Re: [Dime] Review of draft-korhonen-dime-pmip6-03.txt
<jouni.korhonen@teliasonera.com> Fri, 08 August 2008 23:32 UTC
Return-Path: <dime-bounces@ietf.org>
X-Original-To: dime-archive@megatron.ietf.org
Delivered-To: ietfarch-dime-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 77DBF3A6924; Fri, 8 Aug 2008 16:32:20 -0700 (PDT)
X-Original-To: dime@core3.amsl.com
Delivered-To: dime@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C988E3A6924 for <dime@core3.amsl.com>; Fri, 8 Aug 2008 16:32:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 4.108
X-Spam-Level: ****
X-Spam-Status: No, score=4.108 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FRT_PROFIT2=10.357, HELO_EQ_SE=0.35, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L3Nbq0KA55yD for <dime@core3.amsl.com>; Fri, 8 Aug 2008 16:32:18 -0700 (PDT)
Received: from sehan002bb.han.telia.se (sehan002bb.han.telia.se [131.115.18.153]) by core3.amsl.com (Postfix) with ESMTP id 4B88A3A683A for <dime@ietf.org>; Fri, 8 Aug 2008 16:32:17 -0700 (PDT)
Received: from SEHAN021MB.tcad.telia.se ([131.115.18.160]) by sehan002bb.han.telia.se with Microsoft SMTPSVC(6.0.3790.1830); Sat, 9 Aug 2008 01:32:14 +0200
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Sat, 09 Aug 2008 01:32:14 +0200
Message-ID: <59D7431DE2527D4CB0F1EFEDA5683ED302C7D5C4@SEHAN021MB.tcad.telia.se>
In-Reply-To: <3E2C3D74-A80F-46FF-9BB8-042B2CF6F1D1@iki.fi>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: [Dime] Review of draft-korhonen-dime-pmip6-03.txt
Thread-Index: Acj5ragvbyiUXTHTRtC7GYv3U1t7dwAACwvQ
References: <129C432B-7E81-45F2-9AEA-60631858073A@iki.fi> <3E2C3D74-A80F-46FF-9BB8-042B2CF6F1D1@iki.fi>
From: jouni.korhonen@teliasonera.com
To: dime@ietf.org
X-OriginalArrivalTime: 08 Aug 2008 23:32:14.0291 (UTC) FILETIME=[FCEA7A30:01C8F9AE]
Subject: Re: [Dime] Review of draft-korhonen-dime-pmip6-03.txt
X-BeenThere: dime@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Diameter Maintanence and Extentions Working Group <dime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/dime>
List-Post: <mailto:dime@ietf.org>
List-Help: <mailto:dime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dime>, <mailto:dime-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: dime-bounces@ietf.org
Errors-To: dime-bounces@ietf.org
It seems this never reached the Dime mailing list for some reason.. resending it. Cheers, JOuni ------- From: Jouni Korhonen <jouni.korhonen@iki.fi> Date: August 8, 2008 10:26:49 AM GMT+03:00 To: "Tschofenig, Hannes (NSN - FI/Espoo)" hannes.tschofenig@nsn.com> Cc: <dime@ietf.org> Subject: Re: [Dime] Review of draft-korhonen-dime-pmip6-03.txt Hi Hannes, Thanks for a review. See some replies inline. On Aug 7, 2008, at 1:37 PM, Tschofenig, Hannes (NSN - FI/Espoo) wrote: > A few review comments. > > In the abstract you write: > > " > Rather than defining a completely new set of > attributes or a new Diameter application this specification > leverages > the work that has already been done for the Mobile IPv6 > bootstrapping. > " > > This sentence is somewhat misleading since you define a Diameter > application. Ok. Actually we got two interfaces (as you note later). The other defines an application and the other one does not. I need to clarify the text above. > Figure 1 is helpful but I think you could point out that you are > actually describing two different "interfaces" in this document. I > initially did not got that point since you referred also to the > Diameter Mobile IPv6 boostrapping work where we separated them into 2 > documents. > > Hence, I would enhance the figure with something like: > > > +--------+ > | HAAA & | Diameter +-----+ > | Policy |<--(1)--->| LMA | > | Profile| +-----+ > +--------+ | <--- LMA-Address > ^ | > | // \\ > +---|------------- //---\\----------------+ > ( | IPv4/IPv6 // \\ Proxy Mobile IPv6 > ( | Network // \\ ) > +---|-----------//---------\\-------------+ > | // \\ > Diameter // <- Tunnel1 \\ <- Tunnel2 > (2) // \\ > | |- MAG-Address1 |- MAG-Address2 > | +----+ +----+ > +---->|MAG1| |MAG2| > +----+ +----+ > | | > | | > [MN1] [MN2] > > > Legend: > > (1): LMA <-> HAAA interaction is described > in Section 6 > (2): MAG <-> HAAA interaction is described > in Section 5 OK. > * I was also lacking sementic of the PMIP6-DHCP-Address AVP a bit. > How does the information flow look like? The AAA may return a DHCP (4 or 6) server address to the MAG. THis would be useful in deployments where the MAG implements a DHCP Relay. So the MAG receives the DHCP Server address over the MAG-AAA interface, and uses the server address for *this* subscriber/realm when relaying DHCP requests. > * MIP6-Agent-Info AVP > > The description currently does not provide enough information why > this > AVP is needed. > What happens when an entity receives this AVP? > Why would one send it? This is one way of doing dynamic LMA discovery. So the AAA knows which LMA to assign for the authenticating subscriber. MAG uses it to figure out the LMA where to send subsequent PBUs.. > I also wonder whether it wouldn't make sense to create a new AVP > if the > semantic is sufficiently different. The behavior from AAA interface point of view is equivalent to integrated bootstrapping.. just that the HA/LMA information is not passed to the MN but used by MAG. I agree we should define new AVPs inside the MIP6-Agent-Info dedicated for the LMA address. We have talked this offline with some folks. > * MAG-to-HAAA: > > You might want to make it explicit in the text that you do not > define a > new Diameter application for this interface. The LMA to HAAA section > starts very similar but defines a new OK. > Diameter application. Both sections say "This document re-uses the > Diameter NASREQ [6] and the EAP [7] > applications". While this is correct the outcome is very different. > > I would also shorten the subject header a bit. Something like > "MAG-to-HAAA Interface" and "LMA-to-HAAA Inferface" should be > sufficient. OK. > The following text seems a bit fuzzy to me: > > " > The Diameter response messages MAY contain Framed-IPv6-Prefix > and/or > Framed-IPv4-Address AVPs. For example a local Diameter proxy > MAY add > those in order to advertise locally available prefixes and > addresses > as well [16]. It is also possible that PMIPv6 mobility support is > not allowed for a subscription. In this case, a MAG may still > provide normal IP connectivity to the MN using, for example, local > address pools. > " > > What is the semantic of the Framed-IPv6-Prefix in relationship to the > other > addresses being defined in this document? I am not sure if this is valid anymore but the originally the reason was the following: It was discussed whether it would make sense to allow PMIP-based mobility for some prefixes and for some not. So the prefixes with mobility would be signaled using PMIP specific AVPs where as prefixes without mobility would use Framed-IPv6-Prefix AVPs. MAG/NAS could then treat prefixes differently (note that how the MN would know the difference is not solved yet.. there has been RA/RS based proposals around). > * LMA-to-MAG > > The text at the beginning of the sentence is repeated again in > Section > 6.2. > > > You write: > > " > The identity SHOULD be the same as > used on the MAG to HAAA interface, but in a case those identities > differ the HAAA MUST have a mechanism of mapping the MN > identity used > on the MAG to HAAA interface to the identity used on the LMA to > HAAA > interface. > " > > In what cases are they different? One example.. the MN authenticates (over the MAG-AAA interface) using some EAP-method that provides identity hiding. So the identity the MAG/NAS puts into the User-Name AVP for the access authentication could be then different from what gets used in a PBU as the MN-ID. The LMA would use the identity taken from the PBU MN-ID when communicating with the AAA over the LMA-AAA interface. So the identities could potentially be different and the AAA must be able to map them as one internally in that case. If some deployment uses the same identity in all cases & places, fine.. but that must not restrict the flexibility of the AAA interfaces. > > You write: > " > If the PBU contains the MN interface identifier option, the > Calling- > Station-Id AVP SHOULD be included in the request message > containing > the received interface identifier. Furthermore, if the PBU > contains > the Service Selection mobility option [18], the Called-Station- > Id AVP > SHOULD be included in the request message containing the received > service identifier. > " > > Why do you overload the Called-Station-Id? > Are those the only two cases, i.e., is it MUST contain either > interface > id or service identifier? Oops. Yes. Good catch. For the services we should use the same AVP that is now defined for the mip6-split document (i.e. the Service- Selection AVP). > > In the introduction you say that this is only used for authorization, > see: > " > A new Diameter application is needed for the LMA to HAAA interface > when authorizing Proxy Binding Updates and subscriber's mobility > service session. > " > > Does this mean that you set the request to 'authorize-only'? Yes. Good catch again. > * AVP Occurrence Table section > > I would define separate AVP flag tables for the two interfaces and > for > the commands. > > For example, in Section 6.2 you define this new application; do you > expect certain AVPs to be understood by the receiving end? > Yeah. These tables need work. Cheers, Jouni > Ciao > Hannes > _______________________________________________ DiME mailing list DiME@ietf.org https://www.ietf.org/mailman/listinfo/dime
- [Dime] Review of draft-korhonen-dime-pmip6-03.txt Tschofenig, Hannes (NSN - FI/Espoo)
- Re: [Dime] Review of draft-korhonen-dime-pmip6-03… jouni.korhonen
- Re: [Dime] Review of draft-korhonen-dime-pmip6-03… jouni.korhonen