RE: [Dime] Contradiction in RFC 4006

["Harri Hakala \(TU/LMF\)" <harri.hakala at ericsson.com>]

Hi Glen,

I agree, the RFC is not clear in this. But the section 8.35 says 
that the access device must drop all packets not matching the filters,
so I think that if Restriction-Filter-Rule AVP(s) or the Filter-Id AVP(s) 
are not included in the CCA, then the access device must drop all packets.
 
regards........Harri


> -----Original Message-----
> From: Glen Zorn (gwz) [mailto:gwz at cisco.com] 
> Sent: 15. kesäkuuta 2006 3:02
> To: aaa-wg at merit.edu
> Cc: dime at ietf.org; Glen Zorn (gwz)
> Subject: [Dime] Contradiction in RFC 4006
> 
> Section 5.6.3 says 
> 
>    "A Final-Unit-Indication AVP with the Final-Unit-Action
>    RESTRICT_ACCESS [in the CCA message] indicates to the 
>    device supporting this action that
>    the user's access MUST be restricted according to the IP packet
>    filters given in the Restriction-Filter-Rule AVP(s) or according to
>    the IP packet filters identified by the Filter-Id AVP(s)."
> 
> However, the next sentence says
> 
>    "The credit-control server SHOULD include either the
> Restriction-Filter-
>    Rule AVP or the Filter-Id AVP in the Credit-Control-Answer 
> message."
> 
> So, what happens if the referenced AVPs are not included in the CCA?
> 
> ~gwz
> 
> Treat the Earth well. 
> It was not given to you by your parents.
> It was loaned to you by your children.
>   -- Kenyan Proverb
> 
> Humankind has not woven the web of life.
> We are but one thread within it.
> Whatever we do to the web, we do to ourselves.
> All things are bound together.
> All things connect.
>   -- Chief Seattle
> 
> _______________________________________________
> DiME mailing list
> DiME at ietf.org
> https://www1.ietf.org/mailman/listinfo/dime
> 

_______________________________________________
DiME mailing list
DiME at ietf.org
https://www1.ietf.org/mailman/listinfo/dime