[Dime] [RFC3588bis-34] - Host-IP-Address AVP
"VITON HORCAJO, Pedro (Pedro)" <pedro.viton@alcatel-lucent.com> Mon, 17 September 2012 09:03 UTC
Return-Path: <pedro.viton@alcatel-lucent.com>
X-Original-To: dime@ietfa.amsl.com
Delivered-To: dime@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 607CC21F8532 for <dime@ietfa.amsl.com>; Mon, 17 Sep 2012 02:03:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.248
X-Spam-Level:
X-Spam-Status: No, score=-10.248 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_FR=0.35, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dpJjee4w3Z26 for <dime@ietfa.amsl.com>; Mon, 17 Sep 2012 02:03:17 -0700 (PDT)
Received: from smail3.alcatel.fr (smail3.alcatel.fr [64.208.49.56]) by ietfa.amsl.com (Postfix) with ESMTP id EDD7621F852B for <dime@ietf.org>; Mon, 17 Sep 2012 02:03:16 -0700 (PDT)
Received: from FRMRSSXCHHUB01.dc-m.alcatel-lucent.com (FRMRSSXCHHUB01.dc-m.alcatel-lucent.com [135.120.45.61]) by smail3.alcatel.fr (8.14.3/8.14.3/ICT) with ESMTP id q8H92AIf020500 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT) for <dime@ietf.org>; Mon, 17 Sep 2012 11:03:07 +0200
Received: from FRMRSSXCHMBSC1.dc-m.alcatel-lucent.com ([135.120.45.46]) by FRMRSSXCHHUB01.dc-m.alcatel-lucent.com ([135.120.45.61]) with mapi; Mon, 17 Sep 2012 11:02:28 +0200
From: "VITON HORCAJO, Pedro (Pedro)" <pedro.viton@alcatel-lucent.com>
To: "dime@ietf.org" <dime@ietf.org>
Date: Mon, 17 Sep 2012 11:02:26 +0200
Thread-Topic: [RFC3588bis-34] - Host-IP-Address AVP
Thread-Index: Ac2UsyjKbBR6VKnRTmqPj8ebKl4/ZA==
Message-ID: <5F42DFF905CBA544A7BBB0909003E1A3148F14F7C6@FRMRSSXCHMBSC1.dc-m.alcatel-lucent.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/alternative; boundary="_000_5F42DFF905CBA544A7BBB0909003E1A3148F14F7C6FRMRSSXCHMBSC_"
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 2.69 on 155.132.188.83
Subject: [Dime] [RFC3588bis-34] - Host-IP-Address AVP
X-BeenThere: dime@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Diameter Maintanence and Extentions Working Group <dime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dime>, <mailto:dime-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/dime>
List-Post: <mailto:dime@ietf.org>
List-Help: <mailto:dime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Sep 2012 09:07:20 -0000
Hi: After reviewing original RFC3588 and the lastest draft for 3588bis-34, I have a couple of comments/questions related to the Host-IP-Address AVP 1.- I don't have clear the behavior of a diameter peer when SENDING the Host-IP-Address AVP in the CER/CEA messages, if using TCP to transport Diameter. In sections 5.3.1 (CER), 5.3.2(CEA) and 5.3.5 (Host-IP-Address AVP), it indicates the behavior with respect to that AVP when using SCTP or DTLS/SCTP as transport mechanism. The Host-IP-Address AVP (AVP Code 257) is of type Address and is used to inform a Diameter peer of the sender's IP address. All source addresses that a Diameter node expects to use with SCTP [RFC4960] or DTLS/SCTP [RFC6083] MUST be advertised in the CER and CEA messages by including a Host-IP-Address AVP for each address. When Diameter is run over SCTP [RFC4960] or DTLS/SCTP [RFC6083], which allow connections to span multiple interfaces, hence, multiple IP addresses, the Capabilities-Exchange-Answer message MUST contain one Host-IP-Address AVP for each potential IP address that MAY be locally used when transmitting Diameter messages. That might lead to think that if using TCP, that AVP might/needs not be sent. However, not sending it would be a contradiction with the CER/CEA ABNF message format, that states that the Host-IP-Address AVP is a mandatory AVP with at least 1 ocurrence : <CER> ::= < Diameter Header: 257, REQ > { Origin-Host } { Origin-Realm } 1* { Host-IP-Address } <------------ ... I think it would be a good idea to clarify: A.- whether Host-IP-Address MUST/SHOULD/MAY included in CER/CEA messages if using TCP B.- if it is not needed, indicate that AVP as opcional 1*[Host-IP-Address] in the CER/CEA ABNF. However, leaving it as optional, might lead to interoperability issues between an implementation not sending it, and another implementation expecting it as mandatory (as per current RFC 3588) -------------------- 2.- On the other side, I haven't been able to find anywhere the behavior a Diameter implementation should have when RECEIVING that AVP, both with TCP and SCTP as transport methods. A.- Should it check the source IP address of the received CER/CEA message belongs to the values of the Host-IP-Address AVP? But what would be the purpose of that? Prevent NAT traversal? And what to do then if the Source IP Address doesn't match? B.- With SCTP, I thought initially the Diameter implementation could interface with a SCTP layer primitive to add the rest of the advertised IP addresses in Host-IP-Address, as possible addresses for this endpoint in the already established SCTP association. However, after glancing over SCTP RFC 4960 (sections 3.3.2.1 & 5.1.2), it seems that the remote IP addresses of an association may be exchanged/learnt only during the association establishment by using the Options in the INIT chunk. Therefore, if my assumption is right that it is not possible to add/remove a remote endpoint IP address to an already established association, what's the point in having a Host-IP-Address AVP in the CER/CEA message? Just for historical reasons? In any case, I think it would be nice to clarify the utility of Host-IP-Address AVP, as well as a diameter implementation expected behavior, both when sending it and receiving it, when using TCP and SCTP. Thanks, Pedro \\\|/// \\ ~ ~ // (/ @ @ /) ___oOOo-(_)-OOo_________________________ Pedro Viton Tlf:+(34) 690 96 4740 pedro.viton@alcatel-lucent.com<mailto:pedro.vpedro.viton@alcatel-lucent.com> C/ Maria Tubau 9 (28050) Madrid SPAIN ___________Oooo.____________________________ .oooO ( ) ( ) ) / \ ( (_/ \_)
- [Dime] [RFC3588bis-34] - Host-IP-Address AVP VITON HORCAJO, Pedro (Pedro)
- Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP Glen Zorn
- Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP VITON HORCAJO, Pedro (Pedro)
- Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP jouni korhonen
- Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP VITON HORCAJO, Pedro (Pedro)
- Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP jouni korhonen
- Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP Glen Zorn
- Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP Glen Zorn
- Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP jouni korhonen
- Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP Ben Campbell
- Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP jouni korhonen
- Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP Ben Campbell
- Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP Glen Zorn
- Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP Ankur Garg
- Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP jouni korhonen
- Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP jouni korhonen
- Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP VITON HORCAJO, Pedro (Pedro)
- Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP Ralph Loader
- Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP Ralph Loader
- Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP jouni korhonen
- Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP jouni korhonen
- Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP Ralph Loader
- Re: [Dime] [RFC3588bis-34] - Host-IP-Address AVP jouni korhonen