Network Working Group K. Jiao Internet-Draft Huawei Intended status: Standards Track G. Zorn Expires: June 4, 2010 Network Zen December 1, 2009 The Diameter Capabilities Update Application draft-ietf-dime-capablities-update-01 Abstract This document defines a new Diameter application and associated command codes. The Capabilities Update application is intended to allow the dynamic update of Diameter peer capabilities while the peer-to-peer connection is in the open state. Status of this Memo This Internet-Draft is submitted to IETF in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. This Internet-Draft will expire on June 4, 2010. Copyright Notice Copyright (c) 2009 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of Jiao & Zorn Expires June 4, 2010 [Page 1] Internet-Draft Diameter Capabilities Update December 2009 publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the BSD License. Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Specification of Requirements . . . . . . . . . . . . . . . . . 3 3. Diameter Protocol Considerations . . . . . . . . . . . . . . . 3 4. Capabilities Update . . . . . . . . . . . . . . . . . . . . . . 3 4.1. Command-Code Values . . . . . . . . . . . . . . . . . . . . 4 4.1.1. Capabilities-Update-Request . . . . . . . . . . . . . . 5 4.1.2. Capabilities-Update-Answer . . . . . . . . . . . . . . 5 5. Security Considerations . . . . . . . . . . . . . . . . . . . . 6 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 6 6.1. Application Identifier . . . . . . . . . . . . . . . . . . 6 6.2. Command Codes . . . . . . . . . . . . . . . . . . . . . . . 6 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 6 7.1. Normative References . . . . . . . . . . . . . . . . . . . 6 7.2. Informative References . . . . . . . . . . . . . . . . . . 6 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 6 Jiao & Zorn Expires June 4, 2010 [Page 2] Internet-Draft Diameter Capabilities Update December 2009 1. Introduction Capabilities exchange is an important component of the Diameter Base Protocol [RFC3588], allowing peers to exchange identities and Diameter capabilities (protocol version number, supported Diameter applications, security mechanisms, etc.). As defined in RFC 3588, however, the capabilities exchange process takes place only once, at the inception of a transport connection between a given pair of peers. Therefore, if a peer's capabilities change (due to software update, for example), the existing connection(s) must be torn down (along with all of the associated user sessions) and restarted before the modified capabilities can be advertised. This document defines a new Diameter application intended to allow the dynamic update of Diameter peer capabilities over an existing connection. Because the Capabilities Update application specified here operates over an existing transport connection, modification of the security mechanism in use is not allowed; if the security method used between a pair of peers is changed the affected connection MUST be restarted. Discussion of this draft may be directed to the dime Working Group of the IETF (dime@ietf.org). 2. Specification of Requirements The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119]. 3. Diameter Protocol Considerations This section details the relationship of the Diameter Capabilities Update application to the Diameter Base Protocol. This document specifies Diameter Application-ID . Diameter nodes conforming to this specification MUST advertise support by including the value in the Auth-Application-Id of the Capabilities-Exchange-Req and Capabilities-Exchange-Answer commands [RFC3588]. 4. Capabilities Update When the capabilities of a Diameter node conforming to this specification change, it SHOULD notify all of the nodes with which it Jiao & Zorn Expires June 4, 2010 [Page 3] Internet-Draft Diameter Capabilities Update December 2009 has an open transport connection and have also advertised support for the Capabilities Update application using the Capabilities-Update- Request message Section 4.1.1. This message allows the update of a peer's capabilities (protocol version number, supported Diameter applications, etc.). The receiver only issues commands to its peers that have advertised support for the Diameter application that defines the command. A Diameter node MUST cache the supported applications in order to ensure that unrecognized commands and/or AVPs are not unnecessarily sent to a peer. The receiver of the CUR MUST determine common applications by computing the intersection of its own set of supported Application Id against all of the application identifier AVPs (Auth-Application-Id, Acct-Application-Id and Vendor-Specific- Application-Id) present in the CUR. The value of the Vendor-Id AVP in the Vendor-Specific- Application-Id MUST NOT be used during computation. If the receiver of a Capabilities-Update-Req (CUR) message does not have any applications in common with the sender then it MUST return a Capabilities-Update-Answer (CUA) Section 4.1.2 with the Result-Code AVP set to DIAMETER_NO_COMMON_APPLICATION, and SHOULD disconnect the transport layer connection; however, if active sessions are using the connection, peers MAY delay disconnection until the sessions can be redirected or gracefully terminated. Note that receiving a CUA from a peer advertising itself as a Relay (see [RFC3588], Section 2.4) MUST be interpreted as having common applications with the peer. The CUR and CUA messages MUST NOT be proxied, redirected or relayed. Even though the CUR/CUA messages cannot be proxied, it is still possible for an upstream agent to receive a message for which there are no peers available to handle the application that corresponds to the Command-Code. This could happen if, for example, the peers are too busy or down. In such instances, the 'E' bit MUST be set in the answer message with the Result-Code AVP set to DIAMETER_UNABLE_TO_DELIVER to inform the downstream peer to take action (e.g., re-routing requests to an alternate peer). 4.1. Command-Code Values This section defines Command-Code [RFC3588] values that MUST be supported by all Diameter implementations conforming to this specification. The following Command Codes are defined in this document: Capabilities-Update-Request (CUR, Section 4.1.1) and Capabilities-Update-Answer (CUA, Section 4.1.2). Jiao & Zorn Expires June 4, 2010 [Page 4] Internet-Draft Diameter Capabilities Update December 2009 4.1.1. Capabilities-Update-Request The Capabilities-Update-Request (CUR), indicated by the Command-Code set to and the Command Flags' 'R' bit set, is sent to update local capabilities. Upon detection of a transport failure, this message MUST NOT be sent to an alternate peer. When Diameter is run over SCTP [RFC4960], which allows connections to span multiple interfaces and multiple IP addresses, the Capabilities- Update-Request message MUST contain one Host-IP-Address AVP for each potential IP address that may be locally used when transmitting Diameter messages. Message Format ::= < Diameter Header: TBD2, REQ > { Origin-Host } { Origin-Realm } 1* { Host-IP-Address } { Vendor-Id } { Product-Name } [ Origin-State-Id ] * [ Supported-Vendor-Id ] * [ Auth-Application-Id ] * [ Acct-Application-Id ] * [ Vendor-Specific-Application-Id ] [ Firmware-Revision ] * [ AVP ] 4.1.2. Capabilities-Update-Answer The Capabilities-Update-Answer indicated by the Command-Code set to and the Command Flags' 'R' bit set, is sent in response to a CUR message. Message Format ::= < Diameter Header: TBD3 > { Origin-Host } { Origin-Realm } { Result-Code } [ Error-Message ] * [ AVP ] Jiao & Zorn Expires June 4, 2010 [Page 5] Internet-Draft Diameter Capabilities Update December 2009 5. Security Considerations The security considerations applicable to the Diameter Base Protocol [RFC3588] are also applicable to this document. 6. IANA Considerations This section explains the criteria to be used by the IANA for assignment of numbers within namespaces used within this document. 6.1. Application Identifier This specification assigns the value from the Application Identifiers namespace defined in RFC 3588. See Section 3 for the assignment of the namespace in this specification. 6.2. Command Codes This specification assigns the values and from the Command Codes namespace defined in RFC 3588. See Section 4.1 for the assignment of the namespace in this specification. 7. References 7.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC3588] Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and J. Arkko, "Diameter Base Protocol", RFC 3588, September 2003. 7.2. Informative References [RFC4960] Stewart, R., "Stream Control Transmission Protocol", RFC 4960, September 2007. Jiao & Zorn Expires June 4, 2010 [Page 6] Internet-Draft Diameter Capabilities Update December 2009 Authors' Addresses Jiao Kang Huawei Technologies Section B1, Huawei Industrial Base Bantian, Longgang District Shenzhen 518129 P.R. China Phone: +86 755 2878-6690 Email: kangjiao@huawei.com Glen Zorn Network Zen 1310 East Thomas Street Seattle, Washington 98102 USA Email: gwz@net-zen.net Jiao & Zorn Expires June 4, 2010 [Page 7]