One document matched: draft-ietf-dime-qos-attributes-15.xml
<?xml version="1.0" encoding="UTF-8"?>
<?xml-stylesheet type='text/xsl' href='./rfc2629.xslt' ?>
<?rfc toc="yes"?>
<?rfc symrefs="yes"?>
<?rfc compact="no" ?>
<?rfc sortrefs="yes" ?>
<?rfc strict="yes" ?>
<?rfc linkmailto="yes" ?>
<!DOCTYPE rfc SYSTEM "rfc2629.dtd" [
<!ENTITY RFC2119 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2119.xml'>
<!ENTITY RFC4005 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.4005.xml'>
<!ENTITY RFC3588 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.3588.xml'>
<!ENTITY RFC2780 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2780.xml'>
<!ENTITY RFC2474 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2474.xml'>
<!ENTITY I-D.ietf-dime-rfc3588bis PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-dime-rfc3588bis.xml'>
<!ENTITY I-D.ietf-dime-diameter-qos PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml3/reference.I-D.ietf-dime-diameter-qos.xml'>
<!ENTITY RFC3290 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.3290.xml'>
<!ENTITY RFC2475 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.2475.xml'>
<!ENTITY RFC3168 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.3168.xml'>
<!ENTITY RFC5226 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.5226.xml'>
<!ENTITY RFC5624 PUBLIC ''
'http://xml.resource.org/public/rfc/bibxml/reference.RFC.5624.xml'>]>
<?xml-stylesheet type='text/xsl' href='rfc2629.xslt' ?>
<?rfc toc="yes" ?>
<?rfc symrefs="yes" ?>
<?rfc sortrefs="yes"?>
<?rfc iprnotified="no" ?>
<?rfc strict="no" ?>
<?rfc compact="yes" ?>
<?rfc subcompact="yes" ?>
<rfc ipr="pre5378Trust200902" category="std" docName="draft-ietf-dime-qos-attributes-15.txt">
<front>
<title abbrev="QoS Attributes for Diameter">Traffic Classification and Quality of Service
Attributes for Diameter</title>
<author initials="J" surname="Korhonen" fullname="Jouni Korhonen">
<organization>Nokia Siemens Networks</organization>
<address>
<postal>
<street>Linnoitustie 6</street>
<city>Espoo</city>
<code>02600</code>
<country>Finland</country>
</postal>
<email>jouni.korhonen@nsn.com</email>
</address>
</author>
<author initials="H." surname="Tschofenig" fullname="Hannes Tschofenig">
<organization>Nokia Siemens Networks</organization>
<address>
<postal>
<street>Linnoitustie 6</street>
<city>Espoo</city>
<code>02600</code>
<country>Finland</country>
</postal>
<phone>+358 (50) 4871445</phone>
<email>Hannes.Tschofenig@gmx.net</email>
<uri>http://www.tschofenig.priv.at</uri>
</address>
</author>
<author initials="M." surname="Arumaithurai" fullname="Mayutan Arumaithurai">
<organization abbrev="University of Goettingen">University of Goettingen</organization>
<address>
<postal>
<street/>
<city> </city>
<region> </region>
<code> </code>
<country> </country>
</postal>
<email>mayutan.arumaithurai@gmail.com</email>
</address>
</author>
<author role="editor" initials="M." surname="Jones" fullname="Mark Jones">
<organization>Bridgewater Systems</organization>
<address>
<postal>
<street>303 Terry Fox Drive, Suite 500</street>
<city>Ottawa</city>
<region>Ontario</region>
<code>K2K 3J1</code>
<country>Canada</country>
</postal>
<phone>+1 613-591-6655</phone>
<email>mark.jones@bridgewatersystems.com</email>
</address>
</author>
<author initials="A" surname="Lior" fullname="Avi Lior">
<organization>Bridgewater Systems</organization>
<address>
<postal>
<street>303 Terry Fox Drive, Suite 500</street>
<city>Ottawa</city>
<region>Ontario</region>
<code>K2K 3J1</code>
<country>Canada</country>
</postal>
<phone>+1 613-591-6655</phone>
<email>avi@bridgewatersystems.com</email>
</address>
</author>
<date year="2009"/>
<area>Operations and Management</area>
<workgroup>Diameter Maintenance and Extensions (DIME)</workgroup>
<keyword>Internet-Draft</keyword>
<keyword>Diameter</keyword>
<keyword>QoS Attributes</keyword>
<keyword>Traffic classification</keyword>
<keyword>Filtering</keyword>
<keyword>Firewalling</keyword>
<abstract>
<t>This document defines a number of Diameter attribute-value pairs (AVP) for traffic
classification with actions for filtering and Quality of Service (QoS) treatment. These
AVPs can be used in existing and future Diameter applications where permitted by the
Augmented Backus-Naur Form (ABNF) specification of the respective Diameter command
extension policy.</t>
</abstract>
</front>
<!-- ====================================================================== -->
<middle>
<!-- ====================================================================== -->
<section anchor="introduction" title="Introduction">
<t>This document defines a number of Diameter attribute-value pairs (AVP) for traffic
classification with actions for filtering and Quality of Service (QoS) treatment. These
AVPs can be used in existing and future Diameter applications where permitted by the
Augmented Backus-Naur Form (ABNF) specification of the respective Diameter command
extension policy.</t>
<t>The work on Quality of Service treatment and filtering via Diameter dates back to the
Base protocol described in RFC 3588 <xref target="RFC3588"/>. The
filtering and QoS functionality was provided by the IPFilterRule AVP and the
QoSFilterRule AVP. Both AVPs relied on syntax based on the FreeBSD ipfw tool for traffic
classification. The functionality of the QoSFilterRule AVP was underspecified in RFC 3588
<xref target="RFC3588"/> and was later updated by RFC 4005 <xref target="RFC4005"/>.</t>
<t>As part of the work on updating RFC 3588, the functionality of the IPFilterRule and the
QoSFilterRule was revised by the functionality offered by this document with the goals
of a uniform and extensible traffic classification mechanism in a native Diameter syntax
(instead of the free text previously used). Additionally an extensible set of actions is
provided that offers the ability for filtering and for QoS treatment, whereby the QoS
functionality was extended to meet the needs of today's networking environments. </t>
<t>The QoS-Resources AVP represents a complete rule set with each rule represented by a
Filter-Rule AVP. Each rule consists of information for handling conflict resolution,
a conditions part and the corresponding actions to be performed if the conditions
are satisfied. The AVPs responsible for expressing a
condition are defined in <xref target="conditions"/>. The capability to match all or a
subset of the data traffic is provided. This includes the ability to match on Ethernet
specific attributes which was not possible with the QoS-Filter-Rule AVP. Service
differentiation may be based on Ethernet priority bits, a single layer of VLAN-IDs or
stacked VLAN-IDs, LLC attributes, MAC addresses or any combination thereof. The header
fields used for Ethernet classification are defined in the IEEE802 series of
specifications: <xref target="IEEE802.2"/>, <xref target="IEEE802.1ad"/>, <xref
target="IEEE802.1Q"/> and <xref target="IEEE802.1D"/>. Additionally, time-based
conditions can be expressed based on the functionality offered by the attributes in
<xref target="time-condition"/>.</t>
<t>The action part of a rule contains the type of traffic treatment and further
description regarding QoS related actions.</t>
<t>The QoS policy rules are defined as Diameter encoded Attribute Value Pairs (AVPs)
described using a modified version of the Augmented Backus-Naur Form (ABNF), see <xref
target="RFC3588"/>. The AVP datatypes are also taken from <xref target="RFC3588"
/>.</t>
</section>
<!-- ====================================================================== -->
<section title="Terminology">
<t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD
NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as
described in RFC 2119 <xref target="RFC2119"/>. </t>
</section>
<!-- ====================================================================== -->
<section title="Rule Sets and Rules">
<t>As mentioned in the introduction the top-level element is the QoS-Resources AVP that
encapsulates one or more Filter-Rule AVPs.</t>
<section title="QoS-Resources AVP">
<t>The QoS-Resources AVP (AVP Code TBD) is of type Grouped and contains a list of
filter policy rules. </t>
<t>
<figure>
<artwork><![CDATA[
QoS-Resources ::= < AVP Header: XXX >
1*{ Filter-Rule }
* [ AVP ]
]]></artwork>
</figure>
</t>
</section>
<section title="Filter-Rule AVP">
<t>The Filter-Rule AVP (AVP Code TBD) is of type Grouped and defines a specific condition
and action combination.</t>
<t>
<figure>
<artwork><![CDATA[
Filter-Rule ::= < AVP Header: XXX >
[ Filter-Rule-Precedence ]
; Condition part of a Rule
; ------------------------
[ Classifier ]
* [ Time-Of-Day-Condition ]
; Action and Meta-Data
; --------------------
[ Treatment-Action ]
; Info about QoS related Actions
; ------------------------------
[ QoS-Semantics ]
[ QoS-Profile-Template ]
[ QoS-Parameters ]
[ Excess-Treatment ]
; Extension Point
; ---------------
* [ AVP ]
]]></artwork>
</figure>
</t>
<t>If the QoS-Profile-Template AVP is not included in the Filter-Rule AVP and the
Treatment-Action AVP is set to 'shape' or 'mark" then the default setting is
assumed, namely a setting of the Vendor-Id AVP to 0 (for IETF) and the
QoS-Profile-Id AVP to zero (0) (for the profile defined in <xref target="RFC5624"/>).
Note that the content of the QoS-Parameters are defined in the respective
specification defining the QoS parameters. When the Vendor-Id AVP is set to 0 (for
IETF) and the QoS-Profile-Id AVP is set to zero (0) then the AVPs included in the
QoS-Parameters AVP are the AVPs defined in <xref target="RFC5624"/>.</t>
</section>
<section title="Filter-Rule-Precedence AVP">
<t>The Filter-Rule-Precedence AVP (AVP Code TBD) is of type Unsigned32 and specifies the
execution order of the rules expressed in the QoS-Resources AVP. The lower the
numerical value of Filter-Rule-Precedence AVP, the higher the rule precedence. Rules
with equal precedence MAY be executed in parallel if supported by the Resource
Management Function. If the Filter-Rule-Precedence AVP is absent from the Filter-Rule AVP,
the rules SHOULD be executed in the order in which they appear in the QoS-Resources
AVP.</t>
</section>
</section>
<!-- ====================================================================== -->
<section anchor="conditions" title="Conditions">
<t>This section describes the condition part of a rule. Two condition types are introduced
by this document: packet classification conditions represented by the Classifier AVP and
time of day conditions represented by the Time-Of-Day-Condition AVP.</t>
<t>If more than one instance of the Time-Of-Day-Condition AVP is present in the Filter-Rule
AVP, the current time at rule evaluation MUST be within at least one of the time
windows specified in one of the Time-Of-Day-Condition AVPs. </t>
<t>When the Time-Of-Day-Condition AVP and Classifier AVP are present in the same Filter-Rule
AVP, both the time of day and packet classification conditions MUST match for the traffic
treatment action to be applied. </t>
<section anchor="classifier" title="Traffic Classifiers">
<t> Classifiers are used in many applications to specify how to select a subset of data
packets for subsequent treatment as indicated in the action part of a rule. For
example in a QoS application, if a packet matches a classifier then that packet will
be treated in accordance with a QoS specification associated with that classifier.
<xref target="classifier-arch"/> shows a typical deployment.</t>
<t>
<figure anchor="classifier-arch" title="Example of a Classifier Architecture">
<artwork><![CDATA[
+-----------+
+-----------+|
+--------+ +-------------+ +------------+||
| | IN | | | |||
| +--------->| +------------->| |||
|Managed | | Classifying | | Unmanaged |||
|Terminal| OUT | Entity | | Terminal |||
| |<---------+ |<-------------+ ||+
| | | | | |+
+--------+ +-------------+ +------------+
^
| Classifiers
|
+------+------+
| |
| AAA |
| |
+-------------+
]]></artwork>
</figure>
</t>
<t>The managed terminal, the terminal for which the classifiers are being specified is
located on the left of the Classifying Entity. The unmanaged terminals, the terminals
that receive packets from the Managed terminal or send packets to the managed
terminal are located to the right side of the Classifying Entity.</t>
<t>The Classifying Entity is responsible for classifying packets that are incoming (IN)
from the Managed Terminal or packets outgoing (OUT) to the Managed Terminal.</t>
<t>A Classifier consists of a group of attributes that specify how to match a packet.
Each set of attributes expresses values about aspects of the packet - typically the
packet header. Different protocols therefore would use different attributes.</t>
<t>In general a Classifier consists of the following:</t>
<t>
<list style="hanging">
<t hangText="Identifier:">
<vspace blankLines="1"/> The identifier uniquely identifies this classifier and
may be used to reference the classifier from another structure. <vspace
blankLines="1"/></t>
<t hangText="From:"><vspace blankLines="1"/> Specifies the rule for matching the
protocol specific source address(es) part of the packet. <vspace blankLines="1"
/></t>
<t hangText="To:"><vspace blankLines="1"/> Specifies the rule for matching the
protocol specific destination address(es) part of the packet. <vspace
blankLines="1"/></t>
<t hangText="Protocol:"><vspace blankLines="1"/> Specifies the matching protocol
of the packet. <vspace blankLines="1"/></t>
<t hangText="Direction:"><vspace blankLines="1"/> Specifies whether the classifier
is to apply to packets flowing from the Managed Terminal (IN) or to packets
flowing to the Managed Terminal (OUT), or packets flowing in both direction.
<vspace blankLines="1"/></t>
<t hangText="Options:"><vspace blankLines="1"/> Attributes or properties
associated with each protocol or layer, or various values specific to the
header of the protocol or layer. Options allow matching on those values.
<vspace blankLines="1"/></t>
</list>
</t>
<t>Each protocol type will have a specific set of attributes that can be used to specify
a classifier for that protocol. These attributes will be grouped under a grouped AVP
called a Classifier AVP.</t>
<section title="Classifier AVP">
<t>The Classifier AVP (AVP Code TBD) is a grouped AVP that consists of a set of
attributes that specify how to match a packet.</t>
<t>
<figure>
<artwork><![CDATA[
Classifier ::= < AVP Header: XXX >
{ Classifier-ID }
[ Protocol ]
[ Direction ]
* [ From-Spec ]
* [ To-Spec ]
* [ Diffserv-Code-Point ]
[ Fragmentation-Flag ]
* [ IP-Option ]
* [ TCP-Option ]
[ TCP-Flags ]
* [ ICMP-Type ]
* [ ETH-Option ]
* [ AVP ]
]]></artwork>
</figure>
</t>
</section>
<!-- ====================================================================== -->
<section title="Classifier-ID AVP">
<t>The Classifier-ID AVP (AVP Code TBD) is of type OctetString and uniquely
identifies the classifier. Each application will define the uniqueness scope of
this identifier, e.g. unique per terminal or globally unique. Exactly one
Classifier-ID AVP MUST be contained within a Classifier AVP. </t>
</section>
<!-- ====================================================================== -->
<section title="Protocol AVP">
<t>The Protocol AVP (AVP Code TBD) is of type Enumerated and specifies the protocol
being matched. The attributes included in the Classifier AVP MUST be consistent
with the value of the Protocol AVP. Exactly zero or one Protocol AVP may be
contained within a Classifier AVP. If the Protocol AVP is omitted from the
Classifier, then comparison of the protocol of the packet is irrelevant. The
values for this AVP are managed by IANA under the Protocol Numbers registry as
defined in <xref target="RFC2780"/>. </t>
</section>
<!-- ====================================================================== -->
<section title="Direction AVP">
<t>The Direction AVP (AVP Code TBD) is of type Enumerated and specifies in which
direction to apply the Classifier. The values of the enumeration are:
"IN","OUT","BOTH". In the "IN" and "BOTH" directions, the From-Spec refers to the
address of the Managed Terminal and the To-Spec refers to the unmanaged terminal.
In the "OUT" direction, the From-Spec refers to the Unmanaged Terminal whereas the
To-Spec refers to the Managed Terminal. If the Direction AVP is omitted, the
Classifier matches packets flowing in both directions.</t>
<t>
<figure>
<artwork><![CDATA[
Value | Name and Semantic
------+--------------------------------------------------
0 | IN - The classifier applies to flows from the
| Managed Terminal.
1 | OUT - The classifier applies to flows to the
| Managed Terminal.
2 | BOTH - The classifier applies to flows both to
| and from the Managed Terminal.
]]></artwork>
</figure>
</t>
</section>
<!-- ====================================================================== -->
<section title="From-Spec AVP">
<t>The From-Spec AVP (AVP Code TBD) is a grouped AVP that specifies the Source
Specification used to match the packet. Zero or more of these AVPs may appear in
the Classifier. If this AVP is absent from the Classifier then all packets are
matched regardless of the source address. If more than one instance of this AVP
appears in the Classifier then the source of the packet can match any From-Spec
AVP. The contents of this AVP are protocol specific.</t>
<t>If one instance (or multiple instances) of the IP address AVP (IP-Address,
IP-Address-Range, IP-Address-Mask, Use-Assigned-Address) appear in the From-Spec
AVP then the source IP address of the packet MUST match one of the addresses
represented by these AVPs.</t>
<t>If more that one instance of the layer 2 address AVPs (MAC-Address,
MAC-Address-Mask, EUI64-Address, EUI64-Address-Mask) appears in the From-Spec then
the the source layer 2 address of the packet MUST match one of the addresses
represented in these AVPs.</t>
<t>If more that one instance of the port AVPs (Port, Port-Range) appears in the
From-Spec AVP then the source port number MUST match one of the port numbers
represented in these AVPs.</t>
<t>If the IP address, MAC address and port AVPs appear in the same From-Spec AVP then
the source packet MUST match all the specifications, i.e. match the IP address AND
MAC address AND port number.</t>
<t>
<figure>
<artwork><![CDATA[
From-Spec ::= < AVP Header: XXX >
* [ IP-Address ]
* [ IP-Address-Range ]
* [ IP-Address-Mask ]
* [ MAC-Address ]
* [ MAC-Address-Mask]
* [ EUI64-Address ]
* [ EUI64-Address-Mask]
* [ Port ]
* [ Port-Range ]
[ Negated ]
[ Use-Assigned-Address ]
* [ AVP ]
]]></artwork>
</figure>
</t>
</section>
<!-- ====================================================================== -->
<section title="To-Spec AVP">
<t>The To-Spec AVP (AVP Code TBD) is a grouped AVP that specifies the Destination
Specification used to match the packet. Zero or more of these AVPs may appear in
the Classifier. If this AVP is absent from the Classifier then all packets are
matched regardless of the destination address. If more than one instance of this
AVP appears in the Classifier then the destination of the packet can match any
To-Spec AVP. The contents of this AVP are protocol specific.</t>
<t>If one instance (or multiple instances) of the IP address AVP (IP-Address,
IP-Address-Range, IP-Address-Mask, Use-Assigned-Address) appear in the To-Spec AVP
then the destination IP address of the packet MUST match one of the addresses
represented by these AVPs.</t>
<t>If more that one instance of the layer 2 address AVPs (MAC-Address,
MAC-Address-Mask, EUI64-Address, EUI64-Address-Mask) appears in the To-Spec then
the the destination layer 2 address of the packet MUST match one of the addresses
represented in these AVPs.</t>
<t>If more that one instance of the port AVPs (Port, Port-Range) appears in the
To-Spec AVP then the destination port number MUST match one of the port numbers
represented in these AVPs.</t>
<t>If the IP address, MAC address and port AVPs appear in the same To-Spec AVP then
the destination packet MUST match all the specifications, i.e. match the IP
address AND MAC address AND port number.</t>
<t>
<figure>
<artwork><![CDATA[
To-Spec ::= < AVP Header: XXX >
* [ IP-Address ]
* [ IP-Address-Range ]
* [ IP-Address-Mask ]
* [ MAC-Address ]
* [ MAC-Address-Mask]
* [ EUI64-Address ]
* [ EUI64-Address-Mask]
* [ Port ]
* [ Port-Range ]
[ Negated ]
[ Use-Assigned-Address ]
* [ AVP ]
]]></artwork>
</figure>
</t>
</section>
<!-- ====================================================================== -->
<section title="Source and Destination AVPs">
<t>For packet classification the contents of the From-Spec and To-Spec can contain
the AVPs listed in the subsections below.</t>
<section title="Negated AVP">
<t>The Negated AVP (AVP Code TBD) of type Enumerated containing the values of True
or False. Exactly zero or one of these AVPs may appear in the From-Spec or
To-Spec AVP.</t>
<t>When set to True the meaning of the match is inverted. Addresses other than
those in the To-Spec and From-Spec are to be matched instead. When set to
False, or when the AVP is not included then the address specified To-Spec and
From-Spec AVP are to be matched.</t>
<t>Note that the negation does not impact the port comparisons.</t>
<t>
<figure>
<artwork><![CDATA[
Value | Name
------+--------
0 | False
1 | True
]]></artwork>
</figure>
</t>
</section>
<!-- ====================================================================== -->
<section title="IP-Address AVP">
<t>The IP-Address AVP (AVP Code TBD) is of type Address and specifies a single IP
address (IPv4 or IPv6) address to match.</t>
</section>
<section title="IP-Address-Range AVP">
<t>The IP-Address-Range AVP (AVP Code TBD) is of type Grouped and specifies an
inclusive IP address range.</t>
<t>
<figure>
<artwork><![CDATA[
IP-Address-Range ::= < AVP Header: XXX >
[ IP-Address-Start ]
[ IP-Address-End ]
* [ AVP ]
]]></artwork>
</figure>
</t>
<t>If the IP-Address-Start AVP is not included then the address range starts from
the first valid IP address up to and including the specified IP-Address-End
address.</t>
<t>If the IP-Address-End AVP is not included then the address range starts at the
address specified by the IP-Address-Start AVP and includes all the remaining
valid IP addresses.</t>
<t>For the IP-Address-Range AVP to be valid, the IP-Address-Start AVP MUST contain
a value that is less than that of the IP-Address-End AVP. </t>
</section>
<section title="IP-Address-Start AVP">
<t>The IP-Address-Start AVP (AVP Code TBD) is of type Address and specifies the
first IP address (IPv4 or IPv6) address of an IP address range. </t>
</section>
<section title="IP-Address-End AVP">
<t>The IP-Address-End AVP (AVP Code TBD) is of type Address and specifies the last
IP address (IPv4 or IPv6) address of an address range. </t>
</section>
<section title="IP-Address-Mask AVP">
<t>The IP-Address-Mask AVP (AVP Code TBD) is of type Grouped and specifies an IP
address range using a base IP address and the bit-width of the mask. For
example, a range expressed as 192.0.2.0/24 will match all IP addresses from
192.0.2.0 up to and including 192.0.2.255. The bit-width MUST be valid for the
type of IP address.</t>
<t>
<figure>
<artwork><![CDATA[
IP-Address-Mask ::= < AVP Header: XXX >
{ IP-Address }
{ IP-Bit-Mask-Width }
* [ AVP ]
]]></artwork>
</figure>
</t>
</section>
<section title="IP-Mask-Bit-Mask-Width AVP">
<t>The IP-Bit-Mask-Width AVP (AVP Code TBD) is of type Unsigned32. The value
specifies the width of an IP address bit-mask.</t>
</section>
<section title="MAC-Address AVP">
<t>The MAC-Address AVP (AVP Code TBD) is of type OctetString and specifies a
single layer 2 address in MAC-48 format. The value is a 6 octets encoding of
the address as it would appear in the frame header.</t>
</section>
<section title="MAC-Address-Mask AVP">
<t>The MAC-Address-Mask AVP (AVP Code TBD) is of type Grouped and specifies a set
of MAC addresses using a bit mask to indicate the bits of the MAC addresses
which must fit to the specified MAC address attribute. For example, a
MAC-Address-Mask with the MAC-Address as 00-10-A4-23-00-00 and with a
MAC-Address-Mask-Pattern of FF-FF-FF-FF-00-00 will match all MAC addresses from
00-10-A4-23-00-00 up to and including 00-10-A4-23-FF-FF. </t>
<t><xref target="mask-considerations"/> describes the considerations that should
be given to the use of MAC address masks in constructing Classifiers.</t>
<t>
<figure>
<artwork><![CDATA[MAC-Address-Mask ::= < AVP Header: XXX >
{ MAC-Address }
{ MAC-Address-Mask-Pattern }
* [ AVP ]]]></artwork>
</figure>
</t>
</section>
<section title="MAC-Address-Mask-Pattern AVP">
<t>The MAC-Address-Mask-Pattern AVP (AVP Code TBD) is of type OctetString. The
value is a 6 octets specifying the bit positions of a MAC address, that are
taken for matching.</t>
</section>
<section title="EUI64-Address AVP">
<t>The EUI64-Address AVP (AVP Code TBD) is of type OctetString and specifies a
single layer 2 address in EUI-64 format. The value is a 8 octets encoding of
the address as it would appear in the frame header.</t>
</section>
<section title="EUI64-Address-Mask AVP">
<t>The EUI64-Address-Mask AVP (AVP Code TBD) is of type Grouped and specifies a
set of EUI64 addresses using a bit mask to indicate the bits of the EUI64
addresses which must fit to the specified EUI64 address attribute. For example,
a EUI64-Address-Mask with the EUI64-Address as 00-10-A4-FF-FE-23-00-00 and with
a EUI64-Address-Mask-Pattern of FF-FF-FF-FF-FF-FF-00-00 will match all EUI64
addresses from 00-10-A4-FF-FE-23-00-00 up to and including
00-10-A4-FF-FE-23-FF-FF. </t>
<t><xref target="mask-considerations"/> describes the considerations that should
be given to the use of EUI64 address masks in constructing Classifiers.</t>
<t>
<figure>
<artwork><![CDATA[EUI64-Address-Mask ::= < AVP Header: XXX >
{ EUI64-Address }
{ EUI64-Address-Mask-Pattern }
* [ AVP ]]]></artwork>
</figure>
</t>
</section>
<section title="EUI64-Address-Mask-Pattern AVP">
<t>The EUI64-Address-Mask-Pattern AVP (AVP Code TBD) is of type OctetString. The
value is a 8 octets specifying the bit positions of a EUI64 address, that are
taken for matching.</t>
</section>
<section title="Port AVP">
<t>The Port AVP (AVP Code TBD) is of type Integer32 in the range of 0 to 65535 and
specifies port numbers to match. The type of port is indicated by the value of
the Protocol AVP, i.e. if Procotol AVP value is 6 (TCP) then the Port AVP
represents a TCP port.</t>
</section>
<section title="Port-Range AVP">
<t>The Port-Range AVP (AVP Code TBD) is of type Grouped and specifies an inclusive
range of ports. The type of the ports is indicated by the value of the Protocol
AVP, i.e. if Procotol AVP value is 6 (TCP) then the Port-Range AVP represents
an inclusive range of TCP ports.</t>
<t>
<figure>
<artwork><![CDATA[
Port-Range ::= < AVP Header: XXX >
[ Port-Start ]
[ Port-End ]
* [ AVP ]
]]></artwork>
</figure>
</t>
<t>If the Port-Start AVP is omitted then port 0 is assumed. If the Port-End AVP is
omitted then port 65535 is assumed.</t>
</section>
<section title="Port-Start AVP">
<t>The Port-Start AVP (AVP Code TBD) is of type Integer32 and specifies the first
port number of an IP port range. </t>
</section>
<section title="Port-End AVP">
<t>The Port-End AVP (AVP Code TBD) is of type Integer32 and specifies the last
port number of an IP port range. </t>
</section>
<section title="Use-Assigned-Address AVP">
<t>In some scenarios, the AAA does not know the IP address assigned to the Managed
Terminal at the time that the Classifier is sent to the Classifying Entity. The
Use-Assigned-Address AVP (AVP Code TBD) is of type Enumerated containing the
values of True or False. When present and set to True, it represents the IP
address assigned to the Managed Terminal.</t>
<t>
<figure>
<artwork><![CDATA[
Value | Name
------+--------
0 | False
1 | True
]]></artwork>
</figure>
</t>
</section>
</section>
<!-- ====================================================================== -->
<section title="Header Option AVPs">
<t>The Classifier AVP may contain one or more of the following AVPs to match on the
various possible IP, TCP or ICMP header options.</t>
<section title="Diffserv-Code-Point AVP">
<t>The Diffserv-Code-Point AVP (AVP Code TBD) is of type Enumerated and specifies
the Differentiated Services Field Codepoints to match in the IP header. The
values are managed by IANA under the Differentiated Services Field Codepoints
registry as defined in <xref target="RFC2474"/>.</t>
</section>
<section title="Fragmentation-Flag AVP">
<t>The Fragmentation-Flag AVP (AVP Code TBD) is of type Enumerated and specifies
the packet fragmentation flags to match in the IP header.</t>
<t>
<figure>
<artwork><![CDATA[
Value | Name and Semantic
------+------------------------------------------------------------
0 | Don't Fragment (DF)
1 | More Fragments (MF)
]]></artwork>
</figure>
</t>
</section>
<section title="IP-Option AVP">
<t>The IP-Option AVP (AVP Code TBD) is of type Grouped and specifies an IP header
option that must be matched.</t>
<t>
<figure>
<artwork><![CDATA[
IP-Option ::= < AVP Header: XXX >
{ IP-Option-Type }
* [ IP-Option-Value ]
[ Negated ]
* [ AVP ]
]]></artwork>
</figure>
</t>
<t>If one or more IP-Option-Value AVPs are present, one of the values MUST match
the value in the IP header option. If the IP-Option-Value AVP is absent, the
option type MUST be present in the IP header but the value is wild carded. </t>
<t>The Negated AVP is used in conjunction with the IP-Option-Value AVPs to specify
IP header options which do not match specific values. The Negated AVP is used
without the IP-Option-Value AVP to specify IP headers which do not contain the
option type.</t>
</section>
<section title="IP-Option-Type AVP">
<t>The IP-Option-Type AVP (AVP Code TBD) is of type Enumerated and the values are
managed by IANA under the IP Option Numbers registry as defined in <xref
target="RFC2780"/>. </t>
</section>
<section title="IP-Option-Value AVP">
<t>The IP-Option-Value AVP (AVP Code TBD) is of type OctetString and contains the
option value that must be matched.</t>
</section>
<section title="TCP-Option AVP">
<t>The TCP-Option AVP (AVP Code TBD) is of type Grouped and specifies a TCP header
option that must be matched.</t>
<t>
<figure>
<artwork><![CDATA[
TCP-Option ::= < AVP Header: XXX >
{ TCP-Option-Type }
* [ TCP-Option-Value ]
[ Negated ]
* [ AVP ]
]]></artwork>
</figure>
</t>
<t>If one or more TCP-Option-Value AVPs are present, one of the values MUST match
the value in the TCP header option. If the TCP-Option-Value AVP is absent, the
option type MUST be present in the TCP header but the value is wild carded. </t>
<t>The Negated AVP is used in conjunction which the TCP-Option-Value AVPs to
specify TCP header options which do not match specific values. The Negated AVP
is used without the TCP-Option-Value AVP to specify TCP headers which do not
contain the option type.</t>
</section>
<section title="TCP-Option-Type AVP">
<t>The TCP-Option-Type AVP (AVP Code TBD) is of type Enumerated and the values are
managed by IANA under the TCP Option Numbers registry as defined in <xref
target="RFC2780"/>. </t>
</section>
<section title="TCP-Option-Value AVP">
<t>The TCP-Option-Value AVP (AVP Code TBD) is of type OctetString and contains the
option value that must be matched.</t>
</section>
<section title="TCP-Flags AVP">
<t>The TCP-Flags AVP (AVP Code TBD) is of type Grouped and specifies a set of TCP
control flags that must be matched.</t>
<t>
<figure>
<artwork><![CDATA[
TCP-Flags ::= < AVP Header: XXX >
{ TCP-Flag-Type }
[ Negated ]
* [ AVP ]
]]></artwork>
</figure>
</t>
<t>If the Negated AVP is not present or present but set to False, the
TCP-Flag-Type AVP specifies which flags MUST be set. If the Negated AVP is set
to True, the TCP-Flag-Type AVP specifies which flags MUST be cleared. </t>
</section>
<section title="TCP-Flag-Type AVP">
<t>The TCP-Flag-Type AVP (AVP Code TBD) is of type Unsigned32 and specifies the
TCP control flag types that must be matched. The first 16 bits match the TCP
header format defined in <xref target="RFC3168"/> and the subsequent 16 bits
are unused. Within the first 16 bits, bits 0 to 3 are unused and bits 4 to 15
are managed by IANA under the TCP Header Flag registry as defined in <xref
target="RFC3168"/>. </t>
</section>
<section title="ICMP-Type">
<t>The ICMP-Type AVP (AVP Code TBD) is of type Grouped and specifies a ICMP
message type that must be matched.</t>
<t>
<figure>
<artwork><![CDATA[
ICMP-Type ::= < AVP Header: XXX >
{ ICMP-Type-Number }
* [ ICMP-Code ]
[ Negated ]
* [ AVP ]
]]></artwork>
</figure>
</t>
<t>If the ICMP-Code AVP is present, the value MUST match that in the ICMP header.
If the ICMP-Code AVP is absent, the ICMP type MUST be present in the ICMP
header but the code is wild carded. </t>
<t>The Negated AVP is used in conjunction with the ICMP-Code AVPs to specify ICMP
codes that do not match specific values. The Negated AVP is used without the
ICMP-Code AVP to specify ICMP headers which do not contain the ICMP type. As
such, the Negated AVP feature applies to ICMP-Code AVP if the ICMP-Code AVP is
present. If the ICMP-Code AVP is absent, the Negated AVP feature applies to the
ICMP-Type-Number.</t>
</section>
<section title="ICMP-Type-Number AVP">
<t>The ICMP-Type-Number AVP (AVP Code TBD) is of type Enumerated and the values
are managed by IANA under the ICMP Type Numbers registry as defined in <xref
target="RFC2780"/>.</t>
</section>
<section title="ICMP-Code AVP">
<t>The ICMP-Code AVP (AVP Code TBD) is of type Enumerated and the values are
managed by IANA under the ICMP Type Numbers registry as defined in <xref
target="RFC2780"/>.</t>
</section>
<section title="ETH-Option AVP">
<t>The ETH-Option AVP (AVP Code TBD) is of type Grouped and specifies Ethernet
specific attributes.</t>
<t>
<figure>
<artwork><![CDATA[
ETH-Option ::= < AVP Header: XXX >
{ ETH-Proto-Type }
* [ VLAN-ID-Range ]
* [ User-Priority-Range ]
* [ AVP ]
]]></artwork>
</figure>
</t>
</section>
<section title="ETH-Proto-Type AVP">
<t>The Eth-Proto-Type AVP (AVP Code TBD) is of type Grouped and specifies the
encapsulated protocol type. ETH-Ether-Type and ETH-SAP are mutually exclusive.</t>
<t>
<figure>
<artwork><![CDATA[
ETH-Proto-Type ::= < AVP Header: XXX >
* [ ETH-Ether-Type ]
* [ ETH-SAP ]
* [ AVP ]
]]></artwork>
</figure>
</t>
</section>
<section title="ETH-Ether-Type AVP">
<t>The ETH-Ether-Type AVP (AVP Code TBD) is of type OctetString. The value is a
double octet that contains the value of the Ethertype field in the packet to
match. This AVP MAY be present in the case of DIX or if SNAP is present at
802.2 but the ETH-SAP AVP MUST NOT be present in this case.</t>
</section>
<section title="ETH-SAP AVP">
<t>The ETH-SAP AVP (AVP Code TBD) is of type OctetString. The value is a double
octet representing the 802.2 SAP as specified in <xref target="IEEE802.2"/>.
The first octet contains the DSAP and the second the SSAP.</t>
</section>
<section title="VLAN-ID-Range AVP">
<t>The VLAN-ID-Range AVP (AVP Code TBD) is of type Grouped and specifies the VLAN
range to match. VLAN identities are either specified by a single VLAN-ID
according to <xref target="IEEE802.1Q"/> or by a combination of Customer and
Service VLAN-IDs according to <xref target="IEEE802.1ad"/>.</t>
<t>The single VLAN-ID is represented by the C-VID-Start and C-VID-End AVPs and the
S-VID-Start and S-VID-End AVPs SHALL be ommitted in this case. If the
VLAN-ID-Range AVP is omitted from the Classifier, then comparison of the VLAN
identity of the packet is irrelevant.</t>
<t>
<figure>
<artwork><![CDATA[
VLAN-ID-Range ::= < AVP Header: XXX >
[ S-VID-Start ]
[ S-VID-End ]
[ C-VID-Start ]
[ C-VID-End ]
* [ AVP ]
]]></artwork>
</figure>
</t>
<t>The following is the list of possible combinations of the S-VID-Start and
S-VID-End AVPs and their inference: </t>
<t>
<list style="symbols">
<t>If S-VID-Start AVP is present but the S-VID-End AVP is absent, the
S-VID-Start AVP value MUST equal the value of the IEEE 802.1ad S-VID bits
specified in <xref target="IEEE802.1ad"/> for a successful match.</t>
<t>If S-VID-Start AVP is absent but the S-VID-End AVP is present, the
S-VID-End AVP value MUST equal the value of the IEEE 802.1ad S-VID bits
for a successful match.</t>
<t>If both S-VID-Start and S-VID-End AVPs are present and their values are
equal, the S-VID-Start AVP value MUST equal the value of the IEEE 802.1ad
S-VID bits for a successful match.</t>
<t>If both S-VID-Start and S-VID-End AVPs are present and the value of
S-VID-End AVP is greater than the value of the S-VID-Start AVP, the value
of the IEEE 802.1ad S-VID bits MUST be greater than or equal to the
S-VID- Start AVP value and less than or equal to the S-VID-End AVP value
for a successful match. If the S-VID-Start and S-VID-End AVPs are
specified, then Ethernet packets without IEEE 802.1ad encapsulation MUST
NOT match this Classifier. </t>
<t>If the S-VID-Start and S-VID-End AVPs are omitted, then existence of
IEEE802.1ad encapsulation or comparison of the IEEE 802.1ad S-VID bits is
irrelevant for this Classifier.</t>
</list>
</t>
<t>The following is the list of possible combinations of the C-VID-Start and
C-VID-End AVPs and their inference: </t>
<t>
<list style="symbols">
<t>If C-VID-Start AVP is present but the C-VID-End AVP is absent, the
C-VID-Start AVP value MUST equal the value of the IEEE 802.1ad C-VID bits
specified in <xref target="IEEE802.1ad"/> or the IEEE 802.1Q VLAN-ID bits
specified in <xref target="IEEE802.1Q"/> for a successful match.</t>
<t>If C-VID-Start AVP is absent but the C-VID-End AVP is present, the
C-VID-End AVP value MUST equal the value of the IEEE 802.1ad C-VID bits
or the IEEE 802.1Q VLAN-ID bits for a successful match.</t>
<t>If both C-VID-Start and C-VID-End AVPs are present and their values are
equal, the C-VID-Start AVP value MUST equal the value of the IEEE 802.1ad
C-VID bits or the IEEE 802.1Q VLAN-ID bits for a successful match.</t>
<t>If both C-VID-Start and C-VID-End AVPs are present and the value of
C-VID-End AVP is greater than the value of the C-VID-Start AVP, the value
of the IEEE 802.1ad C-VID bits or the IEEE 802.1Q VLAN-ID bits MUST be
greater than or equal to the C-VID-Start AVP value and less than or equal
to the C-VID-End AVP value for a successful match. If the C-VID-Start and
C-VID-End AVPs are specified, then Ethernet packets without IEEE 802.1ad
or IEEE 802.1Q encapsulation MUST NOT match this Classifier. </t>
<t>If the C-VID-Start and C-VID-End AVPs are omitted, the comparison of the
IEEE 802.1ad C-VID bits or IEEE 802.1Q VLAN-ID bits for this Classifier
is irrelevant.</t>
</list>
</t>
</section>
<section title="S-VID-Start AVP">
<t>The S-VID-Start AVP (AVP Code TBD) is of type Unsigned32. The value MUST be in
the range from 0 to 4095. The value of this AVP specifies the start value of
the range of S-VID VLAN-IDs to be matched.</t>
</section>
<section title="S-VID-End AVP">
<t>The S-VID-End AVP (AVP Code TBD) is of type Unsigned32. The value MUST be in
the range from 0 to 4095. The value of this AVP specifies the end value of the
range of S-VID VLAN-IDs to be matched.</t>
</section>
<section title="C-VID-Start AVP">
<t>The C-VID-Start AVP (AVP Code TBD) is of type Unsigned32. The value MUST be in
the range from 0 to 4095. The value of this AVP specifies the start value of
the range of C-VID VLAN-IDs to be matched.</t>
</section>
<section title="C-VID-End AVP">
<t>The C-VID-End AVP (AVP Code TBD) is of type Unsigned32. The value MUST be in
the range from 0 to 4095. The value of this AVP specifies the end value of the
range of C-VID VLAN-IDs to be matched.</t>
</section>
<section title="User-Priority-Range AVP">
<t>The User-Priority-Range AVP (AVP Code TBD) is of type Grouped and specifies an
inclusive range to match the user_priority parameter specified in <xref
target="IEEE802.1D"/>. An Ethernet packet containing the user_priority
parameter matches this Classifier if the value is greater than or equal to
Low-User-Priority and less than or equal to High-User-Priority. If this AVP is
omitted, then comparison of the IEEE 802.1D user_priority parameter for this
Classifier is irrelevant.</t>
<t>
<figure>
<artwork><![CDATA[
User-Priority-Range ::= < AVP Header: XXX >
* [ Low-User-Priority ]
* [ High-User-Priority ]
* [ AVP ]
]]></artwork>
</figure>
</t>
</section>
<section title="Low-User-Priority AVP">
<t>The Low-User-Priority AVP (AVP Code TBD) is of type Unsigned32. The value MUST
be in the range from 0 to 7.</t>
</section>
<section title="High-User-Priority AVP">
<t>The High-User-Priority AVP (AVP Code TBD) is of type Unsigned32. The value MUST
be in the range from 0 to 7.</t>
</section>
</section>
</section>
<!-- =================================================================================== -->
<section anchor="time-condition" title="Time Of Day AVPs">
<t>In many QoS applications, the QoS specification applied to the traffic flow is
conditional upon the time of day when the flow was observed. The following sections
define AVPs that can be used to express one or more time windows which determine when
a traffic treatment action is applicable to a traffic flow.</t>
<section title="Time-Of-Day-Condition AVP">
<t>The Time-Of-Day-Condition AVP (AVP Code TBD) is of type Grouped and specifies one
or more time windows.</t>
<t>
<figure>
<artwork><![CDATA[
Time-Of-Day-Condition ::= < AVP Header: XXX >
[ Time-Of-Day-Start ]
[ Time-Of-Day-End ]
[ Day-Of-Week-Mask ]
[ Day-Of-Month-Mask ]
[ Month-Of-Year-Mask ]
[ Absolute-Start-Time ]
[ Absolute-End-Time ]
[ Timezone-Flag ]
* [ AVP ]
]]></artwork>
</figure>
</t>
<t>For example, a time window for 9am to 5pm (local time) from Monday to Friday would
be expressed as: <figure>
<artwork><![CDATA[
Time-Of-Day-Condition = {
Time-Of-Day-Start = 32400;
Time-Of-Day-End = 61200;
Day-Of-Week-Mask =
( MONDAY | TUESDAY | WEDNESDAY | THURSDAY | FRIDAY );
Timezone-Flag = LOCAL;
}
]]></artwork>
</figure>
</t>
</section>
<section title="Time-Of-Day-Start AVP">
<t>The Time-Of-Day-Start AVP (AVP Code TBD) is of type Unsigned32. The value MUST be
in the range from 0 to 86400. The value of this AVP specifies the start of an
inclusive time window expressed as the offset in seconds from midnight. If this
AVP is absent from the Time-Of-Day-Condition AVP, the time window starts at
midnight.</t>
</section>
<section title="Time-Of-Day-End AVP">
<t>The Time-Of-Day-End AVP (AVP Code TBD) is of type Unsigned32. The value MUST be in
the range from 1 to 86400. The value of this AVP specifies the end of an inclusive
time window expressed as the offset in seconds from midnight. If this AVP is
absent from the Time-Of-Day-Condition AVP, the time window ends one second before
midnight.</t>
</section>
<section title="Day-Of-Week-Mask AVP">
<t>The Day-Of-Week-Mask AVP (AVP Code TBD) is of type Unsigned32. The value is a
bitmask which specifies the day of the week for the time window to match. This
document specifies the following bits: <figure>
<artwork><![CDATA[
Bit | Name
------+------------
0 | SUNDAY
1 | MONDAY
2 | TUESDAY
3 | WEDNESDAY
4 | THURSDAY
5 | FRIDAY
6 | SATURDAY
]]></artwork>
</figure>
</t>
<t>The bit MUST be set for the time window to match on the corresponding day of the
week. Bit 0 is the least significant bit and unused bits MUST be cleared. If this
AVP is absent from the Time-Of-Day-Condition AVP, the time windows match on all
days of the week.</t>
</section>
<section title="Day-Of-Month-Mask AVP">
<t>The Day-Of-Month AVP (AVP Code TBD) is of type Unsigned32. The value MUST be in
the range from 0 to 2147483647. The value is a bitmask which specifies the days of
the month where bit 0 represents the first day of the month through to bit 30
which represents the last day of the month. The bit MUST be set for the time
window to match on the corresponding day of the month. Bit 0 is the least
significant bit and unused bits MUST be cleared. If this AVP is absent from the
Time-Of-Day-Condition AVP, the time windows match on all days of the month.</t>
</section>
<section title="Month-Of-Year-Mask AVP">
<t>The Month-Of-Year-Mask AVP (AVP Code TBD) is of type Unsigned32. The value is a
bitmask which specifies the months of the year for the time window to match. This
document specifies the following bits: <figure>
<artwork><![CDATA[
Bit | Name
------+-----------
0 | JANUARY
1 | FEBRUARY
2 | MARCH
3 | APRIL
4 | MAY
5 | JUNE
6 | JULY
7 | AUGUST
8 | SEPTEMBER
9 | OCTOBER
10 | NOVEMBER
11 | DECEMBER
]]></artwork>
</figure>
</t>
<t>The bit MUST be set for the time window to match on the corresponding month of the
year. Bit 0 is the least significant bit and unused bits MUST be cleared. If this
AVP is absent from the Time-Of-Day-Condition AVP, the time windows match during
all months of the year.</t>
</section>
<section title="Absolute-Start-Time AVP">
<t>The Absolute-Start-Time AVP (AVP Code TBD) is of type Time. The value of this AVP
specifies the time in seconds since January 1, 1900, 00:00 UTC when the time
window starts. If this AVP is absent from the Time-Of-Day-Condition AVP, the time
window starts on January 1, 1900, 00:00 UTC.</t>
</section>
<section title="Absolute-Start-Fractional-Seconds AVP">
<t>The Absolute-Start-Fractional-Seconds AVP (AVP Code TBD) is of type Unsigned32.
The value specifies the fractional seconds that are added to Absolute-Start-Time
value in order to deterimine when the time window starts. If this AVP is absent
from the Time-Of-Day-Condition AVP then the fractional seconds are assumed to be
zero.</t>
</section>
<section title="Absolute-End-Time AVP">
<t>The Time-Of-Day-End AVP (AVP Code TBD) is of type Time. The value of this AVP
specifies the time in seconds since January 1, 1900, 00:00 UTC when the time
window ends. If this AVP is absent from the Time-Of-Day-Condition AVP, the time
window is open-ended.</t>
</section>
<section title="Absolute-End-Fractional-Seconds AVP">
<t>The Absolute-End-Fractional-Seconds AVP (AVP Code TBD) is of type Unsigned32. The
value specifies the fractional seconds that are added to Absolute-End-Time value
in order to deterimine when the time window ends. If this AVP is absent from the
Time-Of-Day-Condition AVP then the fractional seconds are assumed to be zero.</t>
</section>
<section title="Timezone-Flag AVP">
<t>The Timezone-Flag AVP (AVP Code TBD) is of type Enumerated and indicates whether
the time windows are specified in UTC, local time at the managed terminal or as an
offset from UTC. If this AVP is absent from the Time-Of-Day-Condition AVP, the
time windows are in UTC.</t>
<t>This document defines the following values: <figure>
<artwork><![CDATA[
Value | Name and Semantic
------+--------------------------------------------------
0 | UTC - The time windows are expressed in UTC.
1 | LOCAL - The time windows are expressed in local
| time at the Managed Terminal.
2 | OFFSET - The time windows are expressed as an
| offset from UTC (see Timezone-Offset AVP).
]]></artwork>
</figure>
</t>
</section>
<section title="Timezone-Offset AVP">
<t>The Timezone-Offset AVP (AVP Code TBD) is of type Integer32. The value of this AVP
MUST be in the range from -43200 to 43200. It specifies the offset in seconds from
UTC that was used to express Time-Of-Day-Start, Time-Of-Day-End, Day-Of-Week-Mask,
Day-Of-Month-Mask and Month-Of-Year-Mask AVPs. This AVP MUST be present if the
Timezone-Flag AVP is set to OFFSET.</t>
</section>
</section>
</section>
<!-- =================================================================================== -->
<section title="Actions">
<t>This section defines the actions associated with a rule.</t>
<section title="Treatment-Action AVP">
<t>The Treatment-Action AVP (AVP Code TBD) is of type Enumerated and lists the actions that
are associated with the condition part of a rule. The following actions are defined
in this document:</t>
<t>
<figure>
<artwork><![CDATA[
0: drop
1: shape
2: mark
3: permit
]]></artwork>
</figure>
</t>
<t>
<list style="hanging">
<t hangText="drop:"><vspace blankLines="1"/>This action indicates that the
respective traffic MUST be dropped. <vspace blankLines="1"/></t>
<t hangText="shape:"><vspace blankLines="1"/>
<xref target="RFC2475"/> describes shaping as "the process of delaying packets
within a traffic stream to cause it to conform to some defined traffic
profile". When the action is set to 'shape', the QoS-Parameters AVP SHALL
contain QoS information AVPS, such as the TMOD-1 and Bandwidth AVPs <xref
target="RFC5624"/>, that indicate how to shape the traffic described by the
condition part of the rule. <vspace blankLines="1"/>
</t>
<t hangText="mark:"><vspace blankLines="1"/>
<xref target="RFC2475"/> describes marking as "the process of setting the DS
codepoint in a packet based on defined rules". When the action is set to
'mark', the QoS-Parameters AVP SHALL contain QoS information AVPS, such as the
PHB-Class AVP <xref target="RFC5624"/>, that indicate the DiffServ marking to
be applied to the traffic described by the condition part of the rule.<vspace
blankLines="1"/>
</t>
<t hangText="permit:"><vspace blankLines="1"/>The 'permit' action is the
counterpart to the 'drop' action used to allow traffic that matches the
conditions part of a rule to bypass.<vspace blankLines="1"/></t>
</list>
</t>
<t><xref target="RFC2475"/> also describes an action called "policing" as "the process
of discarding packets (by a dropper) within a traffic stream in accordance with the
state of a corresponding meter enforcing a traffic profile". This behavior in modeled
in the Filter-Rule through the inclusion of the Excess-Treatment AVP containing a
Treatment-Action AVP set to "drop". </t>
<t>Further action values can be registered, as described in <xref target="action-reg"/>.
</t>
</section>
<section title="QoS-Profile-Id AVP" anchor="qos-profile">
<t>The QoS-Profile-Id AVP (AVP Code TBD) is of type Unsigned32 and contains a QoS
profile template identifier. An initial QoS profile template is defined with value of
0 and can be found in <xref target="RFC5624"/>. The registry for the QoS profile
templates is created with the same document. </t>
</section>
<section title="QoS-Profile-Template AVP" anchor="vendor-qos-profile">
<t>The QoS-Profile-Template AVP (AVP Code TBD) is of type Grouped and defines the
namespace of the QoS profile (indicated in the Vendor-ID AVP) followed by the
specific value for the profile. </t>
<t>The Vendor-Id AVP contains a 32 bit IANA Private Enterprise Number (PEN) and the
QoS-Profile-Id AVP contains the template identifier assigned by the vendor. The
vendor identifier of zero (0) is used for the IETF.</t>
<t>
<figure>
<artwork><![CDATA[
QoS-Profile-Template ::= < AVP Header: XXX >
{ Vendor-Id }
{ QoS-Profile-Id }
* [ AVP ]
]]></artwork>
</figure>
</t>
</section>
<section title="QoS-Semantics">
<t>The QoS-Semantics AVP (AVP Code TBD) is of type Enumerated and provides the semantics
for the QoS-Profile-Template and QoS-Parameters AVPs in the Filter-Rule AVP. </t>
<t>This document defines the following values: <figure>
<artwork><![CDATA[
(0): QoS-Desired
(1): QoS-Available
(2): QoS-Delivered
(3): Minimum-QoS
(4): QoS-Authorized
]]></artwork>
</figure>
</t>
<t>The semantic of the QoS parameters depend on the information provided in the list
above. The semantics of the different values are as follows:</t>
<t>
<figure>
<artwork><![CDATA[
Object Type Direction Semantic
---------------------------------------------------------------------
QoS-Desired C->S Client requests authorization of the
indicated QoS.
QoS-Desired C<-S NA
QoS-Available C->S Admission Control at client indicates
that this QoS is available. (note 1)
QoS-Available C<-S Admission Control at server indicates
that this QoS is available. (note 2)
QoS-Delivered C->S Client is reporting the actual QoS
delivered to the terminal.
QoS-Delivered C<-S NA
Minimum-QoS C->S Client is not interested in authorizing
QoS that is lower than the indicated QoS.
Minimum-QoS C<-S Client must not provide QoS guarantees
lower than the indicated QoS.
QoS-Authorized C->S NA
QoS-Authorized C<-S Server authorizes the indicated QoS.
Legend:
C: Diameter client
S: Diameter server
NA: Not applicable to this document;
no semantic defined in this specification
Notes:
(1) QoS-Available in this direction indicates to the server that
any QoS-Authorized or Minimum-QoS must be less than this
indicated QoS.
(2) QoS-Available in this direction is only useful when the AAA
server performs admission control and knows about the resources
in the network.
]]></artwork>
</figure>
</t>
</section>
<section title="QoS-Parameters AVP">
<t> The QoS-Parameters AVP (AVP Code TBD) is of type grouped and contains Quality of
Service parameters. These parameters are defined in separate documents and depend on
the indicated QoS profile template of the QoS-Profile-Template AVP. For an initial
QoS parameter specification see <xref target="RFC5624"/>. </t>
<t>
<figure>
<artwork><![CDATA[
QoS-Parameters ::= < AVP Header: XXX >
* [ AVP ]
]]></artwork>
</figure>
</t>
</section>
<section title="Excess-Treatment AVP">
<t> The Excess-Treatment AVP (AVP Code TBD) is of type grouped and indicates how
out-of-profile traffic, i.e. traffic not covered by the original QoS-Profile-Template
and QoS-Parameters AVPs, is treated. The additional Treatment-Action, QoS-Profile-Template
and QoS-Parameters AVPs carried inside the Excess-Treatment AVP provide information
about the QoS treatment of the excess traffic. In case the Excess-Treatment AVP is
absent then the treatment of the out-of-profile traffic is left to the discretion of
the node performing QoS treatment.</t>
<t>
<figure>
<artwork><![CDATA[
Excess-Treatment ::= < AVP Header: XXX >
{ Treatment-Action }
[ QoS-Profile-Template ]
[ QoS-Parameters ]
* [ AVP ]
]]></artwork>
</figure>
</t>
</section>
</section>
<!-- =================================================================================== -->
<section title="QoS Capability Indication" anchor="capability">
<t>The QoS-Capability AVP (AVP Code TBD) is of type Grouped and contains a list of
supported Quality of Service profile templates (and therefore the support of the
respective parameter AVPs). </t>
<t>The QoS-Capability AVP may be used for a simple announcement of the QoS capabilities and
QoS profiles supported by a peer. It may also be used to negotiate a mutually supported
set of QoS capabilities and QoS profiles between two peers. In such a case, handling of
failed negotiations is application and/or deployment specific.</t>
<t>
<figure>
<artwork><![CDATA[
QoS-Capability ::= < AVP Header: XXX >
1*{ QoS-Profile-Template }
* [ AVP ]
]]></artwork>
</figure>
</t>
<t>The QoS-Profile-Template AVP is defined in <xref target="vendor-qos-profile"/>.</t>
</section>
<!-- =================================================================================== -->
<section title="Examples">
<t>This section shows a number of signaling flows where QoS negotiation and authorization
is part of the conventional NASREQ, EAP or Credit Control applications message
exchanges. The signalling flows for the Diameter QoS Application are described in <xref
target="I-D.ietf-dime-diameter-qos"/>.</t>
<section title="Diameter EAP with QoS Information">
<t><xref target="diameter-eap-message-flow"/> shows a simple signaling flow where a NAS
(Diameter Client) announces its QoS awareness and capabilities included into the DER
message and as part of the access authentication procedure. Upon completion of the
EAP exchange, the Diameter Server provides a pre-provisioned QoS profile with the
QoS-Semantics in the Filter-Rule AVP set to "QoS-Authorized", to the NAS in the final
DEA message. <figure title="Example of a Diameter EAP enhanced with QoS Information"
anchor="diameter-eap-message-flow">
<artwork><![CDATA[
End Diameter Diameter
Host Client Server
| | |
| (initiate EAP) | |
|<----------------------------->| |
| | Diameter-EAP-Request |
| | EAP-Payload(EAP Start) |
| | QoS-Capability |
| |------------------------------->|
| | |
| | Diameter-EAP-Answer |
| Result-Code=DIAMETER_MULTI_ROUND_AUTH |
| | EAP-Payload(EAP Request #1) |
| |<-------------------------------|
| EAP Request(Identity) | |
|<------------------------------| |
: : :
: <<<more message exchanges>>> :
: : :
| | |
| EAP Response #N | |
|------------------------------>| |
| | Diameter-EAP-Request |
| | EAP-Payload(EAP Response #N) |
| |------------------------------->|
| | |
| | Diameter-EAP-Answer |
| | Result-Code=DIAMETER_SUCCESS |
| | EAP-Payload(EAP Success) |
| | (authorization AVPs) |
| | QoS-Resources(QoS-Authorized) |
| |<-------------------------------|
| | |
| EAP Success | |
|<------------------------------| |
| | |
]]></artwork>
</figure>
</t>
</section>
<section title="Diameter NASREQ with QoS Information">
<t><xref target="diameter-nasreq-flow"/> shows a similar pre-provisioned QoS signaling
as in <xref target="diameter-eap-message-flow"/> but using the NASREQ application
instead of EAP application. </t>
<t>
<figure title="Example of a Diameter NASREQ enhanced with QoS Information"
anchor="diameter-nasreq-flow">
<artwork><![CDATA[
End Diameter
Host NAS Server
| | |
| Start Network | |
| Attachment | |
|<---------------->| |
| | |
| |AA-Request |
| |NASREQ-Payload |
| |QoS-Capability |
| +----------------------------->|
| | |
| | AA-Answer|
| Result-Code=DIAMETER_MULTI_ROUND_AUTH|
| NASREQ-Payload(NASREQ Request #1)|
| |<-----------------------------+
| | |
| Request | |
|<-----------------+ |
| | |
: : :
: <<<more message exchanges>>> :
: : :
| Response #N | |
+----------------->| |
| | |
| |AA-Request |
| |NASREQ-Payload ( Response #N )|
| +----------------------------->|
| | |
| | AA-Answer|
| | Result-Code=DIAMETER_SUCCESS|
| | (authorization AVPs)|
| | QoS-Resources(QoS-Authorized)|
| |<-----------------------------+
| | |
| Success | |
|<-----------------+ |
| | |
]]></artwork>
</figure>
</t>
</section>
<section title="QoS Authorization">
<t><xref target="diameter-authz-only-message-flow"/> shows an example of authorization
only QoS signaling as part of the NASREQ message exchange. The NAS provides the
Diameter server with the "QoS-Desired" QoS-Semantics AVP included in the
QoS-Resources AVP. The Diameter server then either authorizes the indicated QoS or
rejects the request and informs the NAS about the result. In this scenario the NAS
does not need to include the QoS-Capability AVP in the AAR message as the
QoS-Resources AVP implicitly does the same and also the NAS is authorizing a specific
QoS profile, not a pre-provisioned one. </t>
<t>
<figure title="Example of an Authorization-Only Message Flow"
anchor="diameter-authz-only-message-flow">
<artwork><![CDATA[
End Diameter
Host NAS Server
| | |
| | |
| QoS Request | |
+----------------->| |
| | |
| |AA-Request |
| |Auth-Request-Type=AUTHORIZE_ONLY
| |NASREQ-Payload |
| |QoS-Resources(QoS-Desired) |
| +----------------------------->|
| | |
| | AA-Answer|
| | NASREQ-Payload(Success)|
| | QoS-Resources(QoS-Authorized)|
| |<-----------------------------+
| Accept | |
|<-----------------+ |
| | |
| | |
| | |
]]></artwork>
</figure>
</t>
</section>
<section title="Diameter Server Initiated Re-authorization of QoS">
<t><xref target="diameter-re-auth-flow"/> shows a message exchange for a Diameter server
initiated QoS re-authorization procedure. The Diameter server sends the NAS a RAR
message requesting re-authorization for an existing session and the NAS acknowledges
it with a RAA message. The NAS is aware of its existing QoS profile and information
for the ongoing session that the Diameter server requested for re-authorization.
Thus, the NAS must initiate re-authorization of the existing QoS profile. The
re-authorization procedure is the same as in <xref
target="diameter-authz-only-message-flow"/>. </t>
<t>
<figure title="Example of a Server-initiated Re-Authorization Procedure"
anchor="diameter-re-auth-flow">
<artwork><![CDATA[
End Diameter
Host NAS Server
| | |
| | |
: : :
: <<<Initial Message Exchanges>>> :
: : :
| | |
| | RA-Request |
| |<-----------------------------+
| | |
| |RA-Answer |
| |Result-Code=DIAMETER_SUCCESS |
| +----------------------------->|
| | |
| | |
| |AA-Request |
| |NASREQ-Payload |
| |Auth-Request-Type=AUTHORIZE_ONLY
| |QoS-Resources(QoS-Desired) |
| +----------------------------->|
| | |
| | AA-Answer|
| | Result-Code=DIAMETER_SUCCESS|
| | (authorization AVPs)|
| | QoS-Resources(QoS-Authorized)|
| |<-----------------------------+
| | |
]]></artwork>
</figure>
</t>
</section>
<section title="Diameter Credit Control with QoS Information">
<t>In this example, the CC client includes a QoS authorization request
(QoS-Semantics=QoS-Desired) in the initial Credit Control Request(CCR). The CC server
responds with a Credit Control Answer (CCA) which includes the granted resources with
an authorized QoS definition (QoS-Semantics=QoS-Authorized) and the CC client
proceeds to deliver service with the specified QoS. </t>
<t>At the end of service, the CC client reports the units used and the QoS level at
which those units were delivered (QoS-Semantics=QoS-Delivered). The end of service
could occur because the credit resources granted to the user were exhausted or the
service was been successfully delivered or the service was terminated, e.g. because
the Service Element could not deliver the service at the authorized QoS level.
<figure title="Example for a Diameter Credit Control with QoS Information"
anchor="dcc-initial">
<artwork><![CDATA[
Service Element
End User (CC Client) CC Server
| | |
|(1) Service Request | |
|-------------------->| |
| |(2) CCR (Initial, |
| | QoS-Resources(QoS-Desired)) |
| |--------------------------------->|
| |(3) CCA (Granted-Units, |
| | QoS-Resources(QoS-Authorized))|
| |<---------------------------------|
|(4) Service Delivery | |
|<------------------->| |
| | |
|(5) End of Service | |
|-------------------->| |
| |(6) CCR (Termination, Used-Units,|
| | QoS-Rsources(QoS-Delivered)) |
| |--------------------------------->|
| |(7) CCA |
| |<---------------------------------|
]]></artwork>
</figure>
</t>
</section>
<section title="Classifier Examples">
<t>Example: Classify all packets from hosts on subnet 192.0.2.0/24 to ports 80, 8090 or
443 on web servers 192.0.2.123, 192.0.2.124, 192.0.2.125.</t>
<t>
<figure>
<artwork><![CDATA[
Classifier = {
Classifier-Id = "web_svr_example";
Protocol = TCP;
Direction = OUT;
From-Spec = {
IP-Address-Mask = {
IP-Address = 192.0.2.0;
IP-Bit-Mask-Width = 24;
}
}
To-Spec = {
IP-Address = 192.0.2.123;
IP-Address = 192.0.2.124;
IP-Address = 192.0.2.125;
Port = 80;
Port = 8080;
Port = 443;
}
}
]]></artwork>
</figure>
</t>
<t>Example: Any SIP signalling traffic from a device with a MAC address of
01:23:45:67:89:ab to servers with IP addresses in the range 192.0.2.90 to
192.0.2.190.</t>
<t>
<figure>
<artwork><![CDATA[
Classifier = {
Classifier-Id = "web_svr_example";
Protocol = UDP;
Direction = OUT;
From-Spec = {
MAC-Address = 01:23:45:67:89:ab;
}
To-Spec = {
IP-Address-Range = {
IP-Address-Start = 192.0.2.90;
IP-Address-End = 192.0.2.190;
}
Port = 5060;
Port = 3478;
Port-Range = {
Port-Start = 16348;
Port-End = 32768;
}
}
}
]]></artwork>
</figure>
</t>
</section>
<section title="QoS Parameter Examples">
<t>The following high level description aims to illustrate the interworking between the
Diameter QoS AVPs defined in this document and the QoS parameters defined in <xref
target="RFC5624"/>.</t>
<t>Consider the following example where a rule should be installed that limits traffic
to 1 Mbit/sec and where out-of-profile traffic shall be dropped.The Classifers are
ignored in this example.</t>
<t>This would require the Treatment-Action AVP to be set to 'shape' and the QoS-Parameters AVP
carries the Bandwidth AVP indicating the 1 Mbit/sec limit. The Treatment-Action carried
inside the Excess-Treatment AVP would be set to 'drop'.</t>
<t>In a second, more complex scenario, we consider traffic marking with DiffServ.
In-profile traffic (of 5 Mbits/sec in our example) shall be associated with a
particular PHB-Class "X". Out-of-profile traffic shall belong to a different
PHB-Class, in our example "Y".</t>
<t>This configuration would require the Treatment-Action AVP to be set to 'mark'. The
QoS-Parameters AVPs for the traffic conforming of the profile contains two AVPs,
namely the TMOD-1 AVP and the PHB-Class AVP. The TMOD-1 AVP describes the traffic
characteristics, namely 5 Mbit/sec, and the PHB-Class AVP is set to class "X". Then,
the Excess-Treatment AVP has to be included with the Treatment-Action AVP set to 'mark' and
the QoS-Parameters AVP to carry another PHB-Class AVP indicating PHB-Class AVP
setting to class "Y". </t>
</section>
</section>
<!-- ====================================================================== -->
<section title="Acknowledgments">
<t>We would like to thank Victor Fajardo, Tseno Tsenov, Robert Hancock, Jukka Manner,
Cornelia Kappler, Xiaoming Fu, Frank Alfano, Tolga Asveren, Mike Montemurro, Glen Zorn,
Avri Doria, Dong Sun, Tina Tsou, Pete McCann, Georgios Karagiannis, Elwyn Davies, Max
Riegel, Yong Li and Eric Gray for their comments. We thank Victor Fajardo for his job as
PROTO document shepherd. Finally, we would like to thank Lars Eggert, Magnus Westerlund, Adrian Farrel, Lisa Dusseault, Ralph Droms, and Eric Gray for their feedback during the IESG review phase.</t>
</section>
<!-- ====================================================================== -->
<section title="Contributors">
<t>Max Riegel contributed the VLAN sections.</t>
</section>
<!-- ====================================================================== -->
<section title="IANA Considerations">
<section toc="exclude" title="AVP Codes">
<t>IANA is requested to allocate codes from the "AVP Codes" registry under
Authentication, Authorization, and Accounting (AAA) Parameters for the following AVPs
that are defined in this document.</t>
<t>
<figure>
<artwork><![CDATA[
+-------------------------------------------------------------------+
| AVP Section |
| Attribute Name Code Defined Data Type |
+-------------------------------------------------------------------+
|QoS-Resources TBD 3.1 Grouped |
|Filter-Rule TBD 3.2 Grouped |
|Filter-Rule-Precedence TBD 3.3 Unsigned32 |
|Classifier TBD 4.1.1 Grouped |
|Classifier-ID TBD 4.1.2 OctetString |
|Protocol TBD 4.1.3 Enumerated |
|Direction TBD 4.1.4 Enumerated |
|From-Spec TBD 4.1.5 Grouped |
|To-Spec TBD 4.1.6 Grouped |
|Negated TBD 4.1.7.1 Enumerated |
|IP-Address TBD 4.1.7.2 Address |
|IP-Address-Range TBD 4.1.7.3 Grouped |
|IP-Address-Start TBD 4.1.7.4 Address |
|IP-Address-End TBD 4.1.7.5 Address |
|IP-Address-Mask TBD 4.1.7.6 Grouped |
|IP-Mask-Bit-Mask-Width TBD 4.1.7.7 Unsigned32 |
|MAC-Address TBD 4.1.7.8 OctetString |
|MAC-Address-Mask TBD 4.1.7.9 Grouped |
|MAC-Address-Mask-Pattern TBD 4.1.7.10 OctetString |
|EUI64-Address TBD 4.1.7.11 OctetString |
|EUI64-Address-Mask TBD 4.1.7.12 Grouped |
|EUI64-Address-Mask-Pattern TBD 4.1.7.13 OctetString |
|Port TBD 4.1.7.14 Integer32 |
|Port-Range TBD 4.1.7.15 Grouped |
|Port-Start TBD 4.1.7.16 Integer32 |
|Port-End TBD 4.1.7.17 Integer32 |
|Use-Assigned-Address TBD 4.1.7.18 Enumerated |
|Diffserv-Code-Point TBD 4.1.8.1 Enumerated |
|Fragmentation-Flag TBD 4.1.8.2 Enumerated |
|IP-Option TBD 4.1.8.3 Grouped |
|IP-Option-Type TBD 4.1.8.4 Enumerated |
|IP-Option-Value TBD 4.1.8.5 OctetString |
|TCP-Option TBD 4.1.8.6 Grouped |
|TCP-Option-Type TBD 4.1.8.7 Enumerated |
|TCP-Option-Value TBD 4.1.8.8 OctetString |
|TCP-Flags TBD 4.1.8.9 Grouped |
|TCP-Flag-Type TBD 4.1.8.10 Unsigned32 |
|ICMP-Type TBD 4.1.8.11 Grouped |
|ICMP-Type-Number TBD 4.1.8.12 Enumerated |
|ICMP-Code TBD 4.1.8.13 Enumerated |
|ETH-Option TBD 4.1.8.14 Grouped |
|ETH-Proto-Type TBD 4.1.8.15 Grouped |
|ETH-Ether-Type TBD 4.1.8.16 OctetString |
|ETH-SAP TBD 4.1.8.17 OctetString |
|VLAN-ID-Range TBD 4.1.8.18 Grouped |
|S-VID-Start TBD 4.1.8.19 Unsigned32 |
|S-VID-End TBD 4.1.8.20 Unsigned32 |
|C-VID-Start TBD 4.1.8.21 Unsigned32 |
|C-VID-End TBD 4.1.8.22 Unsigned32 |
|User-Priority-Range TBD 4.1.8.23 Grouped |
|Low-User-Priority TBD 4.1.8.24 Unsigned32 |
|High-User-Priority TBD 4.1.8.25 Unsigned32 |
|Time-Of-Day-Condition TBD 4.2.1 Grouped |
|Time-Of-Day-Start TBD 4.2.2 Unsigned32 |
|Time-Of-Day-End TBD 4.2.3 Unsigned32 |
|Day-Of-Week-Mask TBD 4.2.4 Unsigned32 |
|Day-Of-Month-Mask TBD 4.2.5 Unsigned32 |
|Month-Of-Year-Mask TBD 4.2.6 Unsigned32 |
|Absolute-Start-Time TBD 4.2.7 Time |
|Absolute-Start-Fractional-Seconds TBD 4.2.8 Unsigned32 |
|Absolute-End-Time TBD 4.2.9 Time |
|Absolute-End-Fractional-Seconds TBD 4.2.10 Unsigned32 |
|Timezone-Flag TBD 4.2.11 Enumerated |
|Timezone-Offset TBD 4.2.12 Integer32 |
|Treatment-Action TBD 5.1 Grouped |
|QoS-Profile-Id TBD 5.2 Unsigned32 |
|QoS-Profile-Template TBD 5.3 Grouped |
|QoS-Semantics TBD 5.4 Enumerated |
|QoS-Parameters TBD 5.5 Grouped |
|Excess-Treatment TBD 5.6 Grouped |
|QoS-Capability TBD 6 Grouped |
+-------------------------------------------------------------------+
]]></artwork>
</figure>
</t>
</section>
<section toc="exclude" title="QoS-Semantics IANA Registry">
<t>IANA is also requested to allocate a new registry under Authentication,
Authorization, and Accounting (AAA) Parameters for the QoS-Semantics AVP. The
following values are allocated by this specification: <figure>
<artwork><![CDATA[
(0): QoS-Desired
(1): QoS-Available
(2): QoS-Delivered
(3): Minimum-QoS
(4): QoS-Authorized
]]></artwork>
</figure>
</t>
<t>The definition of new values is subject to the Specification Required policy <xref
target="RFC5226"/>. </t>
</section>
<section toc="exclude" anchor="action-reg" title="Action">
<t>IANA is also requested to allocate a new registry under Authentication,
Authorization, and Accounting (AAA) Parameters for the Treatment-Action AVP. The following
values are allocated by this specification: <figure>
<artwork><![CDATA[
0: drop
1: shape
2: mark
3: permit
]]></artwork>
</figure>
</t>
<t>The definition of new values is subject to the Specification Required policy <xref
target="RFC5226"/>. </t>
</section>
</section>
<!-- ====================================================================== -->
<section title="Security Considerations">
<t> This document describes the extension of Diameter for conveying Quality of Service
information. The security considerations of the Diameter protocol itself have been
discussed in RFC 3588 <xref target="RFC3588"/>. Use of the AVPs defined in this document
MUST take into consideration the security issues and requirements of the Diameter Base
protocol. </t>
</section>
</middle>
<back>
<references title="Normative References">&RFC2119; &RFC2780; &RFC2474;
&RFC3168; &RFC3588; &RFC5226; <reference anchor="IEEE802.1ad">
<front>
<title>IEEE Standard for Local and metropolitan area networks, Virtual Bridged Local
Area Networks, Amendment 4: Provider Bridges</title>
<author>
<organization abbrev="IEEE">IEEE</organization>
</author>
<date year="2005"/>
</front>
</reference>
<reference anchor="IEEE802.1D">
<front>
<title>IEEE Standard for Local and metropolitan area networks, Media Access Control
(MAC) Bridges</title>
<author>
<organization abbrev="IEEE">IEEE</organization>
</author>
<date year="2004"/>
</front>
</reference>
<reference anchor="IEEE802.1Q">
<front>
<title>IEEE Standard for Local and metropolitan area networks, Virtual Bridged Local
Area Networks</title>
<author>
<organization abbrev="IEEE">IEEE</organization>
</author>
<date year="2005"/>
</front>
</reference>
<reference anchor="IEEE802.2">
<front>
<title>IEEE Standard for Information technology, Telecommunications and information
exchange between systems, Local and metropolitan area networks, Specific
requirements, Part 2: Logical Link Control</title>
<author>
<organization abbrev="IEEE">IEEE</organization>
</author>
<date year="1998"/>
</front>
</reference>
</references>
<references title="Informative References">&I-D.ietf-dime-diameter-qos; &RFC5624;
&RFC4005; &RFC2475;</references>
<!-- ====================================================================== -->
<section anchor="mask-considerations" title="MAC and EUI64 Address Mask Usage Considerations">
<t>The MAC and EUI64 address bit masks are generally used in classifying devices according
to OUI and/or address blocks specific to the OUI assignee. The bit masks are not
intended to introduce a structure into the MAC or EUI64 address space that was not
intended by the IEEE.</t>
<t>The MAC address bit mask should be defined as a contiguous series of "N" set bits
followed by a contiguous series of "48 - N" clear bits, e.g. the MAC address bit mask of
0xFF00FF000000 would not be valid. Similarly the EUI64 address bit mask should be
defined as a contiguous series of "N" set bits followed by a contiguous series of "64 -
N" clear bits.</t>
<t>It should also be noted that some OUIs are assigned for use in applications that require
number space management at the organization level (e.g. - LLC/SNAP encoding), and are
not commonly used for MAC addresses.</t>
</section>
<!-- ====================================================================== -->
</back>
<!-- ====================================================================== -->
</rfc>
| PAFTECH AB 2003-2026 | 2026-04-24 02:58:19 |