Internet Engineering Task Force (IETF) M. Jones Request for Comments: 6408 Bridgewater Systems Updates: 3588 J. Korhonen Category: Standards Track Nokia Siemens Networks ISSN: 2070-1721 L. Morand Orange Labs November 2011
Internet Engineering Task Force (IETF) M. Jones Request for Comments: 6408 Bridgewater Systems Updates: 3588 J. Korhonen Category: Standards Track Nokia Siemens Networks ISSN: 2070-1721 L. Morand Orange Labs November 2011
Diameter Straightforward-Naming Authority Pointer (S-NAPTR) Usage
直径直接命名机构指针(S-NAPTR)用法
Abstract
摘要
The Diameter base protocol specifies mechanisms whereby a given realm may advertise Diameter nodes and the supported transport protocol. However, these mechanisms do not reveal the Diameter applications that each node supports. A peer outside the realm would have to perform a Diameter capability exchange with every node until it discovers one that supports the required application. This document updates RFC 3588, "Diameter Base Protocol", and describes an improvement using an extended format for the Straightforward-Naming Authority Pointer (S-NAPTR) application service tag that allows for discovery of the supported applications without doing Diameter capability exchange beforehand.
Diameter基本协议指定了一种机制,通过该机制,给定领域可以通告Diameter节点和支持的传输协议。然而,这些机制并没有揭示每个节点支持的Diameter应用程序。领域外的对等方必须与每个节点执行Diameter功能交换,直到发现支持所需应用程序的节点。本文档更新了RFC 3588“Diameter Base Protocol”,并描述了一种改进,该改进使用了直接命名机构指针(S-NAPTR)应用程序服务标签的扩展格式,允许在不事先进行Diameter功能交换的情况下发现受支持的应用程序。
Status of This Memo
关于下段备忘
This is an Internet Standards Track document.
这是一份互联网标准跟踪文件。
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741.
本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。有关互联网标准的更多信息,请参见RFC 5741第2节。
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc6408.
有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc6408.
Copyright Notice
版权公告
Copyright (c) 2011 IETF Trust and the persons identified as the document authors. All rights reserved.
版权所有(c)2011 IETF信托基金和确定为文件作者的人员。版权所有。
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从本文件中提取的代码组件必须包括信托法律条款第4.e节中所述的简化BSD许可证文本,并提供简化BSD许可证中所述的无担保。
Table of Contents
目录
1. Introduction ....................................................2 2. Terminology .....................................................3 2.1. Requirements Language ......................................3 3. Extended NAPTR Service Field Format .............................3 3.1. IETF Standards Track Diameter Applications .................5 3.2. Vendor-Specific Diameter Applications ......................5 4. Backwards Compatibility .........................................5 5. Extended NAPTR-Based Diameter Peer Discovery ....................6 5.1. Examples ...................................................7 6. Usage Guidelines ................................................8 7. IANA Considerations .............................................9 7.1. IETF Diameter Application Service Tags .....................9 7.2. 3GPP Diameter Application Service Tags .....................9 7.3. WiMAX Forum Diameter Application Service Tags .............10 7.4. Vendor-Specific Diameter Application Service Tags .........10 7.5. Diameter Application Protocol Tags ........................11 8. Security Considerations ........................................11 9. Acknowledgments ................................................11 10. References ....................................................12 10.1. Normative References .....................................12 10.2. Informative References ...................................14
1. Introduction ....................................................2 2. Terminology .....................................................3 2.1. Requirements Language ......................................3 3. Extended NAPTR Service Field Format .............................3 3.1. IETF Standards Track Diameter Applications .................5 3.2. Vendor-Specific Diameter Applications ......................5 4. Backwards Compatibility .........................................5 5. Extended NAPTR-Based Diameter Peer Discovery ....................6 5.1. Examples ...................................................7 6. Usage Guidelines ................................................8 7. IANA Considerations .............................................9 7.1. IETF Diameter Application Service Tags .....................9 7.2. 3GPP Diameter Application Service Tags .....................9 7.3. WiMAX Forum Diameter Application Service Tags .............10 7.4. Vendor-Specific Diameter Application Service Tags .........10 7.5. Diameter Application Protocol Tags ........................11 8. Security Considerations ........................................11 9. Acknowledgments ................................................11 10. References ....................................................12 10.1. Normative References .....................................12 10.2. Informative References ...................................14
The Diameter base protocol [RFC3588] specifies three mechanisms for Diameter peer discovery. One of these involves the Diameter implementation performing a Naming Authority Pointer (NAPTR) query [RFC3403] for a server in a particular realm. These NAPTR records
Diameter基本协议[RFC3588]为Diameter对等发现指定了三种机制。其中之一涉及Diameter实现,它为特定领域中的服务器执行命名机构指针(NAPTR)查询[RFC3403]。这些是NAPTR记录
provide a mapping from a domain to the DNS Service Locator (SRV) record [RFC2782] or A/AAAA record [RFC1035] [RFC3596] for contacting a server with the specific transport protocol in the NAPTR services field.
提供从域到DNS服务定位器(SRV)记录[RFC2782]或a/AAAA记录[RFC1035][RFC3596]的映射,以便使用NAPTR服务字段中的特定传输协议联系服务器。
The extended NAPTR usage for Diameter peer discovery defined by this document is based on the Straightforward-NAPTR (S-NAPTR) Dynamic Delegation Discovery System (DDDS) application defined in [RFC3958]. This document updates the Diameter peer discovery procedure described in Section 5.2 of [RFC3588] and defines S-NAPTR application service and application protocol tag values that permit the discovery of Diameter peers that support a specific Diameter application and transport protocol.
本文档定义的Diameter对等发现的扩展NAPTR使用基于[RFC3958]中定义的简单NAPTR(S-NAPTR)动态委托发现系统(DDDS)应用程序。本文件更新了[RFC3588]第5.2节中描述的Diameter对等点发现程序,并定义了允许发现支持特定Diameter应用和传输协议的Diameter对等点的S-NAPTR应用服务和应用协议标签值。
The Diameter base protocol specification (Section 1.3 of [RFC3588]) and the Straightforward-NAPTR (S-NAPTR) DDDS application (Section 2.1 of [RFC3958]) define the terminology used in this document.
Diameter基本协议规范(RFC3588第1.3节)和直接NAPTR(S-NAPTR)DDDS应用程序(RFC3958第2.1节)定义了本文件中使用的术语。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].
本文件中的关键词“必须”、“不得”、“必需”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照[RFC2119]中所述进行解释。
The NAPTR service field format defined by the S-NAPTR DDDS application in [RFC3958] follows this Augmented Backus-Naur Form (ABNF) [RFC5234]:
[RFC3958]中S-NAPTR DDDS应用程序定义的NAPTR服务字段格式遵循此扩展的Backus Naur表格(ABNF)[RFC5234]:
service-parms = [ [app-service] *(":" app-protocol)] app-service = experimental-service / iana-registered-service app-protocol = experimental-protocol / iana-registered-protocol experimental-service = "x-" 1*30ALPHANUMSYM experimental-protocol = "x-" 1*30ALPHANUMSYM iana-registered-service = ALPHA *31ALPHANUMSYM iana-registered-protocol = ALPHA *31ALPHANUMSYM ALPHA = %x41-5A / %x61-7A ; A-Z / a-z DIGIT = %x30-39 ; 0-9 SYM = %x2B / %x2D / %x2E ; "+" / "-" / "." ALPHANUMSYM = ALPHA / DIGIT / SYM ; The app-service and app-protocol tags are limited to 32 ; characters and must start with an alphabetic character. ; The service-parms are considered case-insensitive.
service-parms = [ [app-service] *(":" app-protocol)] app-service = experimental-service / iana-registered-service app-protocol = experimental-protocol / iana-registered-protocol experimental-service = "x-" 1*30ALPHANUMSYM experimental-protocol = "x-" 1*30ALPHANUMSYM iana-registered-service = ALPHA *31ALPHANUMSYM iana-registered-protocol = ALPHA *31ALPHANUMSYM ALPHA = %x41-5A / %x61-7A ; A-Z / a-z DIGIT = %x30-39 ; 0-9 SYM = %x2B / %x2D / %x2E ; "+" / "-" / "." ALPHANUMSYM = ALPHA / DIGIT / SYM ; The app-service and app-protocol tags are limited to 32 ; characters and must start with an alphabetic character. ; The service-parms are considered case-insensitive.
This specification refines the "iana-registered-service" tag definition for the discovery of Diameter agents supporting a specific Diameter application as defined below.
本规范细化了“iana注册服务”标记定义,用于发现支持特定Diameter应用程序的Diameter代理,定义如下。
iana-registered-service =/ aaa-service aaa-service = "aaa+ap" appln-id appln-id = 1*10DIGIT ; Application Identifier expressed as ; a decimal integer without leading ; zeros.
iana-registered-service =/ aaa-service aaa-service = "aaa+ap" appln-id appln-id = 1*10DIGIT ; Application Identifier expressed as ; a decimal integer without leading ; zeros.
The appln-id element is the Application Identifier used to identify a specific Diameter application. The Diameter Application Identifier is a 32-bit unsigned integer, and values are allocated by IANA as defined in [RFC3588].
appln id元素是用于标识特定直径应用程序的应用程序标识符。Diameter应用程序标识符是32位无符号整数,值由IANA分配,如[RFC3588]中所定义。
This specification also refines the "iana-registered-protocol" tag definition for the discovery of Diameter agents supporting a specific Diameter transport protocol as defined below.
本规范还细化了“iana注册协议”标记定义,用于发现支持特定Diameter传输协议的Diameter代理,定义如下。
iana-registered-protocol =/ aaa-protocol aaa-protocol = "diameter." aaa-transport aaa-transport = "tcp" / "sctp" / "tls.tcp"
iana-registered-protocol =/ aaa-protocol aaa-protocol = "diameter." aaa-transport aaa-transport = "tcp" / "sctp" / "tls.tcp"
The S-NAPTR application protocol tags defined by this specification MUST NOT be parsed in any way by the querying application or resolver. The delimiter (".") is present in the tag to improve readability and does not imply a structure or namespace of any kind. The choice of delimiter (".") for the application protocol tag follows the format of existing S-NAPTR application protocol tag registry entries, but this does not imply that it shares semantics with any other specifications that create registry entries with the same format.
查询应用程序或解析器不得以任何方式解析本规范定义的S-NAPTR应用程序协议标记。分隔符(“.”)出现在标记中是为了提高可读性,并不意味着任何类型的结构或命名空间。应用程序协议标记的分隔符(“.”)的选择遵循现有S-NAPTR应用程序协议标记注册表项的格式,但这并不意味着它与创建相同格式注册表项的任何其他规范共享语义。
The S-NAPTR application service and application protocol tags defined by this specification are unrelated to the IANA "Service Name and Transport Protocol Port Number Registry" (see [RFC6335]).
本规范定义的S-NAPTR应用程序服务和应用程序协议标签与IANA“服务名称和传输协议端口号注册表”(见[RFC6335])无关。
The maximum length of the NAPTR service field is 256 octets, including a one-octet length field (see Section 4.1 of [RFC3403] and Section 3.3 of [RFC1035]).
NAPTR服务字段的最大长度为256个八位字节,包括一个八位字节长度字段(参见[RFC3403]第4.1节和[RFC1035]第3.3节)。
A Diameter agent MUST be capable of using the extended S-NAPTR application service tag for dynamic discovery of a Diameter agent supporting Standards Track applications. Therefore, every IETF Standards Track Diameter application MUST be associated with a "aaa-service" tag formatted as defined in this specification and allocated in accordance with IANA policy (see Section 7).
Diameter代理必须能够使用扩展的S-NAPTR应用程序服务标签动态发现支持标准跟踪应用程序的Diameter代理。因此,每个IETF标准磁道直径应用程序必须与本规范中定义的“aaa服务”标签相关联,并根据IANA政策进行分配(见第7节)。
For example, a NAPTR service field value of:
例如,NAPTR服务字段值为:
'aaa+ap6:diameter.sctp'
“aaa+ap6:直径。sctp”
means that the Diameter node in the SRV or A/AAAA record supports the Diameter Session Initiation Protocol (SIP) application ('6') and the Stream Control Transmission Protocol (SCTP) as the transport protocol.
表示SRV或A/AAAA记录中的Diameter节点支持Diameter会话启动协议(SIP)应用程序(“6”)和流控制传输协议(SCTP)作为传输协议。
S-NAPTR application service and application protocol tag values can also be used to discover Diameter peers that support a vendor-specific Diameter application. In this case, the vendor-specific Diameter application MUST be associated with a "aaa-service" tag formatted as defined in this specification and allocated in accordance with IANA policy (see Section 7).
S-NAPTR应用程序服务和应用程序协议标记值也可用于发现支持特定于供应商的Diameter应用程序的Diameter对等点。在这种情况下,特定于供应商的Diameter应用程序必须与“aaa服务”标签相关联,该标签的格式如本规范所定义,并根据IANA政策进行分配(见第7节)。
For example, a NAPTR service field value of:
例如,NAPTR服务字段值为:
'aaa+ap16777251:diameter.sctp'
“aaa+ap16777251:直径.sctp”
means that the Diameter node in the SRV or A/AAAA record supports the Diameter Third Generation Partnership Project (3GPP) S6a application ('16777251') and SCTP as the transport protocol.
表示SRV或A/AAAA记录中的Diameter节点支持Diameter第三代合作伙伴关系项目(3GPP)S6a应用程序(“16777251”)和SCTP作为传输协议。
Domain Name System (DNS) administrators SHOULD also provision legacy NAPTR records [RFC3403] in the RFC 3588 style in order to guarantee backwards compatibility with legacy Diameter peers that are RFC 3588 compliant. If the DNS administrator provisions both extended S-NAPTR records as defined in this specification and legacy RFC 3588 NAPTR records, then the extended S-NAPTR records MUST have higher priority (e.g., lower order and/or preference values) than legacy NAPTR records.
域名系统(DNS)管理员还应提供RFC 3588样式的旧版NAPTR记录[RFC3403],以保证与符合RFC 3588的旧版Diameter对等点的向后兼容性。如果DNS管理员提供了本规范中定义的扩展S-NAPTR记录和旧版RFC 3588 NAPTR记录,则扩展S-NAPTR记录必须具有比旧版NAPTR记录更高的优先级(例如,较低的顺序和/或首选项值)。
The Diameter Peer Discovery principles are described in Section 5.2 of [RFC3588]. This specification updates the NAPTR query procedure in the Diameter peer discovery mechanism by allowing the querying node to determine which applications are supported by resolved Diameter peers.
[RFC3588]第5.2节描述了直径对等发现原则。此规范通过允许查询节点确定解析的Diameter对等点支持哪些应用程序,来更新Diameter对等点发现机制中的NAPTR查询过程。
The extended-format NAPTR records provide a mapping from a domain to the SRV record or A/AAAA record for contacting a server supporting a specific transport protocol and Diameter application. The resource record will contain an empty regular expression and a replacement value, which is the SRV record or the A/AAAA record for that particular transport protocol.
扩展格式NAPTR记录提供从域到SRV记录或a/AAAA记录的映射,用于联系支持特定传输协议和Diameter应用程序的服务器。资源记录将包含一个空正则表达式和一个替换值,这是该特定传输协议的SRV记录或a/AAAA记录。
The assumption for this mechanism to work is that the DNS administrator of the queried domain has first provisioned the DNS with extended-format NAPTR entries. The steps below replace the NAPTR query procedure steps in Section 5.2 of [RFC3588].
此机制工作的假设是,查询域的DNS管理员已首先为DNS提供扩展格式NAPTR条目。以下步骤取代[RFC3588]第5.2节中的NAPTR查询程序步骤。
a. The Diameter implementation performs a NAPTR query for a server in a particular realm. The Diameter implementation has to know in advance in which realm to look for a Diameter agent, and in which Application Identifier it is interested. For example, the realm could be deduced from the Network Access Identifier (NAI) in the User-Name attribute-value pair (AVP) or extracted from the Destination-Realm AVP.
a. Diameter实现为特定领域中的服务器执行NAPTR查询。Diameter实现必须提前知道在哪个领域寻找Diameter代理,以及它感兴趣的应用程序标识符。例如,领域可以从用户名属性值对(AVP)中的网络访问标识符(NAI)推导出来,或者从目标领域AVP提取出来。
b. If the returned NAPTR service fields contain entries formatted as "aaa+apX:Y" where "X" indicates the Application Identifier and "Y" indicates the supported transport protocol(s), the target realm supports the extended format for NAPTR-based Diameter peer discovery defined in this document.
b. 如果返回的NAPTR服务字段包含格式为“aaa+apX:Y”的条目,其中“X”表示应用程序标识符,“Y”表示支持的传输协议,则目标领域支持本文档中定义的基于NAPTR的Diameter对等发现的扩展格式。
If "X" contains the required Application Identifier and "Y" matches a supported transport protocol, the Diameter implementation resolves the "replacement" field entry to a target host using the lookup method appropriate for the "flags" field.
如果“X”包含所需的应用程序标识符,“Y”与支持的传输协议匹配,则Diameter实现使用适用于“flags”字段的查找方法将“replacement”字段条目解析到目标主机。
If "X" does not contain the required Application Identifier or "Y" does not match a supported transport protocol, the Diameter implementation abandons the peer discovery.
如果“X”不包含所需的应用程序标识符或“Y”与支持的传输协议不匹配,则Diameter实现将放弃对等发现。
c. If the returned NAPTR service fields contain entries formatted as "aaa+apX" where "X" indicates the Application Identifier, the target realm supports the extended format for NAPTR-based Diameter peer discovery defined in this document.
c. 如果返回的NAPTR服务字段包含格式为“aaa+apX”的条目,其中“X”表示应用程序标识符,则目标领域支持本文档中定义的基于NAPTR的Diameter对等发现的扩展格式。
If "X" contains the required Application Identifier, the Diameter implementation resolves the "replacement" field entry to a target host using the lookup method appropriate for the "flags" field and attempts to connect using all supported transport protocols following the order specified in Section 2.1 of [RFC3588].
如果“X”包含所需的应用程序标识符,则Diameter实现使用适用于“标志”字段的查找方法将“替换”字段条目解析到目标主机,并尝试按照[RFC3588]第2.1节中指定的顺序使用所有支持的传输协议进行连接。
If "X" does not contain the required Application Identifier, the Diameter implementation abandons the peer discovery.
如果“X”不包含所需的应用程序标识符,Diameter实现将放弃对等发现。
d. If the returned NAPTR service fields contain entries formatted as "aaa:X" where "X" indicates the supported transport protocol(s), the target realm supports Diameter but does not support the extended format for NAPTR-based Diameter peer discovery defined in this document.
d. 如果返回的NAPTR服务字段包含格式为“aaa:X”的条目,其中“X”表示支持的传输协议,则目标域支持Diameter,但不支持本文档中定义的基于NAPTR的Diameter对等发现的扩展格式。
If "X" matches a supported transport protocol, the Diameter implementation resolves the "replacement" field entry to a target host using the lookup method appropriate for the "flags" field.
如果“X”与支持的传输协议匹配,Diameter实现将使用适用于“flags”字段的查找方法将“replacement”字段条目解析到目标主机。
e. If the returned NAPTR service fields contain entries formatted as "aaa", the target realm supports Diameter but does not support the extended format for NAPTR-based Diameter peer discovery defined in this document. The Diameter implementation resolves the "replacement" field entry to a target host using the lookup method appropriate for the "flags" field and attempts to connect using all supported transport protocols following the order specified in Section 2.1 of [RFC3588].
e. 如果返回的NAPTR服务字段包含格式为“aaa”的条目,则目标域支持Diameter,但不支持本文档中定义的基于NAPTR的Diameter对等发现的扩展格式。Diameter实现使用适用于“标志”字段的查找方法将“替换”字段条目解析到目标主机,并尝试按照[RFC3588]第2.1节中指定的顺序使用所有支持的传输协议进行连接。
f. If the target realm does not support NAPTR-based Diameter peer discovery, the client proceeds with the next peer discovery mechanism described in Section 5.2 of [RFC3588].
f. 如果目标领域不支持基于NAPTR的Diameter对等发现,则客户端将继续使用[RFC3588]第5.2节中描述的下一个对等发现机制。
As an example, consider a client that wishes to discover a Diameter server in the ex1.example.com realm that supports the Credit Control application. The client performs a NAPTR query for that domain, and the following NAPTR records are returned:
例如,考虑希望在支持信用控制应用程序的Ex1.1ExpLo.COM领域中发现直径服务器的客户端。客户端对该域执行NAPTR查询,并返回以下NAPTR记录:
;; order pref flags service regexp replacement IN NAPTR 50 50 "s" "aaa:diameter.sctp" "" _diameter._sctp.ex1.example.com IN NAPTR 50 50 "s" "aaa+ap1:diameter.sctp" "" _diameter._sctp.ex1.example.com IN NAPTR 50 50 "s" "aaa+ap4:diameter.sctp" "" _diameter._sctp.ex1.example.com
;; order pref在NAPTR 50 50“s”“aaa:diameter.sctp”“”中标记服务regexp替换。在NAPTR 50“s”“aaa+ap1:diameter.sctp”“”中标记服务regexp替换。在NAPTR 50 50“s”“aaa+ap4:diameter.sctp”“”中标记服务regexp替换。在NAPTR 50 50“s”“aaa+ap4:diameter.sctp”“”中标记服务regexp替换。在NAPTR 50“s”中标记服务regexp替换。在NAPTR 50“aaa+ap4:diameter
This indicates that the server supports NASREQ (ID=1) and Credit Control (ID=4) applications over SCTP. If the client supports SCTP, it will be used, targeted to a host determined by an SRV lookup of _diameter._sctp.ex1.example.com.
这表明服务器通过SCTP支持NASREQ(ID=1)和信用控制(ID=4)应用程序。如果客户端支持SCTP,则会将其用于通过SRV查找_diameter._SCTP.ex1.example.com确定的主机。
That SRV lookup would return:
该SRV查找将返回:
;; Priority Weight Port Target IN SRV 0 1 3868 server1.ex1.example.com IN SRV 0 2 3868 server2.ex1.example.com
;; SRV 0 2 3868 server2.ex1.example.com中SRV 0 1 3868 server1.ex1.example.com中的优先级权重端口目标
As an alternative example, a client wishes to discover a Diameter server in the ex2.example.com realm that supports the NASREQ application over SCTP. The client performs a NAPTR query for that domain, and the following NAPTR records are returned:
作为替代示例,客户机希望在ex2.example.com领域中发现一个Diameter服务器,该服务器支持通过SCTP的NASREQ应用程序。客户端对该域执行NAPTR查询,并返回以下NAPTR记录:
;; order pref flags service regexp replacement IN NAPTR 150 50 "a" "aaa:diameter.sctp" "" server1.ex2.example.com IN NAPTR 150 50 "a" "aaa:diameter.tls.tcp" "" server2.ex2.example.com IN NAPTR 150 50 "a" "aaa+ap1:diameter.sctp" "" server1.ex2.example.com IN NAPTR 150 50 "a" "aaa+ap1:diameter.tls.tcp" "" server2.ex2.example.com
;; order pref在NAPTR 150 50 50“a”中的NAPTR 150 50 50“a”中的“aaa:diameter.sctp”中的server1.ex2.example.com在NAPTR 150 50“a”中的“aaa:diameter.tls.tcp”中的“server2.ex2.example.com在NAPTR 150 50 50“a”中的“aaa+ap1:diameter.tls.tcp”中的“server1.ex2.ex2.example.com”中标记服务regexp替换
This indicates that the server supports NASREQ (ID=1) over SCTP and Transport Layer Security (TLS)/TCP via hosts server1.ex2.example.com and server2.ex2.example.com, respectively.
这表明服务器分别通过主机server1.ex2.example.com和server2.ex2.example.com通过SCTP和传输层安全性(TLS)/TCP支持NASREQ(ID=1)。
Diameter is a peer-to-peer protocol, whereas most of the applications that extend the base protocol behave like client/server applications. The role of the peer is not advertised in the NAPTR tags and not even communicated during Diameter capability negotiation (Capabilities-Exchange-Request and Capabilities-Exchange-Answer message exchange). For this reason, NAPTR-based Diameter peer discovery for an application defining client/server roles should only be used by a client to discover servers.
Diameter是一种对等协议,而扩展基本协议的大多数应用程序的行为类似于客户机/服务器应用程序。对等方的角色不会在NAPTR标记中公布,甚至在Diameter能力协商(能力交换请求和能力交换应答消息交换)期间也不会进行通信。因此,对于定义客户机/服务器角色的应用程序,基于NAPTR的Diameter对等发现只应由客户机用于发现服务器。
IANA has reserved a value of "aaa" for Diameter in the "(S-NAPTR) Application Service Tag" registry created by [RFC3958]. IANA has also reserved the following S-NAPTR application service tags for existing IETF Diameter applications in the same registry.
IANA已在[RFC3958]创建的“(S-NAPTR)应用程序服务标签”注册表中为直径保留了“aaa”值。IANA还为同一注册表中的现有IETF Diameter应用程序保留了以下S-NAPTR应用程序服务标签。
+------------------+----------------------------+ | Tag | Diameter Application | +------------------+----------------------------+ | aaa+ap1 | NASREQ [RFC3588] | | aaa+ap2 | Mobile IPv4 [RFC4004] | | aaa+ap3 | Base Accounting [RFC3588] | | aaa+ap4 | Credit Control [RFC4006] | | aaa+ap5 | EAP [RFC4072] | | aaa+ap6 | SIP [RFC4740] | | aaa+ap7 | Mobile IPv6 IKE [RFC5778] | | aaa+ap8 | Mobile IPv6 Auth [RFC5778] | | aaa+ap9 | QoS [RFC5866] | | aaa+ap4294967295 | Relay [RFC3588] | +------------------+----------------------------+
+------------------+----------------------------+ | Tag | Diameter Application | +------------------+----------------------------+ | aaa+ap1 | NASREQ [RFC3588] | | aaa+ap2 | Mobile IPv4 [RFC4004] | | aaa+ap3 | Base Accounting [RFC3588] | | aaa+ap4 | Credit Control [RFC4006] | | aaa+ap5 | EAP [RFC4072] | | aaa+ap6 | SIP [RFC4740] | | aaa+ap7 | Mobile IPv6 IKE [RFC5778] | | aaa+ap8 | Mobile IPv6 Auth [RFC5778] | | aaa+ap9 | QoS [RFC5866] | | aaa+ap4294967295 | Relay [RFC3588] | +------------------+----------------------------+
Future IETF Diameter applications MUST reserve the S-NAPTR application service tag corresponding to the allocated Diameter Application ID as defined in Section 3.
未来的IETF Diameter应用程序必须保留与第3节中定义的分配Diameter应用程序ID相对应的S-NAPTR应用程序服务标签。
IANA has reserved the following S-NAPTR application service tags for existing 3GPP Diameter applications in the "S-NAPTR Application Service Tag" registry created by [RFC3958].
IANA已在[RFC3958]创建的“S-NAPTR应用程序服务标签”注册表中为现有3GPP Diameter应用程序保留了以下S-NAPTR应用程序服务标签。
+----------------+----------------------+ | Tag | Diameter Application | +----------------+----------------------+ | aaa+ap16777250 | 3GPP STa [TS29.273] | | aaa+ap16777251 | 3GPP S6a [TS29.272] | | aaa+ap16777264 | 3GPP SWm [TS29.273] | | aaa+ap16777267 | 3GPP S9 [TS29.215] | +----------------+----------------------+
+----------------+----------------------+ | Tag | Diameter Application | +----------------+----------------------+ | aaa+ap16777250 | 3GPP STa [TS29.273] | | aaa+ap16777251 | 3GPP S6a [TS29.272] | | aaa+ap16777264 | 3GPP SWm [TS29.273] | | aaa+ap16777267 | 3GPP S9 [TS29.215] | +----------------+----------------------+
Future 3GPP Diameter applications can reserve entries in the "S-NAPTR Application Service Tag" registry created by [RFC3958] that correspond to the allocated Diameter Application IDs as defined in Section 3.
未来的3GPP Diameter应用程序可以在[RFC3958]创建的“S-NAPTR应用程序服务标签”注册表中保留与第3节中定义的分配的Diameter应用程序ID相对应的条目。
IANA has reserved the following S-NAPTR application service tags for existing Worldwide Interoperability for Microwave Access (WiMAX) Forum Diameter applications in the "S-NAPTR Application Service Tag" registry created by [RFC3958].
IANA已在[RFC3958]创建的“S-NAPTR应用程序服务标签”注册表中为现有的全球微波接入互操作性(WiMAX)论坛DIAMER应用程序保留了以下S-NAPTR应用程序服务标签。
+----------------+--------------------------------------------------+ | Tag | Diameter Application | +----------------+--------------------------------------------------+ | aaa+ap16777281 | WiMAX Network Access Authentication and | | | Authorization Diameter Application (WNAAADA) | | | [WiMAX-BASE] | | aaa+ap16777282 | WiMAX Network Accounting Diameter Application | | | (WNADA) [WiMAX-BASE] | | aaa+ap16777283 | WiMAX MIP4 Diameter Application (WM4DA) | | | [WiMAX-BASE] | | aaa+ap16777284 | WiMAX MIP6 Diameter Application (WM6DA) | | | [WiMAX-BASE] | | aaa+ap16777285 | WiMAX DHCP Diameter Application (WDDA) | | | [WiMAX-BASE] | | aaa+ap16777286 | WiMAX Location Authentication Authorization | | | Diameter Application (WLAADA) [WiMAX-LBS] | | aaa+ap16777287 | WiMAX Policy and Charging Control R3 Policies | | | Diameter Application (WiMAX PCC-R3-P) | | | [WiMAX-PCC] | | aaa+ap16777288 | WiMAX Policy and Charging Control R3 Offline | | | Charging Diameter Application (WiMAX PCC-R3-OFC) | | | [WiMAX-PCC] | | aaa+ap16777289 | WiMAX Policy and Charging Control R3 Offline | | | Charging Prime Diameter Application (WiMAX | | | PCC-R3-OFC-PRIME) [WiMAX-PCC] | | aaa+ap16777290 | WiMAX Policy and Charging Control R3 Online | | | Charging Diameter Application (WiMAX PCC-R3-OC) | | | [WiMAX-PCC] | +----------------+--------------------------------------------------+
+----------------+--------------------------------------------------+ | Tag | Diameter Application | +----------------+--------------------------------------------------+ | aaa+ap16777281 | WiMAX Network Access Authentication and | | | Authorization Diameter Application (WNAAADA) | | | [WiMAX-BASE] | | aaa+ap16777282 | WiMAX Network Accounting Diameter Application | | | (WNADA) [WiMAX-BASE] | | aaa+ap16777283 | WiMAX MIP4 Diameter Application (WM4DA) | | | [WiMAX-BASE] | | aaa+ap16777284 | WiMAX MIP6 Diameter Application (WM6DA) | | | [WiMAX-BASE] | | aaa+ap16777285 | WiMAX DHCP Diameter Application (WDDA) | | | [WiMAX-BASE] | | aaa+ap16777286 | WiMAX Location Authentication Authorization | | | Diameter Application (WLAADA) [WiMAX-LBS] | | aaa+ap16777287 | WiMAX Policy and Charging Control R3 Policies | | | Diameter Application (WiMAX PCC-R3-P) | | | [WiMAX-PCC] | | aaa+ap16777288 | WiMAX Policy and Charging Control R3 Offline | | | Charging Diameter Application (WiMAX PCC-R3-OFC) | | | [WiMAX-PCC] | | aaa+ap16777289 | WiMAX Policy and Charging Control R3 Offline | | | Charging Prime Diameter Application (WiMAX | | | PCC-R3-OFC-PRIME) [WiMAX-PCC] | | aaa+ap16777290 | WiMAX Policy and Charging Control R3 Online | | | Charging Diameter Application (WiMAX PCC-R3-OC) | | | [WiMAX-PCC] | +----------------+--------------------------------------------------+
Future WiMAX Forum Diameter applications can reserve entries in the "S-NAPTR Application Service Tag" registry created by [RFC3958] that correspond to the allocated Diameter Application IDs as defined in Section 3.
未来的WiMAX Forum Diameter应用程序可以在[RFC3958]创建的“S-NAPTR应用程序服务标签”注册表中保留与第3节中定义的分配的Diameter应用程序ID相对应的条目。
Vendor-Specific Diameter Application IDs are allocated by IANA according to the "First Come First Served" policy and do not require an IETF specification. However, the S-NAPTR application service tag registry created by [RFC3958] defines a registration policy of
供应商特定的DIAMER应用程序ID由IANA根据“先到先得”策略分配,不需要IETF规范。但是,由[RFC3958]创建的S-NAPTR应用程序服务标记注册表定义了
"Specification Required" with a further stipulation that the "specification" is an RFC (of any category). If a vendor-specific Diameter application requires the functionality defined in this document, an RFC of any category MUST be published that reserves the S-NAPTR Application Service Tag corresponding to the Vendor-Specific Diameter Application ID as defined in Section 3.
“要求规范”,并进一步规定“规范”为RFC(任何类别)。如果供应商特定直径应用程序需要本文件中定义的功能,则必须发布任何类别的RFC,该RFC保留与第3节中定义的供应商特定直径应用程序ID对应的S-NAPTR应用程序服务标签。
IANA has reserved the following S-NAPTR Application Protocol Tags for the Diameter transport protocols in the "S-NAPTR Application Protocol Tag" registry created by [RFC3958].
IANA已在[RFC3958]创建的“S-NAPTR应用协议标签”注册表中为Diameter传输协议保留了以下S-NAPTR应用协议标签。
+------------------+----------+ | Tag | Protocol | +------------------+----------+ | diameter.tcp | TCP | | diameter.sctp | SCTP | | diameter.tls.tcp | TLS/TCP | +------------------+----------+
+------------------+----------+ | Tag | Protocol | +------------------+----------+ | diameter.tcp | TCP | | diameter.sctp | SCTP | | diameter.tls.tcp | TLS/TCP | +------------------+----------+
Future Diameter versions that introduce new transport protocols MUST reserve an appropriate S-NAPTR Application Protocol Tag in the "S-NAPTR Application Protocol Tag" registry created by [RFC3958].
引入新传输协议的未来Diameter版本必须在[RFC3958]创建的“S-NAPTR应用协议标记”注册表中保留适当的S-NAPTR应用协议标记。
This document specifies an enhancement to the NAPTR service field format defined in RFC 3588 and also modifications to the NAPTR processing logic defined in RFC 3588. The enhancement and modifications are based on the S-NAPTR, which is actually a simplification of the NAPTR, and therefore the same security considerations described in RFC 3588 [RFC3588] are applicable to this document. No further extensions are required beyond the security mechanisms offered by RFC 3588. However, a malicious host doing S-NAPTR queries learns applications supported by Diameter agents in a certain realm faster, which might help the malicious host to scan potential targets for an attack more efficiently when some applications have known vulnerabilities.
本文件规定了对RFC 3588中定义的NAPTR服务字段格式的增强,以及对RFC 3588中定义的NAPTR处理逻辑的修改。增强和修改基于S-NAPTR,这实际上是NAPTR的简化,因此RFC 3588[RFC3588]中描述的相同安全注意事项适用于本文件。除RFC 3588提供的安全机制外,无需进一步扩展。但是,执行S-NAPTR查询的恶意主机可以更快地学习特定领域中Diameter代理支持的应用程序,这可能有助于恶意主机在某些应用程序存在已知漏洞时更有效地扫描潜在攻击目标。
We would like to thank Glen Zorn, Avi Lior, Itsuma Tanaka, Sebastien Decugis, Dan Romascanu, Adrian Farrel, David Harrington, Pete Resnick, Robert Sparks, Stephen Farrell, Wesley Eddy, Ralph Droms, and Joe Touch for their comprehensive review comments.
我们要感谢格伦·佐恩、阿维·利奥、伊苏玛·田中、塞巴斯蒂安·德库吉斯、丹·罗马斯坎努、阿德里安·法雷尔、大卫·哈灵顿、皮特·雷斯尼克、罗伯特·斯帕克斯、斯蒂芬·法雷尔、卫斯理·艾迪、拉尔夫·德罗姆斯和乔·Touch对我们的全面评论。
[RFC1035] Mockapetris, P., "Domain names - implementation and specification", STD 13, RFC 1035, November 1987.
[RFC1035]Mockapetris,P.,“域名-实现和规范”,STD 13,RFC 1035,1987年11月。
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[RFC2782] Gulbrandsen, A., Vixie, P., and L. Esibov, "A DNS RR for specifying the location of services (DNS SRV)", RFC 2782, February 2000.
[RFC2782]Gulbrandsen,A.,Vixie,P.和L.Esibov,“用于指定服务位置(DNS SRV)的DNS RR”,RFC 2782,2000年2月。
[RFC3403] Mealling, M., "Dynamic Delegation Discovery System (DDDS) Part Three: The Domain Name System (DNS) Database", RFC 3403, October 2002.
[RFC3403]Mealling,M.“动态委托发现系统(DDDS)第三部分:域名系统(DNS)数据库”,RFC34032002年10月。
[RFC3588] Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and J. Arkko, "Diameter Base Protocol", RFC 3588, September 2003.
[RFC3588]Calhoun,P.,Loughney,J.,Guttman,E.,Zorn,G.,和J.Arkko,“直径基础协议”,RFC 3588,2003年9月。
[RFC3596] Thomson, S., Huitema, C., Ksinant, V., and M. Souissi, "DNS Extensions to Support IP Version 6", RFC 3596, October 2003.
[RFC3596]Thomson,S.,Huitema,C.,Ksinant,V.,和M.Souissi,“支持IP版本6的DNS扩展”,RFC 3596,2003年10月。
[RFC3958] Daigle, L. and A. Newton, "Domain-Based Application Service Location Using SRV RRs and the Dynamic Delegation Discovery Service (DDDS)", RFC 3958, January 2005.
[RFC3958]Daigle,L.和A.Newton,“使用SRV RRs和动态委托发现服务(DDDS)的基于域的应用程序服务定位”,RFC 3958,2005年1月。
[RFC4004] Calhoun, P., Johansson, T., Perkins, C., Hiller, T., Ed., and P. McCann, "Diameter Mobile IPv4 Application", RFC 4004, August 2005.
[RFC4004]Calhoun,P.,Johansson,T.,Perkins,C.,Hiller,T.,Ed.,和P.McCann,“Diameter移动IPv4应用”,RFC 40042005年8月。
[RFC4006] Hakala, H., Mattila, L., Koskinen, J-P., Stura, M., and J. Loughney, "Diameter Credit-Control Application", RFC 4006, August 2005.
[RFC4006]Hakala,H.,Mattila,L.,Koskinen,J-P.,Stura,M.,和J.Loughney,“直径信用控制应用”,RFC 4006,2005年8月。
[RFC4072] Eronen, P., Ed., Hiller, T., and G. Zorn, "Diameter Extensible Authentication Protocol (EAP) Application", RFC 4072, August 2005.
[RFC4072]Eronen,P.,Ed.,Hiller,T.,和G.Zorn,“直径可扩展认证协议(EAP)应用”,RFC 4072,2005年8月。
[RFC4740] Garcia-Martin, M., Ed., Belinchon, M., Pallares-Lopez, M., Canales-Valenzuela, C., and K. Tammi, "Diameter Session Initiation Protocol (SIP) Application", RFC 4740, November 2006.
[RFC4740]Garcia Martin,M.,Ed.,Belinchon,M.,Pallares Lopez,M.,Canales Valenzuela,C.,和K.Tammi,“Diameter会话启动协议(SIP)应用”,RFC 47402006年11月。
[RFC5234] Crocker, D., Ed., and P. Overell, "Augmented BNF for Syntax Specifications: ABNF", STD 68, RFC 5234, January 2008.
[RFC5234]Crocker,D.,Ed.,和P.Overell,“语法规范的扩充BNF:ABNF”,STD 68,RFC 5234,2008年1月。
[RFC5778] Korhonen, J., Ed., Tschofenig, H., Bournelle, J., Giaretta, G., and M. Nakhjiri, "Diameter Mobile IPv6: Support for Home Agent to Diameter Server Interaction", RFC 5778, February 2010.
[RFC5778]Korhonen,J.,Ed.,Tschofenig,H.,Bournelle,J.,Giaretta,G.,和M.Nakhjiri,“Diameter移动IPv6:对归属代理到Diameter服务器交互的支持”,RFC 5778,2010年2月。
[RFC5866] Sun, D., Ed., McCann, P., Tschofenig, H., Tsou, T., Doria, A., and G. Zorn, Ed., "Diameter Quality-of-Service Application", RFC 5866, May 2010.
[RFC5866]Sun,D.,Ed.,McCann,P.,Tschofenig,H.,Tsou,T.,Doria,A.,和G.Zorn,Ed.“直径服务质量应用”,RFC 5866,2010年5月。
[TS29.215] 3rd Generation Partnership Project, "3GPP TS 29.215; Technical Specification Group Core Network and Terminals; Policy and Charging Control (PCC) over S9 reference point; Stage 3 (Release 8)", <http://www.3gpp.org/ftp/Specs/html-info/29215.htm>.
[TS29.215]第三代合作伙伴项目,“3GPP TS 29.215;技术规范组核心网络和终端;S9参考点上的策略和计费控制(PCC);第3阶段(版本8)”<http://www.3gpp.org/ftp/Specs/html-info/29215.htm>.
[TS29.272] 3rd Generation Partnership Project, "3GPP TS 29.272; Technical Specification Group Core Network and Terminals; Evolved Packet System (EPS); Mobility Management Entity (MME) and Serving GPRS Support Node (SGSN) Related Interfaces Based on Diameter Protocol (Release 8)", <http://www.3gpp.org/ftp/Specs/html-info/29272.htm>.
[TS29.272]第三代合作伙伴项目,“3GPP TS 29.272;技术规范组核心网络和终端;演进分组系统(EPS);基于Diameter协议的移动管理实体(MME)和服务GPRS支持节点(SGSN)相关接口(第8版)”<http://www.3gpp.org/ftp/Specs/html-info/29272.htm>.
[TS29.273] 3rd Generation Partnership Project, "3GPP TS 29.273; Technical Specification Group Core Network and Terminals; Evolved Packet System (EPS); 3GPP EPS AAA interfaces (Release 8)", <http://www.3gpp.org/ftp/Specs/html-info/29273.htm>.
[TS29.273]第三代合作伙伴项目,“3GPP TS 29.273;技术规范组核心网络和终端;演进分组系统(EPS);3GPP EPS AAA接口(第8版)”<http://www.3gpp.org/ftp/Specs/html-info/29273.htm>.
[WiMAX-BASE] WiMAX Forum, "WMF-T33-001-R015v02 - WiMAX Forum(R) Network Architecture - Detailed Protocols and Procedures, Base Specification - Release 1.5", <http://www.wimaxforum.org/resources/ documents/technical/T33>.
[WiMAX基础]WiMAX论坛,“WMF-T33-001-R015v02-WiMAX论坛(R)网络架构-详细协议和程序,基础规范-1.5版”<http://www.wimaxforum.org/resources/ 文档/技术/T33>。
[WiMAX-LBS] WiMAX Forum, "WMF-T33-110-R015v01 - WiMAX Forum(R) Network Architecture - Protocols and Procedures for Location Based Services - Release 1.5", <http://www.wimaxforum.org/resources/ documents/technical/T33>.
[WiMAX LBS]WiMAX论坛,“WMF-T33-110-R015v01-WiMAX论坛(R)网络架构-基于位置的服务的协议和程序-1.5版”<http://www.wimaxforum.org/resources/ 文档/技术/T33>。
[WiMAX-PCC] WiMAX Forum, "WMF-T33-109-R015v02 - WiMAX Forum(R) Network Architecture - Detailed Protocols and Procedures, Policy and Charging Control - Release 1.5", <http://www.wimaxforum.org/resources/ documents/technical/T33>.
[WiMAX PCC]WiMAX论坛,“WMF-T33-109-R015v02-WiMAX论坛(R)网络架构-详细协议和程序、策略和计费控制-1.5版”<http://www.wimaxforum.org/resources/ 文档/技术/T33>。
[RFC6335] Cotton, M., Eggert, L., Touch, J., Westerlund, M., and S. Cheshire, "Internet Assigned Numbers Authority (IANA) Procedures for the Management of the Service Name and Transport Protocol Port Number Registry", BCP 165, RFC 6335, August 2011.
[RFC6335]Cotton,M.,Eggert,L.,Touch,J.,Westerlund,M.,和S.Cheshire,“互联网分配号码管理局(IANA)服务名称和传输协议端口号注册管理程序”,BCP 165,RFC 63352011年8月。
Authors' Addresses
作者地址
Mark Jones Bridgewater Systems
马克·琼斯·布里奇沃特系统公司
EMail: mark@azu.ca
EMail: mark@azu.ca
Jouni Korhonen Nokia Siemens Networks
Jouni Korhonen诺基亚西门子网络公司
EMail: jouni.nospam@gmail.com
EMail: jouni.nospam@gmail.com
Lionel Morand Orange Labs
莱昂内尔·莫兰橙色实验室
EMail: lionel.morand@orange.com
EMail: lionel.morand@orange.com