idnits 2.17.1 

draft-calhoun-diameter-res-mgmt-02.txt:

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

  ** Cannot find the required boilerplate sections (Copyright, IPR, etc.) in
     this document.

     Expected boilerplate is as follows today (2024-04-26) according to
     https://trustee.ietf.org/license-info :

     IETF Trust Legal Provisions of 28-dec-2009, Section 6.a:
        This Internet-Draft is submitted in full conformance with the provisions
        of BCP 78 and BCP 79.

     IETF Trust Legal Provisions of 28-dec-2009, Section 6.b(i), paragraph 2:
        Copyright (c) 2024 IETF Trust and the persons identified as the document
        authors.  All rights reserved.

     IETF Trust Legal Provisions of 28-dec-2009, Section 6.b(i), paragraph 3:
        This document is subject to BCP 78 and the IETF Trust's Legal Provisions
        Relating to IETF Documents
        (https://trustee.ietf.org/license-info) in effect on the date of
        publication of this document.  Please review these documents
        carefully, as they describe your rights and restrictions with
        respect to this document.  Code Components extracted from this
        document must include Simplified BSD License text as described in
        Section 4.e of the Trust Legal Provisions and are provided
        without warranty as described in the Simplified BSD License.


  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

  ** Missing expiration date.  The document expiration date should appear on
     the first and last page.

  ** The document seems to lack a 1id_guidelines paragraph about
     Internet-Drafts being working documents. 

  ** The document seems to lack a 1id_guidelines paragraph about 6 months
     document validity -- however, there's a paragraph with a matching
     beginning. Boilerplate error?

  ** The document seems to lack a 1id_guidelines paragraph about the list of
     current Internet-Drafts. 

  ** The document seems to lack a 1id_guidelines paragraph about the list of
     Shadow Directories. 

  == The page length should not exceed 58 lines per page, but there was 16
     longer pages, the longest (page 2) being 60 lines

  == It seems as if not all pages are separated by form feeds - found 0 form
     feeds but 17 pages


  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

  ** The document seems to lack a Security Considerations section.

  ** The document seems to lack an IANA Considerations section.  (See Section
     2.2 of https://www.ietf.org/id-info/checklist for how to handle the case
     when there are no actions for IANA.)

  ** The document seems to lack separate sections for Informative/Normative
     References.  All references will be assumed normative when checking for
     downward references.

  ** There are 4 instances of too long lines in the document, the longest one
     being 6 characters in excess of 72.

  ** The document seems to lack a both a reference to RFC 2119 and the
     recommended RFC 2119 boilerplate, even if it appears to use RFC 2119
     keywords. 

     RFC 2119 keyword, line 117: '...   MUST      This word, or the adjecti...'
     RFC 2119 keyword, line 121: '...   MUST NOT  This phrase means that th...'
     RFC 2119 keyword, line 124: '...   SHOULD    This word, or the adjecti...'
     RFC 2119 keyword, line 130: '...   MAY       This word, or the adjecti...'
     RFC 2119 keyword, line 132: '...hich does not include this option MUST...'
     (60 more instances...)


  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  -- The document seems to lack a disclaimer for pre-RFC5378 work, but may
     have content which was first submitted before 10 November 2008.  If you
     have contacted all the original authors and they are all willing to grant
     the BCP78 rights to the IETF Trust, then this is fine, and you can ignore
     this comment.  If not, you may need to add the pre-RFC5378 disclaimer. 
     (See the Legal Provisions document at
     https://trustee.ietf.org/license-info for more information.)

  -- Couldn't find a document date in the document -- date freshness check
     skipped.


  Checking references for intended status: Proposed Standard
  ----------------------------------------------------------------------------

     (See RFCs 3967 and 4897 for information about using normative references
     to lower-maturity documents in RFCs)

  == Unused Reference: '3' is defined on line 754, but no explicit reference
     was found in the text

  == Outdated reference: A later version (-18) exists of
     draft-calhoun-diameter-03

  -- Possible downref: Normative reference to a draft: ref. '1' 

  -- No information found for draft-calhoun-diameter-auth - is the name
     correct?

  -- Possible downref: Normative reference to a draft: ref. '2' 

  == Outdated reference: A later version (-09) exists of
     draft-calhoun-diameter-framework-00

  -- Possible downref: Normative reference to a draft: ref. '3' 


     Summary: 11 errors (**), 0 flaws (~~), 5 warnings (==), 6 comments (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.

--------------------------------------------------------------------------------


2	INTERNET DRAFT                                            Pat R. Calhoun
3	Category: Standards Track                         Sun Microsystems, Inc.
4	Title: draft-calhoun-diameter-res-mgmt-02.txt               Nancy Greene
5	Date: July 1998                                                   Nortel

7	                               DIAMETER
8	                     Resource Management Extensions
9	                <draft-calhoun-diameter-res-mgmt-02.txt>

11	Status of this Memo

13	   This document is an Internet-Draft.  Internet-Drafts are working
14	   documents of the Internet Engineering Task Force (IETF), its areas,
15	   and its working groups.  Note that other groups may also distribute
16	   working documents as Internet-Drafts.

18	   Internet-Drafts are draft documents valid for a maximum of six months
19	   and may be updated, replaced, or obsoleted by other documents at any
20	   time.  It is inappropriate to use Internet-Drafts as reference
21	   material or to cite them other than as ``work in progress.''

23	   To learn the current status of any Internet-Draft, please check the
24	   ``1id-abstracts.txt'' listing contained in the Internet-Drafts Shadow
25	   Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe),
26	   munnari.oz.au (Pacific Rim), ftp.ietf.org (US East Coast), or
27	   ftp.isi.edu (US West Coast).

29	Abstract

31	   DIAMETER is a policy protocol used between a client and a server for
32	   authentication, authorization and accounting of various services.
33	   Examples of such services are for dial-up users (ROAMOPS), RSVP
34	   Admission Policies (RAP), FAX Over IP (FAXIP), Voice over IP
35	   (SIPTel), Integrated services, etc.

37	   This document defines a set of commands which allow DIAMETER servers
38	   to maintain session state information. An example of the use of
39	   Resource Management would be to limit the number of sessions for a
40	   given user.

42	Table of Contents

44	      1.0  Introduction
45	      1.1  Specification of Requirements
46	      1.2  Concept of a session
47	      2.0  Command Codes
48	      2.1  Session-Free-Request
49	      2.2  Session-Free-Answer
50	      2.3  Session-Resource-Query
51	      2.4  Session-Resource-Reply
52	      2.5  Resource-Reclaim-Request
53	      2.6  Resource-Reclaim-Answer
54	      3.0  DIAMETER AVPs
55	      3.1  Query-Index
56	      3.2  Resource-Token
57	      4.0  Protocol Definition
58	      4.1  Feature Advertisement/Discovery
59	      4.2  Session Free
60	      4.3  Relinquish Session
61	      4.4  Interaction with Device-Reboot-Indication
62	      4.5  State Resync
63	      5.0  References
64	      6.0  Authors' Addresses

66	1.0  Introduction

68	   Many services requiring Policy Server Support require the server to
69	   maintain session state information. This can only be achieved if the
70	   protocol has built-in mechanism to allow both the client and the
71	   server to resync its state information. A message set is also
72	   required to allow the client to inform the server when a session has
73	   terminated.

75	   An example of such a requirement is in the dial-up PPP world. With
76	   the introduction of flat-rate internet access, there has been a surge
77	   in fraud that allows a user to provide his username/password pair to
78	   other people. The end result is that a single username can have
79	   simultaneous concurrent sessions.

81	   It is desirable for the Policy Server to maintain a list of the
82	   active sessions so it can detect whether a user is attempting
83	   fraudulent activities, and restrict the user to a single login.

85	   Internet Service Providers have had to implement this functionality
86	   using other less-reliable schemes in the past. Unfortunately, those
87	   schemes are known to be problematic and therefore a standard method
88	   of maintaining state information is desired.

90	   The DIAMETER Resource Management extensions are intended to provide
91	   the functionality required to have stateful Policy Servers. This
92	   document does not specify what resources can be managed by a server
93	   since it is service specific, but it does provide the tools required
94	   for the services that require it.

96	   When reading this document the reader should keep in mind that the
97	   authorization of a session by the server is analogous to the
98	   allocation of resources. This document does not deal with the
99	   allocation of any resources and is simply a complement to the service
100	   extension that requires stateful servers.

102	   Message sets and the AVPs used for session setup and resource
103	   allocation vary depending on the type of service a session is being
104	   created for. The general concept of a session is described in this
105	   document, and specific message sets for session setup and resource
106	   allocation are found in other extension documents, for example, in
107	   [2].

109	   The Extension number for this draft is two (2). This value is used in
110	   the Extension-Id AVP as defined in [2].

112	1.1  Specification of Requirements

114	   In this document, several words are used to signify the requirements
115	   of the specification.  These words are often capitalized.

117	   MUST      This word, or the adjective "required", means that the
118	             definition is an absolute requirement of the
119	             specification.

121	   MUST NOT  This phrase means that the definition is an absolute
122	             prohibition of the specification.

124	   SHOULD    This word, or the adjective "recommended", means that
125	             there may exist valid reasons in particular circumstances
126	             to ignore this item, but the full implications must be
127	             understood and carefully weighed before choosing a
128	             different course.

130	   MAY       This word, or the adjective "optional", means that this
131	             item is one of an allowed set of alternatives.  An
132	             implementation which does not include this option MUST
133	             be prepared to interoperate with another implementation
134	             which does include the option.

136	1.2  Concept of a session

138	   A session defines a thread of Diameter messages. All messages related
139	   to a particular session MUST include a Session-Id. (Session-Id is
140	   described in [1]). A session can be established by either a client or
141	   a server. The Session-Id is assigned by the initiator of the session.
142	   Resources can be added to, deleted from, or modified in a session.
143	   How this is done for a particular service is described in the
144	   relevant extensions document. For example, [2] describes session
145	   setup and resource allocation for user authentication and
146	   authorization.

148	   This document describes the more general functions of querying for
149	   information on allocated resources, and freeing a session.

151	2.0  Command Codes

153	   This document defines the following DIAMETER Commands. All DIAMETER
154	   implementations supporting this extension MUST support all of the
155	   following commands:

157	      Command Name          Command Code
158	      -----------------------------------
159	      Session-Free-Request      266
160	      Session-Free-Answer       267
161	      Session-Resource-Query    268
162	      Session-Resource-Reply    269
163	      Resource-Reclaim-Request  270
164	      Resource-Reclaim-Answer   271

166	2.1  Session-Free-Request (SFR)

168	   Description

170	      The Session-Free-Request message is normally sent by a DIAMETER
171	      client to a server, and provides information on specific resources
172	      which have been released.

174	      The Session-Free-Request message MUST include the Host-IP-Address
175	      or the Host-Name as well as the Session-Id AVPs. The Session-Id is
176	      used by the server to identify a specific session that was
177	      previously authorized.

179	      Upon receipt of this message the server MUST free any resources
180	      that were previously allocated to the session during the session
181	      authorization and respond with the Session-Free-Answer.

183	      The Session-Free-Request MAY contain the Result-Code AVP if it is
184	      a result of a Session-Reclaim-Request.

186	   Message Format

188	      <Session-Free-Request>  ::= <DIAMETER Header>
189	                                  <Session-Free-Request Command AVP>
190	                                  <Session-Id AVP>
191	                                  <Timestamp AVP>
192	                                  <Initialization-Vector AVP>
193	                                  {<Integrity-Check-Vector AVP> ||
194	                                   <Digital-Signature AVP }

196	   AVP Format

198	      A summary of the Session-Free-Request packet format is shown
199	      below. The fields are transmitted from left to right.

201	       0                   1                   2                   3
202	       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
203	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
204	       |                           AVP Code                            |
205	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
206	       |          AVP Length           |     Reserved      |U|T|V|E|H|M|
207	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
208	       |                         Command Code                          |
209	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

211	      AVP Code

213	         256     DIAMETER Command

215	      AVP Length

217	         The length of this attribute MUST be 12.

219	      AVP Flags

221	         The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
222	         upon the security model used. The 'V', 'T' and the 'U' bits
223	         MUST NOT be set.

225	      Command Code

227	         The Command Code field MUST be set to 266 (Session-Free-
228	         Request).

230	2.2  Session-Free-Answer (SFA)

232	   Description

234	      The Session-Free-Answer message is sent by the DIAMETER Server to
235	      the client to acknowledge the receipt of the Session-Free-Request
236	      message. The Result-Code AVP, which MUST be present in the
237	      Session-Free-Answer, is used in order to identify whether the
238	      Server was able to free the resources associated with the
239	      Session-Id. The Host-IP-Address or the Host-Name AVP MUST be
240	      present in this message.

242	      The following Error Codes are defined for the Session-Free-Answer
243	      message:

245	         DIAMETER_ERROR_ALREADY_FREE             1
246	            The Session Identifier has already been freed.

248	   Message Format

250	      <Session-Free-Answer>  ::= <DIAMETER Header>
251	                                 <Session-Free-Answer Command AVP>
252	                                 <Result-Code AVP>
253	                                 <Timestamp AVP>
254	                                 <Initialization-Vector AVP>
255	                                 {<Integrity-Check-Vector AVP> ||
256	                                  <Digital-Signature AVP }

258	   AVP Format

260	      A summary of the Session-Free-Answer packet format is shown below.
261	      The fields are transmitted from left to right.

263	       0                   1                   2                   3
264	       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
265	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
266	       |                           AVP Code                            |
267	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
268	       |          AVP Length           |     Reserved      |U|T|V|E|H|M|
269	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
270	       |                         Command Code                          |
271	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

273	      AVP Code

275	         256     DIAMETER Command

277	      AVP Length
278	         The length of this attribute MUST be 12.

280	      AVP Flags

282	         The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
283	         upon the security model used. The 'V', 'T' and the 'U' bits
284	         MUST NOT be set.

286	      Command Code

288	         The Command Code field MUST be set to 267 (Session-Free-
289	         Answer).

291	2.3  Session-Resource-Query (SRQ)

293	   Description

295	      The Session-Resource-Query message is sent by a DIAMETER Server to
296	      a client. This event MAY occur when a Server has lost its state
297	      information and wishes to rebuild the information. However, it is
298	      valid for a server to send a request periodically to clients to
299	      refresh its state information.

301	      The presence of one or more  Session-Id AVP in the Session-
302	      Resource-Query indicates that the server only wants to receive the
303	      Resource-Token for the specified session(s).

305	      The initial Session-Resource-Query message MUST contain the Host-
306	      IP-Address and the Host-Name AVPs and a Query-Index AVP with a
307	      value of zero (see section 4.4 for more info). The Query-Index AVP
308	      is used by the client as a placeholder in subsequent Query-
309	      Resource-Requests in order to identify which Resource-Token to
310	      send to the server.

312	      When the client receives a non-zero Query-Index AVP, it MUST
313	      include Resource-Tokens beginning at the placeholder associated
314	      with the value of the Query-Index AVP.

316	      A non-zero Query-Index AVP is sent to the DIAMETER Server in the
317	      Session-Resource-Query-Reply when the client is unable to include
318	      all of the Resource-Tokens within a single response.

320	      Once a DIAMETER Server has rebooted or lost its state information
321	      for any reason, it is recommended that the Server issue a
322	      Session-Resource-Query and receive a valid response from a
323	      specific client prior to processing any authorization messages
324	      from the client.

326	   Message Format

328	      Session-Resource-Query  ::= <DIAMETER Header>
329	                                  <Session-Resource-Query Command AVP>
330	                                  [<Session-Id AVP #1>]
331	                                  [<Session-Id AVP #2>]
332	                                  [<Session-Id AVP #n>]
333	                                  <Timestamp AVP>
334	                                  <Initialization-Vector AVP>
335	                                  {<Integrity-Check-Vector AVP> ||
336	                                   <Digital-Signature AVP }

338	   AVP Format

340	      A summary of the Session-Resource-Query packet format is shown
341	      below. The fields are transmitted from left to right.

343	       0                   1                   2                   3
344	       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
345	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
346	       |                           AVP Code                            |
347	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
348	       |          AVP Length           |     Reserved      |U|T|V|E|H|M|
349	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
350	       |                         Command Code                          |
351	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

353	      AVP Code

355	         256     DIAMETER Command

357	      AVP Length

359	         The length of this attribute MUST be 12.

361	      AVP Flags

363	         The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
364	         upon the security model used. The 'V', 'T' and the 'U' bits
365	         MUST NOT be set.

367	      Command Code

369	         The Command Code field MUST be set to 268 (Session-Resource-
370	         Query).

372	2.4  Session-Resource-Query-Reply (SRQR)
373	   Description

375	      Upon receipt of a Session-Resource-Query, each client is
376	      responsible to respond with all of the Resource-Tokens for active
377	      sessions that were previously allocated by the requesting server.
378	      The message MUST include the Query-Index, a Result-Code AVP, a
379	      Host-IP-Address or Host-Name AVPs and one or more Resource-Token
380	      AVPs.

382	      Since more than one Resource-Token AVP may be returned within a
383	      Session-Resource-Query-Reply, it is likely that the total packet
384	      length would exceed the interface's MTU. It is required to make
385	      use of the Query-Index AVP in order to request that the server
386	      issue a subsequent Session-Resource-Query. The value of the
387	      Query-Index MUST be duplicated in the subsequent Session-
388	      Resource-Query by the Server in order for the client to know which
389	      Resource-Token to start sending in the following response.

391	      If the client was able to fit all of the Resource-Tokens within
392	      the Session-Resource-Query-Reply it MUST include a Query-Index AVP
393	      with a zero value. A zero Query-Index will inform the Server that
394	      it SHOULD NOT issue another Session-Resource-Query.

396	   Message Format

398	      Session-Resource-Query-Reply  ::= <DIAMETER Header>
399	                                     <Session-Res-Qry-Reply Command AVP>
400	                                     <Result-Code AVP>
401	                                     [<Resource-Token AVP #1>]
402	                                     [<Resource-Token AVP #2>]
403	                                     [<Resource-Token AVP #n>]
404	                                     <Timestamp AVP>
405	                                     <Initialization-Vector AVP>
406	                                     {<Integrity-Check-Vector AVP> ||
407	                                      <Digital-Signature AVP }

409	   AVP Format

411	      A summary of the Session-Resource-Query-Reply packet format is
412	      shown below. The fields are transmitted from left to right.

414	       0                   1                   2                   3
415	       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
416	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
417	       |                           AVP Code                            |
418	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
419	       |          AVP Length           |     Reserved      |U|T|V|E|H|M|
420	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
421	       |                         Command Code                          |
422	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

424	      AVP Code

426	         256     DIAMETER Command

428	      AVP Length

430	         The length of this attribute MUST be 12.

432	      AVP Flags

434	         The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
435	         upon the security model used. The 'V', 'T' and the 'U' bits
436	         MUST NOT be set.

438	      Command Code

440	         The Command Code field MUST be set to 269 (Session-Resource-
441	         Query-Reply).

443	2.5  Session-Reclaim-Request (SRR)

445	   Description

447	      The Session-Reclaim-Request message is sent by the DIAMETER Server
448	      to the client to request that a previously authorized session be
449	      freed immediately. This allows the server to free used resources
450	      on the client without any manual intervention.

452	      The Session-Reclaim-Request message MUST include a Host-IP-Address
453	      and the Host-Name AVP and the Session-Id AVP that was used during
454	      the session's authorization phase.

456	   Message Format

458	      Session-Reclaim-Request ::= <DIAMETER Header>
459	                                  <Session-Reclaim-Request Command AVP>
460	                                  <Session-ID AVP>
461	                                  <Timestamp AVP>
462	                                  <Initialization-Vector AVP>
463	                                  {<Integrity-Check-Vector AVP> ||
464	                                   <Digital-Signature AVP }

466	   AVP Format
467	      A summary of the Session-Reclaim-Request packet format is shown
468	      below. The fields are transmitted from left to right.

470	       0                   1                   2                   3
471	       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
472	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
473	       |                           AVP Code                            |
474	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
475	       |          AVP Length           |     Reserved      |U|T|V|E|H|M|
476	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
477	       |                         Command Code                          |
478	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

480	      AVP Code

482	         256     DIAMETER Command

484	      AVP Length

486	         The length of this attribute MUST be 12.

488	      AVP Flags

490	         The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
491	         upon the security model used. The 'V', 'T' and the 'U' bits
492	         MUST NOT be set.

494	      Command Code

496	         The Command Code field MUST be set to 270 (Session-Reclaim-
497	         Request).

499	2.6  Session-Reclaim-Answer (SRA)

501	   Description

503	      The Session-Reclaim-Answer message is sent by the DIAMETER client
504	      to acknowledge the Session-Reclaim-Request. The Result-Code AVP
505	      indicates wether the request was successfully completed or not.

507	   Message Format

509	      Session-Reclaim-Answer ::= <DIAMETER Header>
510	                                 <Session-Reclaim-Answer Command AVP>
511	                                 <Result-Code AVP>
512	                                 <Timestamp AVP>
513	                                 <Initialization-Vector AVP>
514	                                 {<Integrity-Check-Vector AVP> ||
515	                                  <Digital-Signature AVP }

517	   AVP Format

519	      A summary of the Session-Reclaim-Answer packet format is shown
520	      below. The fields are transmitted from left to right.

522	       0                   1                   2                   3
523	       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
524	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
525	       |                           AVP Code                            |
526	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
527	       |          AVP Length           |     Reserved      |U|T|V|E|H|M|
528	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
529	       |                         Command Code                          |
530	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

532	      AVP Code

534	         256     DIAMETER Command

536	      AVP Length

538	         The length of this attribute MUST be 12.

540	      AVP Flags

542	         The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
543	         upon the security model used. The 'V', 'T' and the 'U' bits
544	         MUST NOT be set.

546	      Command Code

548	         The Command Code field MUST be set to 271 (Session-Reclaim-
549	         Answer).

551	3.0  DIAMETER AVPs

553	   This section will define the mandatory AVPs which MUST be supported
554	   by all DIAMETER implementations supporting this extension. The
555	   following AVPs are defined in this document:

557	      Attribute Name       Attribute Code
558	      -----------------------------------
559	      Query-Index               290
560	      Resource-Token            291

562	3.1  Query-Index

564	   Description

566	      This attribute is used in conjunction with the Resource Query
567	      mechanism and allows the client to exchange resource information
568	      through more than one message exchange.

570	      In the initial Session-Resource-Query, this attribute MUST be
571	      present with a value of zero. Upon receipt of a Session-Resource-
572	      Query-Reply command, the DIAMETER server must check if the
573	      attribute is still set to zero. If the value is a non-zero, the
574	      DIAMETER server MUST return a Session-Resource-Query with a
575	      Query-Index value equal to the value which was set in the
576	      response. Upon receipt of a zero, the DIAMETER Server MUST assume
577	      that this is the last message exchange.

579	   AVP Format

581	      0                   1                   2                   3
582	      0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
583	      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
584	      |                           AVP Code                            |
585	      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
586	      |          AVP Length           |     Reserved      |U|T|V|E|H|M|
587	      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
588	      |                           Integer32                           |
589	      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

591	      AVP Code

593	         290     Query-Index

595	      AVP Length

597	         The length of this attribute MUST be at least 12.

599	      AVP Flags

601	         The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
602	         upon the security model used. The 'V', 'T' and the 'U' bits
603	         MUST NOT be set.

605	      Integer32

607	         The Integer32 field contains a value that has local
608	         significance to client in order to identify which Resource-
609	         Token to send in the subsequent Session-Resource-Query.

611	3.2  Resource-Token

613	   Description

615	      The Resource-Token AVP is returned by the DIAMETER Server to the
616	      client during authorization (or session setup). The Resource-Token
617	      is subsequently used during the Session-Resource-Query-Reply in
618	      order to hand the Server with enough information to rebuild its
619	      state information.

621	      The data portion of this AVP includes AVPs and at a minimum MUST
622	      include the Session-Id AVP, the Host-IP-Address or Host-Name AVP
623	      and the Extension-Id.  Each service MUST define what AVPs must be
624	      included in the Resource-Token in order for the Resource
625	      Management extension to work for the specific service.

627	      It is likely that more than one of these attributes exist in a
628	      Session-Resource-Reponse.

630	   AVP Format

632	      0                   1                   2                   3
633	      0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
634	      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
635	      |                           AVP Code                            |
636	      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
637	      |          AVP Length           |     Reserved      |U|T|V|E|H|M|
638	      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
639	      |    Data ...
640	      +-+-+-+-+-+-+-+-+

642	      AVP Code

644	         291     Resource-Token

646	      AVP Length

648	         The length of this attribute MUST be at least 9.

650	      AVP Flags

652	         The 'M' bit MUST be set. The 'H' and 'E' MAY be set depending
653	         upon the security model used. The 'V', 'T' and the 'U' bits
654	         MUST NOT be set.

656	      Data

658	         The Data field contains the Resource-Token that was returned by
659	         the DIAMETER Server during the authorization phase.

661	4.0  Protocol Definition

663	   This section will outline how the DIAMETER Resource Management
664	   Extension can be used.

666	4.1  Feature Advertisement/Discovery

668	   As defined in [2], the Reboot-Ind and Device-Feature-Query messages
669	   can be used to inform a peer about locally supported DIAMETER
670	   Extensions. In order to advertise support of this extension, the
671	   Extension-Id AVP must be transmitted with a value of one (1).

673	4.2  Session Free

675	   Upon session termination, a Session-Free-Request message is issue by
676	   the client to the DIAMETER Server and MUST contain the Session-Id AVP
677	   that was used during the authorization phase of the session.

679	4.3  Relinquish Session

681	   When the server wants the client to relinquish an existing session,
682	   the Server issues a Session-Reclaim-Request to the client. The
683	   request MUST contain the Session-Id AVP that was used during the
684	   authorization phase of the session.

686	   The client MUST respond with a Session-Reclaim-Answer message. The
687	   response indicates whether the request was successfully processed
688	   through the Result-Code AVP.

690	   In the roaming scenario the Session-Reclaim-Request message is
691	   problematic since it is difficult to identify the target client's
692	   proxy chain. This can be achieved by including the Host Name of the
693	   client that was found in the authorization request within the Host-
694	   Name AVP.

696	4.4  Interaction with Device-Reboot-Indication

698	   When a DIAMETER Server receives a Device-Reboot-Indication it MUST
699	   assume that all resources currently allocated to the rebooted peer
700	   MUST be freed.

702	4.5  State Resync

704	   Upon receipt of a Reboot-Ack message from a client that contains an
705	   Extension-Id AVP with the value set to 1 (Resource-Management), a
706	   DIAMETER entity SHOULD issue a Session-Resource-Query to the peer.
707	   All requests from the peer MUST be ignored until the peer has
708	   successfully responded to the Session-Resource-Query message.

710	   Upon receipt of a Session-Resource-Query a response MUST be returned
711	   which contains all of the active Resource-Tokens that have previously
712	   been allocated by the requesting node. Since the number of active
713	   Resource-Tokens MAY be larger than the interface's MTU, it is
714	   required to make use of the Query-Index AVP.

716	   The following is an example of an exchange between a Server and a
717	   Client that has 26 Resource-Tokens which is too many to fit within a
718	   single response.

720	      DIAMETER Server                                    DIAMETER Client
721	      ---------------                                    ---------------
722	      Reboot-Ind                         -->
723	                                         <-- Reboot-Ack (w/ Res-Mgmt Ext. Id)
724	      Session-Resource-Query (Index = 0) -->
725	                                 <-- Session-Resource-Query-Reply (Index = 10)
726	      Session-Resource-Query (Index = 10) -->
727	                                 <-- Session-Resource-Query-Reply (Index = 20)
728	      Session-Resource-Query (Index = 20) -->
729	                                 <-- Session-Resource-Query-Reply (Index = 0)

731	   In the above scenario, the Server issues the initial Session-
732	   Resource-Query with a zero Query-Index. The client responds but since
733	   it can only fit Resource-Tokens 1 through 9, it sets the Query-Index
734	   to 10 in the Session-Resource-Query-Reply.

736	   Upon receipt of the response the server processes the message and
737	   issues another Session-Resource-Query with the Query-Index value set
738	   to 10. The client, upon receipt of the request, knows that it needs
739	   to include the Resource-Tokens starting at 10. Again, since the
740	   client can only include the Resource-Tokens up to 19, it sets the
741	   Query-Index to 20.

743	   The Server issues another Session-Resource-Query with the Query-Index
744	   set to 20. At this point the client can fit the remaining Resource-
745	   Tokens (20 through 26) and therefore sets the Query-Index to zero to
746	   indicate that it has sent all of it's active Resource-Tokens.

748	5.0  References

750	    [1]   Calhoun, Rubens, "DIAMETER", Internet-Draft,
751	          draft-calhoun-diameter-03.txt, May 1998.
752	    [2]   Calhoun, Bulley, "DIAMETER Autentication Extensions",
753	          Internet-Draft, draft-calhoun-diameter-auth-03.txt, May 1998.
754	    [3]   Calhoun, Zorn, Pan, "DIAMETER Framework", Internet-
755	          Draft, draft-calhoun-diameter-framework-00.txt, May 1998

757	6.0  Authors' Addresses

759	   Questions about this memo can be directed to:

761	      Pat R. Calhoun
762	      Technology Development
763	      Sun Microsystems, Inc.
764	      15 Network Circle
765	      Menlo Park, California, 94025
766	      USA

768	       Phone:  1-650-786-7733
769	         Fax:  1-650-786-6445
770	      E-mail:  pcalhoun@eng.sun.com

772	      Nancy Greene
773	      Public Data Networks
774	      Nortel (Northern Telecom)
775	      PO Box 3511 Station C
776	      Ottawa, Ontario K1Y 4H7
777	      Canada

779	       Phone: 1-613-763-9789
780	         Fax: 1-613-763-8904
781	      E-mail: ngreene@nortel.ca