< draft-werner-nsis-natfw-nslp-statemachine-01.txt   draft-werner-nsis-natfw-nslp-statemachine-02.txt >
NSIS X. Fu NSIS C. Werner
Internet-Draft C. Werner Internet-Draft X. Fu, Ed.
Expires: January 18, 2006 Univ. Goettingen Expires: September 7, 2006 Univ. Goettingen
H. Tschofenig H. Tschofenig
T. Tsenov
Siemens Siemens
C. Aoun C. Aoun
Nortel ENST
N. Steinleitner N. Steinleitner
Univ. Goettingen Univ. Goettingen
July 17, 2005 March 6, 2006
NAT/FW NSLP State Machine NAT/FW NSLP State Machine
draft-werner-nsis-natfw-nslp-statemachine-01.txt draft-werner-nsis-natfw-nslp-statemachine-02.txt
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 41 skipping to change at page 1, line 40
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on January 18, 2006. This Internet-Draft will expire on September 7, 2006.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2005). Copyright (C) The Internet Society (2006).
Abstract Abstract
This document describes the state machines for the NSIS Signaling This document describes the state machines for the NSIS Signaling
Layer Protocol for Network Address Translation/Firewall signaling Layer Protocol for Network Address Translation/Firewall signaling
(NAT/FW NSLP). A set of state machines for NAT/FW NSLP entities at (NAT/FW NSLP). A set of state machines for NAT/FW NSLP entities at
different locations of a signaling path are presented in order to different locations of a signaling path are presented in order to
illustrate how NAT/FW NSLP may be implemented. illustrate how NAT/FW NSLP may be implemented.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Notational conventions used in state diagrams . . . . . . . 3 3. Notational conventions used in state diagrams . . . . . . . . 3
4. State Machine Symbols . . . . . . . . . . . . . . . . . . . 6 4. State Machine Symbols . . . . . . . . . . . . . . . . . . . . 6
5. Common Rules . . . . . . . . . . . . . . . . . . . . . . . . 7 5. Common Rules . . . . . . . . . . . . . . . . . . . . . . . . . 7
5.1 Common Procedures . . . . . . . . . . . . . . . . . . . . 7 5.1. Common Procedures . . . . . . . . . . . . . . . . . . . . 7
5.2 Common Variables . . . . . . . . . . . . . . . . . . . . . 9 5.2. Common Variables . . . . . . . . . . . . . . . . . . . . . 9
5.3 Constants . . . . . . . . . . . . . . . . . . . . . . . . 10 5.3. Constants . . . . . . . . . . . . . . . . . . . . . . . . 9
6. State machine for the NAT/FW NI . . . . . . . . . . . . . . 10 6. State machine for the NAT/FW NI . . . . . . . . . . . . . . . 9
7. State machines for the NAT/FW NF . . . . . . . . . . . . . . 14 7. State machines for the NAT/FW NF . . . . . . . . . . . . . . . 11
7.1 State machine for NAT/FW Firewall NF . . . . . . . . . . . 15 8. State machine for the NAT/FW NR . . . . . . . . . . . . . . . 15
7.2 State machine for NAT/FW NAT NF . . . . . . . . . . . . . 22 9. Security Considerations . . . . . . . . . . . . . . . . . . . 18
8. State machine for the NAT/FW NR . . . . . . . . . . . . . . 29 10. Open Issues . . . . . . . . . . . . . . . . . . . . . . . . . 18
9. Security Considerations . . . . . . . . . . . . . . . . . . 33 11. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 18
10. Open Issues . . . . . . . . . . . . . . . . . . . . . . . . 34 12. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 19
11. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . 34 13. References . . . . . . . . . . . . . . . . . . . . . . . . . . 19
12. References . . . . . . . . . . . . . . . . . . . . . . . . . 34 13.1. Normative References . . . . . . . . . . . . . . . . . . . 19
12.1 Normative References . . . . . . . . . . . . . . . . . . 34 13.2. Informative References . . . . . . . . . . . . . . . . . . 19
12.2 Informative References . . . . . . . . . . . . . . . . . 34 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 20
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 35 Intellectual Property and Copyright Statements . . . . . . . . . . 21
Intellectual Property and Copyright Statements . . . . . . . 37
1. Introduction 1. Introduction
This document describes the state machines for NAT/FW NSLP [1], This document describes the state machines for NAT/FW NSLP [1],
trying to show how NAT/FW NSLP can be implemented to support its trying to show how NAT/FW NSLP can be implemented to support its
deployment. The state machines described in this document are deployment. The state machines described in this document are
illustrative of how the NAT/FW NSLP protocol defined in [1] may be illustrative of how the NAT/FW NSLP protocol defined in [1] may be
implemented for the first NAT/FW NSLP node in the signaling path, implemented for the first NAT/FW NSLP node in the signaling path,
intermediate NAT/FW NSLP nodes with Firewall and/or NAT intermediate NAT/FW NSLP nodes with Firewall and/or NAT
functionality, and the last NAT/FW NSLP node in the signaling path. functionality, and the last NAT/FW NSLP node in the signaling path.
skipping to change at page 3, line 25 skipping to change at page 3, line 25
machines are informative only. Implementations may achieve the same machines are informative only. Implementations may achieve the same
results using different methods. results using different methods.
The messages used in the NAT/FW NSLP protocol can be summarized as The messages used in the NAT/FW NSLP protocol can be summarized as
follows: follows:
Requesting message Responding message Requesting message Responding message
------------------------+--------------------------- ------------------------+---------------------------
CREATE |RESPONSE CREATE |RESPONSE
REA |RESPONSE REA |RESPONSE
QUERY |RESPONSE TRACE |RESPONSE
RESPONSE |NONE RESPONSE |NONE
NOTIFY |NONE NOTIFY |NONE
TRIGGER |CREATE
------------------------+--------------------------- ------------------------+---------------------------
We describe a set of state machines for different roles of entities We describe a set of state machines for different roles of entities
running NAT/FW NSLP to illustrate how NAT/FW NSLP may be implemented. running NAT/FW NSLP to illustrate how NAT/FW NSLP may be implemented.
2. Terminology 2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [2]. document are to be interpreted as described in [2].
skipping to change at page 4, line 14 skipping to change at page 4, line 15
represented by using triplets of (exit condition, exit action, exit represented by using triplets of (exit condition, exit action, exit
state). All conditions are expressions that evaluate to TRUE or state). All conditions are expressions that evaluate to TRUE or
FALSE; if a condition evaluates to TRUE, then the condition is met. FALSE; if a condition evaluates to TRUE, then the condition is met.
A state "ANY" is a wildcard state that matches the current state in A state "ANY" is a wildcard state that matches the current state in
each state machine. The exit conditions of a wildcard state are each state machine. The exit conditions of a wildcard state are
evaluated after all other exit conditions of specific to the current evaluated after all other exit conditions of specific to the current
state are met. state are met.
On exit from a state, the procedures defined for the state and the On exit from a state, the procedures defined for the state and the
exit condition are executed exactly once, in the order that they exit condition are executed exactly once, in the order that they
appear on the page. (Note that the procedures defined in [4] are appear on the page. (Note that the procedures defined in [4] are
executed on entry to a state, which is one major difference from this executed on entry to a state, which is one major difference from this
document.) Each procedure is deemed to be atomic; i.e., execution of document.) Each procedure is deemed to be atomic; i.e., execution of
a procedure completes before the next sequential procedure starts to a procedure completes before the next sequential procedure starts to
execute. No procedures execute outside of a state block. The execute. No procedures execute outside of a state block. The
procedures in only one state block execute at a time, even if the procedures in only one state block execute at a time, even if the
conditions for execution of state blocks in different state machines conditions for execution of state blocks in different state machines
are satisfied, and all procedures in an executing state block are satisfied, and all procedures in an executing state block
complete execution before the transition to and execution of any complete execution before the transition to and execution of any
other state block occurs, i.e., the execution of any state block other state block occurs, i.e., the execution of any state block
appears to be atomic with respect to the execution of any other state appears to be atomic with respect to the execution of any other state
skipping to change at page 6, line 39 skipping to change at page 6, line 41
assignments, e.g., a = b = X the action causes the value of the assignments, e.g., a = b = X the action causes the value of the
expression following the right-most assignment operator to be expression following the right-most assignment operator to be
assigned to all of the variables that appear to the left of the assigned to all of the variables that appear to the left of the
right-most assignment operator. right-most assignment operator.
! Logical NOT operator. ! Logical NOT operator.
&& Logical AND operator. && Logical AND operator.
|| Logical OR operator. || Logical OR operator.
if...then... Conditional action. If the Boolean expression following if...then... Conditional action. If the Boolean expression following
the if evaluates to TRUE, then the action following the then is the if evaluates to TRUE, then the action following the then is
executed. executed.
\{ statement 1, ... statement N \} Compound statement. Braces are { statement 1, ... statement N } Compound statement. Braces are used
used to group statements that are executed together as if they to group statements that are executed together as if they were a
were a single statement. single statement.
!= Inequality. Evaluates to TRUE if the expression to the left of != Inequality. Evaluates to TRUE if the expression to the left of
the operator is not equal in value to the expression to the right. the operator is not equal in value to the expression to the right.
== Equality. Evaluates to TRUE if the expression to the left of the == Equality. Evaluates to TRUE if the expression to the left of the
operator is equal in value to the expression to the right. operator is equal in value to the expression to the right.
> Greater than. Evaluates to TRUE if the value of the expression to > Greater than. Evaluates to TRUE if the value of the expression to
the left of the operator is greater than the value of the the left of the operator is greater than the value of the
expression to the right. expression to the right.
<= Less than or equal to. Evaluates to TRUE if the value of the <= Less than or equal to. Evaluates to TRUE if the value of the
expression to the left of the operator is either less than or expression to the left of the operator is either less than or
equal to the value of the expression to the right. equal to the value of the expression to the right.
++ Increment the preceding integer operator by 1. ++ Increment the preceding integer operator by 1.
5. Common Rules 5. Common Rules
Throughout the document we use terms defined in the [1], such as NI, Throughout the document we use terms defined in the [1], such as NI,
NF, NR, NI+, NR+, CREATE, QUERY, or RESPONSE. NF, NR, CREATE, REA or RESPONSE.
5.1 Common Procedures 5.1. Common Procedures
tx_CREATE(): Transmit a CREATE message tx_CREATE(): Transmit a CREATE message
tx_CREATE(LIFETIME=0): Transmit CREATE message with lifetime object tx_CREATE(LIFETIME=0): Transmit CREATE message with lifetime object
explicitly set to 0 for session deletion explicitly set to 0 for session deletion
tx_RESP(code,type): Transmit RESPONSE message with specified code tx_RESPONSE(code,type): Transmit RESPONSE message with specified code
(SUCCESS or ERROR) and result type (related to a specific request (SUCCESS or ERROR) and result type (related to a specific request
type message: CREATE, REA or QUERY). A code or result type may be type message: CREATE or REA). A code or result type may be
omitted, typically when forwarding received RESPONSE messages. omitted, typically when forwarding received RESPONSE messages.
tx_QUERY(): Transmit QUERY message. tx_REA(): Transmit a REA message
tx_NOTIFY(): Transmit NOTIFY message. rx_RESPONSE(code, type): Evaluates to TRUE if a RESPONSE message has
rx_RESP(code, type): Evaluates to TRUE if a RESPONSE message has been been received with the specified code (SUCCESS or ERROR) and
received with the specified code (SUCCESS or ERROR) and result result type (related to a specific request type message: CREATE or
type (related to a specific request type message: CREATE, REA or REA). If the code or type is omitted, any received RESPONSE
QUERY). If the code or type is omitted, any received RESPONSE
message which is only matching the given code or type will message which is only matching the given code or type will
evaluate this procedure to TRUE. evaluate this procedure to TRUE.
rx_NOTIFY(): Evaluates to TRUE if a NOTIFY message has been received.
rx_QUERY(): Evaluates to TRUE if a QUERY message has been received
rx_CREATE(): Evaluates to TRUE if a CREATE message has been received. rx_CREATE(): Evaluates to TRUE if a CREATE message has been received.
rx_REA(): Evaluates to TRUE if a REA message has been received.
CHECK_AA(): Checks Authorization and Authentication of the received CHECK_AA(): Checks Authorization and Authentication of the received
message. Evaluates to TRUE if the check is successful, otherwise message. Evaluates to TRUE if the check is successful, otherwise
it evaluates to FALSE. This check is performed on all received it evaluates to FALSE. This check is performed on all received
messages hence it will only be shown within the state machine when messages hence it will only be shown within the state machine when
the check has failed. This CHECK_AA also MAY include a local the check has failed. This CHECK_AA also MAY include a local
policy check for the received message. policy check for the received message.
CHECK_NoNR(): Checks if the message can reach its targeted CreateSession(): Installs all session related states, variables,
destination, i.e. the NR if it exists at the targeted host. bindings, policies.
CHECK_SCOPE(): Checks if the message has reached the network DeleteSession(): Removes all session related states, variables,
boundaries defined by the SCOPE object. bindings, policies.
Process Event(): Processes a NOTIFY messages and adapts the behaviour CreatePinhole(): Installs a pinhole for the new session.
of this node to the new condition. DeletePinhole(): Removes a previously installed pinhole.
Process Query(): Processes the received QUERY message and prepares
the appropriate RESPONSE message.
Binding.create(): Creates a public/private network translation CreateReservations(): Creates a matching based on the MRI and open
binding on a NAT device for the requesting entity. pinholes for the signaling traffic.
Binding.clear(): Deletes a previously created a public/private DeleteReservations(): Deletes previously installed matchings and
pinholes for the signaling traffic.
CreateBinding(): Creates a public/private network translation binding
on a NAT device for the requesting entity.
DeleteBinding(): Deletes a previously created a public/private
network translation binding on a NAT device for the requesting network translation binding on a NAT device for the requesting
entity. entity.
Session.create(): Installs all session related states, variables, StartTimer(identifier): This procedure starts a timer with a certain
bindings, policies. timespan, which is up to the specific implementation. The
Session.update(): Updates all session related states, variables,
bindings, policies based on received CREATE or TRIGGER if
applicable.
Session.clear(): Removes all session related states, variables,
bindings, policies.
PckFilter.create(): Installs a packet filter for the new session.
PckFilter.update(): Updates the packet filter for changes in the
session rules.
PckFilter.clear(): Removes a previously set packet filter.
Start.STATE_TIMER(identifier): This procedure starts a timer with a
certain timespan, which is up to the specific implementation. The
parameter 'identifier' identifies this timer uniquely. Any parameter 'identifier' identifies this timer uniquely. Any
subsequent Start_STATE_TIMER(x), Stop_STATE_TIMER(x), subsequent StartTimer(identifier), StopTimer(identifier),
TIMEOUT_STATE(x) refer to the same timer labeled x. This timer is (identifier)_TIMEOUT refer to the same timer labeled x. This
required to time the lifetime of state, which means that when it timer is required to time the lifetime of state, which means that
times out, it indicates the current machine state should be left when it times out, it indicates the current machine state should
or its validation has expired. This procedure starts the timer be left or its validation has expired. This procedure starts the
'identifier'. If a timer with the same 'identifier' has timer 'identifier'. If a timer with the same 'identifier' has
already been started and not yet stopped, the timer is now stopped already been started and not yet stopped, the timer is now stopped
and restarted. After the timer has timed out, the procedure and restarted. After the timer has timed out, the procedure
TIMEOUT_STATE(identifier) evaluates to TRUE. The timer does not (identifier)_TIMEOUT evaluates to TRUE. The timer does not
restart automatically, but must be started again with a restart automatically, but must be started again with a
Start_STATE_TIMER(identifier). Notice that there is no difference StartTimer(identifier). Notice that this function can call as
to the Start_REFRESH_TIMER(identifier) procedure which has exactly statetimer or as refreshtimer which represents the
the same functionality. The different procedure names are only "Start.REFRESH_TIMER(identifier)" procedure in version 01.
supplied to underline the purpose of this specific timer. StopTimer(identifier): This procedure stops the timer labeled
Stop.STATE_TIMER(identifier): This procedure stops the timer labeled
'identifier'. If it has already been stopped, this procedure has 'identifier'. If it has already been stopped, this procedure has
no effect. If the timer has already timed out, this procedure no effect. If the timer has already timed out, this procedure
removes the timeout-state from the timer 'identifier', so removes the timeout-state from the timer 'identifier', so
subsequent calls to TIMEOUT_STATE(identifier) evaluate to FALSE. subsequent calls to (identifier)_TIMEOUT evaluate to FALSE. A
A timeout cannot occur until the timer 'identifier' has been timeout cannot occur until the timer 'identifier' has been
(re-)started. (re-)started.
TIMEOUT.STATE(identifier): This procedure evaluates to TRUE if the (identifier)_TIMEOUT: This procedure evaluates to TRUE if the
timer 'identifier' has timed out and indicates a state lifetime (identifier)-timer has timed out and indicates a state lifetime
expiration. Subsequent TIMEOUT_STATE(identifier) calls also expiration. This procedure cannot evaluate to TRUE if the timer
evaluate to TRUE until the timer 'identifier' has been has been stopped. Used timers are STATE_TIMEOUT, REFRESH_TIMEOUT,
(re-)started. This procedure cannot evaluate to TRUE if the timer CREATE_TIMEOUT, REA_TIMEOUT or RESPONSE_TIMEOUT.
has been stopped.
Start.REFRESH_TIMER(identifier): This procedure starts a timer with a
certain timespan, which is up to the specific implementation. The
parameter 'identifier' identifies this timer uniquely. Any
subsequent Start_REFRESH_TIMER(x), Stop_REFRESH_TIMER(x),
TIMEOUT_REFRESH(x) refer to the same timer labeled x. This timer
times a refresh interval, which means that when it times out, it
indicates a state refresh message is due to be sent. This
procedure starts the timer 'identifier'. If a timer with the same
'identifier' has already been started and not yet stopped, the
timer is now stopped and restarted. After the timer has timed
out, the procedure TIMEOUT_REFRESH(identifier) evaluates to TRUE.
The timer does not restart automatically, but must be started
again with a Start_REFRESH_TIMER(identifier). Notice that there
is no difference to the Start_STATE_TIMER(identifier) procedure
which has exactly the same functionality. The different procedure
names are only supplied to underline the purpose of this specific
timer.
Stop.REFRESH_TIMER(identifier): This procedure stops the timer
labeled 'identifier'. If it has already been stopped, this
procedure has no effect. If the timer has already timed out, this
procedure removes the timeout-state from the timer 'identifier',
so subsequent calls to TIMEOUT_REFRESH(identifier) evaluate to
FALSE. A timeout cannot occur until the timer 'identifier' has
been (re-)started.
TIMEOUT.REFRESH(identifier): This procedure evaluates to TRUE if the
timer 'identifier' has timed out and indicates a refresh interval
expiration. Subsequent TIMEOUT_REFRESH(identifier) calls also
evaluate to TRUE until the timer 'identifier' has been
(re-)started. This procedure cannot evaluate to TRUE if the timer
has been stopped.
tg_QUERY: External trigger to send a QUERY message (typically
triggered by the application).
tg_CREATE: External trigger to send a CREATE message (typically tg_CREATE: External trigger to send a CREATE message (typically
triggered by the application). triggered by the application).
tg_NOTIFY: External trigger to notify the entity of a new event to be
processed (typically triggered by the application)
tg_TRIGGER: External trigger to send a TRIGGER message to a NF
(typically triggered by the application)
tg_TEARDOWN: External trigger to delete a previously created session tg_TEARDOWN: External trigger to delete a previously created session
(typically triggered by the application) (typically triggered by the application)
tg_REA: External trigger to send a REA message towards an tg_REA: External trigger to send a REA message towards an
opportunistic address (typically triggered by the application) opportunistic address (typically triggered by the application)
tg_CREATE_PROXY: Internal trigger to send a CREATE message (used in
proxy mode, triggered by corresponding NAT/FW NSLP session).
tg_TEARDOWN_PROXY: Internal trigger to delete a previously created
session (used in proxy mode, triggered by corresponding NAT/FW
NSLP session).
5.2. Common Variables
5.2 Common Variables
IS_EDGE: Boolean flag which evaluates to TRUE if the node is on the IS_EDGE: Boolean flag which evaluates to TRUE if the node is on the
network edge, otherwise it evaluates to FALSE. network edge, otherwise it evaluates to FALSE.
IS_PUBLICSIDE: Boolean flag which evaluates to TRUE if the (CREATE- IS_PUBLICSIDE: Boolean flag which evaluates to TRUE if the (CREATE-
or REA-) message has been received on the public side of the or REA-) message has been received on the public side of the
network. network.
CREATE(LIFETIME?): Gets the value of the LIFETIME object in the CREATE(LIFETIME): Gets the value of the LIFETIME object in the CREATE
CREATE message. message.
CREATE(TRIGGER?): Evaluates to TRUE if the received CREATE message counter(CREATE): Denotes the current number of retries of CREATE
indicates a CREATE trigger.
CREATE(POLICY?): Gets the policy for the CREATE message.
CREATE(SOURCE?): Retrieves the sender of the CREATE message.
CREATE(NoNR?): Evaluates to TRUE if the CREATE message has an active
NoNR-flag.
CREATE(Scope?): Evaluates to TRUE if the CREATE message has an active
Scope-flag.
Retry_Counter(CREATE): Denotes the current number of retries of
CREATE message which has been re-transmitted due to previous
RESPONSE_ERROR message. If the number of Retry_Counter(CREATE)
equals the value of MAXRETRY(CREATE), the current session creation
attempt is aborted and the application is being notified.
Retry_Counter(QUERY): Denotes the current number of retries of QUERY
message which has been re-transmitted due to previous
RESPONSE_ERROR message. If the number of Retry_Counter(QUERY)
equals the value of MAXRETRY(QUERY), the current QUERY attempt is
aborted and the application is being notified.
Retry_Counter(REA): Denotes the current number of retries of REA
message which has been re-transmitted due to previous message which has been re-transmitted due to previous
RESPONSE_ERROR message. If the number of Retry_Counter(REA) RESPONSE_ERROR message. If the number of counter(CREATE) equals
equals the value of MAXRETRY(REA), the current REA initiation the value of counterLimit(CREATE), the current session creation
attempt is aborted and the application is being notified. attempt is aborted and the application is being notified.
counter(REA): Denotes the current number of retries of REA message
which has been re-transmitted due to previous RESPONSE_ERROR
message. If the number of counter(REA) equals the value of
counterLimit(REA), the current session creation attempt is aborted
and the application is being notified.
5.3 Constants 5.3. Constants
Max_Retry(CREATE): Contains the maximum number of retransmission counterLimit(CREATE): Contains the maximum number of retransmission
attempts of a CREATE message after it is aborted and the attempts of a CREATE message after it is aborted and the
application is being notified. application is being notified.
Max_Retry(QUERY): Contains the maximum number of retransmission counterLimit(REA): Contains the maximum number of retransmission
attempts of a QUERY message after it is aborted and the
application is being notified.
Max_Retry(REA): Contains the maximum number of retransmission
attempts of a REA message after it is aborted and the application attempts of a REA message after it is aborted and the application
is being notified. is being notified.
6. State machine for the NAT/FW NI 6. State machine for the NAT/FW NI
This section presents the state machines for the NSIS initator which This section presents the state machine for the NSIS initator which
is capable of NSLP NAT/FW signaling is capable of NAT/FW NSLP signaling.
----------- -----------
State: INITIALIZE State: INITIALIZE
----------- -----------
Condition Action State Note Condition Action State
------------------------+-------------------------+-----------+--- ----------------------------+-----------------------------+----------
UCT |Initialize variables | IDLE |* UCT |Initialize variables | IDLE
------------------------+-------------------------+-----------+--- ----------------------------+-----------------------------+----------
NOTE:
* - Application triggered for forking process
----------- -----------
State: IDLE State: IDLE
Entry: DeleteSession();
Exit : CreateSession();
----------- -----------
Condition Action State Note Condition Action State
------------------------+-------------------------+-----------+--- ----------------------------+-----------------------------+----------
tg_CREATE |tx_CREATE |WAITRESP2- | tg_CREATE |tx_CREATE(); | WAITRESP
(sid, sig, pubkey)| (sid, sig, pubkey);| SESSION| | |
|Start.STATE_TIMER |PENDING | tg_CREATE_PROXY |tx_CREATE(); | WAITRESP
| (Response);| | ----------------------------+-----------------------------+----------
| | |
(tg_CREATE (sid)) |tx_CREATE (sid); |WAITRESP1- |
|Start.STATE_TIMER | SESSION|
| (Response);|PENDING |
------------------------+-------------------------+-----------+---
-----------
State: WAITRESP-SESSION PENDING
-----------
Condition Action State Note
------------------------+-------------------------+-----------+---
TIMEOUT.STATE(Response) |Stop.STATE_TIMER |WAITRESP- |
| (Response);| SESSION|
|retry_counter(Create)++; |PENDING |
|if (retry_counter(Create)| |
| <=Max_Retry(Create))| |
|{Start_STATE_TIMER | |
| (Response)| |
|tx_CREATE;} | |
| | |
(rx_RESPONSE(SUCCESS, |Stop.STATE_TIMER |SESSION |
Create))| (Response);|ESTABLISHED|
|Session.create(); | |
|Start.REFRESH_TIMER | |
| (Create);| |
|retry_counter(Create)=0; | |
| | |
(Retry_Counter(Create)> |Send info to Appl.; | IDLE |
Max_Retry(Create)) |||Stop.STATE_TIMER | |
(tg_TEARDOWN) || | (Response);| |
(rx_RESPONSE(ERROR, | | |
Create))| | |
------------------------+-------------------------+-----------+
-----------
State: WAITRESP1-SESSION PENDING
-----------
Condition Action State Note
------------------------+-------------------------+-----------+---
(TIMEOUT.STATE(Response)|Send info to Appl.; |IDLE |
|| (rx_RESPONSE(ERROR, | | |
Create))| | |
| | |
(rx_RESPONSE(SUCCESS, |Tx_Create(sid, sig, |WAITPKRESP-|
Create))| pubkey);| SESSION|
|Start.STATE_TIMER |PENDING |
| (Response);| |
------------------------+-------------------------+-----------+---
-----------
State: WAITRESP2-SESSION PENDING
-----------
Condition Action State Note
------------------------+-------------------------+-----------+---
(tr(RESPONSE(sid)) |tx_CREATE (sid); |WAITRESP- |
|Start.STATE_TIMER | SESSION|
| (Response);|PENDING |
|retry_counter(Create)=0; | |
------------------------+-------------------------+-----------+---
----------- -----------
State: WAITPKRESP-SESSION PENDING State: WAITRESP
Entry: ResetCounter(CREATE);
StartTimer(RESPONSE);
Exit : StopTimer(RESPONSE);
----------- -----------
Condition Action State Note Condition Action State
------------------------+-------------------------+-----------+--- ----------------------------+-----------------------------+----------
(tr(RESPONSE(sid)) |tx_CREATE (sid); |WAITRESP- | RESPONSE_TIMEOUT && |counter(CREATE)++; | WAITRESP
|Start.STATE_TIMER | SESSION| (counter(CREATE)< |StartTimer(RESPONSE); |
| (Response);|PENDING | counterLimit(CREATE)) |tx_CREATE(); |
|retry_counter(Create)=0; | | | |
------------------------+-------------------------+-----------+--- rx_RESPONSE(SUCCESS,CREATE) |ReportAsyncEvent(); | SESSION
| |
tg_TEARDOWN |tx_CREATE(Lifetime=0); | IDLE
| |
tg_TEARDOWN_PROXY |tx_CREATE(Lifetime=0); | IDLE
| |
RESPONSE_TIMEOUT && |ReportAsyncEvent(); | IDLE
(counter(CREATE)== | |
counterLimit(CREATE)) | |
| |
rx_RESPONSE(ERROR,CREATE) |ReportAsyncEvent(); | IDLE
----------------------------+-----------------------------+----------
----------- -----------
State: SESSION ESTABLISHED State: SESSION
Entry: ResetCounter(CREATE);
StartTimer(REFRESH);
Exit : StopTimer(REFRESH);
StopTimer(RESPONSE);
----------- -----------
Condition Action State Note Condition Action State
------------------------+-------------------------+-----------+--- ----------------------------+-----------------------------+----------
(rx_RESPONSE |Stop.STATE_TIMER(QDRQ); |SESSION | REFRESH_TIMEOUT |StartTimer(RESPONSE); | SESSION
(SUCCESS, QDRQ))|Send info to appl.; |ESTABLISHED| |tx_CREATE(); |
&& (CHECK_AA) | | | | |
| | | RESPONSE_TIMEOUT && |counter(CREATE)++; | SESSION
| | (counter(CREATE) < |StartTimer(RESPONSE); |
(rx_RESPONSE |Stop.STATE_TIMER(QDRQ); |SESSION | counterLimit(CREATE)) |tx_CREATE(); |
(ERROR, QDRQ)|retry_counter(QDRQ)++; |ESTABLISHED| | |
|| TIMEOUT_STATE(QDRQ)) |If (retry_counter(QDRQ)< | | rx_RESPONSE(SUCCESS,CREATE) |StopTimer(RESPONSE); | SESSION
| Max_Retry(QDRQ)| | |StartTimer(REFRESH); |
|{Start.STATE_TIMER(QDRQ);| | |ResetCounter(CREATE); |
| tx_QDRQ;}| | | |
|else{send info to appl.;}| | tg_TEARDOWN |tx_CREATE(LIFETIME=0); | IDLE
| | | | |
(tg_QDRQ) |tx_QDRQ; |SESSION | tg_TEARDOWN_PROXY |tx_CREATE(LIFETIME=0); | IDLE
|Start.STATE_TIMER(QDRQ); |ESTABLISHED| | |
|retry_counter(QDRQ)=0; | | RESPONSE_TIMEOUT && |ReportAsyncEvent(); | IDLE
| | | (counter(CREATE) == | |
TIMEOUT.REFRESH(Create) |Start.STATE_TIMER |SESSION | counterLimit(CREATE)) | |
| (Response);|ESTABLISHED| | |
|tx_CREATE; | | rx_RESPONSE(ERROR,CREATE) |ReportAsyncEvent(); | IDLE
| | | ----------------------------+-----------------------------+----------
TIMEOUT.STATE(Response) |Stop.STATE_TIMER |SESSION |
| (Response);|ESTABLISHED|
|retry_counter(Create)++; | |
|If (retry_counter(Create)| |
| <=Max_Retry(Create))| |
|{Start.STATE_TIMER | |
| (Response);| |
|tx_CREATE;} | |
| | |
(rx_RESPONSE(SUCCESS, |Start.REFRESH_TIMER |SESSION |
Create))| (Create);|ESTABLISHED|
|Stop.STATE_TIMER | |
| (Response);| |
|retry_counter(Create)=0; | |
| | |
(rx_NOTIFY)&&(CHECK_AA) |Process Event(); |SESSION |
| |ESTABLISHED|
| | |
(tg_TEARDOWN) |tx_CREATE(LIFETIME=0); |IDLE |
|Session.clear(); | |
|Stop.REFRESH_TIMER | |
| (Create);| |
|Stop.STATE_TIMER( | |
| Response);| |
| | |
(retry_counter(Create)> |Send info to Appl.; |IDLE |
Max_Retries(Create) |||Session.clear(); | |
rx_RESPONSE(ERROR, |Stop.REFRESH_TIMER | |
Create))| (Create);| |
------------------------+-------------------------+-----------+
7. State machines for the NAT/FW NF 7. State machines for the NAT/FW NF
This section describes the state machines for intermediate nodes This section describes the state machines for intermediate nodes
within the signaling path capable of processing NAT/FW NSLP messages. within the signaling path capable of processing NAT/FW NSLP messages.
These nodes typically implement firewall and/or network address These nodes typically implement firewall and/or network address
translation (NAT) functionality. To keep it simple, the state translation (NAT) functionality.
machines are separated in two independent state machines for nodes
with firewall and nodes with NAT functionality.
7.1 State machine for NAT/FW Firewall NF
-------------------
State: Initialize
-------------------
Condition Action State
------------------------+-------------------------+------------
UCT | - |IDLE
------------------------+-------------------------+------------
-------------------
State: IDLE
-------------------
Condition Action State
------------------------+-------------------------+------------
(rx_REA) && (!IS_EDGE) |tx_REA; |IDLE
| |
(rx_CREATE) && |tx_RESPONSE(ERROR, |IDLE
!(CHECK_AA) |Create) |
| |
(rx_RESPONSE (,Rea)) |tx_RESPONSE (,Rea) |IDLE
| |
(rx_REA) && (IS_EDGE) |tx_RESPONSE(ERROR, Rea) |IDLE
| "No NAT here" |
| |
(rx_UCREATE) && |tx_RESPONSE(ERROR, |IDLE
!(CHECK_AA) |UCREATE); |
| |
((rx_CREATE(sid)) && |Start.STATE_TIMER |WAITRESP1-
(CHECK_AA) && |(Response); |SESSION/
(!IS_PUBLICSIDE)) |tx_CREATE; |USESSION
| |PENDING
| |
(rx_UCREATE) && |tx_RESPONSE(SUCCESS, |WAITRESP-
(CHECK_AA) |UCREATE); |SESSION/US
|tx_CREATE; |ESSION
|Retry_Counter(Create)=0; |PENDING
|Start.STATE_TIMER(Respons|
|e); |
| |
(rx_CREATE) && |tx_RESPONSE(SUCCESS, |NoNR/Scope-
(CHECK_AA) |Create), |WaitResponse
&& ((CREATE(NoNR?) && |tx_CREATE; |
CHECK_NoNR) || | Start.STATE_TIMER(Respon|
CREATE(Scope?) && |se) |
CHECK_Scope)) | |
------------------------+-------------------------+------------
-------------------
State: NoNR/Scope-WaitResponse
-------------------
Condition Action State
------------------------+-------------------------+------------
(retry_Counter(Create)> |Send info to Appl.; |IDLE
Max_Retry(Create)) || |Stop.STATE_TIMER(Response|
(tg_TEARDOWN)) |); |
| |
rx_RESPONSE(SUCCESS, |Stop.STATE_TIMER(Response|NoNR/Scope
Create) |); |Sessions
|Session.create(); |Established
|PckFilter.create(); |
|Start.STATE_TIMER(Create)|
|; |
|Start.REFRESH_TIMER(Creat|
|eB); |
|retry_counter(Create)=0; |
|Retry_counter(CreateB)=0;|
------------------------+-------------------------+------------
------------------------------
State: NoNR/ScopeSessions Established
------------------------------
Condition Action State
------------------------+-------------------------+------------
(rx_CREATE) && |tx_RESPONSE_SUCCESS(Creat|NoNR/Scope
(CHECK_AA) && |e); |Sessions
[CHECK_LP] && |Start_STATE_TIMER(Create)|Established
(CREATE(LIFETIME?)>0) |; |
| |
(tg_NOTIFY) |tx_NOTIFY |NoNR/Scope
| |Sessions
| |Established
| |
(rx_CREATE) && |tx_RESPONSE(ERROR, |NoNR/Scope
!(CHECK_AA)) |Create); |Sessions
| |Established
| |
(rx_RESPONSE(ERROR, |Stop.STATE_TIMER(Response|NoNR/Scope
Create) || |); |Sessions
TIMOUT.STATE(Response))|retry_counter(Create)++; |Established
| if |
|(retry_counter(Create)<=M|
|ax_Retry(Create)) |
|{Start.STATE_TIMER(Respon|
|se); |
|tx_CREATE;} |
| |
(rx_QDRQ) && (CHECK_AA)|Process QDRQ(); |NoNR/Scope
| tx_RESPONSE (,QDRQ) |Sessions
| |Established
| |
(TIMEOUT.REFRESH(CreateB|retry_counter(CreateB)++;|NoNR/Scope
)) |If |Sessions
|(retry_counter(CreateB)<=|Established
|Max_retries) |
|{tx_CREATE; |
|Start.TIMER_STATE(Respons|
|eB);} |
| |
(tg_TEARDOWN) || |Session.clear(); |IDLE
((rx_CREATE) && |PckFilter.clear(); |
(CREATE(LIFETIME?)==0)) |Stop.STATE_TIMER(Create);|
|| | Stop.REFRESH_TIMER(Creat|
TIMEOUT_STATE(Create) |||eB); |
(retry_counter(CreateB)>|tx_CREATE(LIFETIME=0); |
Max_Retries(CreateB)) ||| |
|| | |
(retry_counter(Create)> | |
Max_Retries(Create)) | |
------------------------+-------------------------+------------
------------------------------
State: WAITRESP1-SESSION/USESSION PENDING
------------------------------
Condition Action State
------------------------+-------------------------+------------
((rx_RESPONSE(success)) |Session.create(); |WAITPKRESP-
&& (CHECK_AA) |Start.STATE_TIMER |SESSION/
|(Response); |USESSION
|tx_RESPONSE; Scheme = 1 |PENDING
| |
(TIMEOUT.STATE(Response)| |IDLE
------------------------+-------------------------+------------
-----------------------------------
State: WAITPKRESP-SESSION/USESSION PENDING
-----------------------------------
Condition Action State
------------------------+-------------------------+------------
((rx_RESPONSE(success)) |pubkey.create(); |WAITRESP-
&& (CHECK_AA) |Start.STATE_TIMER |SESSION/
|(Response); |USESSION
|tx_RESPONSE; |PENDING
| |
(TIMEOUT.STATE(Response)|Session.remove() |IDLE
&& (scheme ==2) | |
------------------------+-------------------------+------------
----------------------------------------
State: WAITRESP-SESSION/USESSION PENDING
----------------------------------------
Condition Action State
------------------------+-------------------------+------------
(TIMEOUT.STATE(Response)|Retry_counter(CREATE)++; |WAITRESP-
|If |SESSION/
|(retry_counter(CREATE)<=M|USESSION
|ax_Retries(CREATE)) |PENDING
|{Start.STATE_TIMER(Respon|
|se); tx_CREATE} |
| |
(rx_RESPONSE(SUCCESS, |Stop.STATE_TIMER(Response|SESSION
CREATE) from NR) |); |ESTA-
&& (CHECK_AA) |Session.create(); |BLISHED
|PckFilter.create(); |
|Start.REFRESH_TIMER(Creat|
|e); |
|tx_RESPONSE(SUCCESS, |
|Create); |
| |
(TIMEOUT.STATE(Response)|Pubkey.remove() |WAITPKRESP
| |-SESSION/
| |USESSION
| |PENDING
| |
(rx_RESPONSE(ERROR, |Stop.STATE_TIMER(Response|IDLE
Create) || |); |
if(Retry_counter)>Max_R|Send info to appl. |
etries(CREATE) | |
| |
(rx_RESPONSE(SUCCESS, |Stop.STATE_TIMER(Response|SESSION
Create) from NI) |); |ESTA-
&& (CHECK_AA) |Session.create(); |BLISHED
|PckFilter.create(); |
|Start.STATE_TIMER(Create)|
|; |
|tx_RESPONSE(SUCCESS, |
|Create); |
------------------------+-------------------------+----------
--------------------------
State: SESSION ESTABLISHED
--------------------------
Condition Action State
------------------------+-------------------------+------------
(rx_RESPONSE (,QDRQ)) &&|tx_RESPONSE(.QDRQ) |SESSION
(CHECK_AA) | |ESTABLISHED
| |
(tg_NOTIFY) |tx_NOTIFY |SESSION
| |ESTABLISHED
| |
(rx_NOTIFY) && |Process Event(), |SESSION
(CHECK_AA) |tx_NOTIFY |ESTABLISHED
| |
(rx_CREATE) && |tx_RESPONSE(ERROR, |SESSION
!(CHECK_AA) |Create); |ESTABLISHED
| |
(rx_TRIGGER) && |tx_TRIGGER |SESSION
(Check_AA) && | |ESTABLISHED
(!IS_EDGE) | |
| |
(rx_RESPONSE(SUCCESS, |Start.STATE_TIMER(Create)|SESSION
Create)) |; tx_RESPONSE(SUCCESS, |ESTABLISHED
|Create); |
|Stop.STATE_TIMER(Response|
|); |
|retry_counter(Create)=0; |
| |
(rx_QDRQ) && (CHECK_AA)|Process QDRQ(); tx_QDRQ |SESSION
| |ESTABLISHED
| |
TIMEOUT.STATE(Response) |Stop.STATE_TIMER(Response|SESSION
|); |ESTABLISHED
|retry_counter(Create)++; |
|If |
|(retry_counter(Create)<=M|
|ax_Retries(Create)) |
|{Start.STATE_TIMER(Respon|
|se); tx_CREATE;} |
| |
(TIMEOUT.REFRESH |Start.STATE_TIMER(Respons|SESSION
(Create)) |e); |ESTABLISHED
|tx_CREATE; |
| |
(rx_CREATE) && |tx_CREATE |SESSION
(CHECK_AA) && | |ESTABLISHED
(CREATE(LIFETIME?)>0) | |
| |
(TIMEOUT.STATE (Create) |Stop.REFRESH_TIMER(Create|IDLE
|| (tg_TEARDOWN) || |); |
(retry_counter(Create)> |Session.clear(); |
Max_Retries(Create) || |PckFilter.clear(); |
rx_RESPONSE(ERROR, |Send info to Appl.; |
Create)) | |
------------------------+-------------------------+------------
7.2 State machine for NAT/FW NAT NF
-------------------
State: Initialize
-------------------
Condition Action State Condition Action State
------------------------+-------------------------+------------ ----------------------------+-----------------------------+----------
UCT | |IDLE UCT |Initialize variables | IDLE
------------------------+-------------------------+------------ ----------------------------+-----------------------------+----------
------------------- -----------
State: IDLE State: IDLE
------------------- Entry: DeleteSession();
Exit : CreateSession();
Condition Action State -----------
------------------------+-------------------------+------------
rx_REA && (CHECK_AA) |tx_RESPONSE(ERROR, REA) |IDLE
&& (IS_PUBLICSIDE) | "No reservation made" |
| |
rx_REA&& (IS_PUBLICSIDE)|tx_RESPONSE(ERROR, REA) |IDLE
| "Rea on public side" |
| |
rx_REA && (CHECK_AA) |Binding_create(); |REA
&& (I _EDGE) && | Start.STATE_TIMER(Rea);|
(!IS_ UBLICSIDE) | Start.REFRESH_TIMER(Create);
| tx_RESPONSE(SUCCESS, Rea);
| |
| Start.STATE_TIMER(Response);
| tx_CREATE |
| |
| |
rx_UCREATE && (CHECK_AA)|tx_RESPONSE(SUCCESS,UCREA|WAITRESP-
|TE);tx_CREATE; | SESSION/
| Retry_counter(Create)=0| USESSION
| Start.STATE_TIMER(Respo| PENDING
| nse) |
| |
rx_REA && (CHECK_AA) |Binding_create(); |Non-edge
&&(!IS_EDGE) && | PckFilter.create(); | NAT Binding
(!IS_PUBLICSIDE) | Start.STATE_TIMER(Rea);|
| tx_REA; |
| |
(rx_CREATE(sid) |Start.STATE_TIMER(Respons|WAITRESP-
&& (CHECK_AA) |e); tx_CREATE(); scheme=1| SESESION
&& (!US_PUBLICSIDE)) | |
| |
(rx_CREATE(sid,sig, |Start.STATE_TIMER(Respons|WAITRESP-
pubkey)) && (CHECK_AA) |e); tx_CREATE(); scheme=2| SESSION/
&& (!US_PUBLICSIDE)) | | USESSION
| | PENDING
------------------------+-------------------------+------------
-------------------
State: REA
-------------------
Condition Action State
------------------------+-------------------------+------------
TIMEOUT.STATE(Create) |Start.STATE_TIMER(Rea); |REA
| Start.STATE_TIMER(Respo|
| nse); tx_CREATE; |
| Retry_Counter(Create)=0|
| |
rx_QDRQ && (CHECK_AA) |tx_RESPONSE(QDRQ) |
| |
rg_Notify |tx_Notify |
| |
TIMEOUT.STATE(Response) |Stop.STATE_TIMER(Response)|REA
| Retry_Counter(Create)++;|
| If(Retry_Counter(Create)|
| <=Max_Retry(Create)) { |
| tx_CREATE; |
| Start.STATE_TIMER(Respon|
| se); } |
| |
rx_RESPONSE(from NI) && |Start.STATE_TIMER(Respons|WAITRESP-
(CHECK_AA) | e); Stop.REFRESH_TIMER | REA+NI-
| (Create); tx_CREATE; | SESSION
| | PENDING
| |
rx_RESPONSE(SUCCESS, |Stop.STATE_TIMER(Response);|REA
Create) |Start.REFRESH_TIMER(Create)|
| |
TIMEOUT.STATE(Rea) |Binding.clear(); |IDLE
------------------------+-------------------------+------------
-------------------
State: WAITRESP-REA+NI-SESSION PENDING
-------------------
Condition Action State
------------------------+-------------------------+------------
rx_RESPONSE(ERROR, | |REA
Create)||TIMEOUT.STATE| |
(Response) | |
| |
rx_RESPONSE(SUCCESS, |Stop.STATE_TIMER |
Create) | (Response); |
| Session.clear(); |
| Session.create(); |
| PckFilter.create(); |
| Start_STATE_TIMER |
| (Create); |
| tx_REPONSE(SUCCESS, |
| Create); |
------------------------+-------------------------+------------
-------------------
State: WAITRESP1-SESSION/USESSION PENDING
-------------------
Condition Action State Condition Action State
------------------------+-------------------------+------------ ----------------------------+-----------------------------+----------
TIMEOUT.STATE(Response)| |IDLE (rx_REA) && (IS_PUBLICSIDE) |tx_RESPONSE(ERROR, REA); | IDLE
| | | |
((rx_RESPONSE(success)) |Session.create(); |WAITPKRESP- (rx_CREATE) && |tx_CREATE(); | CREATE_
&& (CHECK_AA) |Start.STATE_TIMER |SESSION/ (CREATE(Lifetime) > 0) | | WAITRESP
|(Response); |USESSION | |
|tx_RESPONSE; Scheme = 1 |PENDING ((rx_REA) && (!IS_EDGE) |tx_REA(); | NONEDGE_
------------------------+-------------------------+------------ && (!IS_PUBLICSIDE)) | | REA
-------------------------- | |
State: WAITPKRESP-SESSION/USESSION PENDING ((rx_REA) && (IS_EDGE) |tx_RESPONSE(SUCCESS,REA); | EDGE_REA
-------------------------- && (!IS_PUBLICSIDE)) |tx_CREATE; |
|if(proxy_object) then |
| (tg_CREATE_PROXY);|
----------------------------+-----------------------------+----------
Condition Action State -----------
------------------------+-------------------------+------------ State: CREATE_WAITRESP
(TIMEOUT.STATE(Response)|Session.remove() |IDLE Entry: StartTimer(STATE);
&& (scheme ==2)) | | Exit : StopTimer(STATE);
| | -----------
((rx_RESPONSE(success)) |pubkey.create(); |WAITRESP-
&& (CHECK_AA) |Start.STATE_TIMER |SESSION/
|(Response); |USESSION
|tx_RESPONSE; |PENDING
| |
(TIMEOUT.STATE(Response)| Session.remove() |WAITRESP1-
&& (scheme ==1) | |SESSION/
| |USESSION
| |PENDING
------------------------+-------------------------+------------
-------------------------- Condition Action State
State: WAITRESP-SESSION/USESSION PENDING ----------------------------+-----------------------------+----------
-------------------------- rx_RESPONSE(ERROR,CREATE) |tx_RESPONSE(ERROR,CREATE); | IDLE
Condition Action State |ReportAsyncEvent(); |
------------------------+-------------------------+------------ | |
(rx_RESPONSE(ERROR, |Stop.STATE_TIMER(Response|IDLE STATE_TIMEOUT |tx_RESPONSE(ERROR,CREATE); | IDLE
Create) || |); | |ReportAsyncEvent(); |
| | | |
(TIMEOUT.STATE(Response)|Pubkey.remove() |WAITPKRESP- (rx_CREATE) && |tx_CREATE(Lifetime=0); | IDLE
| |SESSION/ (CREATE(Lifetime) == 0) | |
| |USESSION | |
| |PENDING rx_RESPONSE(SUCCESS,CREATE) |tx_RESPONSE(SUCCESS,CREATE); | SESSION
| | ----------------------------+-----------------------------+----------
(rx_RESPONSE(SUCCESS, |Stop.STATE_TIMER(Response|SESSION -----------
CREATE) from NR) |); |ESTA- State: NONEDGE_REA
&& (CHECK_AA) |Session.create(); |BLISHED Entry: StartTimer(REA);
|PckFilter.create(); | CreateReservations();
|Start.REFRESH_TIMER(Creat| Exit : StopTimer(REA);
|e); | DeleteReservations();
|tx_RESPONSE(SUCCESS, | -----------
|Create); |
------------------------+-------------------------+------------
--------------------------
State: Non-edge NAT Binding
--------------------------
Condition Action State Condition Action State
------------------------+-------------------------+------------ ----------------------------+-----------------------------+----------
(TIMEOUT.STATE (Rea) || |Binding.clear(); |IDLE (rx_REA) && |StopTimer(REA); | NONEDGE_
rx_RESPONSE(ERROR, |PckFilter.clear(); | (REA(Lifetime) > 0) |StartTimer(REA); | REA
Rea)) | | |tx_REA(); |
| | | |
(rx_RESPONSE (,QDRQ)) &&|tx_RESPONSE(,QDRQ); |Non-edge rx_RESPONSE(ERROR, REA) |tx_RESPONSE(ERROR,REA); | IDLE
(CHECK_AA) | |NAT Binding |ReportAsyncEvent(); |
| | | |
(rx_QDRQ) && (CHECK_AA) |Process QDRQ(); tx_QDRQ;|Non-edge (rx_REA) && |tx_REA(Lifetime=0); | IDLE
| |NAT Binding (REA(Lifetime) == 0) |ReportAsyncEvent(); |
| | | |
(rx_TRIGGER) && |PckFilter.update(); |Non-edge REA_TIMEOUT |ReportAsyncEvent(); | IDLE
(CHECK_AA) |Start.STATE_TIMER(Rea); |NAT Binding ----------------------------+-----------------------------+----------
|tx_TRIGGER; | -----------
| | State: EDGE_REA
(rx_CREATE) && |Stop.STATE_TIMER(Rea); |WAITRESP- Entry: StartTimer(REA);
(CHECK_AA) |Start.STATE_TIMER |SESSION/ CreateReservations();
|(Response); |USESSION Exit : StopTimer(REA);
|tx_CREATE; |PENDING DeleteReservations();
------------------------+-------------------------+------------ -----------
-------------------------- Condition Action State
State: SESSION ESTABLISHED ----------------------------+-----------------------------+----------
-------------------------- (rx_REA) && |StopTimer(REA); | NONEDGE_
(REA(Lifetime) > 0) |StartTimer(REA); | REA
|tx_REA(); |
| |
rx_RESPONSE(ERROR, REA) |tx_RESPONSE(ERROR,REA); | IDLE
|ReportAsyncEvent(); |
|if(proxy_mode) then |
| (tg_TEARDOWN_PROXY);|
| |
(rx_REA) && |tx_REA(Lifetime=0); | IDLE
(REA(Lifetime) == 0) |ReportAsyncEvent(); |
|if(proxy_mode) then |
| (tg_TEARDOWN_PROXY);|
| |
REA_TIMEOUT |ReportAsyncEvent(); | IDLE
|if(proxy_mode) then |
| (tg_TEARDOWN_PROXY);|
----------------------------+-----------------------------+----------
-----------
State: SESSION
Entry: StartTimer(CREATE)
CreatePinhole();
CreateBinding();
Exit : StopTimer(RESPONSE);
StopTimer(CREATE);
DeletePinhole();
DeleteBinding();
-----------
Condition Action State Condition Action State
------------------------+-------------------------+------------ ----------------------------+-----------------------------+----------
(TIMEOUT.STATE (Create) |Stop.REFRESH_TIMER(Create|IDLE RESPONSE_TIMEOUT |StopTimer(RESPONSE); | SESSION
|| (tg_TEARDOWN) || |); | |tx_RESPONSE(ERROR,CREATE); |
(retry_counter(Create)> |Session.clear(); | | |
Max_Retries(Create) || |PckFilter.clear(); | (rx_CREATE) && |StopTimer(CREATE); | SESSION
rx_RESPONSE(ERROR, |Send info to Appl.; | (CREATE(Lifetime) > 0) |StartTimer(RESPONSE); |
Create)) | | |tx_CREATE(); |
| | | |
((rx_CREATE) && |tx_CREATE(LIFETIME=0); |IDLE rx_RESPONSE(SUCCESS,CREATE) |StopTimer(RESPONSE); | SESSION
(CHECK_AA) && |Session.clear(); | |StartTimer(CREATE); |
(CREATE(LIFETIME)==0)) |PckFilter.clear();?Stop.S| |tx_RESPONSE(SUCCESS,CREATE); |
|TATE_TIMER(Create); | | |
|Stop.REFRESH_TIMER(Create| CREATE_TIMEOUT |ReportAsyncEvent(); | IDLE
|); | | |
|Stop.STATE_TIMER(Response| (rx_CREATE) && |tx_CREATE(Lifetime=0); | IDLE
|); | (CREATE(Lifetime) == 0) | |
| | ----------------------------+-----------------------------+----------
(rx_TRIGGER) && |PckFilter.update(); |SESSION
(!IS_EDGE) && |tx_TRIGGER; |ESTABLISHED
(CHECK_AA) | |
| |
(rx_QDRQ) && (CHECK_AA)|Process QDRQ(); tx_QDRQ;|SESSION
| |ESTABLISHED
| |
(tg_NOTIFY) |tx_NOTIFY; |SESSION
| |ESTABLISHED
| |
(rx_CREATE) && |tx_RESPONSE(ERROR, |SESSION
!(CHECK_AA) |Create); |ESTABLISHED
| |
rx_RESPONSE(ERROR, |tx_RESPONSE(ERROR, |SESSION
Create) |Create); |ESTABLISHED
| |
(rx_RESPONSE(SUCCESS, |Start.STATE_TIMER(Create)|SESSION
Create)) |; tx_RESPONSE(SUCCESS, |ESTABLISHED
|Create); |
|Stop.STATE_TIMER(Response|
|); |
|retry_counter(Create)=0; |
| |
rx_RESPONSE(SUCCESS, |Start.STATE_TIMER(Create)|SESSION
Create) |; tx_RESPONSE(SUCCESS, |ESTABLISHED
|Create); |
| |
TIMEOUT.STATE(Response) |Stop.STATE_TIMER(Response|SESSION
|); |ESTABLISHED
|retry_counter(Create)++; |
|If |
|(retry_counter(Create)<=M|
|ax_Retries(Create)) |
|{Start.STATE_TIMER(Respon|
|se); tx_CREATE;} |
| |
rx_CREATE) && |PckFilter.update(): |SESSION
CREATE(LIFETIME?)>0) &&|tx_CREATE; |ESTABLISHED
CHECK_AA) | |
| |
(rx_NOTIFY) && |Process |SESSION
(CHECK_AA) |Event(); tx_NOTIFY; |ESTABLISHED
| |
(rx_RESPONSE (QDRQ)) && |tx_RESPONSE (QDRQ); |SESSION
(CHECK_AA) | |ESTABLISHED
------------------------+-------------------------+------------
8. State machine for the NAT/FW NR 8. State machine for the NAT/FW NR
This section presents the state machines for the NSIS responder which This section presents the state machines for the NSIS responder which
is capable of NSLP NAT/FW signaling is capable of NSLP NAT/FW signaling.
----------- -----------
State: INITIALIZE State: INITIALIZE
----------- -----------
Condition Action State Note Condition Action State
------------------------+-------------------------+-----------+--- ----------------------------+-----------------------------+----------
UCT |Initialize variables | IDLE |* UCT |Initialize variables | IDLE
------------------------+-------------------------+-----------+--- ----------------------------+-----------------------------+----------
NOTE:
* - Application triggered for forking process
----------- -----------
State: IDLE State: IDLE
Entry: DeleteSession();
Exit : CreateSession();
----------- -----------
Condition Action State Note Condition Action State
------------------------+-------------------------+-----------+--- ----------------------------+-----------------------------+----------
((rx_CREATE(sid)) && |Start.STATE_TIMER |WAITRESP1- | (rx_CREATE) && !(CHECK_AA())|tx_RESPONSE(ERROR,CREATE); | IDLE
(CHECK_AA) && | (Response);| SESSION/ | | |
(!IS_PUBLICSIDE)) |tx_CREATE; |USESSION | tg_REA |tx_REA(); | REA_
| |PENDING | | | WAITRESP
| | | | |
(rx_CREATE)&&!(CHECK_AA)|tx_RESPONSE(ERROR, |IDLE | (rx_CREATE) && |tx_RESPONSE(SUCCESS,CREATE); | SESSION
| Create);| | (CREATE(Lifetime) > 0) | |
| | | ----------------------------+-----------------------------+----------
(tg_UCREATE) |(tx_UCREATE); |WAITRESP - |
|retry_counter(UCREATE)=0;| UCREATE/|
|Start.STATE_TIMER |REA PENDING|
| (Response);| |
| | |
(tg_REA) |tx_REA; |WAITRESP - |
|retry_counter(REA)=0; | UCREATE/|
|Start.STATE_TIMER |REA PENDING|
| (Response);| |
------------------------+-------------------------+-----------+
-----------
State: WAITRESP -UCREATE/REA PENDING
-----------
Condition Action State Note
------------------------+-------------------------+-----------+---
(Retry_counter(REA)> |Send info to Appl.; | IDLE |
Max_Retries(REA)) ||| | |
try_counter(UCREATE)> | | |
Max_Retries(UCREATE)) ||| | |
rx_RESPONSE | | |
(ERROR, UCREATE)) ||| | |
rx_RESPONSE(ERROR, Rea))| | |
| | |
TIMEOUT.STATE(Response))|Retry_counter |WAITRESP - |
| (REA/UCREATE)++;| UCREATE/|
|If (retry_counter |REA PENDING|
| (REA/UCREATE)<=| |
|Max_Retry(REA/UCREATE)) | |
|{Start.STATE_TIMER | |
| (Response);| |
|tx_REA/tx_UCREATE} | |
| | |
(rx_RESPONSE |Stop.STATE_TIMER |TRIGGERED |
(SUCCESS, REA)) ||| (Response);|CREATE/ |
(rx_RESPONSE |Start.STATE_TIMER | UCREATE|
(SUCCESS, UCREATE))| (CREATE);|PENDING |
------------------------+-------------------------+-----------+
-----------
State: TRIGGERED CREATE/UCREATE PENDING
-----------
Condition Action State Note
------------------------+-------------------------+-----------+---
(Retry_counter(Create)> | Send info to appl.; | IDLE |
Max_Retries(Create)| | |
| | |
(rx_CREATE)&& (CHECK_AA)|tx_RESPONSE |SESSION |
| (SUCCESS, Create);|ESTABLISHED|
|Stop.STATE_TIMER(CREATE);| |
|Session.create(); | |
|PckFilter.create(); | |
|Send Info to Appl. |WAITRESP - |
|((Start.REFRESH_TIMER | REATE/|
| (UCreate);|REA PENDING|
|retry_counter | |
| (UCreate)=0;))| |
| | |
(TIMEOUT.STATE(CREATE) |Retry_counter(CREATE)++; |TRIGGERED |
|If (retry_counter(CREATE)|CREATE/ |
| <=Max_Retries(CREATE))| UCREATE|
|{Start.STATE_TIMER |PENDING |
| (CREATE)}| |
------------------------+-------------------------+-----------+
----------- -----------
State: SESSION ESTABLISHED State: REA_WAITRESP
Entry: ResetCounter(REA);
StartTimer(RESPONSE);
Exit : StopTimer(RESPONSE);
----------- -----------
Condition Action State Note Condition Action State
------------------------+-------------------------+-----------+--- ----------------------------+-----------------------------+----------
(tg_NOTIFY) |tx_NOTIFY; |SESSION | RESPONSE_TIMEOUT && |counter(REA)++; | REA_
| |ESTABLISHED| (counter(REA) < |StartTimer(RESPONSE); | WAITRESP
| | | counterLimit(REA)) |tx_REA(); |
(rx_NOTIFY) &&(CHECK_AA)|Process Event(); |SESSION | | |
| |ESTABLISHED| rx_RESPONSE(SUCCESS,REA) |ReportAsyncEvent(); | REA
| | | | |
(rx_QDRQ) && (CHECK_AA) |Process QDRQ(); |SESSION | RESPONSE_TIMEOUT && |ReportAsyncEvent(); | IDLE
|tx_RESPONSE |ESTABLISHED| (counter(REA) == | |
| (SUCCESS,Query);| | counterLimit(REA)) | |
| | | | |
(rx_RESPONSE |Start.REFRESH_TIMER |SESSION | rx_RESPONSE(ERROR,REA) |ReportAsyncEvent(); | IDLE
(SUCCESS,UCreate))| (Create);|ESTABLISHED| | |
|Stop.STATE_TIMER | | tg_TEARDOWN |tx_REA(Lifetime=0); | IDLE
| (Response);| | ----------------------------+-----------------------------+----------
|retry_counter(UCreate)=0;| |
| | |
(TIMEOUT.REFRESH |Start.STATE_TIMER |SESSION |
(UCreate))| (Response);|ESTABLISHED|
|tx_UCREATE; | |
| | |
| | |
(rx_CREATE) && |tx_RESPONSE(SUCCESS, |SESSION |
(CREATE(LIFETIME)>0)| Create);|ESTABLISHED|
&& (CHECK_AA) |Start.STATE_TIMER | |
| (Create);| |
| | |
TIMEOUT.STATE(Response) |Stop.STATE_TIMER |SESSION |
|| rx_RESPONSE(ERROR, | (Response);|ESTABLISHED|
UCreate))|retry_counter(UCreate)++;| |
|If(retry_counter(UCreate)| |
| <=Max_Retries(UCreate))| |
|{Start.STATE_TIMER | |
| (Response);| |
|tx_UCREATE;} | |
| | |
(rx_CREATE)&&!(CHECK_AA)|tx_RESPONSE(ERROR, |SESSION |
| Create);|ESTABLISHED|
| | |
(rx_CREATE) && |Session.clear(); | IDLE |
(CREATE(LIFETIME)==0)|PckFilter.clear(); | |
&& (CHECK_AA)) || |Send Info to Appl.; | |
(TIMEOUT.STATE(Create)) | | |
||(tg_TEARDOWN) || | | |
(retry_counter(UCreate)>| | |
Max_Retries(UCreate) | | |
------------------------+-------------------------+-----------+
----------- -----------
State: WAITPKRESP-SESSION/ USESSION PENDING State: REA
Entry: ResetCounter(REA);
StartTimer(REFRESH);
Exit : StopTimer(RESPONSE);
StopTimer(REFRESH);
----------- -----------
Condition Action State Note Condition Action State
------------------------+-------------------------+-----------+--- ----------------------------+-----------------------------+----------
(rx_CREATE) &&(CHECK_AA)|tx_RESPONSE(SUCCESS, |SESSION | RESPONSE_TIMEOUT && |counter(REA)++; | REA
| Create);|ESTABLISHED| (counter(REA) < |StartTimer(RESPONSE); |
|Start.STATE_TIMER | | counterLimit(REA)) |tx_REA(); |
| (Create);| | | |
|Session.create(); | | rx_RESPONSE(SUCCESS,REA) |StartTimer(REFRESH); | REA
|PckFilter.create(); | | |StopTimer(RESPONSE); |
|Send Info to Appl. | | |ResetCounter(REA); |
| | | | |
(TIMEOUT.STATE(Response)|Session.remove() |WAITRESP1- | REFRESH_TIMEOUT |tx_REA(); | REA
&& (scheme ==1)| | SESSION/| |StartTimer(RESPONSE); |
| |USESSION | | |
| |PENDING | RESPONSE_TIMEOUT && |ReportAsyncEvent(); | IDLE
| | | (counter(REA) == | |
(TIMEOUT.STATE(Response)|Session.remove() | IDLE | counterLimit(REA)) | |
&& (scheme ==2)| | | | |
------------------------+-------------------------+-----------+ rx_RESPONSE(ERROR,REA) |ReportAsyncEvent(); | IDLE
| |
tg_TEARDOWN |tx_REA(Lifetime=0); | IDLE
----------------------------+-----------------------------+----------
----------- -----------
State: WAITRESP1-SESSION/ USESSION PENDING State: SESSION
Entry: StartTimer(STATE);
Exit : StopTimer(STATE);
----------- -----------
Condition Action State Note Condition Action State
------------------------+-------------------------+-----------+--- ----------------------------+-----------------------------+----------
((rx_RESPONSE(success)) |Session.create(); |WAITPKRESP-| (rx_CREATE) && |tx_RESPONSE(SUCCESS,CREATE); | SESSION
&& (CHECK_AA)|Start.STATE_TIMER | SESSION/| (CREATE(LIFETIME) > 0) |StopTimer(STATE); |
| (Response);|USESSION | |StartTimer(STATE); |
|tx_RESPONSE; Scheme = 1;|PENDING | | |
| | | tg_TEARDOWN |tx_CREATE(LIFETIME=0); | IDLE
(TIMEOUT.STATE(Response)| | IDLE | | |
------------------------+-------------------------+-----------+ (rx_CREATE) && |ReportAsyncEvent(); | IDLE
(CREATE(LIFETIME) == 0) | |
| |
STATE_TIMEOUT |ReportAsyncEvent(); | IDLE
----------------------------+-----------------------------+----------
9. Security Considerations 9. Security Considerations
This document does not raise new security considerations. Any This document does not raise new security considerations. Any
security concerns with the NAT/FW NSLP are likely reflected in security concerns with the NAT/FW NSLP are likely reflected in
security related NSIS work already (such as [1] or [6]). security related NSIS work already (such as [1] or [6]).
For the time being, the state machines described in this document do For the time being, the state machines described in this document do
not consider the security aspect of NAT/FW NSLP protocol itself. A not consider the security aspect of NAT/FW NSLP protocol itself. A
future version of this document will add security relevant states and future version of this document will add security relevant states and
state transitions. state transitions.
10. Open Issues 10. Open Issues
Since 00 version, we added session ownership and UCREATE and some Since 01 version, we removed session ownership, change procedure-
clarifications according to the specification evolution. Route names and added some clarifications according to the specification
change handling and Nonce object, as well as the open issues in [1] evolution. Route change and the open issues in [1] will be added in
will be added in future versions of this document. future versions of this document.
11. Acknowledgments 11. Contributors
Tseno Tsenov contributed since the initial version and Henning Peters
collaborated to refining of the state machine since 01 version.
12. Acknowledgments
The authors would like to thank Martin Stiemerling for his valuable The authors would like to thank Martin Stiemerling for his valuable
comments and discussions. comments and discussions.
12. References 13. References
12.1 Normative References 13.1. Normative References
[1] Stiemerling, M., "NAT/Firewall NSIS Signaling Layer Protocol [1] Stiemerling, M., "NAT/Firewall NSIS Signaling Layer Protocol
(NSLP)", draft-ietf-nsis-nslp-natfw-07 (work in progress), (NSLP)", draft-ietf-nsis-nslp-natfw-09 (work in progress),
July 2005. February 2006.
[2] Bradner, S., "Key words for use in RFCs to Indicate Requirement [2] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", RFC 2119, March 1997. Levels", March 1997.
12.2 Informative References 13.2. Informative References
[3] Fajardo, V., "State Machines for Protocol for Carrying [3] Fajardo, V., "State Machines for Protocol for Carrying
Authentication for Network Access (PANA)", Authentication for Network Access (PANA)",
draft-ietf-pana-statemachine-01 (work in progress), July 2005. draft-ietf-pana-statemachine-03 (work in progress),
October 2005.
[4] Vollbrecht, J., Eronen, P., Petroni, N., and Y. Ohba, "State [4] Vollbrecht, J., Eronen, P., Petroni, N., and Y. Ohba, "State
Machines for Extensible Authentication Protocol (EAP) Peer and Machines for Extensible Authentication Protocol (EAP) Peer and
Authenticator", draft-ietf-eap-statemachine-06 (work in Authenticator", draft-ietf-eap-statemachine-06 (work in
progress), December 2004. progress), December 2004.
[5] Institute of Electrical and Electronics Engineers, "DRAFT [5] Institute of Electrical and Electronics Engineers, "DRAFT
Standard for Local and Metropolitan Area Networks: Port-Based Standard for Local and Metropolitan Area Networks: Port-Based
Network Access Control (Revision)", IEEE 802-1X-REV/D9, Network Access Control (Revision)", IEEE 802-1X-REV/D9,
January 2004. January 2004.
[6] Tschofenig, H. and D. Kroeselberg, "Security Threats for NSIS", [6] Tschofenig, H. and D. Kroeselberg, "Security Threats for NSIS",
RFC 4081, June 2005. draft-ietf-nsis-threats-06 (work in progress), October 2004.
Authors' Addresses Authors' Addresses
Constantin Werner Constantin Werner
University of Goettingen University of Goettingen
Telematics Group Telematics Group
Lotzestr. 16-18 Lotzestr. 16-18
Goettingen 37083 Goettingen 37083
Germany Germany
Email: werner@cs.uni-goettingen.de Email: werner@cs.uni-goettingen.de
Xiaoming Fu Xiaoming Fu (editor)
University of Goettingen University of Goettingen
Telematics Group Telematics Group
Lotzestr. 16-18 Lotzestr. 16-18
Goettingen 37083 Goettingen 37083
Germany Germany
Email: fu@cs.uni-goettingen.de Email: fu@cs.uni-goettingen.de
Hannes Tschofenig Hannes Tschofenig
Siemens Siemens
Otto-Hahn-Ring 6 Otto-Hahn-Ring 6
Munich, Bayern 81739 Munich, Bayern 81739
Germany Germany
Email: Hannes.Tschofenig@siemens.com Email: Hannes.Tschofenig@siemens.com
T. Tsenov
Siemens
Otto-Hahn-Ring 6
Munich, Bayern 81739
Germany
Email: tseno.tsenov@mytum.de
Cedric Aoun Cedric Aoun
Nortel Networks/ENST Paris Ecole Nationale Superieure des Telecommunications
Paris
France
Email: cedric@caoun.net
Email: cedric.aoun@nortelnetworks.com
Niklas Steinleitner Niklas Steinleitner
University of Goettingen University of Goettingen
Telematics Group Telematics Group
Lotzestr. 16-18 Lotzestr. 16-18
Goettingen 37083 Goettingen 37083
Germany Germany
Email: nsteinleitner@cs.uni-goettingen.de Email: steinleitner@cs.uni-goettingen.de
Intellectual Property Statement Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be on the procedures with respect to rights in RFC documents can be
skipping to change at page 37, line 41 skipping to change at page 21, line 41
This document and the information contained herein are provided on an This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Copyright Statement Copyright Statement
Copyright (C) The Internet Society (2005). This document is subject Copyright (C) The Internet Society (2006). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights. except as set forth therein, the authors retain all their rights.
Acknowledgment Acknowledgment
Funding for the RFC Editor function is currently provided by the Funding for the RFC Editor function is currently provided by the
Internet Society. Internet Society.
 End of changes. 80 change blocks. 
989 lines changed or deleted 388 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/