Moby Dick Consolidated System Integration Plan
Moby Dick Consolidated System Integration Plan Moby Dick Consolidated System Integration Plan
D0103v1.doc Version 1 6.7.2003 { MIPv6-Home-Agent-Address }, { MIP-Binding-Update } the HMAC-MD5 is computed using SK[MN-AAAC.h] 4.5.2.9.4 AAAC.f to Attendant Message: Parameters: AA Registration Answer foreign (ARA.f) Session-Id Result-Code AAAC.h-MN-AVPs 4.5.2.10 Attendant to MN (UDP message) Message: Parameters : 4.5.3 Accounting DB Mobile Node AAA Reply (MNARp) Session-Id Result-Code AAAC.h-MN-AVPs A session, that has been started after a successfully authentication and authorization, must also be accounted for. Several AAA entities are involved in accounting e.g. attendant, AAAC.f, AAAC.h. 4.5.3.1 AAAC Client The AAAC Client receives answers from AAAC.f for issued AA requests. In case of a negative answer the answer is forwarded to the meter client (as usual) and no accounting takes place. In case of a positive answer the AAAC client configures its accounting functionality according to the accounting policies contained in the AA answer. If no such policies are present it configures accounting according to a default configuration specified before starting the client. Accounting is configured before the answer is forwarded to the client. If some error occurs it is open what happens. Possible solutions are: • The AAAC client forwards answer to the meter client, session takes place as usual (may be no accounting or missing accounting data) • The client sends a message to AAAC.f, AAAC.f can try to get around the problem in which case the client forwards the positive reply. In the other case it forwards the negative reply. In the implementation the first option will be preferred and used. After forwarding the AA answer the client immediately generates an accounting start request and sends it to the AAAC.f. During a session runtime the client generates interim accounting messages and sends them to AAAC.f. If the client receives a session stop indication it generates an accounting stop request and sends it to the AAAC.f. The AAAC client has an interface to the metering functionality on the access router. It sends a METER_START message containing a filter spec and all other configuration parameters when accounting is started. It may receive a handle from the metering function. It sends a METER_STOP message containing a filter spec or handle previously received to stop metering for that particular session. The following information is needed as filter: • mobile nodes IP address (CoA) • mobile nodes ports (in case of specific QoS sessions which are flow based) (known through specific AA request from MN). • DSCP (either 0 for registration or specific value for QoS session; note that signalling traffic between MN and AR is supposed to have DSCP!=0 so this traffic is not accounted which is intended). The AAAC client must have a function to retrieve meter data for a particular session. A GET_METER_DATA function must be supported by the metering which accepts CoA or handle and return all current accounting information for a particular MN. The meter data could also be stored in a DB as long as there is a logic that can handle the GET_METER_DATA function and deliver requested data. D0103v1.doc 118 / 168
D0103v1.doc Version 1 6.7.2003 4.5.3.2 Accounting Messages 4.5.3.2.1 The Accounting-Request (ACR) The Accounting-Request (ACR) command, indicated by the Command-Code field set to 271 and the Command Flags' 'R' bit set, is sent by a Diameter node (AR), acting as a client, in order to exchange accounting information with a peer (AAA server). ::= < Diameter Header: 271, REQ, PXY > < Session-Id > { Acct-Application-Id } { Origin-Host } { Origin-Realm } { Destination-Realm } { Accounting-Record-Type } { Accounting-Record-Number } [ User-Name ] [ Accounting-Sub-Session-Id ] [ Accounting-RADIUS-Session-Id ] [ Accounting-Multi-Session-Id ] [ Accounting-Interim-Interval ] [ Origin-State-Id ] * [ AVP ] * [ Proxy -Info ] * [ Route-Record ] Session-Id is the session ID generated by the client at the time sending the AA request. Acct-Application- Id is the IANA assigned identifier. Origin-Host: Originator of the Diameter message Origin-Realm: Realm of the originator Destination-Realm: Destination realm (real of AAAC.h) Accounting-Record-Type: start, stop or interim Accounting-Record-Number: Unique number which identifies acc rec within one session starting with 0 for acc start record The AAAC client may include: User-name, interim interval, The Accounting-Interim-Interval will set to a value equal to 3 minutes. 4.5.3.2.2 The Accounting-Answer (ACA) The Accounting-Answer (ACA) command, indicated by the Command-Code field set to 271 and the Command Flags' 'R' bit cleared, is used to acknowledge an Accounting-Request command. The Accounting-Answer command contains the same Session-Id and MAY contains the same Accounting Description and Usage AVPs that were sent in the Accounting-Request command. If the CMS-Data AVP was present in the Accounting-Request, the corresponding ACA message MUST include the CMS-Data AVP signed by the responder to provide strong AVP authentication, which MAY be used for the purposes of repudiation. Only the target Diameter Server, known as the home Diameter Server, SHOULD respond with the Accounting-Answer command. ::= < Diameter Header: 271, PXY > < Session-Id > { Acct-Application-Id } { Result-Code } { Origin-Host } { Origin-Realm } { Accounting-Record-Type } { Accounting-Record-Number } [ User-Name ] [ Accounting-Sub-Session-Id ] D0103v1.doc 119 / 168
- Page 67 and 68: D0103v1.doc Version 1 6.7.2003 •
- Page 69 and 70: D0103v1.doc Version 1 6.7.2003 The
- Page 71 and 72: D0103v1.doc Version 1 6.7.2003 is t
- Page 73 and 74: D0103v1.doc Version 1 6.7.2003 4.3
- Page 75 and 76: D0103v1.doc Version 1 6.7.2003 4.3.
- Page 77 and 78: D0103v1.doc Version 1 6.7.2003 This
- Page 79 and 80: D0103v1.doc Version 1 6.7.2003 This
- Page 81 and 82: D0103v1.doc Version 1 6.7.2003 4.3.
- Page 83 and 84: D0103v1.doc Version 1 6.7.2003 4.3.
- Page 85 and 86: D0103v1.doc Version 1 6.7.2003 The
- Page 87 and 88: D0103v1.doc Version 1 6.7.2003 4.3.
- Page 89 and 90: D0103v1.doc Version 1 6.7.2003 be u
- Page 91 and 92: D0103v1.doc Version 1 6.7.2003 o Ma
- Page 93 and 94: D0103v1.doc Version 1 6.7.2003 Gene
- Page 95 and 96: D0103v1.doc Version 1 6.7.2003 Upli
- Page 97 and 98: D0103v1.doc Version 1 6.7.2003 Now
- Page 99 and 100: D0103v1.doc Version 1 6.7.2003 3. D
- Page 101 and 102: D0103v1.doc Version 1 6.7.2003 User
- Page 103 and 104: D0103v1.doc Version 1 6.7.2003 Inte
- Page 105 and 106: D0103v1.doc Version 1 6.7.2003 User
- Page 107 and 108: D0103v1.doc Version 1 6.7.2003 Serv
- Page 109 and 110: D0103v1.doc Version 1 6.7.2003 S1 E
- Page 111 and 112: D0103v1.doc Version 1 6.7.2003 The
- Page 113 and 114: D0103v1.doc Version 1 6.7.2003 Old
- Page 115 and 116: D0103v1.doc Version 1 6.7.2003 This
- Page 117: D0103v1.doc Version 1 6.7.2003 Leng
- Page 121 and 122: D0103v1.doc Version 1 6.7.2003 MN M
- Page 123 and 124: D0103v1.doc Version 1 6.7.2003 4.5.
- Page 125 and 126: D0103v1.doc Version 1 6.7.2003 Afte
- Page 127 and 128: D0103v1.doc Version 1 6.7.2003 Pack
- Page 129 and 130: D0103v1.doc Version 1 6.7.2003 4.5.
- Page 131 and 132: D0103v1.doc Version 1 6.7.2003 miss
- Page 133 and 134: D0103v1.doc Version 1 6.7.2003 Conn
- Page 135 and 136: D0103v1.doc Version 1 6.7.2003 4.5.
- Page 137 and 138: D0103v1.doc Version 1 6.7.2003 Acce
- Page 139 and 140: D0103v1.doc Version 1 6.7.2003 Logg
- Page 141 and 142: D0103v1.doc Version 1 6.7.2003 repr
- Page 143 and 144: D0103v1.doc Version 1 6.7.2003 Type
- Page 145 and 146: D0103v1.doc Version 1 6.7.2003 o DM
- Page 147 and 148: D0103v1.doc Version 1 6.7.2003 5 Mo
- Page 149 and 150: D0103v1.doc Version 1 6.7.2003 MN A
- Page 151 and 152: D0103v1.doc Version 1 6.7.2003 3 AA
- Page 153 and 154: D0103v1.doc Version 1 6.7.2003 give
- Page 155 and 156: D0103v1.doc Version 1 6.7.2003 9 Ha
- Page 157 and 158: D0103v1.doc Version 1 6.7.2003 MN 1
- Page 159 and 160: D0103v1.doc Version 1 6.7.2003 5.2.
- Page 161 and 162: D0103v1.doc Version 1 6.7.2003 No.
- Page 163 and 164: D0103v1.doc Version 1 6.7.2003 The
- Page 165 and 166: D0103v1.doc Version 1 6.7.2003 MN R
- Page 167 and 168: D0103v1.doc Version 1 6.7.2003 for
D0103v1.doc Version 1 6.7.2003<br />
{ MIPv6-Home-Agent-Address }, { MIP-Binding-Update }<br />
the HMAC-MD5 is computed using SK[MN-AAAC.h]<br />
4.5.2.9.4 AAAC.f to Attendant<br />
Message:<br />
Parameters:<br />
AA Registration Answer foreign (ARA.f)<br />
Session-Id<br />
Result-Code<br />
AAAC.h-MN-AVPs<br />
4.5.2.10 Attendant to MN (UDP message)<br />
Message:<br />
Parameters :<br />
4.5.3 Accounting DB<br />
Mobile Node AAA Reply (MNARp)<br />
Session-Id<br />
Result-Code<br />
AAAC.h-MN-AVPs<br />
A session, that has been started after a successfully authentication and authorization, must also be<br />
accounted for. Several AAA entities are involved in accounting e.g. attendant, AAAC.f, AAAC.h.<br />
4.5.3.1 AAAC Client<br />
The AAAC Client receives answers from AAAC.f for issued AA requests. In case of a negative answer<br />
the answer is forwarded to the meter client (as usual) and no accounting takes place.<br />
In case of a positive answer the AAAC client configures its accounting functionality according to the<br />
accounting policies contained in the AA answer. If no such policies are present it configures accounting<br />
according to a default configuration specified before starting the client. Accounting is configured before<br />
the answer is forwarded to the client. If some error occurs it is open what happens. Possible solutions are:<br />
• The AAAC client forwards answer to the meter client, session takes place as usual (may be no<br />
accounting or missing accounting data)<br />
• The client sends a message to AAAC.f, AAAC.f can try to get around the problem in which case the<br />
client forwards the positive reply. In the other case it forwards the negative reply.<br />
In the implementation the first option will be preferred and used.<br />
After forwarding the AA answer the client immediately generates an accounting start request and sends it<br />
to the AAAC.f.<br />
During a session runtime the client generates interim accounting messages and sends them to AAAC.f.<br />
If the client receives a session stop indication it generates an accounting stop request and sends it to the<br />
AAAC.f.<br />
The AAAC client has an interface to the metering functionality on the access router. It sends a<br />
METER_START message containing a filter spec and all other configuration parameters when<br />
accounting is started. It may receive a handle from the metering function. It sends a METER_STOP<br />
message containing a filter spec or handle previously received to stop metering for that particular session.<br />
The following information is needed as filter:<br />
• mobile nodes IP address (CoA)<br />
• mobile nodes ports (in case of specific QoS sessions which are flow based) (known through specific<br />
AA request from MN).<br />
• DSCP (either 0 for registration or specific value for QoS session; note that signalling traffic between<br />
MN and AR is supposed to have DSCP!=0 so this traffic is not accounted which is intended).<br />
The AAAC client must have a function to retrieve meter data for a particular session. A<br />
GET_METER_DATA function must be supported by the metering which accepts CoA or handle and<br />
return all current accounting information for a particular MN.<br />
The meter data could also be stored in a DB as long as there is a logic that can handle the<br />
GET_METER_DATA function and deliver requested data.<br />
D0103v1.doc 118 / 168