Internet Engineering Task Force (IETF) K. Jiao
Request for Comments: 6737 Huawei
Category: Standards Track G. Zorn
ISSN: 2070-1721 Network Zen
October 2012
Internet Engineering Task Force (IETF) K. Jiao
Request for Comments: 6737 Huawei
Category: Standards Track G. Zorn
ISSN: 2070-1721 Network Zen
October 2012
The Diameter Capabilities Update Application
Diameter功能更新应用程序
Abstract
摘要
This document defines a new Diameter application and associated Command Codes. The Capabilities Update application is intended to allow the dynamic update of certain Diameter peer capabilities while the peer-to-peer connection is in the open state.
本文档定义了一个新的Diameter应用程序和相关的命令代码。Capabilities Update应用程序旨在允许在对等连接处于打开状态时动态更新某些Diameter对等功能。
Status of This Memo
关于下段备忘
This is an Internet Standards Track document.
这是一份互联网标准跟踪文件。
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741.
本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。有关互联网标准的更多信息,请参见RFC 5741第2节。
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc6737.
有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc6737.
Copyright Notice
版权公告
Copyright (c) 2012 IETF Trust and the persons identified as the document authors. All rights reserved.
版权所有(c)2012 IETF信托基金和确定为文件作者的人员。版权所有。
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从本文件中提取的代码组件必须包括信托法律条款第4.e节中所述的简化BSD许可证文本,并提供简化BSD许可证中所述的无担保。
Table of Contents
目录
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Specification of Requirements . . . . . . . . . . . . . . . . . 2
3. Diameter Protocol Considerations . . . . . . . . . . . . . . . 3
4. Capabilities Update . . . . . . . . . . . . . . . . . . . . . . 3
4.1. Command Code Values . . . . . . . . . . . . . . . . . . . . 4
4.1.1. Capabilities-Update-Request . . . . . . . . . . . . . . 4
4.1.2. Capabilities-Update-Answer . . . . . . . . . . . . . . 5
5. Security Considerations . . . . . . . . . . . . . . . . . . . . 5
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 5
6.1. Application Identifier . . . . . . . . . . . . . . . . . . 5
6.2. Command Codes . . . . . . . . . . . . . . . . . . . . . . . 5
7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 5
8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 5
9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 6
9.1. Normative References . . . . . . . . . . . . . . . . . . . 6
9.2. Informative References . . . . . . . . . . . . . . . . . . 6
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Specification of Requirements . . . . . . . . . . . . . . . . . 2
3. Diameter Protocol Considerations . . . . . . . . . . . . . . . 3
4. Capabilities Update . . . . . . . . . . . . . . . . . . . . . . 3
4.1. Command Code Values . . . . . . . . . . . . . . . . . . . . 4
4.1.1. Capabilities-Update-Request . . . . . . . . . . . . . . 4
4.1.2. Capabilities-Update-Answer . . . . . . . . . . . . . . 5
5. Security Considerations . . . . . . . . . . . . . . . . . . . . 5
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 5
6.1. Application Identifier . . . . . . . . . . . . . . . . . . 5
6.2. Command Codes . . . . . . . . . . . . . . . . . . . . . . . 5
7. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 5
8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 5
9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 6
9.1. Normative References . . . . . . . . . . . . . . . . . . . 6
9.2. Informative References . . . . . . . . . . . . . . . . . . 6
Capabilities exchange is an important component of the Diameter base protocol [RFC6733], allowing peers to exchange identities and Diameter capabilities (protocol version number, supported Diameter applications, security mechanisms, etc.). As defined in RFC 3588, however, the capabilities exchange process takes place only once, at the inception of a transport connection between a given pair of peers. Therefore, if a peer's capabilities change (due to a software update, for example), the existing connection(s) must be torn down (along with all of the associated user sessions) and restarted before the modified capabilities can be advertised.
能力交换是Diameter基本协议[RFC6733]的重要组成部分,允许对等方交换身份和Diameter能力(协议版本号、支持的Diameter应用程序、安全机制等)。然而,如RFC 3588中所定义,在给定对等点对之间的传输连接开始时,功能交换过程只发生一次。因此,如果对等方的功能发生更改(例如,由于软件更新),则必须先断开现有连接(以及所有相关的用户会话)并重新启动,然后才能公布修改后的功能。
This document defines a new Diameter application intended to allow the dynamic update of a subset of Diameter peer capabilities over an existing connection. Because the Capabilities Update application specified herein operates over an existing transport connection, modification of certain capabilities is prohibited. Specifically, modifying the security mechanism in use is not allowed; if the security method used between a pair of peers is changed, the affected connection MUST be restarted.
本文档定义了一个新的Diameter应用程序,旨在允许通过现有连接动态更新Diameter对等功能的子集。由于此处指定的功能更新应用程序在现有传输连接上运行,因此禁止修改某些功能。具体而言,不允许修改使用中的安全机制;如果更改了一对对等方之间使用的安全方法,则必须重新启动受影响的连接。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119].
本文件中的关键词“必须”、“不得”、“要求”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照RFC 2119[RFC2119]中所述进行解释。
This section details the relationship of the Diameter Capabilities Update application to the Diameter base protocol.
本节详细介绍Diameter功能更新应用程序与Diameter基本协议的关系。
This document specifies Diameter Application-Id 10. Diameter nodes conforming to this specification MUST advertise support by including the value 10 in the Auth-Application-Id of the Capabilities-Exchange-Request (CER) and Capabilities-Exchange-Answer (CEA) commands [RFC6733].
本文档指定直径应用程序Id 10。符合本规范的Diameter节点必须通过在功能交换请求(CER)和功能交换应答(CEA)命令[RFC6733]的身份验证应用程序Id中包含值10来公布支持。
When the capabilities of a Diameter node conforming to this specification change, the node MUST notify all of the nodes with which it has an open transport connection and which have also advertised support for the Capabilities Update application using the Capabilities-Update-Request (CUR) message (Section 4.1.1). This message allows the update of a peer's capabilities (supported Diameter applications, etc.).
当符合本规范的Diameter节点的能力发生变化时,该节点必须使用能力更新请求(CUR)消息(第4.1.1节)通知所有与其有开放传输连接的节点,以及已公布支持能力更新应用程序的节点。此消息允许更新对等方的功能(支持的Diameter应用程序等)。
A Diameter node only issues a given command to those peers that have advertised support for the Diameter application that defines the command; a Diameter node must cache the supported applications in order to ensure that unrecognized commands and/or Attribute-Value Pairs (AVPs) are not unnecessarily sent to a peer.
Diameter节点仅向已公布支持定义该命令的Diameter应用程序的对等方发出给定命令;Diameter节点必须缓存支持的应用程序,以确保不会不必要地将无法识别的命令和/或属性值对(AVP)发送到对等方。
The receiver of the CUR MUST determine common applications by computing the intersection of its own set of supported Application Ids against all of the Application-Id AVPs (Auth-Application-Id, Acct-Application-Id, and Vendor-Specific-Application-Id) present in the CUR. The value of the Vendor-Id AVP in the Vendor-Specific-Application-Id MUST NOT be used during computation.
CUR的接收者必须通过计算其自己的一组受支持的应用程序Id与CUR中存在的所有应用程序Id AVP(身份验证应用程序Id、账户应用程序Id和供应商特定应用程序Id)的交集来确定公共应用程序。在计算过程中,不得使用供应商特定应用程序Id中的供应商Id AVP值。
If the receiver of a CUR does not have any applications in common with the sender, then it MUST return a Capabilities-Update-Answer (CUA) (Section 4.1.2) with the Result-Code AVP set to DIAMETER_NO_COMMON_APPLICATION [RFC6733], and it SHOULD disconnect the transport-layer connection. However, if active sessions are using the connection, peers MAY delay disconnection until the sessions can be redirected or gracefully terminated. Note that receiving a CUA from a peer advertising itself as a relay (see [RFC6733], Section 2.4) MUST be interpreted as having common applications with the peer.
如果CUR的接收器与发送器没有任何共同的应用程序,则必须返回一个功能更新应答(CUA)(第4.1.2节),结果代码AVP设置为DIAMETER_NO_common_APPLICATION[RFC6733],并应断开传输层连接。但是,如果活动会话正在使用连接,对等方可能会延迟断开连接,直到会话可以重定向或正常终止。请注意,从对等方接收CUA作为中继(参见[RFC6733],第2.4节)进行广告,必须解释为与对等方有共同的应用程序。
As for CER/CEA messages, the CUR and CUA messages MUST NOT be proxied, redirected, or relayed.
对于CER/CEA消息,不得代理、重定向或中继CUR和CUA消息。
Even though the CUR/CUA messages cannot be proxied, it is still possible for an upstream agent to receive a message for which there are no peers available to handle the application that corresponds to the Command Code. This could happen if, for example, the peers are too busy or down. In such instances, the 'E' bit MUST be set in the answer message with the Result-Code AVP set to DIAMETER_UNABLE_TO_DELIVER to inform the downstream peer to take action (e.g., re-routing requests to an alternate peer).
即使不能代理CUR/CUA消息,上游代理仍然可以接收没有对等方可用于处理与命令代码对应的应用程序的消息。例如,如果对等方太忙或停机,则可能发生这种情况。在这种情况下,必须在应答消息中设置“E”位,结果代码AVP设置为DIAMETER_UNABLE_to_DELIVER,以通知下游对等方采取行动(例如,将请求重新路由到备用对等方)。
This section defines Command Code [RFC6733] values that MUST be supported by all Diameter implementations conforming to this specification. The following Command Codes are defined in this document: Capabilities-Update-Request (CUR, Section 4.1.1), and Capabilities-Update-Answer (CUA, Section 4.1.2). The Diameter Command Code Format (CCF) ([RFC6733], Section 3.2) is used in the definitions.
本节定义了所有符合本规范的直径实施必须支持的命令代码[RFC6733]值。本文件中定义了以下命令代码:能力更新请求(CUR,第4.1.1节)和能力更新应答(CUA,第4.1.2节)。定义中使用直径命令代码格式(CCF)([RFC6733],第3.2节)。
The Capabilities-Update-Request (CUR), indicated by the Command Code set to 328 and the Command Flags' 'R' bit set, is sent to update local capabilities. Upon detection of a transport failure, this message MUST NOT be sent to an alternate peer.
由设置为328的命令代码和设置的命令标志“R”位指示的功能更新请求(CUR)被发送以更新本地功能。在检测到传输故障时,不得将此消息发送给备用对等方。
When Diameter is run over the Stream Control Transmission Protocol (SCTP) [RFC4960], which allows connections to span multiple interfaces and multiple IP addresses, the Capabilities-Update-Request message MUST contain one Host-IP-Address AVP for each potential IP address that may be locally used when transmitting Diameter messages.
当Diameter通过流控制传输协议(SCTP)[RFC4960]运行时,允许连接跨越多个接口和多个IP地址,对于传输Diameter消息时可能在本地使用的每个潜在IP地址,功能更新请求消息必须包含一个主机IP地址AVP。
Message Format
消息格式
<CUR> ::= < Diameter Header: 328, REQ >
{ Origin-Host }
{ Origin-Realm }
1* { Host-IP-Address }
{ Vendor-Id }
{ Product-Name }
[ Origin-State-Id ]
* [ Supported-Vendor-Id ]
* [ Auth-Application-Id ]
* [ Acct-Application-Id ]
* [ Vendor-Specific-Application-Id ]
[ Firmware-Revision ]
* [ AVP ]
<CUR> ::= < Diameter Header: 328, REQ >
{ Origin-Host }
{ Origin-Realm }
1* { Host-IP-Address }
{ Vendor-Id }
{ Product-Name }
[ Origin-State-Id ]
* [ Supported-Vendor-Id ]
* [ Auth-Application-Id ]
* [ Acct-Application-Id ]
* [ Vendor-Specific-Application-Id ]
[ Firmware-Revision ]
* [ AVP ]
The Capabilities-Update-Answer, indicated by the Command Code set to 328 and the Command Flags' 'R' bit cleared, is sent in response to a CUR message.
功能更新应答(由设置为328的命令代码和清除的命令标志“R”位指示)是响应CUR消息发送的。
Message Format
消息格式
<CUA> ::= < Diameter Header: 328 >
{ Origin-Host }
{ Origin-Realm }
{ Result-Code }
[ Error-Message ]
* [ AVP ]
<CUA> ::= < Diameter Header: 328 >
{ Origin-Host }
{ Origin-Realm }
{ Result-Code }
[ Error-Message ]
* [ AVP ]
The security considerations applicable to the Diameter base protocol [RFC6733] are also applicable to this document.
适用于Diameter base协议[RFC6733]的安全注意事项也适用于本文件。
This section explains the criteria to be used by the IANA for assignment of numbers within namespaces used within this document.
本节解释IANA在本文档中使用的名称空间内分配数字时使用的标准。
This specification assigns the value 10 (Diameter Capabilities Update) from the Application Identifiers namespace [RFC6733]. See Section 3 for the assignment of the namespace in this specification.
本规范从应用程序标识符名称空间[RFC6733]分配值10(直径能力更新)。有关本规范中名称空间的分配,请参见第3节。
This specification assigns the value 328 (Capabilities-Update-Request/Capabilities-Update-Answer (CUR/CUA)) from the Command Codes namespace [RFC6733]. See Section 4.1 for the assignment of the namespace in this specification.
本规范从命令代码命名空间[RFC6733]分配值328(能力更新请求/能力更新应答(CUR/CUA))。有关本规范中名称空间的分配,请参见第4.1节。
This document is based upon work done by Tina Tsou.
本文件基于Tina Tsou所做的工作。
Thanks to Sebastien Decugis, Niklas Neumann, Subash Comerica, Lionel Morand, Dan Romascanu, Dan Harkins, and Ravi for helpful review and discussion.
感谢Sebastien Decugis、Niklas Neumann、Subash Comerica、Lionel Morand、Dan Romascanu、Dan Harkins和Ravi进行了有益的回顾和讨论。
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[RFC6733] Fajardo, V., Arkko, J., Loughney, J., and G. Zorn, "Diameter Base Protocol", RFC 6733, October 2012.
[RFC6733]Fajardo,V.,Arkko,J.,Loughney,J.,和G.Zorn,“直径基准协议”,RFC 67332012年10月。
[RFC4960] Stewart, R., "Stream Control Transmission Protocol", RFC 4960, September 2007.
[RFC4960]Stewart,R.,“流控制传输协议”,RFC 49602007年9月。
Authors' Addresses
作者地址
Jiao Kang Huawei Technologies Section F1, Huawei Industrial Base Bantian, Longgang District Shenzhen 518129 P.R. China
中国深圳市龙岗区华为工业基地坂田角康华为技术部一楼邮编:518129
EMail: kangjiao@huawei.com
EMail: kangjiao@huawei.com
Glen Zorn Network Zen 227/358 Thanon Sanphawut Bang Na, Bangkok 10260 Thailand
格伦佐恩网络禅宗227/358泰国曼谷Thanon Sanphawut Bang Na 10260
Phone: +66 (0) 909-201060
EMail: glenzorn@gmail.com
Phone: +66 (0) 909-201060
EMail: glenzorn@gmail.com