CC-Unit-Type AVP specifies the type of units for which credit is pooled.
CC Unit Type AVP指定信用汇集的单位类型。
The Unit-Value AVP specifies the multiplier, which converts between service units of type CC-Unit-Type and abstract service units within the credit pool (and thus to service units of any other service or rating group associated with the same pool).
单位值AVP指定乘数,该乘数在信用池内CC Unit type服务单位和抽象服务单位之间转换(从而转换为与同一池关联的任何其他服务或评级组的服务单位)。
The G-S-U-Pool-Reference AVP is defined as follows (per the grouped-avp-def of RFC 3588 [DIAMBASE]):
G-S-U-Pool-Reference AVP定义如下(根据RFC 3588[DIAMBASE]的分组AVP def):
G-S-U-Pool-Reference ::= < AVP Header: 457 > { G-S-U-Pool-Identifier } { CC-Unit-Type } { Unit-Value }
G-S-U-Pool-Reference ::= < AVP Header: 457 > { G-S-U-Pool-Identifier } { CC-Unit-Type } { Unit-Value }
The G-S-U-Pool-Identifier AVP (AVP Code 453) is of type Unsigned32 and identifies a credit pool within the session.
G-S-U-Pool-Identifier AVP(AVP代码453)的类型为Unsigned32,用于标识会话中的信用池。
The CC-Unit-Type AVP (AVP Code 454) is of type Enumerated and specifies the type of units considered to be pooled into a credit pool.
CC单位类型AVP(AVP代码454)属于枚举类型,并指定被视为汇集到信贷池中的单位类型。
The following values are defined for the CC-Unit-Type AVP:
为CC装置类型AVP定义了以下值:
TIME 0 MONEY 1 TOTAL-OCTETS 2 INPUT-OCTETS 3 OUTPUT-OCTETS 4 SERVICE-SPECIFIC-UNITS 5
时间0货币1总计八位字节2输入八位字节3输出八位字节4服务特定单元5
The Validity-Time AVP is of type Unsigned32 (AVP Code 448). It is sent from the credit-control server to the credit-control client. The AVP contains the validity time of the granted service units. The measurement of the Validity-Time is started upon receipt of the Credit-Control-Answer Message containing this AVP. If the granted service units have not been consumed within the validity time specified in this AVP, the credit-control client MUST send a Credit-Control-Request message to the server, with CC-Request-Type set to UPDATE_REQUEST. The value field of the Validity-Time AVP is given in seconds.
有效时间AVP的类型为Unsigned32(AVP代码448)。它从信用控制服务器发送到信用控制客户端。AVP包含授权服务单元的有效时间。在收到包含此AVP的信用控制应答消息后,开始测量有效时间。如果授予的服务单元未在本AVP中指定的有效期内使用,则信用控制客户端必须向服务器发送信用控制请求消息,并将CC Request Type设置为UPDATE_Request。有效时间AVP的值字段以秒为单位。
The Validity-Time AVP is also used for the graceful service termination (see section 5.6) to indicate to the credit-control client how long the subscriber is allowed to use network resources after the specified action (i.e., REDIRECT or RESTRICT_ACCESS) started. When the Validity-Time elapses, a new intermediate interrogation is sent to the server.
有效时间AVP还用于正常服务终止(见第5.6节),以向信用控制客户端指示在指定操作(即重定向或限制访问)开始后允许订户使用网络资源的时间。有效期过后,将向服务器发送新的中间询问。
The Final-Unit-Indication AVP (AVP Code 430) is of type Grouped and indicates that the Granted-Service-Unit AVP in the Credit-Control-Answer, or in the AA answer, contains the final units for the service. After these units have expired, the Diameter credit-control client is responsible for executing the action indicated in the Final-Unit-Action AVP (see section 5.6).
最终单元指示AVP(AVP代码430)属于分组类型,并指示信用控制应答或AA应答中的授权服务单元AVP包含服务的最终单元。在这些单位到期后,Diameter信贷控制客户负责执行最终单位行动AVP中规定的行动(见第5.6节)。
If more than one unit type is received in the Credit-Control-Answer, the unit type that first expired SHOULD cause the credit-control client to execute the specified action.
如果在信用控制应答中收到多个单位类型,则第一个过期的单位类型应导致信用控制客户端执行指定的操作。
In the first interrogation, the Final-Unit-Indication AVP with Final-Unit-Action REDIRECT or RESTRICT_ACCESS can also be present with no Granted-Service-Unit AVP in the Credit-Control-Answer or in the AA answer. This indicates to the Diameter credit-control client to execute the specified action immediately. If the home service provider policy is to terminate the service, naturally, the server SHOULD return the appropriate transient failure (see section 9.1) in order to implement the policy-defined action.
在第一次询问中,在信用控制应答或AA应答中没有授权服务单元AVP的情况下,也可以出现带有最终单元动作重定向或限制访问的最终单元指示AVP。这指示Diameter信用控制客户端立即执行指定的操作。如果家庭服务提供商的策略是终止服务,那么服务器自然应该返回相应的瞬时故障(参见第9.1节),以便执行策略定义的操作。
The Final-Unit-Action AVP defines the behavior of the service element when the user's account cannot cover the cost of the service and MUST always be present if the Final-Unit-Indication AVP is included in a command.
最终单元动作AVP定义了当用户的帐户无法支付服务成本时服务元素的行为,并且如果命令中包含最终单元指示AVP,则必须始终存在。
If the Final-Unit-Action AVP is set to TERMINATE, no other AVPs MUST be present.
如果最终装置动作AVP设置为终止,则不必存在其他AVP。
If the Final-Unit-Action AVP is set to REDIRECT at least the Redirect-Server AVP MUST be present. The Restriction-Filter-Rule AVP or the Filter-Id AVP MAY be present in the Credit-Control-Answer message if the user is also allowed to access other services that are not accessible through the address given in the Redirect-Server AVP.
如果最终单元动作AVP设置为重定向,则至少必须存在重定向服务器AVP。如果还允许用户访问通过重定向服务器AVP中给出的地址无法访问的其他服务,则信用控制应答消息中可能存在限制筛选器规则AVP或筛选器Id AVP。
If the Final-Unit-Action AVP is set to RESTRICT_ACCESS, either the Restriction-Filter-Rule AVP or the Filter-Id AVP SHOULD be present.
如果最终单元动作AVP设置为限制访问,则应存在限制过滤器规则AVP或过滤器Id AVP。
The Filter-Id AVP is defined in [NASREQ]. The Filter-Id AVP can be used to reference an IP filter list installed in the access device by means other than the Diameter credit-control application, e.g., locally configured or configured by another entity.
过滤器Id AVP在[NASREQ]中定义。过滤器Id AVP可用于通过Diameter信用控制应用程序以外的方式(例如,本地配置或由另一实体配置)来引用接入设备中安装的IP过滤器列表。
The Final-Unit-Indication AVP is defined as follows (per the grouped-avp-def of RFC 3588 [DIAMBASE]):
最终装置指示AVP定义如下(根据RFC 3588[DIAMBASE]的分组AVP def):
Final-Unit-Indication ::= < AVP Header: 430 > { Final-Unit-Action } *[ Restriction-Filter-Rule ] *[ Filter-Id ] [ Redirect-Server ]
Final-Unit-Indication ::= < AVP Header: 430 > { Final-Unit-Action } *[ Restriction-Filter-Rule ] *[ Filter-Id ] [ Redirect-Server ]
The Final-Unit-Action AVP (AVP Code 449) is of type Enumerated and indicates to the credit-control client the action to be taken when the user's account cannot cover the service cost.
最终单位行动AVP(AVP代码449)属于枚举类型,并向信贷控制客户指示当用户的账户无法支付服务成本时要采取的行动。
The Final-Unit-Action can be one of the following:
最终装置动作可以是以下动作之一:
TERMINATE 0 The credit-control client MUST terminate the service session. This is the default handling, applicable whenever the credit-control client receives an unsupported Final-Unit-Action value, and it MUST be supported by all the Diameter credit-control client implementations conforming to this specification.
终止0信用控制客户端必须终止服务会话。这是默认处理,每当信贷控制客户端接收到不受支持的最终单位操作值时适用,并且必须得到符合本规范的所有Diameter信贷控制客户端实现的支持。
REDIRECT 1 The service element MUST redirect the user to the address specified in the Redirect-Server-Address AVP. The redirect action is defined in section 5.6.2.
重定向1服务元素必须将用户重定向到重定向服务器地址AVP中指定的地址。重定向操作在第5.6.2节中定义。
RESTRICT_ACCESS 2 The access device MUST restrict the user access according to the IP packet filters defined in the Restriction-Filter-Rule AVP or according to the IP packet filters identified by the Filter-Id AVP. All the packets not matching the filters MUST be dropped (see section 5.6.3).
限制访问2接入设备必须根据限制过滤器规则AVP中定义的IP包过滤器或过滤器Id AVP标识的IP包过滤器限制用户访问。必须丢弃所有与过滤器不匹配的数据包(见第5.6.3节)。
The Restriction-Filter-Rule AVP (AVP Code 438) is of type IPFilterRule and provides filter rules corresponding to services that are to remain accessible even if there are no more service units granted. The access device has to configure the specified filter
限制筛选规则AVP(AVP代码438)属于IPFilterRule类型,并提供与服务相对应的筛选规则,即使没有授予更多服务单元,这些服务仍将保持可访问性。访问设备必须配置指定的筛选器
rules for the subscriber and MUST drop all the packets not matching these filters. Zero, one, or more such AVPs MAY be present in a Credit-Control-Answer message or in an AA answer message.
订阅服务器的规则,并且必须删除与这些筛选器不匹配的所有数据包。信用控制应答消息或AA应答消息中可能存在零个、一个或多个这样的AVP。
The Redirect-Server AVP (AVP Code 434) is of type Grouped and contains the address information of the redirect server (e.g., HTTP redirect server, SIP Server) with which the end user is to be connected when the account cannot cover the service cost. It MUST be present when the Final-Unit-Action AVP is set to REDIRECT.
重定向服务器AVP(AVP代码434)属于分组类型,并且包含当账户无法支付服务成本时最终用户将与之连接的重定向服务器(例如HTTP重定向服务器、SIP服务器)的地址信息。当最终装置动作AVP设置为重定向时,它必须存在。
It is defined as follows (per the grouped-avp-def of RFC 3588 [DIAMBASE]):
其定义如下(根据RFC 3588[DIAMBASE]的分组avp def):
Redirect-Server ::= < AVP Header: 434 > { Redirect-Address-Type } { Redirect-Server-Address }
Redirect-Server ::= < AVP Header: 434 > { Redirect-Address-Type } { Redirect-Server-Address }
The Redirect-Address-Type AVP (AVP Code 433) is of type Enumerated and defines the address type of the address given in the Redirect-Server-Address AVP.
重定向地址类型AVP(AVP代码433)是枚举的类型,并且定义在重定向服务器地址AVP中给定的地址的地址类型。
The address type can be one of the following:
地址类型可以是以下类型之一:
IPv4 Address 0 The address type is in the form of "dotted-decimal" IPv4 address, as defined in [IPv4].
IPv4地址0地址类型为[IPv4]中定义的“点十进制”IPv4地址形式。
IPv6 Address 1 The address type is in the form of IPv6 address, as defined in [IPv6Addr]. The address is a text representation of the address in either the preferred or alternate text form [IPv6Addr]. Conformant implementations MUST support the preferred form and SHOULD support the alternate text form for IPv6 addresses.
IPv6地址1地址类型为IPv6地址的形式,如[IPv6Addr]中所定义。地址是首选或备用文本形式[IPv6Addr]中地址的文本表示形式。一致性实现必须支持首选形式,并应支持IPv6地址的备用文本形式。
URL 2 The address type is in the form of Uniform Resource Locator, as defined in [URL].
URL 2地址类型采用统一资源定位器的形式,如[URL]中所定义。
SIP URI 3 The address type is in the form of SIP Uniform Resource Identifier, as defined in [SIP].
SIP URI 3地址类型采用SIP统一资源标识符的形式,如[SIP]中所定义。
The Redirect-Server-Address AVP (AVP Code 435) is of type UTF8String and defines the address of the redirect server (e.g., HTTP redirect server, SIP Server) with which the end user is to be connected when the account cannot cover the service cost.
重定向服务器地址AVP(AVP代码435)为UTF8String类型,定义了当账户无法支付服务成本时最终用户要连接的重定向服务器(例如HTTP重定向服务器、SIP服务器)的地址。
The Multiple-Services-Indicator AVP (AVP Code 455) is of type Enumerated and indicates whether the Diameter credit-control client is capable of handling multiple services independently within a (sub-) session. The absence of this AVP means that independent credit-control of multiple services is not supported.
多服务指示符AVP(AVP代码455)属于枚举类型,指示Diameter信用控制客户端是否能够在(子)会话中独立处理多个服务。缺少此AVP意味着不支持对多个服务进行独立的信用控制。
A server not implementing the independent credit-control of multiple services MUST treat the Multiple-Services-Indicator AVP as an invalid AVP.
未实现多个服务的独立信用控制的服务器必须将多个服务指示符AVP视为无效的AVP。
The following values are defined for the Multiple-Services-Indicator AVP:
为多服务指标AVP定义了以下值:
MULTIPLE_SERVICES_NOT_SUPPORTED 0 Client does not support independent credit-control of multiple services within a (sub-)session.
多个\u服务\u不受支持0客户端不支持在(子)会话中对多个服务进行独立的信用控制。
MULTIPLE_SERVICES_SUPPORTED 1 Client supports independent credit-control of multiple services within a (sub-)session.
多个\u服务\u支持1个客户端支持在一个(子)会话中对多个服务进行独立的信用控制。
The Requested-Action AVP (AVP Code 436) is of type Enumerated and contains the requested action being sent by Credit-Control-Request command where the CC-Request-Type is set to EVENT_REQUEST. The following values are defined for the Requested-Action AVP:
请求的操作AVP(AVP代码436)属于枚举类型,包含由信用控制请求命令发送的请求操作,其中CC请求类型设置为事件请求。为请求的动作AVP定义了以下值:
DIRECT_DEBITING 0 This indicates a request to decrease the end user's account according to information specified in the Requested-Service-Unit AVP and/or Service-Identifier AVP (additional rating information may be included in service-specific AVPs or in the Service-Parameter-Info AVP). The Granted-Service-Unit AVP in the Credit-Control-Answer command contains the debited units.
直接借记0这表示根据请求的服务单元AVP和/或服务标识符AVP中指定的信息减少最终用户帐户的请求(附加评级信息可能包括在服务特定AVP或服务参数信息AVP中)。信贷控制应答命令中的授权服务单位AVP包含借记单位。
REFUND_ACCOUNT 1 This indicates a request to increase the end user's account according to information specified in the Requested-Service-Unit AVP and/or Service-Identifier AVP (additional rating information may be included in service-specific AVPs or in the Service-Parameter-Info AVP). The Granted-Service-Unit AVP in the Credit-Control-Answer command contains the refunded units.
退款账户1这表示根据请求的服务单元AVP和/或服务标识符AVP中指定的信息增加最终用户账户的请求(附加评级信息可能包括在服务特定AVP或服务参数信息AVP中)。信用控制应答命令中的授权服务单元AVP包含退款单元。
CHECK_BALANCE 2 This indicates a balance check request. In this case, the checking of the account balance is done without any credit reservation from the account. The Check-Balance-Result AVP in the Credit-Control-Answer command contains the result of the balance check.
检查余额2这表示余额检查请求。在这种情况下,账户余额的检查是在没有账户任何信用保留的情况下完成的。信用控制应答命令中的检查余额结果AVP包含余额检查的结果。
PRICE_ENQUIRY 3 This indicates a price enquiry request. In this case, neither checking of the account balance nor reservation from the account will be done; only the price of the service will be returned in the Cost-Information AVP in the Credit-Control-Answer Command.
询价3表示询价请求。在这种情况下,既不会检查账户余额,也不会从账户中进行预订;信用控制应答命令中的成本信息AVP中只返回服务价格。
The Service-Context-Id AVP is of type UTF8String (AVP Code 461) and contains a unique identifier of the Diameter credit-control service specific document that applies to the request (as defined in section 4.1.2). This is an identifier allocated by the service provider, by the service element manufacturer, or by a standardization body, and MUST uniquely identify a given Diameter credit-control service specific document. The format of the Service-Context-Id is:
服务上下文Id AVP为UTF8String类型(AVP代码461),包含适用于请求的Diameter信用控制服务特定文档的唯一标识符(如第4.1.2节所定义)。这是由服务提供商、服务元素制造商或标准化机构分配的标识符,必须唯一标识给定直径信用控制服务特定文档。服务上下文Id的格式为:
"service-context" "@" "domain"
服务上下文“@”域
service-context = Token
service-context = Token
The Token is an arbitrary string of characters and digits.
令牌是由字符和数字组成的任意字符串。
'domain' represents the entity that allocated the Service-Context-Id. It can be ietf.org, 3gpp.org, etc., if the identifier is allocated by a standardization body, or it can be the FQDN of the service provider (e.g., provider.example.com) or of the vendor (e.g., vendor.example.com) if the identifier is allocated by a private entity.
“域”表示分配服务上下文Id的实体。如果标识符由标准化机构分配,则可以是ietf.org、3gpp.org等;如果标识符由私人实体分配,则可以是服务提供商(例如provider.example.com)或供应商(例如vendor.example.com)的FQDN。
This AVP SHOULD be placed as close to the Diameter header as possible.
该AVP应尽可能靠近直径集管。
Service-specific documents that are for private use only (i.e., to one provider's own use, where no interoperability is deemed useful) may define private identifiers without need of coordination. However, when interoperability is wanted, coordination of the identifiers via, for example, publication of an informational RFC is RECOMMENDED in order to make Service-Context-Id globally available.
仅供私人使用的特定于服务的文档(即,供一个提供商自己使用,互操作性不可用)可以定义私人标识符,而无需协调。然而,当需要互操作性时,建议通过发布信息RFC等方式协调标识符,以使服务上下文Id全局可用。
The Service-Parameter-Info AVP (AVP Code 440) is of type Grouped and contains service-specific information used for price calculation or rating. The Service-Parameter-Type AVP defines the service parameter type, and the Service-Parameter-Value AVP contains the parameter value. The actual contents of these AVPs are not within the scope of this document and SHOULD be defined in another Diameter application, in standards written by other standardization bodies, or in service-specific documentation.
服务参数信息AVP(AVP代码440)属于分组类型,包含用于价格计算或评级的服务特定信息。服务参数类型AVP定义服务参数类型,服务参数值AVP包含参数值。这些AVP的实际内容不在本文件的范围内,应在其他Diameter应用程序、其他标准化机构编写的标准或服务特定文件中定义。
In the case of an unknown service request (e.g., unknown Service-Parameter-Type), the corresponding answer message MUST contain the error code DIAMETER_RATING_FAILED. A Credit-Control-Answer message with this error MUST contain one or more Failed-AVP AVPs containing the Service-Parameter-Info AVPs that caused the failure.
在未知服务请求的情况下(例如,未知服务参数类型),相应的应答消息必须包含错误代码DIAMETER\u RATING\u FAILED。出现此错误的信用控制应答消息必须包含一个或多个失败的AVP AVP,其中包含导致故障的服务参数信息AVP。
It is defined as follows (per the grouped-avp-def of RFC 3588 [DIAMBASE]):
其定义如下(根据RFC 3588[DIAMBASE]的分组avp def):
Service-Parameter-Info ::= < AVP Header: 440 > { Service-Parameter-Type } { Service-Parameter-Value }
Service-Parameter-Info ::= < AVP Header: 440 > { Service-Parameter-Type } { Service-Parameter-Value }
The Service-Parameter-Type AVP is of type Unsigned32 (AVP Code 441) and defines the type of the service event specific parameter (e.g., it can be the end-user location or service name). The different parameters and their types are service specific, and the meanings of these parameters are not defined in this document. Whoever allocates the Service-Context-Id (i.e., unique identifier of a service-specific document) is also responsible for assigning Service-Parameter-Type values for the service and ensuring their uniqueness within the given service. The Service-Parameter-Value AVP contains the value associated with the service parameter type.
服务参数类型AVP的类型为Unsigned32(AVP代码441),并定义服务事件特定参数的类型(例如,它可以是最终用户位置或服务名称)。不同的参数及其类型是特定于服务的,本文档中未定义这些参数的含义。分配服务上下文Id(即特定于服务的文档的唯一标识符)的人还负责为服务分配服务参数类型值,并确保其在给定服务中的唯一性。服务参数值AVP包含与服务参数类型关联的值。
The Service-Parameter-Value AVP is of type OctetString (AVP Code 442) and contains the value of the service parameter type.
服务参数值AVP的类型为OctetString(AVP代码442),包含服务参数类型的值。
The Subscription-Id AVP (AVP Code 443) is used to identify the end user's subscription and is of type Grouped. The Subscription-Id AVP includes a Subscription-Id-Data AVP that holds the identifier and a Subscription-Id-Type AVP that defines the identifier type.
订阅Id AVP(AVP代码443)用于标识最终用户的订阅,并且是分组类型。订阅Id AVP包括保存标识符的订阅Id数据AVP和定义标识符类型的订阅Id类型AVP。
It is defined as follows (per the grouped-avp-def of RFC 3588 [DIAMBASE]):
其定义如下(根据RFC 3588[DIAMBASE]的分组avp def):
Subscription-Id ::= < AVP Header: 443 > { Subscription-Id-Type } { Subscription-Id-Data }
Subscription-Id ::= < AVP Header: 443 > { Subscription-Id-Type } { Subscription-Id-Data }
The Subscription-Id-Type AVP (AVP Code 450) is of type Enumerated, and it is used to determine which type of identifier is carried by the Subscription-Id AVP.
订阅Id类型AVP(AVP代码450)是枚举的类型,用于确定订阅Id AVP携带哪种类型的标识符。
This specification defines the following subscription identifiers. However, new Subscription-Id-Type values can be assigned by an IANA designated expert, as defined in section 12. A server MUST implement all the Subscription-Id-Types required to perform credit authorization for the services it supports, including possible future values. Unknown or unsupported Subscription-Id-Types MUST be treated according to the 'M' flag rule, as defined in [DIAMBASE].
本规范定义了以下订阅标识符。但是,新的订阅Id类型值可以由IANA指定的专家指定,如第12节所定义。服务器必须实现为其支持的服务执行信用授权所需的所有订阅Id类型,包括可能的未来值。未知或不受支持的订阅Id类型必须根据[DIAMBASE]中定义的“M”标志规则进行处理。
END_USER_E164 0 The identifier is in international E.164 format (e.g., MSISDN), according to the ITU-T E.164 numbering plan defined in [E164] and [CE164].
终端用户根据[E164]和[CE164]中定义的ITU-T E.164编号计划,标识符采用国际E.164格式(如MSISDN)。
END_USER_IMSI 1 The identifier is in international IMSI format, according to the ITU-T E.212 numbering plan as defined in [E212] and [CE212].
终端用户IMSI 1根据[E212]和[CE212]中定义的ITU-T E.212编号计划,标识符采用国际IMSI格式。
END_USER_SIP_URI 2 The identifier is in the form of a SIP URI, as defined in [SIP].
终端用户SIP URI 2标识符采用SIP URI的形式,如[SIP]中所定义。
END_USER_NAI 3 The identifier is in the form of a Network Access Identifier, as defined in [NAI].
终端用户\u NAI 3标识符采用[NAI]中定义的网络访问标识符的形式。
END_USER_PRIVATE 4 The Identifier is a credit-control server private identifier.
终端用户专用4该标识符是信用控制服务器专用标识符。
The Subscription-Id-Data AVP (AVP Code 444) is used to identify the end user and is of type UTF8String. The Subscription-Id-Type AVP defines which type of identifier is used.
订阅Id数据AVP(AVP代码444)用于识别最终用户,类型为UTF8String。订阅Id类型AVP定义使用哪种类型的标识符。
The User-Equipment-Info AVP (AVP Code 458) is of type Grouped and allows the credit-control client to indicate the identity and capability of the terminal the subscriber is using for the connection to network.
用户设备信息AVP(AVP代码458)是分组的类型,并且允许信用控制客户端指示用户用于连接到网络的终端的身份和能力。
It is defined as follows (per the grouped-avp-def of RFC 3588 [DIAMBASE]):
其定义如下(根据RFC 3588[DIAMBASE]的分组avp def):
User-Equipment-Info ::= < AVP Header: 458 > { User-Equipment-Info-Type } { User-Equipment-Info-Value }
User-Equipment-Info ::= < AVP Header: 458 > { User-Equipment-Info-Type } { User-Equipment-Info-Value }
The User-Equipment-Info-Type AVP is of type Enumerated (AVP Code 459) and defines the type of user equipment information contained in the User-Equipment-Info-Value AVP.
用户设备信息类型AVP是枚举类型(AVP代码459),并且定义包含在用户设备信息值AVP中的用户设备信息的类型。
This specification defines the following user equipment types. However, new User-Equipment-Info-Type values can be assigned by an IANA designated expert, as defined in section 12.
本规范规定了以下用户设备类型。但是,新的用户设备信息类型值可由IANA指定的专家指定,如第12节所述。
IMEISV 0 The identifier contains the International Mobile Equipment Identifier and Software Version in the international IMEISV format according to 3GPP TS 23.003 [3GPPIMEI].
IMEISV 0该标识符包含国际移动设备标识符和符合3GPP TS 23.003[3GPPIMEI]的国际IMEISV格式的软件版本。
MAC 1 The 48-bit MAC address is formatted as described in [RAD802.1X].
MAC 1 48位MAC地址的格式如[RAD802.1X]所述。
EUI64 2 The 64-bit identifier used to identify hardware instance of the product, as defined in [EUI64].
EUI64 2用于标识产品硬件实例的64位标识符,如[EUI64]中所定义。
MODIFIED_EUI64 3 There are a number of types of terminals that have identifiers other than IMEI, IEEE 802 MACs, or EUI-64. These identifiers can be converted to modified EUI-64 format as described in [IPv6Addr] or by using some other methods referred to in the service-specific documentation.
修改的_EUI64 3有许多类型的终端具有除IMEI、IEEE 802 MAC或EUI-64以外的标识符。这些标识符可转换为[IPv6Addr]中所述的修改后的EUI-64格式,或使用特定于服务的文档中提到的一些其他方法。
The User-Equipment-Info-Value AVP (AVP Code 460) is of type OctetString. The User-Equipment-Info-Type AVP defines which type of identifier is used.
用户设备信息值AVP(AVP代码460)是OctetString类型。用户设备信息类型AVP定义使用哪种类型的标识符。
This section defines new Result-Code AVP [DIAMBASE] values that must be supported by all Diameter implementations that conform to this specification.
本节定义了符合本规范的所有Diameter实现必须支持的新结果代码AVP[DIAMBASE]值。
The Credit-Control-Answer message includes the Result-Code AVP, which may indicate that an error was present in the Credit-Control-Request message. A rejected Credit-Control-Request message SHOULD cause the user's session to be terminated.
信用控制应答消息包括结果代码AVP,这可能表明信用控制请求消息中存在错误。被拒绝的信用控制请求消息应导致用户会话终止。
Errors that fall within the transient failures category are used to inform a peer that the request could not be satisfied at the time it was received, but that the request MAY be able to be satisfied in the future.
属于瞬态故障类别的错误用于通知对等方在收到请求时无法满足请求,但将来可能能够满足请求。
DIAMETER_END_USER_SERVICE_DENIED 4010 The credit-control server denies the service request due to service restrictions. If the CCR contained used-service-units, they are deducted, if possible.
DIAMETER_END_USER_SERVICE_DENIED 4010由于服务限制,信用控制服务器拒绝服务请求。如果CCR包含使用过的服务单元,则在可能的情况下扣除。
DIAMETER_CREDIT_CONTROL_NOT_APPLICABLE 4011 The credit-control server determines that the service can be granted to the end user but that no further credit-control is needed for the service (e.g., service is free of charge).
DIAMETER_CREDIT_CONTROL_NOT_application 4011信用控制服务器确定可以将服务授予最终用户,但服务不需要进一步的信用控制(例如,服务是免费的)。
DIAMETER_CREDIT_LIMIT_REACHED 4012 The credit-control server denies the service request because the end user's account could not cover the requested service. If the CCR contained used-service-units they are deducted, if possible.
DIAMETER_CREDIT_LIMIT_达到4012信用控制服务器拒绝服务请求,因为最终用户的帐户无法覆盖请求的服务。如果CCR包含使用过的服务单位,则在可能的情况下扣除。
Errors that fall within the permanent failure category are used to inform the peer that the request failed and should not be attempted again.
属于永久性失败类别的错误用于通知对等方请求失败,不应再次尝试。
DIAMETER_USER_UNKNOWN 5030 The specified end user is unknown in the credit-control server.
DIAMETER_USER_UNKNOWN 5030指定的最终用户在信用控制服务器中未知。
DIAMETER_RATING_FAILED 5031 This error code is used to inform the credit-control client that the credit-control server cannot rate the service request due to insufficient rating input, an incorrect AVP combination, or an AVP or an AVP value that is not recognized or supported in the rating. The Failed-AVP AVP MUST be included and contain a copy of the entire AVP(s) that could not be processed successfully or an example of the missing AVP complete with the Vendor-Id if applicable. The value field of the missing AVP should be of correct minimum length and contain zeros.
DIAMETER_RATING_FAILED 5031此错误代码用于通知信用控制客户端,由于评级输入不足、AVP组合不正确或评级中未识别或支持的AVP或AVP值,信用控制服务器无法对服务请求进行评级。必须包括失败的AVP AVP,并包含无法成功处理的整个AVP的副本,或缺失的AVP的示例,以及供应商Id(如适用)。缺失AVP的值字段应具有正确的最小长度并包含零。
The following table presents the AVPs defined in this document and specifies in which Diameter messages they MAY or MAY NOT be present. Note that AVPs that can only be present within a Grouped AVP are not represented in this table.
下表显示了本文档中定义的AVP,并指定了它们可能存在或不存在的Diameter消息。请注意,此表中未显示只能出现在分组AVP中的AVP。
The table uses the following symbols:
该表使用以下符号:
0 The AVP MUST NOT be present in the message. 0+ Zero or more instances of the AVP MAY be present in the message. 0-1 Zero or one instance of the AVP MAY be present in the message. It is considered an error if there is more than one instance of the AVP. 1 One instance of the AVP MUST be present in the message. 1+ At least one instance of the AVP MUST be present in the message.
0消息中不得出现AVP。消息中可能存在0+零个或多个AVP实例。0-1消息中可能存在零个或一个AVP实例。如果AVP有多个实例,则视为错误。1消息中必须有一个AVP实例。1+消息中必须至少存在一个AVP实例。
The table in this section is used to represent which credit-control applications specific AVPs defined in this document are to be present in the credit-control messages.
本节中的表格用于表示本文档中定义的特定于信贷控制应用程序的AVP将出现在信贷控制消息中。
+-----------+ | Command | | Code | |-----+-----+ Attribute Name | CCR | CCA | ------------------------------|-----+-----+ Acct-Multi-Session-Id | 0-1 | 0-1 | Auth-Application-Id | 1 | 1 | CC-Correlation-Id | 0-1 | 0 | CC-Session-Failover | 0 | 0-1 | CC-Request-Number | 1 | 1 | CC-Request-Type | 1 | 1 | CC-Sub-Session-Id | 0-1 | 0-1 | Check-Balance-Result | 0 | 0-1 | Cost-Information | 0 | 0-1 | Credit-Control-Failure- | 0 | 0-1 | Handling | | | Destination-Host | 0-1 | 0 | Destination-Realm | 1 | 0 | Direct-Debiting-Failure- | 0 | 0-1 | Handling | | | Event-Timestamp | 0-1 | 0-1 | Failed-AVP | 0 | 0+ | Final-Unit-Indication | 0 | 0-1 | Granted-Service-Unit | 0 | 0-1 | Multiple-Services-Credit- | 0+ | 0+ | Control | | | Multiple-Services-Indicator | 0-1 | 0 | Origin-Host | 1 | 1 | Origin-Realm | 1 | 1 | Origin-State-Id | 0-1 | 0-1 | Proxy-Info | 0+ | 0+ | Redirect-Host | 0 | 0+ | Redirect-Host-Usage | 0 | 0-1 | Redirect-Max-Cache-Time | 0 | 0-1 | Requested-Action | 0-1 | 0 | Requested-Service-Unit | 0-1 | 0 | Route-Record | 0+ | 0+ | Result-Code | 0 | 1 | Service-Context-Id | 1 | 0 | Service-Identifier | 0-1 | 0 | Service-Parameter-Info | 0+ | 0 |
+-----------+ | Command | | Code | |-----+-----+ Attribute Name | CCR | CCA | ------------------------------|-----+-----+ Acct-Multi-Session-Id | 0-1 | 0-1 | Auth-Application-Id | 1 | 1 | CC-Correlation-Id | 0-1 | 0 | CC-Session-Failover | 0 | 0-1 | CC-Request-Number | 1 | 1 | CC-Request-Type | 1 | 1 | CC-Sub-Session-Id | 0-1 | 0-1 | Check-Balance-Result | 0 | 0-1 | Cost-Information | 0 | 0-1 | Credit-Control-Failure- | 0 | 0-1 | Handling | | | Destination-Host | 0-1 | 0 | Destination-Realm | 1 | 0 | Direct-Debiting-Failure- | 0 | 0-1 | Handling | | | Event-Timestamp | 0-1 | 0-1 | Failed-AVP | 0 | 0+ | Final-Unit-Indication | 0 | 0-1 | Granted-Service-Unit | 0 | 0-1 | Multiple-Services-Credit- | 0+ | 0+ | Control | | | Multiple-Services-Indicator | 0-1 | 0 | Origin-Host | 1 | 1 | Origin-Realm | 1 | 1 | Origin-State-Id | 0-1 | 0-1 | Proxy-Info | 0+ | 0+ | Redirect-Host | 0 | 0+ | Redirect-Host-Usage | 0 | 0-1 | Redirect-Max-Cache-Time | 0 | 0-1 | Requested-Action | 0-1 | 0 | Requested-Service-Unit | 0-1 | 0 | Route-Record | 0+ | 0+ | Result-Code | 0 | 1 | Service-Context-Id | 1 | 0 | Service-Identifier | 0-1 | 0 | Service-Parameter-Info | 0+ | 0 |
Session-Id | 1 | 1 | Subscription-Id | 0+ | 0 | Termination-Cause | 0-1 | 0 | User-Equipment-Info | 0-1 | 0 | Used-Service-Unit | 0+ | 0 | User-Name | 0-1 | 0-1 | Validity-Time | 0 | 0-1 | ------------------------------|-----+-----+
Session-Id | 1 | 1 | Subscription-Id | 0+ | 0 | Termination-Cause | 0-1 | 0 | User-Equipment-Info | 0-1 | 0 | Used-Service-Unit | 0+ | 0 | User-Name | 0-1 | 0-1 | Validity-Time | 0 | 0-1 | ------------------------------|-----+-----+
This section defines AVPs that are specific to the Diameter credit-control application and that MAY be included in the Diameter Re-Auth-Request/Answer (RAR/RAA) message [DIAMBASE].
本节定义了特定于Diameter信用控制应用程序且可能包含在Diameter重新验证请求/应答(RAR/RAA)消息[DIAMBASE]中的AVP。
Re-Auth-Request/Answer command MAY include the following additional AVPs:
重新验证请求/应答命令可能包括以下附加AVP:
+---------------+ | Command Code | |-------+-------+ Attribute Name | RAR | RAA | ------------------------------+-------+-------+ CC-Sub-Session-Id | 0-1 | 0-1 | G-S-U-Pool-Identifier | 0-1 | 0-1 | Service-Identifier | 0-1 | 0-1 | Rating-Group | 0-1 | 0-1 | ------------------------------+-------+-------+
+---------------+ | Command Code | |-------+-------+ Attribute Name | RAR | RAA | ------------------------------+-------+-------+ CC-Sub-Session-Id | 0-1 | 0-1 | G-S-U-Pool-Identifier | 0-1 | 0-1 | Service-Identifier | 0-1 | 0-1 | Rating-Group | 0-1 | 0-1 | ------------------------------+-------+-------+
This section defines the basic principles for the Diameter credit-control/RADIUS prepaid inter-working model; that is, a message translation between a RADIUS based prepaid solution and a Diameter credit-control application. A complete description of the protocol translations between RADIUS and the Diameter credit-control application is beyond the scope of this specification and SHOULD be addressed in another appropriate document, such as the RADIUS prepaid specification.
本节定义了Diameter信用控制/RADIUS预付费互通模型的基本原则;即,基于RADIUS的预付费解决方案和Diameter信用控制应用程序之间的消息转换。RADIUS和Diameter信用控制应用程序之间协议转换的完整描述超出了本规范的范围,应在另一份适当的文件(如RADIUS预付费规范)中予以说明。
The Diameter credit-control architecture may have a Translation Agent capable of translation between RADIUS prepaid and Diameter credit-control protocols. An AAA server (usually the home AAA server) may act as a Translation Agent and as a Diameter credit-control client for service elements that use credit-control mechanisms other than Diameter credit control for instance, RADIUS prepaid. In this case, the home AAA server contacts the Diameter credit-control server as part of the authorization process. The interworking architecture is
Diameter信用控制体系结构可以具有能够在RADIUS预付费协议和Diameter信用控制协议之间进行转换的转换代理。AAA服务器(通常是家庭AAA服务器)可以充当翻译代理和Diameter信用控制客户端,用于使用信用控制机制而不是Diameter信用控制(例如RADIUS预付费)的服务元素。在这种情况下,家庭AAA服务器作为授权过程的一部分与Diameter信用控制服务器联系。互通架构是
illustrated in Figure 7, and interworking flow in Figure 8. In a roaming situation the service element (e.g., the NAS) may be located in the visited network, and a visited AAA server is usually contacted. The visited AAA server connects then to the home AAA server.
如图7所示,互通流程如图8所示。在漫游情况下,服务元素(例如,NAS)可位于到访网络中,并且通常联系到访AAA服务器。访问的AAA服务器随后连接到家庭AAA服务器。
RADIUS Prepaid +--------+ +---------+ protocol +------------+ +--------+ | End |<----->| Service |<---------->| Home AAA | |Business| | User | | Element | | Server | |Support | +--------+ +-->| | |+----------+|->|System | | +---------+ ||CC Client || | | | |+----------+| | | +--------+ | +------^-----+ +----^---+ | End |<--+ Credit-Control | | | User | Protocol | | +--------+ +-------V--------+ | |Credit-Control |----+ | Server | +----------------+
RADIUS Prepaid +--------+ +---------+ protocol +------------+ +--------+ | End |<----->| Service |<---------->| Home AAA | |Business| | User | | Element | | Server | |Support | +--------+ +-->| | |+----------+|->|System | | +---------+ ||CC Client || | | | |+----------+| | | +--------+ | +------^-----+ +----^---+ | End |<--+ Credit-Control | | | User | Protocol | | +--------+ +-------V--------+ | |Credit-Control |----+ | Server | +----------------+
Figure 7: Credit-control architecture with service element containing translation agent, translating RADIUS prepaid to Diameter credit-control protocol
图7:包含翻译代理的服务元素的信用控制体系结构,将RADIUS预付费翻译为Diameter信用控制协议
When the AAA server acting as a Translation Agent receives an initial RADIUS Access-Request message from service element (e.g., NAS access), it performs regular authentication and authorization. If the RADIUS Access-Request message indicates that the service element is capable of credit-control, and if the home AAA server finds that the subscriber is a prepaid subscriber, then a Diameter credit-control request SHOULD be sent toward the credit-control server to perform credit authorization and to establish a credit-control session. After the Diameter credit-control server checks the end user's account balance, rates the service, and reserves credit from the end user's account, the reserved quota is returned to the home AAA server in the Diameter Credit-Control-Answer. Then the home AAA server sends the reserved quota to the service element in the RADIUS Access-Accept.
当充当翻译代理的AAA服务器从服务元素(例如NAS访问)接收到初始RADIUS访问请求消息时,它将执行常规身份验证和授权。如果RADIUS访问请求消息指示服务元素能够进行信用控制,并且如果家庭AAA服务器发现订户是预付费订户,则应向信用控制服务器发送Diameter信用控制请求,以执行信用授权并建立信用控制会话。Diameter信用控制服务器检查最终用户的帐户余额、对服务进行评级并保留最终用户帐户的信用后,保留的配额将在Diameter信用控制应答中返回给家庭AAA服务器。然后,家庭AAA服务器将保留配额发送到RADIUS Access Accept中的服务元素。
At the expiry of the allocated quota, the service element sends a new RADIUS Access-Request containing the units used this far to the home AAA server. The home AAA server shall map a RADIUS Access-Request containing the reported units to the Diameter credit-control server in a Diameter Credit-Control-Request (UPDATE_REQUEST). The Diameter credit-control server debits the used units from the end user's account and allocates a new quota that is returned to the home AAA server in the Diameter Credit-Control-Answer. The quota is
在分配的配额到期时,服务元素向家庭AAA服务器发送一个新的RADIUS访问请求,其中包含目前使用的单元。家庭AAA服务器应在Diameter信用控制请求(更新请求)中将包含报告单位的RADIUS访问请求映射到Diameter信用控制服务器。Diameter信用控制服务器从最终用户的帐户中借记使用的单位,并分配一个新配额,该配额在Diameter信用控制应答中返回给家庭AAA服务器。配额是
transferred to the service element in the RADIUS Access-Accept. When the end user terminates the service, or when the entire quota has been used, the service element sends a RADIUS Access-Request. To debit the used units from the end user's account and to stop the credit-control session, the home AAA server sends a Diameter Credit-Control-Request (TERMINATION_REQUEST) to the credit-control server. The Diameter credit-control server acknowledges the session termination by sending a Diameter Credit-Control-Answer to the home AAA server. The RADIUS Access-Accept is sent to the NAS.
传输到RADIUS Access Accept中的服务元素。当最终用户终止服务或使用了整个配额时,服务元素将发送RADIUS访问请求。为了从最终用户的帐户中借记已用单位并停止信用控制会话,家庭AAA服务器向信用控制服务器发送Diameter信用控制请求(终止请求)。Diameter信用控制服务器通过向家庭AAA服务器发送Diameter信用控制应答来确认会话终止。RADIUS访问接受被发送到NAS。
A following diagram illustrates a RADIUS prepaid - Diameter credit-control interworking sequence.
下图说明了RADIUS预付费-Diameter信用控制互通序列。
Service Element Translation Agent (e.g., NAS) (CC Client) CC Server | Access-Request | | |----------------------->| | | | CCR (initial) | | |----------------------->| | | CCA (Granted-Units) | | |<-----------------------| | Access-Accept | | | (Granted-Units) | | |<-----------------------| | : : : | Access-Request | | | (Used-Units) | | |----------------------->| | | | CCR (update, | | | Used-Units) | | |----------------------->| | | CCA (Granted-Units) | | |<-----------------------| | Access-Accept | | | (Granted-Units) | | |<-----------------------| | : : : | Access-Request | | |----------------------->| | | | CCR (terminate, | | | Used-Units) | | |----------------------->| | | CCA | | |<-----------------------| | Access-Accept | | |<-----------------------| | | | |
Service Element Translation Agent (e.g., NAS) (CC Client) CC Server | Access-Request | | |----------------------->| | | | CCR (initial) | | |----------------------->| | | CCA (Granted-Units) | | |<-----------------------| | Access-Accept | | | (Granted-Units) | | |<-----------------------| | : : : | Access-Request | | | (Used-Units) | | |----------------------->| | | | CCR (update, | | | Used-Units) | | |----------------------->| | | CCA (Granted-Units) | | |<-----------------------| | Access-Accept | | | (Granted-Units) | | |<-----------------------| | : : : | Access-Request | | |----------------------->| | | | CCR (terminate, | | | Used-Units) | | |----------------------->| | | CCA | | |<-----------------------| | Access-Accept | | |<-----------------------| | | | |
Figure 8: Message flow example with RADIUS prepaid - Diameter credit-control interworking
图8:RADIUS预付费的消息流示例-Diameter信用控制互通
This section contains the namespaces that have either been created in this specification, or the values assigned to existing namespaces managed by IANA.
本节包含在本规范中创建的名称空间,或分配给IANA管理的现有名称空间的值。
In the subsections below, when we speak about review by a Designated Expert, please note that the designated expert will be assigned by the IESG. Initially, such Expert discussions take place on the AAA WG mailing list.
在下面的小节中,当我们谈到指定专家的审查时,请注意,指定专家将由IESG指定。最初,此类专家讨论在AAA工作组邮件列表上进行。
This specification assigns the value 4, 'Diameter Credit Control', to the Application Identifier namespace defined in [DIAMBASE]. See section 1.3 for more information.
本规范将值4“Diameter Credit Control”分配给[DIAMBASE]中定义的应用程序标识符命名空间。详见第1.3节。
This specification uses the value 272 from the Command code namespace defined in [DIAMBASE] for the Credit-Control-Request (CCR) and Credit-Control-Answer (CCA) commands.
本规范使用[DIAMBASE]中定义的信贷控制请求(CCR)和信贷控制应答(CCA)命令的命令代码命名空间中的值272。
This specification assigns the values 411 - 461 from the AVP code namespace defined in [DIAMBASE]. See section 8 for the assignment of the namespace in this specification.
本规范从[DIAMBASE]中定义的AVP代码命名空间中分配值411-461。有关本规范中名称空间的分配,请参见第8节。
This specification assigns the values 4010, 4011, 4012, 5030, 5031 from the Result-Code AVP value namespace defined in [DIAMBASE]. See section 9 for the assignment of the namespace in this specification.
本规范从[DIAMBASE]中定义的结果代码AVP值命名空间中分配值4010、4011、4012、5030、5031。有关本规范中名称空间的分配,请参见第9节。
As defined in section 8.3, the CC-Request-Type AVP includes Enumerated type values 1 - 4. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [IANA].
如第8.3节所定义,CC请求类型AVP包括枚举类型值1-4。IANA已创建并正在维护此AVP的命名空间。所有剩余值可由指定专家[IANA]分配。
As defined in section 8.4, the CC-Failover-Supported AVP includes Enumerated type values 0 - 1. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [IANA].
如第8.4节所定义,支持CC故障转移的AVP包括枚举类型值0-1。IANA已创建并正在维护此AVP的命名空间。所有剩余值可由指定专家[IANA]分配。
As defined in section 8.32, the CC-Unit-Type AVP includes Enumerated type values 0 - 5. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [IANA].
如第8.32节所定义,CC装置类型AVP包括枚举类型值0-5。IANA已创建并正在维护此AVP的命名空间。所有剩余值可由指定专家[IANA]分配。
As defined in section 8.6, the Check-Balance-Result AVP includes Enumerated type values 0 - 1. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [IANA].
如第8.6节所定义,校验平衡结果AVP包括枚举类型值0-1。IANA已创建并正在维护此AVP的命名空间。所有剩余值可由指定专家[IANA]分配。
As defined in section 8.13, the Credit-Control AVP includes Enumerated type values 0 - 1. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [IANA].
如第8.13节所定义,信贷控制AVP包括枚举类型值0-1。IANA已创建并正在维护此AVP的命名空间。所有剩余值可由指定专家[IANA]分配。
As defined in section 8.14, the Credit-Control-Failure-Handling AVP includes Enumerated type values 0 - 2. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [IANA].
如第8.14节所定义,信用控制故障处理AVP包括枚举类型值0-2。IANA已创建并正在维护此AVP的命名空间。所有剩余值可由指定专家[IANA]分配。
As defined in section 8.15, the Direct-Debiting-Failure-Handling AVP includes Enumerated type values 0 - 1. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [IANA].
如第8.15节所定义,直接借记故障处理AVP包括枚举类型值0-1。IANA已创建并正在维护此AVP的命名空间。所有剩余值可由指定专家[IANA]分配。
As defined in section 8.35, the Final-Unit-Action AVP includes Enumerated type values 0 - 2. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [IANA].
如第8.35节所定义,最终单元动作AVP包括枚举类型值0-2。IANA已创建并正在维护此AVP的命名空间。所有剩余值可由指定专家[IANA]分配。
As defined in section 8.40, the Multiple-Services-Indicator AVP includes Enumerated type values 0 - 1. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [IANA].
如第8.40节所定义,多服务指标AVP包括枚举类型值0-1。IANA已创建并正在维护此AVP的命名空间。所有剩余值可由指定专家[IANA]分配。
As defined in section 8.38, the Redirect-Address-Type AVP includes Enumerated type values 0 - 3. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [IANA].
如第8.38节所定义,重定向地址类型AVP包括枚举类型值0-3。IANA已创建并正在维护此AVP的命名空间。所有剩余值可由指定专家[IANA]分配。
As defined in section 8.41, the Requested-Action AVP includes Enumerated type values 0 - 3. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [IANA].
如第8.41节所定义,请求的动作AVP包括枚举类型值0-3。IANA已创建并正在维护此AVP的命名空间。所有剩余值可由指定专家[IANA]分配。
As defined in section 8.47, the Subscription-Id-Type AVP includes Enumerated type values 0 - 4. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [IANA].
如第8.47节所定义,订阅Id类型AVP包括枚举类型值0-4。IANA已创建并正在维护此AVP的命名空间。所有剩余值可由指定专家[IANA]分配。
As defined in section 8.27, the Tariff-Change-Usage AVP includes Enumerated type values 0 - 2. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [IANA].
如第8.27节所定义,电价变化使用AVP包括枚举类型值0-2。IANA已创建并正在维护此AVP的命名空间。所有剩余值可由指定专家[IANA]分配。
As defined in section 8.50, the User-Equipment-Info-Type AVP includes Enumerated type values 0 - 3. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [IANA].
如第8.50节所定义,用户设备信息类型AVP包括枚举类型值0-3。IANA已创建并正在维护此AVP的命名空间。所有剩余值可由指定专家[IANA]分配。
Tx timer
发送计时器
When real-time credit-control is required, the credit-control client contacts the credit-control server before and while the service is provided to an end user. Due to the real-time nature of the application, the communication delays SHOULD be minimized; e.g., to avoid an overly long service setup time experienced by the end user. The Tx timer is introduced to control the waiting time in the client in the Pending state. When the Tx timer elapses, the credit-control client takes an action to the end user according to the value of the Credit-Control-Failure-Handling AVP
当需要实时信用控制时,信用控制客户端在向最终用户提供服务之前和期间联系信用控制服务器。由于应用程序的实时性,通信延迟应该最小化;e、 例如,避免最终用户经历过长的服务设置时间。Tx定时器用于控制处于挂起状态的客户端中的等待时间。当Tx计时器过期时,信用控制客户端根据信用控制故障处理AVP的值向最终用户采取操作
or Direct-Debiting-Failure-Handling AVP. The recommended value is 10 seconds.
或直接借记失败处理AVP。建议值为10秒。
Tcc timer
变矩器离合器定时器
The Tcc timer supervises an ongoing credit-control session in the credit-control server. It is RECOMMENDED to use the Validity-Time as input to set the Tcc timer value. In case of transient failures in the network, the Diameter credit-control server might change to Idle state. To avoid this, the Tcc timer MAY be set so that Tcc equals to 2 x Validity-Time.
Tcc计时器监控信用控制服务器中正在进行的信用控制会话。建议使用有效时间作为输入来设置Tcc定时器值。如果网络出现瞬时故障,Diameter credit control服务器可能会变为空闲状态。为避免这种情况,可设置变矩器离合器定时器,使变矩器离合器等于2倍有效时间。
Credit-Control-Failure-Handling and Direct-Debiting-Failure-Handling
信用控制失败处理和直接借记失败处理
Client implementations may offer the possibility of locally configuring these AVPs. In such a case their value and behavior is defined in section 5.7 for the Credit-Control-Failure-Handling and in section 6.5 for the Direct-Debiting-Failure-Handling.
客户端实现可能提供本地配置这些AVP的可能性。在这种情况下,其价值和行为在第5.7节信贷控制失败处理和第6.5节直接借记失败处理中定义。
The Diameter base protocol [DIAMBASE] requires that each Diameter implementation use underlying security; i.e., IPsec or TLS. These mechanisms are believed to provide sufficient protection under the normal Internet threat model; that is, assuming that the authorized nodes engaging in the protocol have not been compromised, but that the attacker has complete control over the communication channels between them. This includes eavesdropping, message modification, insertion, and man-in-the-middle and replay attacks. Note also that this application includes a mechanism for application layer replay protection by means of the Session-Id from [DIAMBASE] and CC-Request-Number, which is specified in this document. The Diameter credit-control application is often used within one domain, and there may be a single hop between the peers. In these environments, the use of TLS or IPsec is sufficient. The details of TLS and IPsec related security considerations are discussed in the [DIAMBASE].
Diameter base协议[DIAMBASE]要求每个Diameter实现使用底层安全性;i、 例如,IPsec或TLS。这些机制被认为在正常的互联网威胁模型下提供了足够的保护;也就是说,假设参与协议的授权节点没有受到危害,但攻击者完全可以控制它们之间的通信信道。这包括窃听、消息修改、插入、中间人攻击和重放攻击。还请注意,该应用程序包括一种应用层重播保护机制,该机制通过[DIAMBASE]中的会话Id和本文档中指定的CC请求号实现。Diameter信用控制应用程序通常在一个域内使用,对等点之间可能存在单跳。在这些环境中,使用TLS或IPsec就足够了。[DIAMBASE]中讨论了TLS和IPsec相关安全注意事项的详细信息。
Because this application handles monetary transactions (directly or indirectly), it increases the interest for various security attacks. Therefore, all parties communicating with each other MUST be authenticated, including, for instance, TLS client-side authentication. In addition, authorization of the client SHOULD be emphasized; i.e., that the client is allowed to perform credit-control for a certain user. The specific means of authorization are outside of the scope of this specification but can be, for instance, manual configuration.
由于此应用程序(直接或间接)处理货币交易,因此增加了对各种安全攻击的兴趣。因此,必须对相互通信的所有各方进行身份验证,例如,包括TLS客户端身份验证。此外,应强调客户的授权;i、 例如,允许客户为某个用户执行信用控制。具体的授权方式不在本规范的范围内,但可以是手动配置。
Another kind of threat is malicious modification, injection, or deletion of AVPs or complete credit-control messages. The credit-control messages contain sensitive billing related information (such as subscription Id, granted units, used units, cost information) whose malicious modification can have financial consequences. Sometimes simply delaying the credit-control messages can cause disturbances in the credit-control client or server.
另一种威胁是恶意修改、注入或删除AVP或完整的信用控制消息。信用控制消息包含与计费相关的敏感信息(如订阅Id、授权单位、使用单位、成本信息),其恶意修改可能会产生财务后果。有时,简单地延迟信用控制消息可能会在信用控制客户端或服务器中造成干扰。
Even without any modification to the messages, an adversary can invite a security threat by eavesdropping, as the transactions contain private information about the user. Also, by monitoring the credit-control messages one can collect information about the credit-control server's billing models and business relationships.
即使没有对消息进行任何修改,对手也可以通过窃听来引发安全威胁,因为交易包含用户的私人信息。此外,通过监视信用控制消息,可以收集有关信用控制服务器的计费模型和业务关系的信息。
When third-party relays or proxy are involved, the hop-by-hop security does not necessarily provide sufficient protection for Diameter user session. In some cases, it may be inappropriate to send Diameter messages, such as CCR and CCA, containing sensitive AVPs via untrusted Diameter proxy agents, as there are no assurances that third-party proxies will not modify the credit-control commands or AVP values.
当涉及第三方中继或代理时,逐跳安全不一定为Diameter用户会话提供足够的保护。在某些情况下,可能不适合通过不受信任的Diameter代理发送包含敏感AVP的Diameter消息,如CCR和CCA,因为无法保证第三方代理不会修改信用控制命令或AVP值。
A Diameter credit-control agent cannot always know whether agents between it and the end user's Diameter credit-control server are reliable. In this case, the Diameter credit-control agent doesn't have a routing entry in its Diameter Routing Table (defined in [DIAMBASE], section 2.7) for the realm of the credit-control server in the end user's home domain. The Diameter credit-control agent can have a default route configured to a local Redirect agent, and it redirects the CCR message to the redirect agent. The local Redirect agent then returns a redirect notification (Result-code 3006, DIAMETER_REDIRECT_INDICATION) to the credit-control agent, as well as Diameter credit-control server(s) information (Redirect-Host AVP) and information (Redirect-Host-Usage AVP) about how the routing entry resulting from the Redirect-Host is to be used. The Diameter credit-control agent then forwards the CCR message directly to one of the hosts identified by the CCA message from the redirect agent. If the value of the Redirect-Host-Usage AVP is unequal to zero, all following messages are sent to the host specified in the Redirect-Host AVP until the time specified by the Redirect-Max-Cache-Time AVP is expired.
Diameter信用控制代理无法始终知道它与最终用户的Diameter信用控制服务器之间的代理是否可靠。在这种情况下,Diameter信用控制代理在其Diameter路由表(定义见[DIAMBASE],第2.7节)中没有最终用户主域中信用控制服务器领域的路由条目。Diameter信用控制代理可以将默认路由配置为本地重定向代理,并将CCR消息重定向到重定向代理。然后,本地重定向代理向信用控制代理返回重定向通知(结果代码3006,DIAMETER\u Redirect\u指示),以及DIAMETER信用控制服务器信息(重定向主机AVP)和关于如何使用重定向主机产生的路由条目的信息(重定向主机使用AVP)。然后,Diameter credit control agent将CCR消息直接转发到由来自重定向代理的CCA消息标识的主机之一。如果重定向主机使用AVP的值不等于零,则以下所有消息将发送到重定向主机AVP中指定的主机,直到重定向最大缓存时间AVP指定的时间过期。
There are some authorization issues even with redirects. There may be attacks toward nodes that have been properly authorized, but that abuse their authorization or have been compromised. These issues are discussed more widely in [DIAMEAP], section 8.
即使重定向也存在一些授权问题。可能存在针对已正确授权但滥用其授权或已被破坏的节点的攻击。[DIAMEAP]第8节更广泛地讨论了这些问题。
[DIAMBASE] Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and J. Arkko, "Diameter Base Protocol", RFC 3588, September 2003.
[DIAMBASE]Calhoun,P.,Loughney,J.,Guttman,E.,Zorn,G.,和J.Arkko,“直径基础协议”,RFC 3588,2003年9月。
[3GPPCHARG] 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects, Service aspects; Charging and Billing, (release 5), 3GPP TS 22.115 v. 5.2.1, 2002-03.
[3GPPCHARG]第三代合作伙伴项目;技术规范组服务和系统方面、服务方面;收费和计费(第5版),3GPP TS 22.115 v。5.2.1, 2002-03.
[SIP] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP: Session Initiation Protocol", RFC 3261, June 2002.
[SIP]Rosenberg,J.,Schulzrinne,H.,Camarillo,G.,Johnston,A.,Peterson,J.,Sparks,R.,Handley,M.,和E.Schooler,“SIP:会话启动协议”,RFC 3261,2002年6月。
[NAI] Aboba, B. and M. Beadles, "The Network Access Identifier", RFC 2486, January 1999.
[NAI]Aboba,B.和M.Beadles,“网络接入标识符”,RFC 2486,1999年1月。
[E164] Recommendation E.164/I.331 (05/97): The International Public Telecommunication Numbering Plan. 1997.
[E164]建议E.164/I.331(05/97):国际公共电信编号计划。1997
[CE164] Complement to ITU-T Recommendation E.164 (05/1997):"List of ITU-T Recommendation E.164 assigned country codes", June 2000.
[CE164]对ITU-T建议E.164(1997年5月)的补充:“ITU-T建议E.164指定国家代码清单”,2000年6月。
[E212] Recommendation E.212 (11/98): The international identification plan for mobile terminals and mobile users. 1998.
[E212]建议E.212(11/98):移动终端和移动用户国际身份识别计划。1998
[CE212] Complement to ITU-T Recommendation E.212 (11/1997):" List of mobile country or geographical area codes", February 1999.
[CE212]对ITU-T建议E.212(11/1997)的补充:“移动国家或地理区域代码清单”,1999年2月。
[IANA] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 2434, October 1998.
[IANA]Narten,T.和H.Alvestrand,“在RFCs中编写IANA注意事项部分的指南”,BCP 26,RFC 2434,1998年10月。
[IPv4] Postel, J., "Internet Protocol", STD 5, RFC 791, September 1981.
[IPv4]Postel,J.,“互联网协议”,STD 5,RFC 7911981年9月。
[IPv6Addr] Hinden, R. and S. Deering, "Internet Protocol Version 6 (IPv6) Addressing Architecture", RFC 3513, April 2003.
[IPv6Addr]Hinden,R.和S.Deering,“互联网协议版本6(IPv6)寻址体系结构”,RFC 3513,2003年4月。
[KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[关键词]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[ISO4217] Codes for the representation of currencies and funds, International Standard ISO 4217,2001
[ISO4217]货币和基金表示代码,国际标准ISO 42172001
[NASREQ] Calhoun, P., Zorn, G., Spence, D., and D. Mitton, "Diameter Network Access Server Application", RFC 4005, August 2005.
[NASREQ]Calhoun,P.,Zorn,G.,Spence,D.,和D.Mitton,“Diameter网络访问服务器应用”,RFC 4005,2005年8月。
[AAATRANS] Aboba, B. and J. Wood, "Authentication, Authorization and Accounting (AAA) Transport Profile", RFC 3539, June 2003.
[AAATRANS]Aboba,B.和J.Wood,“认证、授权和会计(AAA)运输概况”,RFC 3539,2003年6月。
[URL] Berners-Lee, T., Masinter, L., and M. McCahill, "Uniform Resource Locators (URL)", RFC 1738, December 1994.
[URL]Berners Lee,T.,Masinter,L.,和M.McCahill,“统一资源定位器(URL)”,RFC 17381994年12月。
[RAD802.1X] Congdon, P., Aboba, B., Smith, A., Zorn, G., and J. Roese, "IEEE 802.1X Remote Authentication Dial In User Service (RADIUS) Usage Guidelines", RFC 3580, September 2003.
[RAD802.1X]Congdon,P.,Aboba,B.,Smith,A.,Zorn,G.,和J.Roese,“IEEE 802.1X远程认证拨入用户服务(RADIUS)使用指南”,RFC 35802003年9月。
[EUI64] IEEE, "Guidelines for 64-bit Global Identifier (EUI-64) Registration Authority", http://standards.ieee.org/regauth/oui/tutorials/ EUI64.html March 1997.
[EUI64]IEEE,“64位全局标识符(EUI-64)注册机构指南”,http://standards.ieee.org/regauth/oui/tutorials/ EUI64.html 1997年3月。
[3GPPIMEI] 3rd Generation Partnership Project; Technical Specification Group Core Network, Numbering, addressing and identification, (release 5), 3GPP TS 23.003 v. 5.8.0, 2003-12
[3GPPIMEI]第三代合作伙伴项目;技术规范组核心网络、编号、寻址和标识(第5版),3GPP TS 23.003 v。5.8.0, 2003-12
[RFC2866] Rigney, C., "RADIUS Accounting", RFC 2866, June 2000.
[RFC2866]Rigney,C.,“半径会计”,RFC 28662000年6月。
[DIAMMIP] Calhoun, P., Johansson, T., Perkins, C., Hiller, T., and P. McCann, "Diameter Mobile IPv4 Application", RFC 4004, August 2005.
[DIAMMIP]Calhoun,P.,Johansson,T.,Perkins,C.,Hiller,T.,和P.McCann,“Diameter移动IPv4应用”,RFC 40042005年8月。
[DIAMEAP] Eronen, P., Hiller, T., and G. Zorn, "Diameter Extensible Authentication Protocol (EAP) Application", Work in Progress.
[DIAMEAP]Eronen,P.,Hiller,T.,和G.Zorn,“Diameter可扩展身份验证协议(EAP)应用程序”,正在进行中。
[RFC3725] Rosenberg, J., Peterson, J., Schulzrinne, H., and G. Camarillo, "Best Current Practices for Third Party Call Control (3pcc) in the Session Initiation Protocol (SIP)", BCP 85, RFC 3725, April 2004.
[RFC3725]Rosenberg,J.,Peterson,J.,Schulzrinne,H.,和G.Camarillo,“会话启动协议(SIP)中第三方呼叫控制(3pcc)的当前最佳实践”,BCP 85,RFC 37252004年4月。
The authors would like to thank Bernard Aboba, Jari Arkko, Robert Ekblad, Pasi Eronen, Benny Gustafsson, Robert Karlsson, Avi Lior, Paco Marin, Jussi Maki, Jeff Meyer, Anne Narhi, John Prudhoe, Christopher Richards, Juha Vallinen, and Mark Watson for their comments and suggestions.
作者要感谢伯纳德·阿博巴、贾里·阿尔科、罗伯特·埃克布拉德、帕西·埃隆、本尼·古斯塔夫松、罗伯特·卡尔松、阿维·利奥、帕科·马林、朱西·马基、杰夫·迈耶、安·纳希、约翰·普鲁德霍、克里斯托弗·理查兹、朱哈·瓦尔林和马克·沃森的评论和建议。
NAS End User (CC Client) AAA Server CC Server |(1)User Logon |(2)AA Request (CC AVPs) | |------------------>|------------------->| | | | |(3)CCR(initial, CC AVPs) | | |------------------->| | | | (4)CCA(Granted-Units) | | |<-------------------| | |(5)AA Answer(Granted-Units) | |(6)Access granted |<-------------------| | |<----------------->| | | | | | | : : : : | |(7)CCR(update,Used-Units) | | |------------------->|(8)CCR | | | | (update,Used-Units) | | |------------------->| | | |(9)CCA(Granted-Units) | |(10)CCA(Granted-Units)<------------------| | |<-------------------| | : : : : | (Auth. lifetime expires) | | | |(11) AAR (CC AVP) | | | |------------------->| | | | (12) AAA | | | |<-------------------| | : : : : : : : : |(13) User logoff | | | |------------------>|(14)CCR(term.,Used-Units) | | |------------------->|(15)CCR | | | | (term.,Used-Units) | | |------------------->| | | | (16)CCA | | | (17)CCA |<-------------------| | |<-------------------| | | |(18)STR | | | |------------------->| | | | (19)STA | | | |<-------------------| |
NAS End User (CC Client) AAA Server CC Server |(1)User Logon |(2)AA Request (CC AVPs) | |------------------>|------------------->| | | | |(3)CCR(initial, CC AVPs) | | |------------------->| | | | (4)CCA(Granted-Units) | | |<-------------------| | |(5)AA Answer(Granted-Units) | |(6)Access granted |<-------------------| | |<----------------->| | | | | | | : : : : | |(7)CCR(update,Used-Units) | | |------------------->|(8)CCR | | | | (update,Used-Units) | | |------------------->| | | |(9)CCA(Granted-Units) | |(10)CCA(Granted-Units)<------------------| | |<-------------------| | : : : : | (Auth. lifetime expires) | | | |(11) AAR (CC AVP) | | | |------------------->| | | | (12) AAA | | | |<-------------------| | : : : : : : : : |(13) User logoff | | | |------------------>|(14)CCR(term.,Used-Units) | | |------------------->|(15)CCR | | | | (term.,Used-Units) | | |------------------->| | | | (16)CCA | | | (17)CCA |<-------------------| | |<-------------------| | | |(18)STR | | | |------------------->| | | | (19)STA | | | |<-------------------| |
Figure A.1: Flow I
图A.1:流程一
A credit-control flow for Network Access Services prepaid is shown in Figure A.1. The Diameter [NASREQ] is implemented in the Network Access Server (NAS). The focus of this flow is in the credit authorization.
预付费网络接入服务的信用控制流程如图A.1所示。Diameter[NASREQ]在网络访问服务器(NAS)中实现。该流程的重点是信用授权。
The user logs on to the network (1). The Diameter NAS sends a Diameter AA-Request (AAR) to the home Diameter AAA server. The credit-control client populates the AAR with the Credit-Control AVP set to CREDIT_AUTHORIZATION, and service-specific AVPs are included, as usual [NASREQ]. The home Diameter AAA server performs service-specific Authentication and Authorization, as usual. The home Diameter AAA server determines that the user is a prepaid user and notices from the Credit-Control AVP that the NAS has credit-control capabilities. It sends a Diameter Credit-Control-Request with CC-Request-Type set to INITIAL_REQUEST to the Diameter credit-control server to perform credit authorization (3) and to establish a credit-control session. (The home Diameter AAA server may forward service-specific AVPs received from the NAS as input for the rating process.) The Diameter credit-control server checks the end user's account balance, rates the service, and reserves credit from the end user's account. The reserved quota is returned to the home Diameter AAA server in the Diameter Credit-Control-Answer (4). The home Diameter AAA server sends the reserved quota to the NAS in the Diameter AA-Answer (AAA). Upon successful AAA, the NAS starts the credit-control session and starts monitoring the granted units (5). The NAS grants access to the end user (6). At the expiry of the allocated quota, the NAS sends a Diameter Credit-Control-Request with CC-Request-Type set to UPDATE_REQUEST to the Home Diameter AAA server (7). This message contains the units used thus far. The home Diameter AAA server forwards the CCR to the Diameter credit-control server (8). The Diameter credit-control server debits the used units from the end user's account and allocates a new quota that is returned to the home Diameter AAA server in the Diameter Credit-Control-Answer (9). The message is forwarded to the NAS (10). During the ongoing credit-control session, the authorization lifetime expires, and the authorization/authentication client in the NAS performs service specific re-authorization to the home Diameter AAA server, as usual. The credit-control client populates the AAR with the Credit-Control AVP set to RE_AUTHORIZATION, indicating that the credit-control server shall not be contacted, as the credit authorization is controlled by the burning rate of the granted units (11). The home Diameter AAA server performs service-specific re-authorization as usual and returns the AA-Answer to the NAS (12). The end user logs off from the network (13). To debit the used units from the end user's account and to stop the credit-control session, the NAS sends a Diameter Credit-Control-Request with CC-Request-Type set to TERMINATION_REQUEST to the home Diameter AAA server (14). The home Diameter AAA server forwards the CCR to the credit-control
用户登录到网络(1)。Diameter NAS向主Diameter AAA服务器发送Diameter AA请求(AAR)。信用控制客户端使用设置为credit_AUTHORIZATION的信用控制AVP填充AAR,并像往常一样包括特定于服务的AVP[NASREQ]。home Diameter AAA服务器通常执行特定于服务的身份验证和授权。home Diameter AAA服务器确定用户是预付费用户,并从信用控制AVP通知NAS具有信用控制功能。它向Diameter信用控制服务器发送CC Request Type设置为INITIAL_Request的Diameter信用控制请求,以执行信用授权(3)并建立信用控制会话。(home Diameter AAA服务器可以转发从NAS接收的特定于服务的AVP,作为评级过程的输入。)Diameter信用控制服务器检查最终用户的帐户余额,对服务进行评级,并保留来自最终用户帐户的信用。保留配额将在Diameter信用控制应答(4)中返回到主Diameter AAA服务器。home Diameter AAA服务器在Diameter AA应答(AAA)中向NAS发送保留配额。AAA成功后,NAS将启动信用控制会话并开始监控授予的单位(5)。NAS将访问权限授予最终用户(6)。在分配的配额到期时,NAS向主Diameter AAA服务器(7)发送CC请求类型设置为更新_请求的Diameter信用控制请求。此消息包含迄今为止使用的单位。home Diameter AAA服务器将CCR转发给Diameter信用控制服务器(8)。Diameter信用控制服务器从最终用户的帐户中借记已使用的单位,并分配一个新配额,该配额在Diameter信用控制应答(9)中返回给家庭Diameter AAA服务器。消息被转发到NAS(10)。在正在进行的信用控制会话期间,授权生存期到期,NAS中的授权/身份验证客户端将一如既往地对home Diameter AAA服务器执行特定于服务的重新授权。信用控制客户端使用设置为RE_AUTHORIZATION(重新授权)的信用控制AVP填充AAR,表明不应联系信用控制服务器,因为信用授权由授权单元的燃烧率控制(11)。home Diameter AAA服务器像往常一样执行特定于服务的重新授权,并将AA应答返回给NAS(12)。最终用户从网络注销(13)。要从最终用户的帐户中借记已用单位并停止信用控制会话,NAS将CC请求类型设置为TERMINATION_Request的Diameter信用控制请求发送到home Diameter AAA服务器(14)。home Diameter AAA服务器将CCR转发给信用控制
server (15). The Diameter credit-control server acknowledges the session termination by sending a Diameter Credit-Control-Answer to the home Diameter AAA server (16). The home Diameter AAA server forwards the answer to the NAS (17). STR/STA takes place between the NAS and home Diameter AAA server, as usual (18-19).
服务器(15)。Diameter信用控制服务器通过向家庭Diameter AAA服务器(16)发送Diameter信用控制应答来确认会话终止。home Diameter AAA服务器将应答转发给NAS(17)。STR/STA像往常一样发生在NAS和home Diameter AAA服务器之间(18-19)。
SIP Proxy/Registrar AAA A (CC Client) Server B CC Server |(i) REGISTER | | | | |------------->|(ii) | | | | |------------->| | | | |authentication & | | | |authorization | | | | |<-------------| | | |(iii)200 OK | | | |<-------------| | | : : : : |(1) INVITE | : |------------->| | |(2) CCR (Initial, SIP specific AVP) | | |------------------------------------------->| | |(3) CCA (Granted-Units) | | |<-------------------------------------------| | |(4) INVITE | | | |---------------------------->| | : : : : | |(5) CCR (update, Used-Units) | | |------------------------------------------->| | |(6) CCA (Granted-Units) | | |<-------------------------------------------| : : : : |(7) BYE | | | |------------->| | | | |(8) BYE | | | |---------------------------->| | | |(9) CCR (termination, Used-Units) | | |------------------------------------------->| | |(10) CCA () | | |<-------------------------------------------| | | | |
SIP Proxy/Registrar AAA A (CC Client) Server B CC Server |(i) REGISTER | | | | |------------->|(ii) | | | | |------------->| | | | |authentication & | | | |authorization | | | | |<-------------| | | |(iii)200 OK | | | |<-------------| | | : : : : |(1) INVITE | : |------------->| | |(2) CCR (Initial, SIP specific AVP) | | |------------------------------------------->| | |(3) CCA (Granted-Units) | | |<-------------------------------------------| | |(4) INVITE | | | |---------------------------->| | : : : : | |(5) CCR (update, Used-Units) | | |------------------------------------------->| | |(6) CCA (Granted-Units) | | |<-------------------------------------------| : : : : |(7) BYE | | | |------------->| | | | |(8) BYE | | | |---------------------------->| | | |(9) CCR (termination, Used-Units) | | |------------------------------------------->| | |(10) CCA () | | |<-------------------------------------------| | | | |
Figure A.2: Flow II
图A.2:流程II
This is an example of Diameter credit-control for SIP sessions. Although the flow focuses on illustrating the usage of credit-control messages, the SIP signaling is inaccurate, and the diagram is not by any means an attempt to define a service provider's SIP network. However, for the sake of this example, some assumptions are made below.
这是SIP会话的Diameter信用控制示例。尽管该流程侧重于说明信用控制消息的使用,但是SIP信令是不准确的,并且该图决不是试图定义服务提供商的SIP网络。然而,出于本示例的考虑,下面进行了一些假设。
Typically, prepaid services based, for example, on time usage for SIP session require an entity in the service provider network to intercept all the requests within the SIP dialog in order to detect events, such as session establishment and session release, that are essential to perform credit-control operations with the credit-control server. Therefore, in this example, it is assumed that the SIP Proxy adds a Record-Route header in the initial SIP INVITE to make sure that all the future requests in the created dialog traverse through it (for the definitions of 'Record-Route' and 'dialog' please refer to [SIP]). Finally, the degree of credit-control measuring of the media by the proxy depends on the business model design used in setting up the end system and proxies in the SIP network.
通常,例如,基于SIP会话的实时使用的预付费服务要求服务提供商网络中的实体拦截SIP对话框内的所有请求,以便检测对使用信用控制服务器执行信用控制操作至关重要的事件,例如会话建立和会话释放。因此,在本例中,假设SIP代理在初始SIP INVITE中添加了一个记录路由头,以确保创建的对话框中的所有未来请求都通过它(有关“记录路由”和“对话框”的定义,请参阅[SIP])。最后,代理对媒体的信用控制程度取决于在SIP网络中建立终端系统和代理时使用的业务模型设计。
The end user (SIP User Agent A) sends REGISTER with credentials (i). The SIP Proxy sends a request to the home AAA server to perform Multimedia authentication and authorization by using, for instance, Diameter Multimedia application (ii). The home AAA server checks that the credentials are correct and checks the user profile. Eventually, 200 OK response (iii) is sent to the UA. Note that the Authentication and Authorization is valid for the registration validity period duration (i.e., until re-registration is performed). Several SIP sessions may be established without re-authorization.
最终用户(SIP用户代理A)发送带有凭据(i)的寄存器。SIP代理向家庭AAA服务器发送请求,以通过使用例如Diameter多媒体应用程序(ii)来执行多媒体认证和授权。家庭AAA服务器检查凭据是否正确,并检查用户配置文件。最终,200 OK响应(iii)被发送到UA。请注意,认证和授权在注册有效期内有效(即,直到执行重新注册)。可以在无需重新授权的情况下建立多个SIP会话。
UA A sends an INVITE (1). The SIP Proxy sends a Diameter Credit-Control-Request (INITIAL_REQUEST) to the Diameter credit-control server (2). The Credit-Control-Request contains information obtained from the SIP signaling describing the requested service (e.g., calling party, called party, Session Description Protocol attributes). The Diameter credit-control server checks the end user's account balance, rates the service, and reserves credit from the end user's account. The reserved quota is returned to the SIP Proxy in the Diameter Credit-Control-Answer (3). The SIP Proxy forwards the SIP INVITE to UA B (4). B's phone rings, and B answers. The media flows between them, and the SIP Proxy starts measuring the quota. At the expiry of the allocated quota, the SIP Proxy sends a Diameter Credit-Control-Request (UPDATE_REQUEST) to the Diameter credit-control server (5). This message contains the units used thus far. The Diameter credit-control server debits the used units from the end user's account and allocates new credit that is returned to the SIP Proxy in the Diameter Credit-Control-Answer (6). The end user terminates the service by sending a BYE (7). The SIP Proxy
UA A发送一个邀请(1)。SIP代理向Diameter信用控制服务器(2)发送Diameter信用控制请求(初始_请求)。信用控制请求包含从描述所请求服务的SIP信令获得的信息(例如,呼叫方、被叫方、会话描述协议属性)。Diameter信用控制服务器检查最终用户的帐户余额,对服务进行评级,并保留最终用户帐户的信用。保留配额在Diameter信用控制应答(3)中返回给SIP代理。SIP代理将SIP INVITE转发给UA B(4)。B的电话响了,B接了电话。媒体在它们之间流动,SIP代理开始测量配额。在分配的配额到期时,SIP代理向Diameter信用控制服务器(5)发送Diameter信用控制请求(UPDATE_请求)。此消息包含迄今为止使用的单位。Diameter信用控制服务器从最终用户的帐户中借记已使用的单位,并分配在Diameter信用控制应答(6)中返回给SIP代理的新信用。最终用户通过发送BYE(7)来终止服务。SIP代理
forwards the BYE message to UA B (8) and sends a Diameter Credit-Control-Request (TERMINATION_REQUEST) to the credit-control server (9). The Diameter credit-control server acknowledges the session termination by sending a Diameter Credit-Control-Answer to the SIP Proxy (10).
将BYE消息转发给UA B(8),并向信用控制服务器(9)发送Diameter信用控制请求(终止请求)。Diameter信用控制服务器通过向SIP代理发送Diameter信用控制应答来确认会话终止(10)。
MMS Server A (CC Client) B CC Server |(1) Send MMS | | | |--------------->| | | | |(2) CCR (event, DIRECT_DEBITING,| | | MMS specific AVP) | | |-------------------------------->| | |(3) CCA (Granted-Units) | | |<--------------------------------| |(4) Send MMS Ack| | | |<---------------| | | | |(5) Notify MMS | | | |--------------->| | : : : : | |(6) Retrieve MMS| | | |<---------------| | | |(7) Retrieve MMS| | | | Ack | | | |--------------->| | | | | |
MMS Server A (CC Client) B CC Server |(1) Send MMS | | | |--------------->| | | | |(2) CCR (event, DIRECT_DEBITING,| | | MMS specific AVP) | | |-------------------------------->| | |(3) CCA (Granted-Units) | | |<--------------------------------| |(4) Send MMS Ack| | | |<---------------| | | | |(5) Notify MMS | | | |--------------->| | : : : : | |(6) Retrieve MMS| | | |<---------------| | | |(7) Retrieve MMS| | | | Ack | | | |--------------->| | | | | |
Figure A.3: Flow III
图A.3:流程III
A credit-control flow for Multimedia Messaging Services is shown in Figure A.3. The sender is charged as soon as the messaging server successfully stores the message.
多媒体消息服务的信用控制流程如图A.3所示。消息服务器成功存储消息后,发件人将立即收取费用。
The end user A sends a Multimedia Message (MMS) to the MMS server (1). The MMS server stores the message and sends a Diameter Credit-Control-Request (EVENT_REQUEST with Requested-Action DIRECT_DEBITING) to the Diameter credit-control server (2). The Credit-Control-Request contains information about the MMS message (e.g., size, recipient address, image coding type). The Diameter credit-control server checks the end user's account balance, rates the service, and debits the service from the end user's account. The granted quota is returned to the MMS server in the Diameter Credit-Control-Answer (3). The MMS server acknowledges the successful reception of the MMS message (4). The MMS Server notifies the recipient about the new MMS (5), and end user B retrieves the message from the MMS message store (6),(7).
最终用户A向彩信服务器(1)发送彩信(MMS)。MMS服务器存储消息并向Diameter信用控制服务器(2)发送Diameter信用控制请求(带有请求的操作直接借记的事件请求)。信用控制请求包含有关彩信的信息(例如大小、收件人地址、图像编码类型)。Diameter信用控制服务器检查最终用户的帐户余额,对服务进行评级,并从最终用户的帐户中借记服务。已授予的配额将在Diameter信用控制应答(3)中返回给MMS服务器。彩信服务器确认已成功接收彩信(4)。彩信服务器通知收件人新的彩信(5),最终用户B从彩信存储(6)、(7)检索彩信。
MMS Server Content Server (CC Client) B CC Server |(1) Send MMS | | | |--------------->| | | | |(2) CCR (event, CHECK_BALANCE, | | | MMS specific AVP) | | |-------------------------------->| | |(3) CCA (ENOUGH_CREDIT) | | |<--------------------------------| |(4) Send MMS Ack| | | |<---------------| | | | |(5) Notify MMS | | | |--------------->| | : : : : | |(6) Retrieve MMS| | | |<---------------| | | |(7) CCR (event, DIRECT_DEBITING,| | | MMS specific AVP) | | |-------------------------------->| | |(8) CCA (Granted-Units) | | |<--------------------------------| | |(9) Retrieve MMS| | | | Ack | | | |--------------->| | | | | |
MMS Server Content Server (CC Client) B CC Server |(1) Send MMS | | | |--------------->| | | | |(2) CCR (event, CHECK_BALANCE, | | | MMS specific AVP) | | |-------------------------------->| | |(3) CCA (ENOUGH_CREDIT) | | |<--------------------------------| |(4) Send MMS Ack| | | |<---------------| | | | |(5) Notify MMS | | | |--------------->| | : : : : | |(6) Retrieve MMS| | | |<---------------| | | |(7) CCR (event, DIRECT_DEBITING,| | | MMS specific AVP) | | |-------------------------------->| | |(8) CCA (Granted-Units) | | |<--------------------------------| | |(9) Retrieve MMS| | | | Ack | | | |--------------->| | | | | |
Figure A.4: Flow IV
图A.4:流程IV
This is an example of Diameter credit-control for direct debiting using the Multimedia Messaging Service environment. Although the flow focuses on illustrating the usage of credit-control messages, the MMS signaling is inaccurate, and the diagram is not by any means an attempt to define any service provider's MMS configuration or billing model.
这是使用彩信服务环境进行直接借记的Diameter信用控制示例。尽管该流程侧重于说明信用控制消息的使用,但MMS信令不准确,并且该图绝不试图定义任何服务提供商的MMS配置或计费模型。
A credit-control flow for Multimedia Messaging Service is shown in Figure A.4. The recipient is charged at the message delivery.
多媒体消息服务的信用控制流程如图A.4所示。收件人在邮件传递时收取费用。
A content server sends a Multimedia Message (MMS) to the MMS server (1) that stores the message. The message recipient will be charged for the MMS message in this case. As there can be a substantially long time between the receipt of the message at the MMS server and the actual retrieval of the message, the MMS server does not establish any credit-control session to the Diameter credit-control server but performs first only a balance check (without any credit reservation) by sending a Diameter Credit-Control-Request
内容服务器向存储彩信的彩信服务器(1)发送彩信。在这种情况下,将向彩信收件人收取费用。由于在MMS服务器上接收消息与实际检索消息之间可能存在相当长的时间,因此MMS服务器不建立到Diameter信用控制服务器的任何信用控制会话,而是首先仅执行余额检查(无任何信用保留)通过发送Diameter信用控制请求
(EVENT_REQUEST with Requested-Action CHECK_BALANCE) to verify that end user B can cover the cost for the MMS (2). The Diameter credit-control server checks the end user's account balance and returns the answer to the MMS server in the Diameter Credit-Control-Answer (3). The MMS server acknowledges the successful reception of the MMS message (4). The MMS server notifies the recipient of the new MMS (5), and after some time end user B retrieves the message from the MMS message store (6). The MMS server sends a Diameter Credit-Control-Request (EVENT_REQUEST with Requested-Action: DIRECT_DEBITING) to the Diameter credit-control server (7). The Credit-Control-Request contains information about the MMS message (e.g., size, recipient address, coding type). The Diameter credit-control server checks the end user's account balance, rates the service, and debits the service from the end user's account. The granted quota is returned to the MMS server in the Diameter Credit-Control-Request (8). The MMS is transferred to end user B (9).
(带有请求的行动检查余额的事件请求),以验证最终用户B是否可以支付彩信的费用(2)。Diameter信用控制服务器检查最终用户的帐户余额,并在Diameter信用控制应答(3)中将应答返回给MMS服务器。彩信服务器确认已成功接收彩信(4)。彩信服务器通知收件人新的彩信(5),一段时间后,最终用户B从彩信存储(6)中检索彩信。MMS服务器向Diameter信用控制服务器(7)发送Diameter信用控制请求(带有请求操作的事件请求:直接借记)。信用控制请求包含有关彩信的信息(例如大小、收件人地址、编码类型)。Diameter信用控制服务器检查最终用户的帐户余额,对服务进行评级,并从最终用户的帐户中借记服务。已授予的配额将在Diameter信用控制请求(8)中返回给MMS服务器。彩信被传输到最终用户B(9)。
Note that the transfer of the MMS message can take an extended time and can fail, in which case a recovery action is needed. The MMS server should return the already debited units to the user's account by using the REFUND action described in section 6.4.
请注意,彩信的传输可能需要较长的时间,并且可能会失败,在这种情况下,需要执行恢复操作。彩信服务器应使用第6.4节所述的退款操作,将已借记的单位退还给用户帐户。
SIP Controller A (CC Client) B CC Server |(1)INVITE B(SDP)| | | |--------------->| | | | |(2) CCR (event, PRICE_ENQUIRY, | | | SIP specific AVPs) | | |-------------------------------->| | |(3) CCA (Cost-Information) | | |<--------------------------------| | (4)MESSAGE(URL)| | | |<---------------| | | |(5)HTTP GET | | | |--------------->| | | |(6)HTTP POST | | | |--------------->|(7)INVITE(SDP) | | | |--------------->| | | | (8)200 OK | | | (9)200 OK |<---------------| | |<---------------| | |
SIP Controller A (CC Client) B CC Server |(1)INVITE B(SDP)| | | |--------------->| | | | |(2) CCR (event, PRICE_ENQUIRY, | | | SIP specific AVPs) | | |-------------------------------->| | |(3) CCA (Cost-Information) | | |<--------------------------------| | (4)MESSAGE(URL)| | | |<---------------| | | |(5)HTTP GET | | | |--------------->| | | |(6)HTTP POST | | | |--------------->|(7)INVITE(SDP) | | | |--------------->| | | | (8)200 OK | | | (9)200 OK |<---------------| | |<---------------| | |
Figure A.5: Flow V
图A.5:流程V
This is an example of Diameter credit-control for SIP sessions. Although the flow focuses on illustrating the usage of credit-control messages, the SIP signaling is inaccurate, and the diagram is not by any means an attempt to define a service provider's SIP network.
这是SIP会话的Diameter信用控制示例。尽管该流程侧重于说明信用控制消息的使用,但是SIP信令是不准确的,并且该图决不是试图定义服务提供商的SIP网络。
Figure A.5 is an example of Advice of Charge (AoC) service for SIP call. User A can be either a postpaid or prepaid subscriber using the AoC service. It is assumed that the SIP controller also has HTTP capabilities and delivers an interactive AoC web page with, for instance, the cost information, the details of the call derived from the SDP, and a button to accept/not accept the charges. (There may be many other ways to deliver AoC information; however, this flow focuses on the use of the credit-control messages.) The user has been authenticated and authorized prior to initiating the call and subscribed to AoC service.
图A.5是SIP呼叫的收费通知(AoC)服务示例。用户A可以是使用AoC服务的后付费或预付费用户。假设SIP控制器还具有HTTP功能,并提供一个交互式AoC网页,其中包含例如成本信息、从SDP导出的呼叫的详细信息以及接受/不接受费用的按钮。(可能有许多其他方式来传递AoC信息;但是,此流程侧重于信用控制消息的使用。)用户在发起呼叫之前已通过身份验证和授权,并已订阅AoC服务。
UA A sends an INVITE with SDP to B (1). The SIP controller determines that the user is subscribed to AoC service and sends a Diameter Credit-Control-Request (EVENT_REQUEST with Requested-Action: PRICE_ENQUIRY) to the Diameter credit-control server (2). The Credit-Control-Request contains SIP specific AVPs derived from the SIP signaling, describing the requested service (e.g., calling party, called party, Session Description Protocol attributes). The Diameter credit-control server determines the cost of the service and returns the Credit-Control-Answer including the Cost-Information AVP (3). The SIP controller manufactures the AoC web page with information received in SIP signaling and with the cost information received from the credit-control server. Then it sends a SIP MESSAGE that contains a URL pointing to the AoC information web page (4). At the receipt of the SIP MESSAGE, A's UA automatically invokes the web browser that retrieves the AoC information (5). The user clicks on a proper button and accepts the charges (6). The SIP controller continues the session and sends the INVITE to the B party, which accepts the call (7,8,9).
UA A向B(1)发送带有SDP的邀请。SIP控制器确定用户已订阅AoC服务,并向Diameter信用控制服务器(2)发送Diameter信用控制请求(带有请求操作的事件请求:价格查询)。信用控制请求包含从SIP信令派生的SIP特定avp,描述所请求的服务(例如,呼叫方、被叫方、会话描述协议属性)。Diameter信用控制服务器确定服务的成本,并返回包括成本信息AVP(3)的信用控制应答。SIP控制器使用SIP信令中接收到的信息和从信用控制服务器接收到的成本信息来制作AoC网页。然后,它发送一条包含指向AoC信息网页的URL的SIP消息(4)。在收到SIP消息时,UA自动调用检索AoC信息的web浏览器(5)。用户点击适当的按钮并接受费用(6)。SIP控制器继续会话并向接受呼叫的B方发送邀请(7,8,9)。
Gaming Server End User (CC Client) CC Server | (1)Service Delivery | | |<---------------------->| | : : : : : : | |(2)CCR(event,REFUND,Requested- | |Service-Unit,Service-Parameter-Info) | |----------------------->| | | (3)CCA(Cost-Information) | |<-----------------------| | (4)Notification | | |<-----------------------| |
Gaming Server End User (CC Client) CC Server | (1)Service Delivery | | |<---------------------->| | : : : : : : | |(2)CCR(event,REFUND,Requested- | |Service-Unit,Service-Parameter-Info) | |----------------------->| | | (3)CCA(Cost-Information) | |<-----------------------| | (4)Notification | | |<-----------------------| |
Figure A.6: Flow VI
图A.6:流程六
Figure A.6 illustrates a credit-control flow for the REFUND case. It is assumed that there is a trusted relationship and secure connection between the Gaming server and the Diameter credit-control server. The end user may be a prepaid subscriber or a postpaid subscriber.
图A.6说明了退款案例的信用控制流程。假设游戏服务器和Diameter信用控制服务器之间存在信任关系和安全连接。最终用户可以是预付费订户或后付费订户。
While the end user is playing the game (1), she enters a new level that entitles her to a bonus. The Gaming server sends a Diameter Credit-Control-Request (EVENT_REQUEST with Requested-Action: REFUND_ACCOUNT) to the Diameter credit-control server (2). The Credit-Control-Request Request contains the Requested-Service-Unit AVP with the CC-Service-Specific-Units containing the number of points the user just won. The Service-Parameter-Info AVP is also included in the request and specifies the service event to be rated (e.g., Tetris Bonus). From information received, the Diameter credit-control server determines the amount to be credited, refunds the user's account, and returns the Credit-Control-Answer, including the Cost-Information AVP (3). The Cost-Information indicates the credited amount. At the first opportunity, the Gaming server notifies the end user of the credited amount (4).
当最终用户在玩游戏(1)时,她进入一个新的关卡,可以获得奖金。游戏服务器向Diameter信用控制服务器(2)发送Diameter信用控制请求(带有请求操作的事件请求:退款账户)。信用控制请求包含请求的服务单元AVP,CC服务特定单元包含用户刚刚赢得的点数。服务参数Info AVP也包含在请求中,并指定要评级的服务事件(例如,俄罗斯方块奖金)。根据收到的信息,Diameter信用控制服务器确定要贷记的金额,退还用户帐户,并返回信用控制答案,包括成本信息AVP(3)。成本信息表示贷记金额。在第一次机会时,游戏服务器通知最终用户贷记金额(4)。
SIP Controller Top-Up A (CC Client) Server B CC Server | | | | | | | (1) CCR(Update,Used-Unit) | | | |------------------------------------------>| | | (2) CCA(Final-Unit, Redirect)| | |<------------------------------------------| : : : : : : : : : : | | (3) CCR(Update, Used-Units)| | | |------------------------------------------>| | | (3a)INVITE("hold") | | | |--------------------------->| | | | | (4) CCA(Validity-Time)| | |<------------------------------------------| | (5)INVITE | (6)INVITE | | | |<--------------|------------->| | | | (7)RTP | | | |..............................| | | | | (8)BYE | | | | |<-------------| | | | | (9)CCR(Update) | | | |------------------------------------------>| | | (10)CCA(Granted-Unit) | | |<------------------------------------------| | (12)INVITE | (11)INVITE | | |<--------------|--------------------------->| |
SIP Controller Top-Up A (CC Client) Server B CC Server | | | | | | | (1) CCR(Update,Used-Unit) | | | |------------------------------------------>| | | (2) CCA(Final-Unit, Redirect)| | |<------------------------------------------| : : : : : : : : : : | | (3) CCR(Update, Used-Units)| | | |------------------------------------------>| | | (3a)INVITE("hold") | | | |--------------------------->| | | | | (4) CCA(Validity-Time)| | |<------------------------------------------| | (5)INVITE | (6)INVITE | | | |<--------------|------------->| | | | (7)RTP | | | |..............................| | | | | (8)BYE | | | | |<-------------| | | | | (9)CCR(Update) | | | |------------------------------------------>| | | (10)CCA(Granted-Unit) | | |<------------------------------------------| | (12)INVITE | (11)INVITE | | |<--------------|--------------------------->| |
Figure A.7: Flow VII
图A.7:流程VII
Figure A.7 is an example of the graceful service termination for a SIP call. It is assumed that the call is set up so that the controller is in the call as a B2BUA (Back to Back User Agent) performing third-party call control (3PCC). Note that the SIP signaling is inaccurate, as the focus of this flow is in the graceful service termination and credit-control authorization. The best practice for 3PCC is defined in [RFC3725].
图A.7是SIP呼叫的优雅服务终止示例。假设呼叫设置为控制器作为B2BUA(背对背用户代理)执行第三方呼叫控制(3PCC)在呼叫中。请注意,SIP信令是不准确的,因为此流的重点是服务终止和信用控制授权。[RFC3725]中定义了3PCC的最佳实践。
The call is ongoing between users A and B; user A has a prepaid subscription. At the expiry of the allocated quota, the SIP controller sends a Diameter Credit-Control-Request (UPDATE_REQUEST) to the Diameter credit-control server (1). This message contains the units used thus far. The Diameter credit-control server debits the used units from the end user's account and allocates the final quota returned to the SIP controller in the Diameter Credit-Control-Answer (2). This message contains the Final-Unit-Indication AVP with the
呼叫在用户A和B之间进行;用户A具有预付费订阅。在分配的配额到期时,SIP控制器向Diameter信用控制服务器(1)发送Diameter信用控制请求(更新_请求)。此消息包含迄今为止使用的单位。Diameter credit control server从最终用户的帐户中借记使用的单位,并在Diameter credit control应答(2)中分配返回给SIP控制器的最终配额。此消息包含最终机组指示AVP,带有
Final-Unit-Action set to REDIRECT, the Redirect-Address-Type set to SIP URI, and the Redirect-Server-Address set to the Top-up server name (e.g., sip:sip-topup-server@domain.com). At the expiry of the final allocated quota, the SIP controller sends a Diameter Credit-Control-Request (UPDATE_REQUEST) to the Diameter credit-control server (3) and places the called party on "hold" by sending an INVITE with the appropriate connection address in the SDP (3a). The Credit-Control-Request message contains the units used thus far. The Diameter credit-control server debits the used units from the end user's account but does not make any credit reservation. The Credit-Control-Answer message, which contains the Validity-Time to supervise the graceful service termination, is returned to the SIP controller (4). The SIP controller establishes a SIP session between the prepaid user and the Top-up server (5, 6). The Top-up server plays an announcement and prompts the user to enter a credit card number and the amount of money to be used to replenish the account (7). The Top-up server validates the credit card number and replenishes the user's account (using some means outside the scope of this specification) and releases the SIP session (8). The SIP controller can now assume that communication between the prepaid user and the Top-up server took place. It sends a spontaneous Credit-Control-Request (UPDATE_REQUEST) to the Diameter credit-control server to check whether the account has been replenished (9). The Diameter credit-control server reserves credit from the end user's account and returns the reserved quota to the SIP controller in the Credit-Control-Answer (10). At this point, the SIP controller re-connects the caller and the called party (11,12).
最终单元操作设置为重定向,重定向地址类型设置为SIP URI,重定向服务器地址设置为充值服务器名称(例如,SIP:SIP topup-server@domain.com). 在最终分配的配额到期时,SIP控制器向Diameter信用控制服务器(3)发送Diameter信用控制请求(UPDATE_请求),并通过在SDP(3a)中发送具有适当连接地址的INVITE将被叫方置于“保持”状态。信贷控制请求消息包含迄今为止使用的单位。Diameter credit control server从最终用户的帐户中借记所用单位,但不进行任何信用预订。包含监督正常服务终止的有效时间的信用控制应答消息返回给SIP控制器(4)。SIP控制器在预付费用户和充值服务器(5,6)之间建立SIP会话。充值服务器播放公告并提示用户输入信用卡号和用于补充帐户的金额(7)。充值服务器验证信用卡号并补充用户帐户(使用本规范范围之外的某些方法)并释放SIP会话(8)。SIP控制器现在可以假设预付费用户和充值服务器之间发生了通信。它向Diameter信用控制服务器发送一个自发的信用控制请求(UPDATE_请求),以检查帐户是否已补充(9)。Diameter信用控制服务器保留来自最终用户帐户的信用,并在信用控制应答(10)中将保留的配额返回给SIP控制器。此时,SIP控制器重新连接呼叫者和被叫方(11,12)。
NAS Top-up CC End-User (CC Client) AAA Server Server Server |(1)User Logon |(2)AA Request (CC AVPs) | | |------------------>|------------------->| | | | | |(3)CCR(initial, CC AVPs) | | |------------------->| | | |(4)CCA(Final-Unit, | | | | Validity-Time)| | | |<-------------------| | |(5)AA Answer(Final-Unit,Validity-Time) | |(6)Limited Access |<-------------------| | | | granted | | | | |<----------------->| | | | | | | | | | (7)TCP/HTTP | (8)TCP/HTTP | | |<----------------->|<----------------------------->| | | (9) Replenish account | | |<------------------------------------------------->| | | | | (10)RAR | | |<-------------------|<-------------------| | | (11) RAA | | | |------------------->|------------------->| | |(12)CCR(update) | | | |------------------->|(13)CCR(Update) | | | |------------------->| | | |(14)CCA(Granted-Units) | |(15)CCA(Granted-Units)<------------------| | |<-------------------| |
NAS Top-up CC End-User (CC Client) AAA Server Server Server |(1)User Logon |(2)AA Request (CC AVPs) | | |------------------>|------------------->| | | | | |(3)CCR(initial, CC AVPs) | | |------------------->| | | |(4)CCA(Final-Unit, | | | | Validity-Time)| | | |<-------------------| | |(5)AA Answer(Final-Unit,Validity-Time) | |(6)Limited Access |<-------------------| | | | granted | | | | |<----------------->| | | | | | | | | | (7)TCP/HTTP | (8)TCP/HTTP | | |<----------------->|<----------------------------->| | | (9) Replenish account | | |<------------------------------------------------->| | | | | (10)RAR | | |<-------------------|<-------------------| | | (11) RAA | | | |------------------->|------------------->| | |(12)CCR(update) | | | |------------------->|(13)CCR(Update) | | | |------------------->| | | |(14)CCA(Granted-Units) | |(15)CCA(Granted-Units)<------------------| | |<-------------------| |
Figure A.8: Flow VIII
图A.8:流程八
Figure A.8 is an example of the graceful service termination initiated when the first interrogation takes place because the user's account is empty. In this example, the credit-control server supports the server-initiated credit re-authorization. The Diameter [NASREQ] is implemented in the Network Access Server (NAS).
图A.8是由于用户帐户为空而在第一次询问时启动的正常服务终止示例。在本例中,信用控制服务器支持服务器发起的信用重新授权。Diameter[NASREQ]在网络访问服务器(NAS)中实现。
The user logs on to the network (1). The Diameter NAS sends a Diameter AA-Request to the home Diameter AAA server. The credit-control client populates the AAR with the Credit-Control AVP set to CREDIT_AUTHORIZATION, and service specific AVPs are included, as usual [NASREQ]. The home Diameter AAA server performs service specific Authentication and Authorization, as usual. The home Diameter AAA server determines that the user has a prepaid subscription and notices from the Credit-Control AVP that the NAS has credit-control capabilities. It sends a Diameter Credit-Control-
用户登录到网络(1)。Diameter NAS向主Diameter AAA服务器发送Diameter AA请求。信用控制客户端使用设置为credit_AUTHORIZATION的信用控制AVP填充AAR,并像往常一样包括特定于服务的AVP[NASREQ]。home Diameter AAA服务器通常执行特定于服务的身份验证和授权。home Diameter AAA服务器确定用户具有预付费订阅,并从信用控制AVP通知NAS具有信用控制功能。它发送一个直径信用控制-
Request with CC-Request-Type set to INITIAL_REQUEST to the Diameter credit-control server to perform credit authorization (3) and to establish a credit-control session. (The home Diameter AAA server may forward service specific AVPs received from the NAS as input for the rating process.) The Diameter credit-control server checks the end user's account balance, determines that the account cannot cover the cost of the service, and initiates the graceful service termination. The Credit-Control-Answer is returned to the home Diameter AAA server (4). This message contains the Final-Unit-Indication AVP and the Validity-Time AVP set to a reasonable amount of time to give the user a chance to replenish his/her account (e.g., 10 minutes). The Final-Unit-Indication AVP includes the Final-Unit-Action set to REDIRECT, the Redirect-Address-Type set to URL, and the Redirect-Server-Address set to the HTTP Top-up server name. The home Diameter AAA server sends the received credit-control AVPs to the NAS in the Diameter AA-Answer (5). Upon successful AAA, the NAS starts the credit-control session and immediately starts the graceful service termination, as instructed by the server. The NAS grants limited access to the user (6). The HTTP client software running in the user's device opens the transport connection redirected by the NAS to the Top-up server (7,8). The user is displayed an appropriate web page on which to enter the credit card number, and the amount of money to be used to replenish the account, and with a notification message that she is granted unlimited access if the replenishment operation will be successfully executed within the next, for example, 10 minutes. The Top-up server validates the credit card number and replenishes the user's account (using some means outside the scope of this specification)(9). After successful account top-up, the credit-control server sends a Re-Auth-Request message to the NAS (10). The NAS acknowledges the request by returning the Re-Auth-Answer message (11) and initiates the credit re-authorization by sending a Credit-Control-request (UPDATE_REQUEST) to the Diameter credit-control server (12,13).
CC请求类型设置为向Diameter信用控制服务器发出初始_请求的请求,以执行信用授权(3)并建立信用控制会话。(home Diameter AAA服务器可以转发从NAS接收的特定于服务的AVP,作为评级过程的输入。)Diameter信用控制服务器检查最终用户的帐户余额,确定该帐户无法支付服务成本,并启动服务终止。信用控制应答被返回到home Diameter AAA服务器(4)。此消息包含最终单位指示AVP和有效时间AVP,AVP设置为合理的时间量,以便用户有机会补充其帐户(例如10分钟)。最终单元指示AVP包括设置为重定向的最终单元操作、设置为URL的重定向地址类型以及设置为HTTP追加服务器名称的重定向服务器地址。home Diameter AAA服务器将收到的信用控制AVP发送到Diameter AA应答(5)中的NAS。成功AAA后,NAS将启动信用控制会话,并按照服务器的指示立即启动服务终止。NAS授予用户有限的访问权限(6)。用户设备中运行的HTTP客户端软件打开由NAS重定向到充值服务器的传输连接(7,8)。将向用户显示一个适当的网页,在该网页上输入信用卡号和用于补充帐户的金额,并显示一条通知消息,表示如果补充操作将在下一个(例如10分钟)内成功执行,则授予用户无限访问权。充值服务器验证信用卡号并补充用户帐户(使用本规范范围外的某些方法)(9)。成功添加帐户后,信用控制服务器向NAS发送重新验证请求消息(10)。NAS通过返回重新验证应答消息(11)来确认请求,并通过向Diameter信用控制服务器(12,13)发送信用控制请求(更新请求)来启动信用重新授权。
The Diameter credit-control server reserves credit from the end user's account and returns the reserved quota to the NAS via the home Diameter AAA server in the Credit-Control-Answer (14,15). The NAS removes the restriction placed by the graceful service termination and starts monitoring the granted units.
Diameter信用控制服务器保留来自最终用户帐户的信用,并通过信用控制应答中的home Diameter AAA服务器将保留配额返回NAS(14,15)。NAS将取消服务终止所施加的限制,并开始监视已授予的单元。
The Diameter credit-control application defines the Multiple-Services-Credit-Control AVP that can be used to support independent credit-control of multiple services in a single credit-control (sub-) session for service elements that have such capabilities. It is possible to request and allocate resources as a credit pool that is shared between services or rating groups.
Diameter credit control应用程序定义了多服务信用控制AVP,该AVP可用于支持具有此类功能的服务元素在单个信用控制(子)会话中对多个服务进行独立信用控制。可以请求和分配资源作为服务或评级组之间共享的信用池。
The flow example hereafter illustrates a usage scenario where the credit-control client and server support independent credit-control of multiple services, as defined in section 5.1.2. It is assumed that Service-Identifiers, Rating-Groups, and their associated parameters (e.g., IP 5-tuple) are locally configured in the service element or provisioned by an entity other than the credit-control server.
下面的流程示例说明了信用控制客户端和服务器支持多个服务的独立信用控制的使用场景,如第5.1.2节所定义。假定服务标识符、评级组及其相关参数(例如,IP 5元组)在服务元素中本地配置或由信用控制服务器以外的实体提供。
End User Service Element CC Server (CC client) |(1)User logon | | |------------------>|(2)CCR(initial, Service-Id access, | | | Access specific AVPs, | | | Multiple-Service-Indicator) | | |---------------------------------------->| | |(3)CCA(Multiple-Services-CC ( | | | Granted-Units(Total-Octets), | | | Service-Id access, | | | Validity-time, | | | G-S-U-Pool-Reference(Pool-Id 1, | | | Multiplier 10))) | | |<----------------------------------------| : : : |(4)Service-Request (Service 1) | |------------------>|(5)CCR(update, Multiple-Services-CC( | | | Requested-Units(), Service-Id 1, | | | Rating-Group 1)) | | |---------------------------------------->| | |(6)CCA(Multiple-Services-CC ( | | | Granted-Units(Time), | | | Rating-Group 1, | | | G-S-U-Pool-Reference(Pool-Id 1, | | | Multiplier 1))) | | |<----------------------------------------| : : : |(7)Service-Request (Service 2) | |------------------>| |
End User Service Element CC Server (CC client) |(1)User logon | | |------------------>|(2)CCR(initial, Service-Id access, | | | Access specific AVPs, | | | Multiple-Service-Indicator) | | |---------------------------------------->| | |(3)CCA(Multiple-Services-CC ( | | | Granted-Units(Total-Octets), | | | Service-Id access, | | | Validity-time, | | | G-S-U-Pool-Reference(Pool-Id 1, | | | Multiplier 10))) | | |<----------------------------------------| : : : |(4)Service-Request (Service 1) | |------------------>|(5)CCR(update, Multiple-Services-CC( | | | Requested-Units(), Service-Id 1, | | | Rating-Group 1)) | | |---------------------------------------->| | |(6)CCA(Multiple-Services-CC ( | | | Granted-Units(Time), | | | Rating-Group 1, | | | G-S-U-Pool-Reference(Pool-Id 1, | | | Multiplier 1))) | | |<----------------------------------------| : : : |(7)Service-Request (Service 2) | |------------------>| |
: : : : : : |(8)Service-Request (Service 3&4) | |------------------>|(9)CCR(update, Multiple-Services-CC ( | | | Requested-Units(), Service-Id 3, | | | Rating-Group 2), | | | Multiple-Services-CC ( | | | Requested-Units(), Service-Id 4, | | | Rating-Group 3)) | | |---------------------------------------->| | |(10)CCA(Multiple-Services-CC ( | | | Granted-Units(Total-Octets), | | | Service-Id 3, Rating-Group 2, | | | Validity-time, | | | G-S-U-Pool-Reference(Pool-Id 2, | | | Multiplier 2)), | | | Multiple-Services-CC ( | | | Granted-Units(Total-Octets), | | | Service-Id 4, Rating-Group 3 | | | Validity-Time, | | | Final-Unit-Ind.(Terminate), | | | G-S-U-Pool-Reference(Pool-Id 2, | | | Multiplier 5))) | | |<----------------------------------------| : : : : : : | +--------------+ | | | |Validity time | |(11)CCR(update, | | |expires for | | Multiple-Services-CC ( | | |Service-Id | | Requested-Unit(), | | | access | | Used-Units(In-Octets,Out-Octets),| | +--------------+ | Service-Id access)) | | |---------------------------------------->| | |(12)CCA(Multiple-Services-CC ( | | | Granted-Units(Total-Octets), | | | Service-Id access, | | | Validity-Time, | | | G-S-U-Pool-Reference(Pool-Id 1, | | | Multiplier 10))) | | |<----------------------------------------| : : : : : :
: : : : : : |(8)Service-Request (Service 3&4) | |------------------>|(9)CCR(update, Multiple-Services-CC ( | | | Requested-Units(), Service-Id 3, | | | Rating-Group 2), | | | Multiple-Services-CC ( | | | Requested-Units(), Service-Id 4, | | | Rating-Group 3)) | | |---------------------------------------->| | |(10)CCA(Multiple-Services-CC ( | | | Granted-Units(Total-Octets), | | | Service-Id 3, Rating-Group 2, | | | Validity-time, | | | G-S-U-Pool-Reference(Pool-Id 2, | | | Multiplier 2)), | | | Multiple-Services-CC ( | | | Granted-Units(Total-Octets), | | | Service-Id 4, Rating-Group 3 | | | Validity-Time, | | | Final-Unit-Ind.(Terminate), | | | G-S-U-Pool-Reference(Pool-Id 2, | | | Multiplier 5))) | | |<----------------------------------------| : : : : : : | +--------------+ | | | |Validity time | |(11)CCR(update, | | |expires for | | Multiple-Services-CC ( | | |Service-Id | | Requested-Unit(), | | | access | | Used-Units(In-Octets,Out-Octets),| | +--------------+ | Service-Id access)) | | |---------------------------------------->| | |(12)CCA(Multiple-Services-CC ( | | | Granted-Units(Total-Octets), | | | Service-Id access, | | | Validity-Time, | | | G-S-U-Pool-Reference(Pool-Id 1, | | | Multiplier 10))) | | |<----------------------------------------| : : : : : :
| +--------------+ | | | |Total Quota | |(13)CCR(update, | | |elapses for | | Multiple-Services-CC ( | | |pool 2: | | Requested-Unit(), | | |service 4 not | | Used-Units(In-Octets,Out-Octets),| | |allowed, | | Service-Id 3, Rating-group 2), | | |service 3 cont| | Multiple-Services-CC ( | | +--------------+ | Used-Units(In-Octets,Out-Octets),| | | Service-Id 4, Rating-Group 3)) | | |---------------------------------------->| | |(14)CCA(Multiple-Services-CC ( | | | Result-Code 4011, | | | Service-Id 3)) | | |<----------------------------------------| : : : : : : |(15) User logoff | | |------------------>|(16)CCR(term, | | | Multiple-Services-CC ( | | | Used-Units(In-Octets,Out-Octets),| | | Service-Id access), | | | Multiple-Services-CC ( | | | Used-Units(Time), | | | Service-Id 1, Rating-Group 1), | | | Multiple-Services-CC ( | | | Used-Units(Time), | | | Service-Id 2, Rating-Group 1)) | | |---------------------------------------->| | |(17)CCA(term) | | |<----------------------------------------|
| +--------------+ | | | |Total Quota | |(13)CCR(update, | | |elapses for | | Multiple-Services-CC ( | | |pool 2: | | Requested-Unit(), | | |service 4 not | | Used-Units(In-Octets,Out-Octets),| | |allowed, | | Service-Id 3, Rating-group 2), | | |service 3 cont| | Multiple-Services-CC ( | | +--------------+ | Used-Units(In-Octets,Out-Octets),| | | Service-Id 4, Rating-Group 3)) | | |---------------------------------------->| | |(14)CCA(Multiple-Services-CC ( | | | Result-Code 4011, | | | Service-Id 3)) | | |<----------------------------------------| : : : : : : |(15) User logoff | | |------------------>|(16)CCR(term, | | | Multiple-Services-CC ( | | | Used-Units(In-Octets,Out-Octets),| | | Service-Id access), | | | Multiple-Services-CC ( | | | Used-Units(Time), | | | Service-Id 1, Rating-Group 1), | | | Multiple-Services-CC ( | | | Used-Units(Time), | | | Service-Id 2, Rating-Group 1)) | | |---------------------------------------->| | |(17)CCA(term) | | |<----------------------------------------|
Figure A.9: Flow example independent credit-control of multiple services in a credit-control (sub-)Session
图A.9:信用控制(子)会话中多个服务的独立信用控制流程示例
The user logs on to the network (1). The service element sends a Diameter Credit-Control-Request with CC-Request-Type set to INITIAL_REQUEST to the Diameter credit-control server to perform credit authorization for the bearer service (e.g., Internet access service) and to establish a credit-control session (2). In this message, the credit-control client indicates support for independent credit-control of multiple services within the session by including the Multiple-Service-Indicator AVP. The Diameter credit-control server checks the end user's account balance, with rating information received from the client (i.e., Service-Id and access specific AVPs), rates the request, and reserves credit from the end user's account. Suppose that the server reserves $5 and determines that the cost is $1/MB. It then returns to the service element a Credit-Control-Answer message that includes the Multiple-Services-Credit-Control AVP
用户登录到网络(1)。服务元件向Diameter信用控制服务器发送CC请求类型设置为初始_请求的Diameter信用控制请求,以执行承载服务(例如,互联网接入服务)的信用授权并建立信用控制会话(2)。在该消息中,信用控制客户端通过包括多服务指示符AVP来指示对会话内多个服务的独立信用控制的支持。Diameter信用控制服务器使用从客户端接收的评级信息(即服务Id和访问特定AVP)检查最终用户的帐户余额,对请求进行评级,并保留最终用户帐户的信用。假设服务器预留5美元,并确定成本为1美元/MB。然后,它向服务元素返回包含多服务信用控制AVP的信用控制应答消息
with a quota of 5MB associated to the Service-Id (access), to a multiplier value of 10, and to the Pool-Id 1 (3).
与服务Id(访问)、乘数值10和池Id 1(3)关联的配额为5MB。
The user uses Service 1 (4). The service element sends a Diameter Credit-Control-Request with CC-Request-Type set to UPDATE_REQUEST to the credit-control server to perform credit authorization for service 1 (5). This message includes the Multiple-Services-Credit-Control AVP to request service units for Service 1 that belong to Rating-Group 1. The Diameter credit-control server determines that Service 1 draws credit resources from the same account as the access service (i.e., pool 1). It rates the request according to Service-Id/Rating-Group and updates the existing reservation by requesting more credit. Suppose that the server reserves $5 more (now the reservation is $10) and determines that the cost is $0.1/minute. The server authorizes the whole Rating-Group. It then returns to the service element a Credit-Control-Answer message that includes the Multiple-Services-Credit-Control AVP with a quota of 50min. associated to the Rating-Group 1, to a multiplier value of 1, and to the Pool-Id 1 (6). The client adjusts the total amount of resources for pool 1 according the received quota, which gives S for Pool 1 = 100.
用户使用服务1(4)。服务元素向信用控制服务器发送一个Diameter信用控制请求,将CC请求类型设置为更新_请求,以执行服务1(5)的信用授权。此消息包括多服务信用控制AVP,以请求属于评级组1的服务1的服务单元。Diameter信用控制服务器确定服务1从与访问服务(即池1)相同的帐户提取信用资源。它根据服务Id/评级组对请求进行评级,并通过请求更多信用来更新现有预订。假设服务器多预留5美元(现在预留为10美元),并确定成本为每分钟0.1美元。服务器授权整个分级组。然后,它向服务元素返回一条信用控制应答消息,其中包括配额为50分钟的多服务信用控制AVP。与分级组1、乘数值1和池Id 1(6)关联。客户机根据收到的配额调整池1的资源总量,即池1的S=100。
The user uses Service 2, which belongs to the authorized Rating-Group, 1 (7). Resources are then consumed from the pool 1.
用户使用属于授权评级组1(7)的服务2。然后从池1消耗资源。
The user now requests Services 3 and 4 as well, which are not authorized (8). The service element sends a Diameter Credit-Control-Request with CC-Request-Type set to UPDATE_REQUEST to the credit-control server in order to perform credit authorization for Services 3 and 4 (9). This message includes two instances of the Multiple-Services-Credit-Control AVP to request service units for Service 3 that belong to Rating-Group 2 and for Service 4 that belong to Rating-Group 3. The Diameter credit-control server determines that Services 3 and 4 draw credit resources from another account (i.e., pool 2). It checks the end user's account balance and, according to Service-Ids/Rating-Groups information, rates the request. Then it reserves credit from pool 2.
用户现在还请求未经授权的服务3和服务4(8)。服务元素向信用控制服务器发送一个Diameter信用控制请求,其CC Request Type设置为UPDATE_Request,以便对服务3和4执行信用授权(9)。此消息包括多服务信用控制AVP的两个实例,以请求属于评级组2的服务3和属于评级组3的服务4的服务单元。Diameter信用控制服务器确定服务3和4从另一个帐户(即池2)提取信用资源。它检查最终用户的帐户余额,并根据服务ID/评级组信息对请求进行评级。然后它从池2中保留信用。
For example, the server reserves $5 and determines that Service 3 costs $0.2/MB and Service 4 costs $0.5/MB. The server authorizes only Services 3 and 4. It returns to the service element a Credit-Control-Answer message that includes two instances of the Multiple-Services-Credit-Control AVP (10). One instance grants a quota of 12.5MB associated to the Service-Id 3 to a multiplier value of 2 and to the Pool-Id 2. The other instance grants a quota of 5 MB associated to the Service-Id 4 to a multiplier value of 5 and to the Pool-Id 2.
例如,服务器保留$5并确定服务3的成本为$0.2/MB,服务4的成本为$0.5/MB。服务器仅授权服务3和4。它向服务元素返回信用控制应答消息,该消息包括多服务信用控制AVP(10)的两个实例。一个实例将与服务Id 3关联的12.5MB配额授予乘数值2和池Id 2。另一个实例将与服务Id 4关联的5 MB配额授予乘数值5和池Id 2。
The server also determines that pool 2 is exhausted and Service 4 is not allowed to continue after these units will be consumed. Therefore the Final-Unit-Indication AVP with action TERMINATE is associated to the Service-Id 4. The client calculates the total amount of resources that can be used for pool 2 according the received quotas and multipliers, which gives S for Pool 2 = 50.
服务器还确定池2已耗尽,并且在消耗这些单元后,不允许服务4继续。因此,带有动作终止的最终装置指示AVP与服务Id 4相关联。客户机根据收到的配额和乘数计算可用于池2的资源总量,即池2的S=50。
The Validity-Time for the access service expires. The service element sends a Credit-Control-Request message to the server in order to perform credit re-authorization for Service-Id (access) (11). This message carries one instance of the Multiple-Services-Credit-Control AVP that includes the units used by this service. Suppose that the total amount of used units is 4MB. The client adjusts the total amount of resources for pool 1 accordingly, which gives S for Pool 1 = 60.
访问服务的有效期过期。服务元素向服务器发送信用控制请求消息,以便对服务Id(访问)执行信用重新授权(11)。此消息包含多服务信用控制AVP的一个实例,其中包括此服务使用的单元。假设使用的单位总数为4MB。客户机相应地调整池1的资源总量,从而使池1的S=60。
The server deducts $4 from the user's account and updates the reservation by requesting more credit. Suppose that the server reserves $5 more (now the reservation is $11) and already knows the cost of the Service-Id (access), which is $1/MB. It then returns to the service element a Credit-Control-Answer message that includes the Multiple-Services-Credit-Control AVP with a quota of 5 MB associated to the Service-Id (access), to a multiplier value of 10, and to the Pool-Id 1 (12). The client adjusts the total amount of resources for pool 1 according the received quota, which gives S for Pool 1 = 110.
服务器从用户帐户中扣除$4,并通过请求更多积分更新预订。假设服务器再预留5美元(现在预留是11美元),并且已经知道服务Id(访问)的成本,即1美元/MB。然后,它将信用控制应答消息返回给服务元素,该消息包括多个服务信用控制AVP,其配额为5mb,与服务Id(访问)、乘数值10和池Id 1(12)关联。客户机根据接收到的配额调整池1的资源总量,即池1的S=110。
Services 3 and 4 consume the total amount of pool 2 credit resources (i.e., C1*2 + C2*5 >= S). The service element immediately starts the TERMINATE action concerning Service 4 and sends a Credit-Control-Request message with CC-Request-Type set to UPDATE_REQUEST to the credit-control server in order to perform credit re-authorization for Service 3 (13). This message contains two instances of the Multiple-Services-Credit-Control AVP to report the units used by Services 3 and 4. The server deducts the last $5 from the user's account (pool 2) and returns the answer with Result-Code 4011 in the Multiple-Services-Credit-Control AVP to indicate that Service 3 can continue without credit-control (14).
服务3和4消耗池2信贷资源的总量(即C1*2+C2*5>=S)。服务元素立即启动与服务4有关的终止操作,并将CC Request Type设置为UPDATE_Request的信用控制请求消息发送到信用控制服务器,以便对服务3(13)执行信用重新授权。此消息包含多服务信用控制AVP的两个实例,用于报告服务3和4使用的单位。服务器从用户帐户(池2)中扣除最后的$5,并在多服务信用控制AVP中返回结果代码为4011的答案,以指示服务3可以在没有信用控制的情况下继续(14)。
The end user logs off from the network (15). To debit the used units from the end user's account and to stop the credit-control session, the service element sends a Diameter Credit-Control-Request with CC-Request-Type set to TERMINATION_REQUEST to the credit-control server (16). This message contains the units consumed by each of the used services in multiple instances of the Multiple-Services-Credit-Control AVP. The used units are associated with the relevant Service-Identifier and Rating-Group. The Diameter credit-control
最终用户从网络注销(15)。为了从最终用户的帐户中借记已用单位并停止信用控制会话,服务元素向信用控制服务器(16)发送一个Diameter信用控制请求,其中CC请求类型设置为TERMINATION_Request。此消息包含多服务信用控制AVP的多个实例中每个已用服务消耗的单位。所使用的单元与相关的服务标识符和评级组相关联。信用控制
server debits the used units to the user's account (Pool 1) and acknowledges the session termination by sending a Diameter Credit-Control-Answer to the service element (17).
服务器将使用的单元记入用户帐户(池1)的借方,并通过向服务元素(17)发送Diameter信用控制应答来确认会话终止。
Authors' Addresses
作者地址
Harri Hakala Oy L M Ericsson Ab Joukahaisenkatu 1 20520 Turku Finland
哈里哈卡拉·欧利·爱立信律师事务所120520芬兰图尔库
Phone: +358 2 265 3722 EMail: Harri.Hakala@ericsson.com
Phone: +358 2 265 3722 EMail: Harri.Hakala@ericsson.com
Leena Mattila Oy L M Ericsson Ab Joukahaisenkatu 1 20520 Turku Finland
Leena Mattila Oy L M Ericsson Ab Joukahaisenkatu 120520芬兰图尔库
Phone: +358 2 265 3731 EMail: Leena.Mattila@ericsson.com
Phone: +358 2 265 3731 EMail: Leena.Mattila@ericsson.com
Juha-Pekka Koskinen Nokia Networks Hatanpaanvaltatie 30 33100 Tampere Finland
Juha Pekka Koskinen诺基亚网络公司芬兰坦佩雷30 33100
Phone: +358 7180 74027 EMail: juha-pekka.koskinen@nokia.com
Phone: +358 7180 74027 EMail: juha-pekka.koskinen@nokia.com
Marco Stura Nokia Networks Hiomotie 32 00380 Helsinki Finland
马尔科·斯图拉诺基亚网络Hiomotie 32 00380芬兰赫尔辛基
Phone: +358 7180 64308 EMail: marco.stura@nokia.com
Phone: +358 7180 64308 EMail: marco.stura@nokia.com
John Loughney Nokia Research Center Itamerenkatu 11-13 00180 Helsinki Finland
芬兰赫尔辛基诺基亚研究中心11-13 00180
Phone: +358 50 483 642 EMail: John.Loughney@nokia.com
Phone: +358 50 483 642 EMail: John.Loughney@nokia.com
Full Copyright Statement
完整版权声明
Copyright (C) The Internet Society (2005).
版权所有(C)互联网协会(2005年)。
This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.
本文件受BCP 78中包含的权利、许可和限制的约束,除其中规定外,作者保留其所有权利。
This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件及其包含的信息是按“原样”提供的,贡献者、他/她所代表或赞助的组织(如有)、互联网协会和互联网工程任务组不承担任何明示或暗示的担保,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。
Intellectual Property
知识产权
The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.
IETF对可能声称与本文件所述技术的实施或使用有关的任何知识产权或其他权利的有效性或范围,或此类权利下的任何许可可能或可能不可用的程度,不采取任何立场;它也不表示它已作出任何独立努力来确定任何此类权利。有关RFC文件中权利的程序信息,请参见BCP 78和BCP 79。
Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.
向IETF秘书处披露的知识产权副本和任何许可证保证,或本规范实施者或用户试图获得使用此类专有权利的一般许可证或许可的结果,可从IETF在线知识产权存储库获取,网址为http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.
IETF邀请任何相关方提请其注意任何版权、专利或专利申请,或其他可能涵盖实施本标准所需技术的专有权利。请将信息发送至IETF的IETF-ipr@ietf.org.
Acknowledgement
确认
Funding for the RFC Editor function is currently provided by the Internet Society.
RFC编辑功能的资金目前由互联网协会提供。