An Architecture for IPv6 over the TSCH mode of IEEE 802.15.4
draft-ietf-6tisch-architecture-10
The information below is for an old version of the document.
Document | Type |
This is an older version of an Internet-Draft that was ultimately published as RFC 9030.
Expired & archived
|
|
---|---|---|---|
Author | Pascal Thubert | ||
Last updated | 2016-12-12 (Latest revision 2016-06-10) | ||
Replaces | draft-thubert-6tisch-architecture | ||
RFC stream | Internet Engineering Task Force (IETF) | ||
Formats | |||
Reviews |
OPSDIR Last Call review
(of
-22)
by Qin Wu
Has issues
TSVART Last Call review
(of
-20)
by Gorry Fairhurst
Ready w/issues
IOTDIR Early review
(of
-19)
by Eliot Lear
On the Right Track
INTDIR Early review
(of
-19)
by Carlos Pignataro
On the Right Track
|
||
Additional resources | Mailing list discussion | ||
Stream | WG state | WG Document | |
Document shepherd | Shwetha Bhandari | ||
Shepherd write-up | Show Last changed 2015-05-22 | ||
IESG | IESG state | Became RFC 9030 (Informational) | |
Consensus boilerplate | Unknown | ||
Telechat date | (None) | ||
Responsible AD | Suresh Krishnan | ||
Send notices to | (None) |
draft-ietf-6tisch-architecture-10
8. Credit-Control AVPs This section defines the credit-control AVPs that are specific to Diameter credit-control application and that MAY be included in the Diameter credit-control messages. The AVPs defined in this section MAY also be included in authorization commands defined in authorization-specific applications, such as [RFC7155] and [RFC4004], if the first interrogation is performed as part of the authorization/ authentication process, as described in Section 5.2. The Diameter AVP rules are defined in the Diameter Base [RFC6733], Section 4. These AVP rules are observed in AVPs defined in this section. The following table describes the Diameter AVPs defined in the credit-control application, their AVP Code values, types, and possible flag values. The AVP Flag rules are explained in the Diameter base [RFC6733], section 4.1. +---------------+ |AVP Flag rules | |----+-----+----| AVP Section | | |MUST| Attribute Name Code Defined Data Type |MUST| MAY |NOT | -----------------------------------------|----+-----+----| CC-Correlation-Id 411 8.1 OctetString| | M | V | CC-Input-Octets 412 8.24 Unsigned64 | M | | V | CC-Money 413 8.22 Grouped | M | | V | CC-Output-Octets 414 8.25 Unsigned64 | M | | V | CC-Request-Number 415 8.2 Unsigned32 | M | | V | CC-Request-Type 416 8.3 Enumerated | M | | V | CC-Service- 417 8.26 Unsigned64 | M | | V | Specific-Units | | | | CC-Session- 418 8.4 Enumerated | M | | V | Failover | | | | CC-Sub-Session-Id 419 8.5 Unsigned64 | M | | V | CC-Time 420 8.21 Unsigned32 | M | | V | CC-Total-Octets 421 8.23 Unsigned64 | M | | V | CC-Unit-Type 454 8.32 Enumerated | M | | V | Check-Balance- 422 8.6 Enumerated | M | | V | Result | | | | Cost-Information 423 8.7 Grouped | M | | V | Cost-Unit 424 8.12 UTF8String | M | | V | Credit-Control 426 8.13 Enumerated | M | | V | Credit-Control- 427 8.14 Enumerated | M | | V | Failure-Handling | | | | Bertz, et al. Expires November 19, 2018 [Page 57] Internet-Draft Diameter Credit-Control Application May 2018 Currency-Code 425 8.11 Unsigned32 | M | | V | Direct-Debiting- 428 8.15 Enumerated | M | | V | Failure-Handling | | | | Exponent 429 8.9 Integer32 | M | | V | Final-Unit-Action 449 8.35 Enumerated | M | | V | Final-Unit- 430 8.34 Grouped | M | | V | Indication | | | | QoS-Final-Unit- TBD17 8.68 Grouped | | M | V | Indication | | | | Granted-Service- 431 8.17 Grouped | M | | V | Unit | | | | G-S-U-Pool- 453 8.31 Unsigned32 | M | | V | Identifier | | | | G-S-U-Pool- 457 8.30 Grouped | M | | V | Reference | | | | Multiple-Services 456 8.16 Grouped | M | | V | -Credit-Control | | | | Multiple-Services 455 8.40 Enumerated | M | | V | -Indicator | | | | Rating-Group 432 8.29 Unsigned32 | M | | V | Redirect-Address 433 8.38 Enumerated | M | | V | -Type | | | | Redirect-Server 434 8.37 Grouped | M | | V | Redirect-Server 435 8.39 UTF8String | M | | V | -Address | | | | Redirect-Server TBD13 8.64 Grouped | | M | V | -Extension | | | | Redirect-Address TBD14 8.65 Address | | M | V | -IPAddress | | | | Redirect-Address TBD15 8.66 UTF8String | | M | V | -URL | | | | Redirect-Address TBD16 8.67 UTF8String | | M | V | -SIP-URI | | | | Requested-Action 436 8.41 Enumerated | M | | V | Requested-Service 437 8.18 Grouped | M | | V | -Unit | | | | Restriction 438 8.36 IPFiltrRule| M | | V | -Filter-Rule | | | | Service-Context 461 8.42 UTF8String | M | | V | -Id | | | | Service- 439 8.28 Unsigned32 | M | | V | Identifier | | | | Service-Parameter 440 8.43 Grouped | | M | V | -Info | | | | Service- 441 8.44 Unsigned32 | | M | V | Parameter-Type | | | | Service- 442 8.45 OctetString| | M | V | Parameter-Value | | | | Bertz, et al. Expires November 19, 2018 [Page 58] Internet-Draft Diameter Credit-Control Application May 2018 Subscription-Id 443 8.46 Grouped | M | | V | Subscription-Id 444 8.48 UTF8String | M | | V | -Data | | | | Subscription-Id 450 8.47 Enumerated | M | | V | -Type | | | | Subscription-Id TBD7 8.58 Grouped | | M | V | -Extension | | | | Subscription-Id TBD8 8.59 UTF8String | | M | V | -E164 | | | | Subscription-Id TBD9 8.60 UTF8String | | M | V | -IMSI | | | | Subscription-Id TBD10 8.61 UTF8String | | M | V | -SIP-URI | | | | Subscription-Id TBD11 8.62 UTF8String | | M | V | -NAI | | | | Subscription-Id TBD12 8.63 UTF8String | | M | V | -Private | | | | Tariff-Change 452 8.27 Enumerated | M | | V | -Usage | | | | Tariff-Time 451 8.20 Time | M | | V | -Change | | | | Unit-Value 445 8.8 Grouped | M | | V | Used-Service-Unit 446 8.19 Grouped | M | | V | User-Equipment 458 8.49 Grouped | | M | V | -Info | | | | User-Equipment 459 8.50 Enumerated | | M | V | -Info-Type | | | | User-Equipment 460 8.51 OctetString| | M | V | -Info-Value | | | | User-Equipment TBD1 8.52 Grouped | | M | V | -Info-Extension | | | | User-Equipment TBD2 8.53 OctetString| | M | V | -Info-IMEISV | | | | User-Equipment TBD3 8.54 OctetString| | M | V | -Info-MAC | | | | User-Equipment TBD4 8.55 OctetString| | M | V | -Info-EUI64 | | | | User-Equipment TBD5 8.56 OctetString| | M | V | -Info-ModifiedEUI64 | | | | User-Equipment TBD6 8.57 OctetString| | M | V | -Info-IMEI | | | | Value-Digits 447 8.10 Integer64 | M | | V | Validity-Time 448 8.33 Unsigned32 | M | | V | Bertz, et al. Expires November 19, 2018 [Page 59] Internet-Draft Diameter Credit-Control Application May 2018 8.1. CC-Correlation-Id AVP The CC-Correlation-Id AVP (AVP Code 411) is of type OctetString and contains information to correlate credit-control requests generated for different components of the service; e.g., transport and service level. The one who allocates the Service-Context-Id (i.e., unique identifier of a service specific document) is also responsible for defining the content and encoding of the CC-Correlation-Id AVP. 8.2. CC-Request-Number AVP The CC-Request-Number AVP (AVP Code 415) is of type Unsigned32 and identifies this request within one session. As Session-Id AVPs are globally unique, the combination of Session-Id and CC-Request-Number AVPs is also globally unique and can be used in matching credit- control messages with confirmations. An easy way to produce unique numbers is to set the value to 0 for a credit-control request of type INITIAL_REQUEST and EVENT_REQUEST and to set the value to 1 for the first UPDATE_REQUEST, to 2 for the second, and so on until the value for TERMINATION_REQUEST is one more than for the last UPDATE_REQUEST. 8.3. CC-Request-Type AVP The CC-Request-Type AVP (AVP Code 416) is of type Enumerated and contains the reason for sending the credit-control request message. It MUST be present in all Credit-Control-Request messages. The following values are defined for the CC-Request-Type AVP: INITIAL_REQUEST 1 An Initial request is used to initiate a credit-control session, and contains credit-control information that is relevant to the initiation. UPDATE_REQUEST 2 An Update request contains credit-control information for an existing credit-control session. Update credit-control requests SHOULD be sent every time a credit-control re-authorization is needed at the expiry of the allocated quota or validity time. Further, additional service-specific events MAY trigger a spontaneous Update request. TERMINATION_REQUEST 3 A Termination request is sent to terminate a credit-control session and contains credit-control information relevant to the existing session. Bertz, et al. Expires November 19, 2018 [Page 60] Internet-Draft Diameter Credit-Control Application May 2018 EVENT_REQUEST 4 An Event request is used when there is no need to maintain any credit-control session state in the credit-control server. This request contains all information relevant to the service, and is the only request of the service. The reason for the Event request is further detailed in the Requested-Action AVP. The Requested-Action AVP MUST be included in the Credit-Control-Request message when CC- Request-Type is set to EVENT_REQUEST. 8.4. CC-Session-Failover AVP The CC-Session-Failover AVP (AVP Code 418) is type of Enumerated and contains information as to whether moving the credit-control message stream to a backup server during an ongoing credit-control session is supported. In communication failures, the credit-control message streams can be moved to an alternative destination if the credit- control server supports failover to an alternative server. The secondary credit-control server name, if received from the home Diameter AAA server, can be used as an address of the backup server. An implementation is not required to support moving a credit-control message stream to an alternative server, as this also requires moving information related to the credit-control session to backup server. The following values are defined for the CC-Session-Failover AVP: FAILOVER_NOT_SUPPORTED 0 When the CC-Session-Failover AVP is set to FAILOVER_NOT_SUPPORTED, the credit-control message stream MUST NOT be moved to an alternative destination in the case of communication failure. This is the default behavior if the AVP isn't included in the reply from the authorization or credit-control server. FAILOVER_SUPPORTED 1 When the CC-Session-Failover AVP is set to FAILOVER_SUPPORTED, the credit-control message stream SHOULD be moved to an alternative destination in the case of communication failure. Moving the credit- control message stream to a backup server MAY require that information related to the credit-control session should also be forwarded to an alternative server. 8.5. CC-Sub-Session-Id AVP The CC-Sub-Session-Id AVP (AVP Code 419) is of type Unsigned64 and contains the credit-control sub-session identifier. The combination of the Session-Id and this AVP MUST be unique per sub-session, and Bertz, et al. Expires November 19, 2018 [Page 61] Internet-Draft Diameter Credit-Control Application May 2018 the value of this AVP MUST be monotonically increased by one for all new sub-sessions. The absence of this AVP implies that no sub- sessions are in use. 8.6. Check-Balance-Result AVP The Check Balance Result AVP (AVP Code 422) is of type Enumerated and contains the result of the balance check. This AVP is applicable only when the Requested-Action AVP indicates CHECK_BALANCE in the Credit-Control-Request command. The following values are defined for the Check-Balance-Result AVP. ENOUGH_CREDIT 0 There is enough credit in the account to cover the requested service. NO_CREDIT 1 There isn't enough credit in the account to cover the requested service. 8.7. Cost-Information AVP The Cost-Information AVP (AVP Code 423) is of type Grouped, and it is used to return the cost information of a service, which the credit- control client can transfer transparently to the end user. The included Unit-Value AVP contains the cost estimate (always type of money) of the service, in the case of price enquiry, or the accumulated cost estimation, in the case of credit-control session. The Currency-Code specifies in which currency the cost was given. The Cost-Unit specifies the unit when the service cost is a cost per unit (e.g., cost for the service is $1 per minute). When the Requested-Action AVP with value PRICE_ENQUIRY is included in the Credit-Control-Request command, the Cost-Information AVP sent in the succeeding Credit-Control-Answer command contains the cost estimation of the requested service, without any reservation being made. The Cost-Information AVP included in the Credit-Control-Answer command with the CC-Request-Type set to UPDATE_REQUEST contains the accumulated cost estimation for the session, without taking any credit reservation into account. The Cost-Information AVP included in the Credit-Control-Answer command with the CC-Request-Type set to EVENT_REQUEST or Bertz, et al. Expires November 19, 2018 [Page 62] Internet-Draft Diameter Credit-Control Application May 2018 TERMINATION_REQUEST contains the estimated total cost for the requested service. It is defined as follows (per the grouped-avp-def of [RFC6733]): Cost-Information ::= < AVP Header: 423 > { Unit-Value } { Currency-Code } [ Cost-Unit ] 8.8. Unit-Value AVP Unit-Value AVP is of type Grouped (AVP Code 445) and specifies the units as decimal value. The Unit-Value is a value with an exponent; i.e., Unit-Value = Value-Digits AVP * 10^Exponent. This representation avoids unwanted rounding off. For example, the value of 2,3 is represented as Value-Digits = 23 and Exponent = -1. The absence of the exponent part MUST be interpreted as an exponent equal to zero. It is defined as follows (per the grouped-avp-def of [RFC6733]): Unit-Value ::= < AVP Header: 445 > { Value-Digits } [ Exponent ] 8.9. Exponent AVP Exponent AVP is of type Integer32 (AVP Code 429) and contains the exponent value to be applied for the Value-Digit AVP within the Unit- Value AVP. 8.10. Value-Digits AVP The Value-Digits AVP is of type Integer64 (AVP Code 447) and contains the significant digits of the number. If decimal values are needed to present the units, the scaling MUST be indicated with the related Exponent AVP. For example, for the monetary amount $ 0.05 the value of Value-Digits AVP MUST be set to 5, and the scaling MUST be indicated with the Exponent AVP set to -2. 8.11. Currency-Code AVP The Currency-Code AVP (AVP Code 425) is of type Unsigned32 and contains a currency code that specifies in which currency the values Bertz, et al. Expires November 19, 2018 [Page 63] Internet-Draft Diameter Credit-Control Application May 2018 of AVPs containing monetary units were given. It is specified by using the numeric values defined in the ISO 4217 standard [ISO4217]. 8.12. Cost-Unit AVP The Cost-Unit AVP (AVP Code 424) is of type UTF8String, and it is used to display a human readable string to the end user. It specifies the applicable unit to the Cost-Information when the service cost is a cost per unit (e.g., cost of the service is $1 per minute). The Cost-Unit can be minutes, hours, days, kilobytes, megabytes, etc. 8.13. Credit-Control AVP The Credit-Control AVP (AVP Code 426) is of type Enumerated and MUST be included in AA requests when the service element has credit- control capabilities. CREDIT_AUTHORIZATION 0 If the home Diameter AAA server determines that the user has prepaid subscription, this value indicates that the credit-control server MUST be contacted to perform the first interrogation. The value of the Credit-Control AVP MUST always be set to 0 in an AA request sent to perform the first interrogation and to initiate a new credit- control session. RE_AUTHORIZATION 1 This value indicates to the Diameter AAA server that a credit-control session is ongoing for the subscriber and that the credit-control server MUST NOT be contacted. The Credit-Control AVP set to the value of 1 is to be used only when the first interrogation has been successfully performed and the credit-control session is ongoing (i.e., re-authorization triggered by Authorization-Lifetime). This value MUST NOT be used in an AA request sent to perform the first interrogation. 8.14. Credit-Control-Failure-Handling AVP The Credit-Control-Failure-Handling AVP (AVP Code 427) is of type Enumerated. The credit-control client uses information in this AVP to decide what to do if sending credit-control messages to the credit-control server has been, for instance, temporarily prevented due to a network problem. Depending on the service logic, the credit-control server can order the client to terminate the service immediately when there is a reason to believe that the service cannot be charged, or to try failover to an alternative server, if possible. Bertz, et al. Expires November 19, 2018 [Page 64] Internet-Draft Diameter Credit-Control Application May 2018 Then the server could either terminate or grant the service, should the alternative connection also fail. TERMINATE 0 When the Credit-Control-Failure-Handling AVP is set to TERMINATE, the service MUST only be granted for as long as there is a connection to the credit-control server. If the credit-control client does not receive any Credit-Control-Answer message within the Tx timer (as defined in Section 13), the credit-control request is regarded as failed, and the end user's service session is terminated. This is the default behavior if the AVP isn't included in the reply from the authorization or credit-control server. CONTINUE 1 When the Credit-Control-Failure-Handling AVP is set to CONTINUE, the credit-control client SHOULD re-send the request to an alternative server in the case of transport or temporary failures, provided that a failover procedure is supported in the credit-control server and the credit-control client, and that an alternative server is available. Otherwise, the service SHOULD be granted, even if credit- control messages can't be delivered. RETRY_AND_TERMINATE 2 When the Credit-Control-Failure-Handling AVP is set to RETRY_AND_TERMINATE, the credit-control client SHOULD re-send the request to an alternative server in the case of transport or temporary failures, provided that a failover procedure is supported in the credit-control server and the credit-control client, and that an alternative server is available. Otherwise, the service SHOULD NOT be granted when the credit-control messages can't be delivered. 8.15. Direct-Debiting-Failure-Handling AVP The Direct-Debiting-Failure-Handling AVP (AVP Code 428) is of type Enumerated. The credit-control client uses information in this AVP to decide what to do if sending credit-control messages (Requested- Action AVP set to DIRECT_DEBITING) to the credit-control server has been, for instance, temporarily prevented due to a network problem. TERMINATE_OR_BUFFER 0 When the Direct-Debiting-Failure-Handling AVP is set to TERMINATE_OR_BUFFER, the service MUST be granted for as long as there is a connection to the credit-control server. If the credit-control Bertz, et al. Expires November 19, 2018 [Page 65] Internet-Draft Diameter Credit-Control Application May 2018 client does not receive any Credit-Control-Answer message within the Tx timer (as defined in Section 13) the credit-control request is regarded as failed. The client SHOULD terminate the service if it can determine from the failed answer that units have not been debited. Otherwise the credit-control client SHOULD grant the service, store the request in application level non-volatile storage, and try to re-send the request. These requests MUST be marked as possible duplicates by setting the T-flag in the command header as described in [RFC6733] section 3. This is the default behavior if the AVP isn't included in the reply from the authorization server. CONTINUE 1 When the Direct-Debiting-Failure-Handling AVP is set to CONTINUE, the service SHOULD be granted, even if credit-control messages can't be delivered, and the request should be deleted. 8.16. Multiple-Services-Credit-Control AVP Multiple-Services-Credit-Control AVP (AVP Code 456) is of type Grouped and contains the AVPs related to the independent credit- control of multiple services feature. Note that each instance of this AVP carries units related to one or more services or related to a single rating group. The Service-Identifier and the Rating-Group AVPs are used to associate the granted units to a given service or rating group. If both the Service-Identifier and the Rating-Group AVPs are included, the target of the service units is always the service(s) indicated by the value of the Service-Identifier AVP(s). If only the Rating- Group-Id AVP is present, the Multiple-Services-Credit-Control AVP relates to all the services that belong to the specified rating group. The G-S-U-Pool-Reference AVP allows the server to specify a G-S-U- Pool-Identifier identifying a credit pool within which the units of the specified type are considered pooled. If a G-S-U-Pool-Reference AVP is present, then actual service units of the specified type MUST also be present. For example, if the G-S-U-Pool-Reference AVP specifies Unit-Type TIME, then the CC-Time AVP MUST be present. The Requested-Service-Unit AVP MAY contain the amount of requested service units or the requested monetary value. It MUST be present in the initial interrogation and within the intermediate interrogations in which new quota is requested. If the credit-control client does not include the Requested-Service-Unit AVP in a request command, because for instance, it has determined that the end-user terminated the service, the server MUST debit the used amount from the user's Bertz, et al. Expires November 19, 2018 [Page 66] 6TiSCH P. Thubert, Ed. Internet-Draft Cisco Intended status: Informational June 10, 2016 Expires: December 12, 2016 An Architecture for IPv6 over the TSCH mode of IEEE 802.15.4 draft-ietf-6tisch-architecture-10 Abstract This document describes a network architecture that provides low- latency, low-jitter and high-reliability packet delivery. It combines a high speed powered backbone and subnetworks using IEEE 802.15.4 time-slotted channel hopping (TSCH) to meet the requirements of LowPower wireless deterministic applications. Status of This Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on December 12, 2016. Copyright Notice Copyright (c) 2016 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Thubert Expires December 12, 2016 [Page 1] Internet-Draft 6tisch-architecture June 2016 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 3. High Level Architecture . . . . . . . . . . . . . . . . . . . 4 3.1. 6TiSCH Stack . . . . . . . . . . . . . . . . . . . . . . 4 3.2. TSCH: A Deterministic MAC Layer . . . . . . . . . . . . . 6 3.3. Scheduling TSCH . . . . . . . . . . . . . . . . . . . . . 7 3.4. Routing and Forwarding Over TSCH . . . . . . . . . . . . 8 3.5. A Non-Broadcast Multi-Access Radio Mesh Network . . . . . 10 3.6. A Multi-Link Subnet Model . . . . . . . . . . . . . . . . 12 3.7. Join Process and Registration . . . . . . . . . . . . . . 13 3.8. Dependencies on Work In Progress . . . . . . . . . . . . 14 4. Deeper Dive . . . . . . . . . . . . . . . . . . . . . . . . . 16 4.1. 6LoWPAN (and RPL) . . . . . . . . . . . . . . . . . . . . 16 4.1.1. RPL Leaf Support in 6LoWPAN ND . . . . . . . . . . . 16 4.1.2. RPL Root And 6LBR . . . . . . . . . . . . . . . . . . 16 4.2. TSCH and 6top . . . . . . . . . . . . . . . . . . . . . . 17 4.2.1. 6top . . . . . . . . . . . . . . . . . . . . . . . . 17 4.2.2. Scheduling Functions and the 6P protocol . . . . . . 18 4.2.3. 6top and RPL Objective Function operations . . . . . 19 4.2.4. Network Synchronization . . . . . . . . . . . . . . . 20 4.2.5. SlotFrames and Priorities . . . . . . . . . . . . . . 21 4.2.6. Distributing the reservation of cells . . . . . . . . 22 4.3. Communication Paradigms and Interaction Models . . . . . 24 4.4. Schedule Management Mechanisms . . . . . . . . . . . . . 25 4.4.1. Static Scheduling . . . . . . . . . . . . . . . . . . 25 4.4.2. Neighbor-to-neighbor Scheduling . . . . . . . . . . . 25 4.4.3. Remote Monitoring and Schedule Management . . . . . . 26 4.4.4. Hop-by-hop Scheduling . . . . . . . . . . . . . . . . 29 4.5. Forwarding Models . . . . . . . . . . . . . . . . . . . . 29 4.5.1. Track Forwarding . . . . . . . . . . . . . . . . . . 29 4.5.2. Fragment Forwarding . . . . . . . . . . . . . . . . . 33 4.5.3. IPv6 Forwarding . . . . . . . . . . . . . . . . . . . 34 4.6. Centralized vs. Distributed Routing . . . . . . . . . . . 35 4.6.1. Packet Marking and Handling . . . . . . . . . . . . . 35 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 36 6. Security Considerations . . . . . . . . . . . . . . . . . . . 36 6.1. Join Process Highlights . . . . . . . . . . . . . . . . . 36 7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 39 7.1. Contributors . . . . . . . . . . . . . . . . . . . . . . 39 7.2. Special Thanks . . . . . . . . . . . . . . . . . . . . . 40 7.3. And Do not Forget . . . . . . . . . . . . . . . . . . . . 40 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 40 8.1. Normative References . . . . . . . . . . . . . . . . . . 41 8.2. Informative References . . . . . . . . . . . . . . . . . 43 8.3. Other Informative References . . . . . . . . . . . . . . 47 Appendix A. Personal submissions relevant to upcoming work . . . 48 Thubert Expires December 12, 2016 [Page 2] Internet-Draft 6tisch-architecture June 2016 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 49 1. Introduction Wireless Networks enable a wide variety of devices of any size to get interconnected, often at a very low marginal cost per device, at any distance ranging from Near Field to interplanetary, and in circumstances where wiring may be impractical, for instance on fast- moving or rotating devices. In the other hand, Deterministic Networks enable traffic that is highly sensitive to jitter, quite sensitive to latency, and with a high degree of operational criticality so that loss should be minimized at all times. Applications that need such networks are presented in [I-D.ietf-detnet-use-cases]. They include Professional Media and Operation Technology (OT) Industrial Automation Control Systems (IACS). The Medium access Control (MAC) of IEEE802.15.4 [IEEE802154] has evolved with the IEEE802.15.4e Timeslotted Channel Hopping (TSCH) [RFC7554] mode to provide deterministic properties on wireless networks. TSCH was initially introduced with the IEEE802.15.4e amendment [IEEE802154e] of the IEEE802.15.4 standard and constituted a part of the standard from that day. For all practical purpose, this document is expected to be insensitive to the revisions of the IEEE802.15.4 standard, which is thus referenced undated. Proven Deterministic Networking standards for use in Process Control, including ISA100.11a [ISA100.11a] and WirelessHART [WirelessHART], have demonstrated the capabilities of the IEEE802.15.4 TSCH MAC for high reliability against interference, low-power consumption on well- known flows, and its applicability for Traffic Engineering (TE) from a central controller. In order to enable the convergence of IT and OT in LLN environments, 6TiSCH ports the IETF suite of protocol that are defined for such environments over the TSCH MAC. 6TiSCH also provides large scaling capabilities, which, in a number of scenarios, require the addition of a high speed and reliable backbone and the use of IP version 6 (IPv6). The 6TiSCH Architecture introduces an IPv6 Multi-Link subnet model that is composed of a federating backbone and a number of IEEE802.15.4 TSCH low-power wireless networks attached and synchronized by Backbone Routers. The architecture defines mechanisms to establish and maintain routing and scheduling in a centralized, distributed, or mixed fashion, for use in multiple OT environments. It is applicable in particular to industrial control systems, building automation that leverage Thubert Expires December 12, 2016 [Page 3] Internet-Draft 6tisch-architecture June 2016 distributed routing to address multipath over a large number of hops, in-vehicle command and control that can be as demanding as industrial applications, commercial automation and asset Tracking with mobile scenarios, home automation and domotics which become more reliable and thus provide a better user experience, and resource management (energy, water, etc.). 2. Terminology The draft uses domain-specific terminology defined or referenced in [I-D.ietf-6tisch-terminology], [I-D.ietf-6lo-backbone-router], and [I-D.ietf-roll-rpl-industrial-applicability]. Readers are expected to be familiar with all the terms and concepts that are discussed in "Neighbor Discovery for IP version 6" [RFC4861], "IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): Overview, Assumptions, Problem Statement, and Goals" [RFC4919], and Neighbor Discovery Optimization for Low-power and Lossy Networks [RFC6775] where the 6LoWPAN Router (6LR) and the 6LoWPAN Border Router (6LBR) are introduced. Readers may benefit from reading the "RPL: IPv6 Routing Protocol for Low-Power and Lossy Networks" [RFC6550] specification; "Multi-Link Subnet Issues" [RFC4903]; "Mobility Support in IPv6" [RFC6275]; "Neighbor Discovery Proxies (ND Proxy)" [RFC4389]; "IPv6 Stateless Address Autoconfiguration" [RFC4862]; "FCFS SAVI: First-Come, First- Served Source Address Validation Improvement for Locally Assigned IPv6 Addresses" [RFC6620]; and "Optimistic Duplicate Address Detection" [RFC4429] prior to this specification for a clear understanding of the art in ND-proxying and binding. The draft also conforms to the terms and models described in [RFC3444] and [RFC5889] and uses the vocabulary and the concepts defined in [RFC4291] for the IPv6 Architecture and refers [RFC4080] for reservation signaling and [RFC5191] for authentication. 3. High Level Architecture 3.1. 6TiSCH Stack The 6TiSCH architecture presents a reference stack that is implemented and interop tested by a conjunction of opensource, IETF and ETSI efforts. One goal is to help other bodies to adopt the stack as a whole, making the effort to move to an IPv6-based IOT stack easier. Now, for a particular, environment, some of the choices that are made in this architecture may not be relevant. For instance, RPL is not required for star topologies and mesh-under layer-2 routed networks, and the 6LoWPAN compression may not be Thubert Expires December 12, 2016 [Page 4] Internet-Draft 6tisch-architecture June 2016 sufficient for ultra-constrained cases such as some Low Power Wide Area (LPWA) networks. In such cases, it is perfectly doable to adopt a subset of the selection that is presented hereafter and then select alternate components to complete the solution wherever needed. The IETF proposes multiple techniques for implementing functions related to routing, transport or security. In order to control the complexity of the possible deployments and device interactions, and to limit the size of the resulting object code, the architecture limits the possible variations of the stack and recommends a number of base elements for LLN applications. In particular, UDP [RFC0768] [RFC2460] and the Constrained Application Protocol [RFC7252] (CoAP) are used as the transport / binding of choice for applications and management as opposed to TCP and HTTP. The resulting stack is represented below: +-----+-----+-----+------+-------+-----+ | (COMI) |(PANA)|6LoWPAN| RPL | | CoAP / DTLS | | ND | | +-----+-----+-----+------+-------+-----+ | UDP | ICMP | +-----+-----+-----+-----+-------+------+-----+ | IPv6 | +-------------------------------------------+ | 6LoWPAN adaptation and compression (HC) | +-------------------------------------------+ | 6top | +-------------------------------------------+ | IEEE802.15.4 TSCH | +-------------------------------------------+ Figure 1: 6TiSCH Protocol Stack RPL is the routing protocol of choice for LLNs. So far, there was no identified need to define a 6TiSCH specific Objective Function. The Minimal 6TiSCH Configuration [I-D.ietf-6tisch-minimal] describes the operation of RPL over a static schedule used in a slotted aloha fashion, whereby all active slots may be used for emission or reception of both unicast and multicast frames. The 6LoWPAN Header Compression [RFC6282] is used to compress the IPv6 and UDP headers, whereas the 6LoWPAN Routing Header [I-D.ietf-roll-routing-dispatch] is used to compress the RPL artifacts in the IPv6 data packets, including the RPL Packet Information (RPI), the IP-in-IP encapsulation to/from the RPL root, and the Source Route Header (SRH) in non-storing mode. Thubert Expires December 12, 2016 [Page 5] Internet-Draft 6tisch-architecture June 2016 6TiSCH has adopted the general direction of CoAP Management Interface (COMI) [I-D.vanderstok-core-comi] for the management of devices. This is leveraged for instance for the implementation of the generic data model for the 6top sublayer management interface [I-D.ietf-6tisch-6top-interface]. The proposed implementation is based on CoAP and CBOR, and specified in 6TiSCH Resource Management and Interaction using CoAP [I-D.ietf-6tisch-coap]. The Datagram Transport Layer Security (DTLS) [RFC6347] is represented as an example of a protocol that could be used to protect CoAP datagrams, but the exact stack is not determined at the time of this writing.. Similarly, the Protocol for Carrying Authentication for Network access (PANA) [RFC5191] is represented as an example of a protocol that could be leveraged to secure the join process, as a Layer-3 alternate to IEEE802.1x/EAP. Regardless, the security model ensures that, prior to a join process, packets from a untrusted device are controlled in volume and in reachability. In particular, a PANA stack should be separated from the main protocol stack to avoid attacks during the join process that is introduced in Section 3.7. An overview of the security aspects of the join process can be found in Section 6. The 6TiSCH Operation sublayer (6top) [I-D.wang-6tisch-6top-sublayer] is a sublayer of a Logical Link Control (LLC) that provides the abstraction of an IP link over a TSCH MAC and schedules packets over TSCH cells,as further discussed in the next sections. 3.2. TSCH: A Deterministic MAC Layer Though at a different time scale (several orders of magnitude), both IEEE802.1TSN and IEEE802.15.4TSCH standards provide Deterministic capabilities to the point that a packet that pertains to a certain flow may traverse a network from node to node following a very precise schedule, as a train that enters and then leaves intermediate stations at precise times along its path. With TSCH, time is formatted into timeslots, and individual communication cells are allocated to unicast or broadcast communication at the MAC level. The time-slotted operation reduces collisions, saves energy, and enables to more closely engineer the network for deterministic properties. The channel hopping aspect is a simple and efficient technique to combat multipath fading and external interference (for example by Wi-Fi emitters). 6TiSCH builds on the IEEE802.15.4TSCH MAC and inherits its advanced capabilities to enable them in multiple environments where they can be leveraged to improve automated operations. The 6TiSCH Thubert Expires December 12, 2016 [Page 6] Internet-Draft 6tisch-architecture June 2016 Architecture also inherits the capability to perform a centralized route computation to achieve deterministic properties, though it relies on the IETF DetNet Architecture [I-D.finn-detnet-architecture], and IETF components such as the Path Computation Element (PCE) [PCE], for the protocol aspects. On top of this inheritance, 6TiSCH adds capabilities for distributed routing and scheduling operations based on the RPL routing protocol and capabilities to negotiate schedule adjustments between peers. These distributed routing and scheduling operations simplify the deployment of TSCH networks and enable wireless solutions in a larger variety of use cases from operational technology in general. Examples of such use-cases in industrial environments include plant setup and decommissioning, as well as monitoring of lots of lesser importance measurements such as corrosion and events. RPL also enables mobile use cases such as mobile workers and cranes, as presented in [I-D.ietf-roll-rpl-industrial-applicability]. 3.3. Scheduling TSCH A scheduling operation attributes cells in a Time-Division- Multiplexing (TDM) / Frequency-Division Multiplexing (FDM) matrix called the Channel distribution/usage (CDU) to either individual transmissions or as multi-access shared resources (see the 6TiSCH Terminology [I-D.ietf-6tisch-terminology] for more on these terms). Scheduling effectively enables multiple communications at a same time in a same interference domain using different channels; but a node equipped with a single radio can only transmit or receive on one channel at any given point of time. From the standpoint of a 6TiSCH node (at the MAC layer), its schedule is the collection of the times at which it must wake up for transmission, and the channels to which it should either send or listen at those times. The schedule is expressed as one or more slotframes that repeat over and over. Slotframes may collision and require a device to wake at a same time, in which case a priority indicates which slotframe is actually activated. The 6top sublayer hides the complexity of the schedule to the upper layers. The Link that IP may utilize between the 6TiSCH node and a peer may in fact be composed of a pair of cell bundles, one to receive and one to transmit. Some of the cells may be shared, in which case the 6top sublayer must perform some arbitration. The 6TiSCH architecture identifies four ways a schedule can be managed and CDU cells can be allocated: Static Scheduling, Neighbor- to-Neighbor Scheduling, Remote Monitoring and Schedule Management, and Hop-by-hop Scheduling. Thubert Expires December 12, 2016 [Page 7] Internet-Draft 6tisch-architecture June 2016 Static Scheduling: This refers to the minimal 6TiSCH operation whereby a static schedule is configured for the whole network for use in a slotted-aloha fashion. The static schedule is distributed through the native methods in the TSCH MAC layer. This operation leverages RPL to maintain a loopless graph for routing and time distribution. It is specified in the Minimal 6TiSCH Configuration [I-D.ietf-6tisch-minimal] specification. and does not preclude other scheduling operations to co-exist on a same 6TiSCH network. Neighbor-to-Neighbor Scheduling: This refers to the dynamic adaptation of the bandwidth of the Links that are used for IPv6 traffic between adjacent routers. Scheduling Functions such as SF0 [I-D.ietf-6tisch-6top-sf0] influence the operation of the 6top sublayer [I-D.wang-6tisch-6top-sublayer] to add and remove cells in peers schedule, using the 6top protocol [I-D.ietf-6tisch-6top-protocol] for the negotiation on the MAC resources. Remote Monitoring and Schedule Management: This refers to the central computation of a schedule and the capability to forward a frame based on the cell of arrival. In that case, the related portion of the device schedule as well as other device resources are managed by an abstract Network Management Entity (NME), which may cooperate with the PCE in order to minimize the interaction with and the load on the constrained device. This model is the TSCH adaption of the DetNet Architecture [I-D.finn-detnet-architecture], and it enables Traffic Engineering with deterministic properties. Hop-by-hop Scheduling: This refers to the possibility to reserves cells along a path for a particular flow using a distributed mechanism. It is not expected that all use cases will require all those mechanisms. Static Scheduling with minimal configuration one is the only one that is expected in all implementations, since it provides a simple and solid basis for convergecast routing and time distribution. A deeper dive in those mechanisms can be found in Section 4.4. 3.4. Routing and Forwarding Over TSCH 6TiSCH leverages the RPL routing protocol for interoperable distributed routing operations. RPL is applicable to Static Scheduling and Neighbor-to-Neighbor Scheduling. The architecture also supports a centralized routing model for Remote Monitoring and Thubert Expires December 12, 2016 [Page 8] Internet-Draft 6tisch-architecture June 2016 Schedule Management. It is expected that a routing protocol that is more optimized for point-to-point routing than RPL, such as the Reactive Discovery of Point-to-Point Routes in Low-Power and Lossy Networks [RFC6997](P2P RPL), or the Ad Hoc On-demand Distance Vector Routing (AODV) [I-D.ietf-manet-aodvv2] will be selected for Hop-by- hop Scheduling. The 6TiSCH architecture supports three different forwarding models, the classical IPv6 Forwarding, where the node selects a feasible successor at Layer-3 on a per packet basis and based on its routing table, G-MPLS Track Forwarding, which switches a frame received at a particular Timeslot into another Timeslot at Layer-2, and 6LoWPAN Fragment Forwarding, which allows to forward individual 6loWPAN fragments along the route set by the first fragment. IPv6 Forwarding: This is the classical IP forwarding model, with a Routing Information Based (RIB) that is installed by the RPL routing protocol and used to select a feasible successor per packet. The packet is placed on an outgoing Link, that the 6top layer maps into a (Layer-3) bundle of cells, and scheduled for transmission based on QoS parameters. On top of RPL, this model also applies to any routing protocol which may be operated in the 6TiSCH network, and corresponds to all the distributed scheduling models, Static, Neighbor-to-Neighbor and Hop-by-Hop Scheduling. G-MPLS Track Forwarding: This model corresponds to the Remote Monitoring and Schedule Management. In this model, A central controller (hosting a PCE) computes and installs the schedules in the devices per flow. The incoming (Layer-2) bundle of cells from the previous node along the path determines the outgoing (Layer-2) bundle towards the next hop for that flow as determined by the PCE. The programmed sequence for bundles is called a Track and can assume shapes that are more complex than a simple direct sequence of nodes. 6LoWPAN Fragment Forwarding: This is an hybrid model that derives from IPv6 forwarding for the case where packets must be fragmented at the 6LoWPAN sublayer. The first fragment is forwarded like any IPv6 packet and leaves a state in the intermediate hops to enable forwarding of the next fragments that do not have a IP header without the need to recompose the packet at every hop. This can be broadly summarized in the following table: Thubert Expires December 12, 2016 [Page 9] Internet-Draft 6tisch-architecture June 2016 +---------------------+------------+-----------------------------------+ | Forwarding Model | Routing | Scheduling | +=====================+============+===================================+ |G-MPLS Track Fwrding | PCE |Remote Monitoring and Schedule Mgt | +---------------------+------------+-----------------------------------+ | | | Static (Minimal Configuration) | + classical IPv6 + RPL +-----------------------------------+ | / | | Neighbor-to-Neighbor (SF0) | + 6LoWPAN Fragment F. +------------+-----------------------------------+ | |Reactive P2P| Hop-by-Hop (TBD) | +---------------------+------------+-----------------------------------+ Figure 2: Routing, Forwarding and Scheduling 3.5. A Non-Broadcast Multi-Access Radio Mesh Network A 6TiSCH network is an IPv6 [RFC2460] subnet which, in its basic configuration, is a single Low Power Lossy Network (LLN) operating over a synchronized TSCH-based mesh. Inside a 6TiSCH LLN, nodes rely on 6LoWPAN Header Compression (6LoWPAN HC) [RFC6282] to encode IPv6 packets. From the perspective of the network layer, a single LLN interface (typically an IEEE802.15.4-compliant radio) may be seen as a collection of Links with different capabilities for unicast or multicast services. 6TiSCH nodes are not necessarily reachable from one another at Layer-2 and an LLN may span over multiple links. This effectively forms an homogeneous non-broadcast multi-access (NBMA) subnet, which is beyond the scope of existing IPv6 ND methods. Extensions to IPv6 ND have to be introduced. Within that subnet, neighbor devices are discovered with 6LoWPAN Neighbor Discovery [RFC6775] (6LoWPAN ND), whereas RPL [RFC6550] enables routing in the so called Route Over fashion, either in storing (stateful) or non-storing (stateless, with routing headers) mode. Thubert Expires December 12, 2016 [Page 10] Internet-Draft 6tisch-architecture June 2016 ---+-------- ............ ------------ | External Network | | +-----+ +-----+ | NME | | | LLN Border | | | | router +-----+ +-----+ o o o o o o o o o o 6LoWPAN + RPL o o o o o o o o Figure 3: Basic Configuration of a 6TiSCH Network 6TiSCH nodes join the mesh by attaching to nodes that are already members of the mesh. Some nodes act as routers for 6LoWPAN ND and RPL operations, as detailed in Section 4.1. Security aspects of the join process by which a device obtains access to the network are discussed in Section 6. With TSCH, devices are time-synchronized at the MAC level. The use of a particular RPL Instance for time synchronization is discussed in Section 4.2.4. With this mechanism, the time synchronization starts at the RPL root and follows the RPL DODAGs with no timing loop. RPL forms Destination Oriented Directed Acyclic Graphs (DODAGs) within Instances of the protocol, each Instance being associated with an Objective Function (OF) to form a routing topology. A particular 6TiSCH node, the LLN Border Router (LBR), acts as RPL root, 6LoWPAN HC terminator, and Border Router for the LLN to the outside. The LBR is usually powered. More on RPL Instances can be found in section 3.1 of RPL [RFC6550], in particular "3.1.2. RPL Identifiers" and "3.1.3. Instances, DODAGs, and DODAG Versions". RPL adds artifacts in the data packets that are compressed with a 6LoWPAN addition 6LoRH [I-D.ietf-roll-routing-dispatch]. Additional routing and scheduling protocols may be deployed to establish on-demand Peer-to-Peer routes with particular characteristics inside the 6TiSCH network. This may be achieved in a centralized fashion by a PCE [PCE] that programs both the routes and the schedules inside the 6TiSCH nodes, or by in a distributed fashion using a reactive routing protocol and a Hop-by-Hop scheduling protocol. A Backbone Router may be connected to the node that acts as RPL root and / or 6LoWPAN 6LBR and provides connectivity to the larger campus / factory plant network over a high speed backbone or a back-haul Thubert Expires December 12, 2016 [Page 11] Internet-Draft 6tisch-architecture June 2016 link. A Backbone Router may perform proxy IPv6 Neighbor Discovery (ND) [RFC4861] operations over the backbone on behalf of the 6TiSCH nodes so they can share a same IPv6 subnet and appear to be connected to the same backbone as classical devices. A Backbone Router may alternatively redistribute the registration in a routing protocol such as OSPF [RFC5340] or BGP [RFC2545], or inject them in a mobility protocol such as MIPv6 [RFC6275], NEMO [RFC3963], or LISP [RFC6830]. This architecture expects that a 6LoWPAN node can connect as a leaf to a RPL network, where the leaf support is the minimal functionality to connect as a host to a RPL network without the need to participate to the full routing protocol. The architecture also expects that a 6LoWPAN node that is not aware at all of the RPL protocol may also connect as a host but the specifications for this to happen are not available at the time of this writing. 3.6. A Multi-Link Subnet Model An extended configuration of the subnet comprises multiple LLNs. The LLNs are interconnected and synchronized over a backbone, that can be wired or wireless. The backbone can be a classical IPv6 network, with Neighbor Discovery operating as defined in [RFC4861] and [RFC4862]. This architecture requires work to standardize the the registration of 6LoWPAN nodes to the Backbone Routers. In the extended configuration, a Backbone Router (6BBR) operates as described in [I-D.ietf-6lo-backbone-router]. The 6BBR performs ND proxy operations between the registered devices and the classical ND devices that are located over the backbone. 6TiSCH 6BBRs synchronize with one another over the backbone, so as to ensure that the multiple LLNs that form the IPv6 subnet stay tightly synchronized. Thubert Expires December 12, 2016 [Page 12] Internet-Draft 6tisch-architecture June 2016 ---+-------- ............ ------------ | External Network | | +-----+ | +-----+ | NME | +-----+ | +-----+ | | | | Router | | PCE | +-----+ | | +--| | +-----+ +-----+ | | | Subnet Backbone | +--------------------+------------------+ | | | +-----+ +-----+ +-----+ | | Backbone | | Backbone | | Backbone o | | router | | router | | router +-----+ +-----+ +-----+ o o o o o o o o o o o o o o o o o o o LLN o o o o o o o o o o o o o o o o Figure 4: Extended Configuration of a 6TiSCH Network As detailed in Section 4.1 the 6LoWPAN ND 6LBR and the root of the RPL network need to be collocated and share information about the devices that is learned through either protocol but not both. The combined RPL root and 6LBR may be collocated with the 6BBR, or directly attached to the 6BBR. In the latter case, it leverages the extended registration process defined in [I-D.ietf-6lo-backbone-router] to proxy the 6LoWPAN ND registration to the 6BBR on behalf of the LLN nodes, so that the 6BBR may in turn perform proxy classical ND operations over the backbone. If the Backbone is Deterministic (such as defined by the Time Sensitive Networking WG at IEEE), then the Backbone Router ensures that the end-to-end deterministic behavior is maintained between the LLN and the backbone. The DetNet Architecture [I-D.finn-detnet-architecture] studies Layer-3 aspects of Deterministic Networks, and covers networks that span multiple Layer-2 domains. 3.7. Join Process and Registration As detailed in Section 4.1 the combined 6LoWPAN ND 6LBR and root of the RPL network learn information such as the device Unique ID (from 6LoWPAN ND) and the updated Sequence Number (from RPL), and perform 6LoWPAN ND proxy registration to the 6BBR of behalf of the LLN nodes. Figure 5 illustrates the periodic signaling that starts at the leaf Thubert Expires December 12, 2016 [Page 13]Internet-Draft Diameter Credit-Control Application May 2018 account but MUST NOT return a new quota in the corresponding answer. The Validity-Time, Result-Code, and Final-Unit-Indication or QoS- Final-Unit-Indication AVPs MAY be present in an answer command as defined in Section 5.1.2 and Section 5.6 for the graceful service termination. When both the Tariff-Time-Change and Tariff-Change-Usage AVPs are present, the server MUST include two separate instances of the Multiple-Services-Credit-Control AVP with the Granted-Service-Unit AVP associated to the same service-identifier and/or rating-group. Where the two quotas are associated to the same pool or to different pools, the credit pooling mechanism defined in Section 5.1.2 applies. The Tariff-Change-Usage AVP MUST NOT be included in request commands to report used units before, and after tariff time change the Used- Service-Unit AVP MUST be used. A server not implementing the independent credit-control of multiple services functionality MUST treat the Multiple-Services-Credit- Control AVP as an invalid AVP. The Multiple-Services-Control AVP is defined as follows (per the grouped-avp-def of [RFC6733]): Multiple-Services-Credit-Control ::= < AVP Header: 456 > [ Granted-Service-Unit ] [ Requested-Service-Unit ] *[ Used-Service-Unit ] [ Tariff-Change-Usage ] *[ Service-Identifier ] [ Rating-Group ] *[ G-S-U-Pool-Reference ] [ Validity-Time ] [ Result-Code ] [ Final-Unit-Indication ] [ QoS-Final-Unit-Indication ] *[ AVP ] 8.17. Granted-Service-Unit AVP Granted-Service-Unit AVP (AVP Code 431) is of type Grouped and contains the amount of units that the Diameter credit-control client can provide to the end user until the service must be released or the new Credit-Control-Request must be sent. A client is not required to implement all the unit types, and it must treat unknown or unsupported unit types in the answer message as an incorrect CCA answer. In this case, the client MUST terminate the credit-control Bertz, et al. Expires November 19, 2018 [Page 67] Internet-Draft Diameter Credit-Control Application May 2018 session and indicate in the Termination-Cause AVP reason DIAMETER_BAD_ANSWER. The Granted-Service-Unit AVP is defined as follows (per the grouped- avp-def of [RFC6733]): Granted-Service-Unit ::= < AVP Header: 431 > [ Tariff-Time-Change ] [ CC-Time ] [ CC-Money ] [ CC-Total-Octets ] [ CC-Input-Octets ] [ CC-Output-Octets ] [ CC-Service-Specific-Units ] *[ AVP ] 8.18. Requested-Service-Unit AVP The Requested-Service-Unit AVP (AVP Code 437) is of type Grouped and contains the amount of requested units specified by the Diameter credit-control client. A server is not required to implement all the unit types, and it must treat unknown or unsupported unit types as invalid AVPs. The Requested-Service-Unit AVP is defined as follows (per the grouped-avp-def of [RFC6733]): Requested-Service-Unit ::= < AVP Header: 437 > [ CC-Time ] [ CC-Money ] [ CC-Total-Octets ] [ CC-Input-Octets ] [ CC-Output-Octets ] [ CC-Service-Specific-Units ] *[ AVP ] 8.19. Used-Service-Unit AVP The Used-Service-Unit AVP is of type Grouped (AVP Code 446) and contains the amount of used units measured from the point when the service became active or, if interim interrogations are used during the session, from the point when the previous measurement ended. Note: The values reported in a Used-Service-Unit AVP does not necessarily have a relation to the grant provided in a Granted- Service-Unit AVP, e.g., the value in this AVP may exceed the value in the grant. Bertz, et al. Expires November 19, 2018 [Page 68] Internet-Draft Diameter Credit-Control Application May 2018 The Used-Service-Unit AVP is defined as follows (per the grouped-avp- def of [RFC6733]): Used-Service-Unit ::= < AVP Header: 446 > [ Tariff-Change-Usage ] [ CC-Time ] [ CC-Money ] [ CC-Total-Octets ] [ CC-Input-Octets ] [ CC-Output-Octets ] [ CC-Service-Specific-Units ] *[ AVP ] 8.20. Tariff-Time-Change AVP The Tariff-Time-Change AVP (AVP Code 451) is of type Time. It is sent from the server to the client and includes the time in seconds since January 1, 1900, 00:00 UTC, when the tariff of the service will be changed. The tariff change mechanism is optional for the client and server, and it is not used for time-based services defined in Section 5. If a client does not support the tariff time change mechanism, it MUST treat Tariff-Time-Change AVP in the answer message as an incorrect CCA answer. In this case, the client terminates the credit-control session and indicates in the Termination-Cause AVP reason DIAMETER_BAD_ANSWER. Omission of this AVP means that no tariff change is to be reported. 8.21. CC-Time AVP The CC-Time AVP (AVP Code 420) is of type Unsigned32 and indicates the length of the requested, granted, or used time in seconds. 8.22. CC-Money AVP The CC-Money AVP (AVP Code 413) is of type Grouped and specifies the monetary amount in the given currency. The Currency-Code AVP SHOULD be included. It is defined as follows (per the grouped-avp-def of [RFC6733]): CC-Money ::= < AVP Header: 413 > { Unit-Value } [ Currency-Code ] Bertz, et al. Expires November 19, 2018 [Page 69] Internet-Draft Diameter Credit-Control Application May 2018 8.23. CC-Total-Octets AVP The CC-Total-Octets AVP (AVP Code 421) is of type Unsigned64 and contains the total number of requested, granted, or used octets regardless of the direction (sent or received). 8.24. CC-Input-Octets AVP The CC-Input-Octets AVP (AVP Code 412) is of type Unsigned64 and contains the number of requested, granted, or used octets that can be/have been received from the end user. 8.25. CC-Output-Octets AVP The CC-Output-Octets AVP (AVP Code 414) is of type Unsigned64 and contains the number of requested, granted, or used octets that can be/have been sent to the end user. 8.26. CC-Service-Specific-Units AVP The CC-Service-Specific-Units AVP (AVP Code 417) is of type Unsigned64 and specifies the number of service-specific units (e.g., number of events, points) given in a selected service. The service- specific units always refer to the service identified in the Service- Identifier AVP (or Rating-Group AVP when the Multiple-Services- Credit-Control AVP is used). 8.27. Tariff-Change-Usage AVP The Tariff-Change-Usage AVP (AVP Code 452) is of type Enumerated and defines whether units are used before or after a tariff change, or whether the units straddled a tariff change during the reporting period. Omission of this AVP means that no tariff change has occurred. In addition, when present in answer messages as part of the Multiple- Services-Credit-Control AVP, this AVP defines whether units are allocated to be used before or after a tariff change event. When the Tariff-Time-Change AVP is present, omission of this AVP in answer messages means that the single quota mechanism applies. Tariff-Change-Usage can be one of the following: UNIT_BEFORE_TARIFF_CHANGE 0 Bertz, et al. Expires November 19, 2018 [Page 70] Internet-Draft Diameter Credit-Control Application May 2018 When present in the Multiple-Services-Credit-Control AVP, this value indicates the amount of the units allocated for use before a tariff change occurs. When present in the Used-Service-Unit AVP, this value indicates the amount of resource units used before a tariff change had occurred. UNIT_AFTER_TARIFF_CHANGE 1 When present in the Multiple-Services-Credit-Control AVP, this value indicates the amount of the units allocated for use after a tariff change occurs. When present in the Used-Service-Unit AVP, this value indicates the amount of resource units used after tariff change had occurred. UNIT_INDETERMINATE 2 The used unit contains the amount of units that straddle the tariff change (e.g., the metering process reports to the credit-control client in blocks of n octets, and one block straddled the tariff change). This value is to be used only in the Used-Service-Unit AVP. 8.28. Service-Identifier AVP The Service-Identifier AVP is of type Unsigned32 (AVP Code 439) and contains the identifier of a service. The specific service the request relates to is uniquely identified by the combination of Service-Context-Id and Service-Identifier AVPs. A usage example of this AVP is illustrated in Appendix B.9. 8.29. Rating-Group AVP The Rating-Group AVP is of type Unsigned32 (AVP Code 432) and contains the identifier of a rating group. All the services subject to the same rating type are part of the same rating group. The specific rating group the request relates to is uniquely identified by the combination of Service-Context-Id and Rating-Group AVPs. A usage example of this AVP is illustrated in Appendix B.9. 8.30. G-S-U-Pool-Reference AVP The G-S-U-Pool-Reference AVP (AVP Code 457) is of type Grouped. It is used in the Credit-Control-Answer message, and associates the Granted-Service-Unit AVP within which it appears with a credit pool within the session. Bertz, et al. Expires November 19, 2018 [Page 71] Internet-Draft Diameter Credit-Control Application May 2018 The G-S-U-Pool-Identifier AVP specifies the credit pool from which credit is drawn for this unit type. The CC-Unit-Type AVP specifies the type of units for which credit is pooled. The Unit-Value AVP specifies the multiplier, which converts between service units of type CC-Unit-Type and abstract service units within the credit pool (and thus to service units of any other service or rating group associated with the same pool). The G-S-U-Pool-Reference AVP is defined as follows (per the grouped- avp-def of [RFC6733]): G-S-U-Pool-Reference ::= < AVP Header: 457 > { G-S-U-Pool-Identifier } { CC-Unit-Type } { Unit-Value } 8.31. G-S-U-Pool-Identifier AVP The G-S-U-Pool-Identifier AVP (AVP Code 453) is of type Unsigned32 and identifies a credit pool within the session. 8.32. CC-Unit-Type AVP The CC-Unit-Type AVP (AVP Code 454) is of type Enumerated and specifies the type of units considered to be pooled into a credit pool. The following values are defined for the CC-Unit-Type AVP: TIME 0 MONEY 1 TOTAL-OCTETS 2 INPUT-OCTETS 3 OUTPUT-OCTETS 4 SERVICE-SPECIFIC-UNITS 5 8.33. Validity-Time AVP The Validity-Time AVP is of type Unsigned32 (AVP Code 448). It is sent from the credit-control server to the credit-control client. The AVP contains the validity time of the granted service units. The measurement of the Validity-Time is started upon receipt of the Credit-Control-Answer Message containing this AVP. If the granted service units have not been consumed within the validity time Bertz, et al. Expires November 19, 2018 [Page 72] Internet-Draft Diameter Credit-Control Application May 2018 specified in this AVP, the credit-control client MUST send a Credit- Control-Request message to the server, with CC-Request-Type set to UPDATE_REQUEST. The value field of the Validity-Time AVP is given in seconds. The Validity-Time AVP is also used for the graceful service termination (see Section 5.6) to indicate to the credit-control client how long the subscriber is allowed to use network resources after the specified action (i.e., REDIRECT or RESTRICT_ACCESS) started. When the Validity-Time elapses, a new intermediate interrogation is sent to the server. 8.34. Final-Unit-Indication AVP The Final-Unit-Indication AVP (AVP Code 430) is of type Grouped and indicates that the Granted-Service-Unit AVP in the Credit-Control- Answer, or in the AA answer, contains the final units for the service. After these units have expired, the Diameter credit-control client is responsible for executing the action indicated in the Final-Unit-Action AVP (see Section 5.6). If more than one unit type is received in the Credit-Control-Answer, the unit type that first expired SHOULD cause the credit-control client to execute the specified action. In the first interrogation, the Final-Unit-Indication AVP with Final- Unit-Action REDIRECT or RESTRICT_ACCESS can also be present with no Granted-Service-Unit AVP in the Credit-Control-Answer or in the AA answer. This indicates to the Diameter credit-control client to execute the specified action immediately. If the home service provider policy is to terminate the service, naturally, the server SHOULD return the appropriate transient failure (see Section 9.1) in order to implement the policy-defined action. The Final-Unit-Action AVP defines the behavior of the service element when the user's account cannot cover the cost of the service and MUST always be present if the Final-Unit-Indication AVP is included in a command. If the Final-Unit-Action AVP is set to TERMINATE, the Final-Unit- Indication group MUST NOT contain any other AVPs. If the Final-Unit-Action AVP is set to REDIRECT at least the Redirect-Server AVP MUST be present. The Restriction-Filter-Rule AVP or the Filter-Id AVP MAY be present in the Credit-Control-Answer message if the user is also allowed to access other services that are not accessible through the address given in the Redirect-Server AVP. Bertz, et al. Expires November 19, 2018 [Page 73] Internet-Draft Diameter Credit-Control Application May 2018 If the Final-Unit-Action AVP is set to RESTRICT_ACCESS, either the Restriction-Filter-Rule AVP or the Filter-Id AVP SHOULD be present. The Filter-Id AVP is defined in [RFC7155]. The Filter-Id AVP can be used to reference an IP filter list installed in the access device by means other than the Diameter credit-control application, e.g., locally configured or configured by another entity. If the Final-Unit-Action AVP is set to REDIRECT and the type of server is not one of the enumerations in the Redirect-Address-Type AVP, then the QoS-Final-Unit-Indication AVP SHOULD be used together with the Redirect-Server-Extension AVP instead of the Final-Unit- Indication AVP. If the Final-Unit-Action AVP is set to RESTRICT_ACCESS or REDIRECT and the classification of the restricted traffic cannot be expressed using IPFilterRule, or different actions (e.g., QoS) than just allowing traffic needs to be enforced, then the QoS-Final-Unit- Indication AVP SHOULD be used instead of the Final-Unit-Indication AVP. However, if the credit-control server wants to preserve backward compatibility with credit-control clients that support only [RFC4006], the Final-Unit-Indication AVP SHOULD be used together with the Filter-Id AVP. The Final-Unit-Indication AVP is defined as follows (per the grouped- avp-def of [RFC6733]): Final-Unit-Indication ::= < AVP Header: 430 > { Final-Unit-Action } *[ Restriction-Filter-Rule ] *[ Filter-Id ] [ Redirect-Server ] 8.35. Final-Unit-Action AVP The Final-Unit-Action AVP (AVP Code 449) is of type Enumerated and indicates to the credit-control client the action to be taken when the user's account cannot cover the service cost. The Final-Unit-Action can be one of the following: TERMINATE 0 The credit-control client MUST terminate the service session. This is the default handling, applicable whenever the credit-control client receives an unsupported Final-Unit-Action value, and it MUST Bertz, et al. Expires November 19, 2018 [Page 74] Internet-Draft Diameter Credit-Control Application May 2018 be supported by all the Diameter credit-control client implementations conforming to this specification. REDIRECT 1 The service element MUST redirect the user to the address specified in the Redirect-Server-Address AVP or one of the AVPs included in the Redirect-Server-Extension AVP. The redirect action is defined in Section 5.6.2. RESTRICT_ACCESS 2 The access device MUST restrict the user access according to the filter AVPs contained in the applied grouped AVP: according to IP packet filters defined in the Restriction-Filter-Rule AVP, according to the packet classifier filters defined in Filter-Rule AVP, or according to the packet filters identified by the Filter-Id AVP. All the packets not matching any filters MUST be dropped (see Section 5.6.3). 8.36. Restriction-Filter-Rule AVP The Restriction-Filter-Rule AVP (AVP Code 438) is of type IPFilterRule and provides filter rules corresponding to services that are to remain accessible even if there are no more service units granted. The access device has to configure the specified filter rules for the subscriber and MUST drop all the packets not matching these filters. Zero, one, or more such AVPs MAY be present in a Credit-Control-Answer message or in an AA answer message. 8.37. Redirect-Server AVP The Redirect-Server AVP (AVP Code 434) is of type Grouped and contains the address information of the redirect server (e.g., HTTP redirect server, SIP Server) with which the end user is to be connected when the account cannot cover the service cost. It MUST be present when the Final-Unit-Action AVP is set to REDIRECT. It is defined as follows (per the grouped-avp-def of [RFC6733]): Redirect-Server ::= < AVP Header: 434 > { Redirect-Address-Type } { Redirect-Server-Address } Bertz, et al. Expires November 19, 2018 [Page 75] Internet-Draft Diameter Credit-Control Application May 2018 8.38. Redirect-Address-Type AVP The Redirect-Address-Type AVP (AVP Code 433) is of type Enumerated and defines the address type of the address given in the Redirect- Server-Address AVP. The address type can be one of the following: IPv4 Address 0 The address type is in the form of "dotted-decimal" IPv4 address, as defined in [RFC0791]. IPv6 Address 1 The address type is in the form of IPv6 address, as defined in [RFC4291]. The address MUST conform to the text representation of the address according to [RFC5952]. URL 2 The address type is in the form of Uniform Resource Locator, as defined in [RFC3986]. SIP URI 3 The address type is in the form of SIP Uniform Resource Identifier, as defined in [RFC3261]. 8.39. Redirect-Server-Address AVP The Redirect-Server-Address AVP (AVP Code 435) is of type UTF8String and defines the address of the redirect server (e.g., HTTP redirect server, SIP Server) with which the end user is to be connected when the account cannot cover the service cost. 8.40. Multiple-Services-Indicator AVP The Multiple-Services-Indicator AVP (AVP Code 455) is of type Enumerated and indicates whether the Diameter credit-control client is capable of handling multiple services independently within a (sub-) session. The absence of this AVP means that independent credit-control of multiple services is not supported. A server not implementing the independent credit-control of multiple services MUST treat the Multiple-Services-Indicator AVP as an invalid AVP. Bertz, et al. Expires November 19, 2018 [Page 76] Internet-Draft Diameter Credit-Control Application May 2018 The following values are defined for the Multiple-Services-Indicator AVP: MULTIPLE_SERVICES_NOT_SUPPORTED 0 Client does not support independent credit-control of multiple services within a (sub-)session. MULTIPLE_SERVICES_SUPPORTED 1 Client supports independent credit-control of multiple services within a (sub-)session. 8.41. Requested-Action AVP The Requested-Action AVP (AVP Code 436) is of type Enumerated and contains the requested action being sent by Credit-Control-Request command where the CC-Request-Type is set to EVENT_REQUEST. The following values are defined for the Requested-Action AVP: DIRECT_DEBITING 0 This indicates a request to decrease the end user's account according to information specified in the Requested-Service-Unit AVP and/or Service-Identifier AVP (additional rating information may be included in service-specific AVPs or in the Service-Parameter-Info AVP). The Granted-Service-Unit AVP in the Credit-Control-Answer command contains the debited units. REFUND_ACCOUNT 1 This indicates a request to increase the end user's account according to information specified in the Requested-Service-Unit AVP and/or Service-Identifier AVP (additional rating information may be included in service-specific AVPs or in the Service-Parameter-Info AVP). The Granted-Service-Unit AVP in the Credit-Control-Answer command contains the refunded units. CHECK_BALANCE 2 This indicates a balance check request. In this case, the checking of the account balance is done without any credit reservation from the account. The Check-Balance-Result AVP in the Credit-Control- Answer command contains the result of the balance check. PRICE_ENQUIRY 3 Bertz, et al. Expires November 19, 2018 [Page 77] Internet-Draft Diameter Credit-Control Application May 2018 This indicates a price enquiry request. In this case, neither checking of the account balance nor reservation from the account will be done; only the price of the service will be returned in the Cost- Information AVP in the Credit-Control-Answer Command. 8.42. Service-Context-Id AVP The Service-Context-Id AVP is of type UTF8String (AVP Code 461) and contains a unique identifier of the Diameter credit-control service specific document that applies to the request (as defined in Section 4.1.2). This is an identifier allocated by the service provider, by the service element manufacturer, or by a standardization body, and MUST uniquely identify a given Diameter credit-control service specific document. The format of the Service- Context-Id is: "service-context" "@" "domain" service-context = Token The Token is an arbitrary string of characters and digits. 'domain' represents the entity that allocated the Service-Context-Id. It can be ietf.org, 3gpp.org, etc., if the identifier is allocated by a standardization body, or it can be the FQDN of the service provider (e.g., provider.example.com) or of the vendor (e.g., vendor.example.com) if the identifier is allocated by a private entity. This AVP SHOULD be placed as close to the Diameter header as possible. Service-specific documents that are for private use only (i.e., to one provider's own use, where no interoperability is deemed useful) may define private identifiers without need of coordination. However, when interoperability is wanted, coordination of the identifiers via, for example, publication of an informational RFC is RECOMMENDED in order to make Service-Context-Id globally available. 8.43. Service-Parameter-Info AVP The Service-Parameter-Info AVP (AVP Code 440) is of type Grouped and contains service-specific information used for price calculation or rating. The Service-Parameter-Type AVP defines the service parameter type, and the Service-Parameter-Value AVP contains the parameter value. The actual contents of these AVPs are not within the scope of this document and SHOULD be defined in another Diameter application, Bertz, et al. Expires November 19, 2018 [Page 78] Internet-Draft Diameter Credit-Control Application May 2018 in standards written by other standardization bodies, or in service- specific documentation. In the case of an unknown service request (e.g., unknown Service- Parameter-Type), the corresponding answer message MUST contain the error code DIAMETER_RATING_FAILED. A Credit-Control-Answer message with this error MUST contain one or more Failed-AVP AVPs containing the Service-Parameter-Info AVPs that caused the failure. It is defined as follows (per the grouped-avp-def of [RFC6733]): Service-Parameter-Info ::= < AVP Header: 440 > { Service-Parameter-Type } { Service-Parameter-Value } 8.44. Service-Parameter-Type AVP The Service-Parameter-Type AVP is of type Unsigned32 (AVP Code 441) and defines the type of the service event specific parameter (e.g., it can be the end-user location or service name). The different parameters and their types are service specific, and the meanings of these parameters are not defined in this document. Whoever allocates the Service-Context-Id (i.e., unique identifier of a service-specific document) is also responsible for assigning Service-Parameter-Type values for the service and ensuring their uniqueness within the given service. The Service-Parameter-Value AVP contains the value associated with the service parameter type. 8.45. Service-Parameter-Value AVP The Service-Parameter-Value AVP is of type OctetString (AVP Code 442) and contains the value of the service parameter type. 8.46. Subscription-Id AVP The Subscription-Id AVP (AVP Code 443) is used to identify the end user's subscription and is of type Grouped. The Subscription-Id AVP includes a Subscription-Id-Data AVP that holds the identifier and a Subscription-Id-Type AVP that defines the identifier type. It is defined as follows (per the grouped-avp-def of [RFC6733]): Subscription-Id ::= < AVP Header: 443 > { Subscription-Id-Type } { Subscription-Id-Data } Bertz, et al. Expires November 19, 2018 [Page 79] Internet-Draft Diameter Credit-Control Application May 2018 8.47. Subscription-Id-Type AVP The Subscription-Id-Type AVP (AVP Code 450) is of type Enumerated, and it is used to determine which type of identifier is carried by the Subscription-Id AVP. This specification defines the following subscription identifiers. However, new Subscription-Id-Type values can be assigned by an IANA designated expert, as defined in Section 12. A server MUST implement all the Subscription-Id-Types required to perform credit authorization for the services it supports, including possible future values. Unknown or unsupported Subscription-Id-Types MUST be treated according to the 'M' flag rule, as defined in [RFC6733]. END_USER_E164 0 The identifier is in international E.164 format (e.g., MSISDN), according to the ITU-T E.164 numbering plan defined in [E164] and [CE164]. END_USER_IMSI 1 The identifier is in international IMSI format, according to the ITU-T E.212 numbering plan as defined in [E212] and [CE212]. END_USER_SIP_URI 2 The identifier is in the form of a SIP URI, as defined in [RFC3261]. END_USER_NAI 3 The identifier is in the form of a Network Access Identifier, as defined in [RFC7542]. END_USER_PRIVATE 4 The Identifier is a credit-control server private identifier. 8.48. Subscription-Id-Data AVP The Subscription-Id-Data AVP (AVP Code 444) is used to identify the end user and is of type UTF8String. The Subscription-Id-Type AVP defines which type of identifier is used. Bertz, et al. Expires November 19, 2018 [Page 80] Internet-Draft Diameter Credit-Control Application May 2018 8.49. User-Equipment-Info AVP The User-Equipment-Info AVP (AVP Code 458) is of type Grouped and allows the credit-control client to indicate the identity and capability of the terminal the subscriber is using for the connection to network. It is defined as follows (per the grouped-avp-def of [RFC6733]): User-Equipment-Info ::= < AVP Header: 458 > { User-Equipment-Info-Type } { User-Equipment-Info-Value } 8.50. User-Equipment-Info-Type AVP The User-Equipment-Info-Type AVP is of type Enumerated (AVP Code 459) and defines the type of user equipment information contained in the User-Equipment-Info-Value AVP. This specification defines the following user equipment types. However, new User-Equipment-Info-Type values can be assigned by an IANA designated expert, as defined in Section 12. IMEISV 0 The identifier contains the International Mobile Equipment Identifier and Software Version in the international IMEISV format according to 3GPP TS 23.003 [TGPPIMEI]. MAC 1 The 48-bit MAC address is formatted as described in [RFC3580]. EUI64 2 The 64-bit identifier used to identify the hardware instance of the product, as defined in [EUI64]. MODIFIED_EUI64 3 There are a number of types of terminals that have identifiers other than IMEI, IEEE 802 MACs, or EUI-64. These identifiers can be converted to modified EUI-64 format as described in [RFC4291] or by using some other methods referred to in the service-specific documentation. Bertz, et al. Expires November 19, 2018 [Page 81] Internet-Draft Diameter Credit-Control Application May 2018 8.51. User-Equipment-Info-Value AVP The User-Equipment-Info-Value AVP (AVP Code 460) is of type OctetString. The User-Equipment-Info-Type AVP defines which type of identifier is used. 8.52. User-Equipment-Info-Extension AVP The User-Equipment-Info-Extension AVP (AVP Code TBD1) is of type Grouped and allows the credit-control client to indicate the identity and capability of the terminal the subscriber is using for the connection to network. If the type of the equipment is one of the enumerated types of User-Equipment-Info-Type AVP, then the credit- control client SHOULD send the information in the User-Equipment-Info AVP, in addition to or instead of the User-Equipment-Info-Extension AVP. This is in order to preserve backward compatibility with credit-control servers that support only [RFC4006]. Exactly one AVP MUST be included inside the User-Equipment-Info-Extension AVP. It is defined as follows (per the grouped-avp-def of [RFC6733]): User-Equipment-Info-Extension ::= < AVP Header: TBD1 > [ User-Equipment-Info-IMEISV ] [ User-Equipment-Info-MAC ] [ User-Equipment-Info-EUI64 ] [ User-Equipment-Info-ModifiedEUI64 ] [ User-Equipment-Info-IMEI ] [ AVP ] 8.53. User-Equipment-Info-IMEISV AVP The User-Equipment-Info-IMEISV (AVP Code TBD2) is of type OctetString. The User-Equipment-Info-IMEISV AVP contains the International Mobile Equipment Identifier and Software Version in the international IMEISV format according to 3GPP TS 23.003 [TGPPIMEI]. 8.54. User-Equipment-Info-MAC AVP The User-Equipment-Info-MAC (AVP Code TBD3) is of type OctetString. The User-Equipment-Info-MAC AVP contains the 48-bit MAC address is formatted as described in [RFC3580]. 8.55. User-Equipment-Info-EUI64 AVP The User-Equipment-Info-EUI64 (AVP Code TBD4) is of type OctetString. The UUser-Equipment-Info-EUI64 AVP contains the 64-bit identifier Bertz, et al. Expires November 19, 2018 [Page 82] Internet-Draft Diameter Credit-Control Application May 2018 used to identify the hardware instance of the product, as defined in [EUI64]. 8.56. User-Equipment-Info-ModifiedEUI64 AVP The User-Equipment-Info-ModifiedEUI64 (AVP Code TBD5) is of type OctetString. There are a number of types of terminals that have identifiers other than IMEI, IEEE 802 MACs, or EUI-64. These identifiers can be converted to modified EUI-64 format as described in [RFC4291] or by using some other methods referred to in the service-specific documentation. The User-Equipment-Info- ModifiedEUI64 AVP contains such identifiers. 8.57. User-Equipment-Info-IMEI AVP The User-Equipment-Info-IMEI (AVP Code TBD6) is of type OctetString. The User-Equipment-Info-IMEI AVP contains the International Mobile Equipment Identifier in the international IMEI format according to 3GPP TS 23.003 [TGPPIMEI]. 8.58. Subscription-Id-Extension AVP The Subscription-Id-Extension AVP (AVP Code TBD7) is used to identify the end user's subscription and is of type Grouped. The Subscription-Id-Extension group AVP MUST include an AVP holding the subscription identifier. The type of this included AVP indicates the type of the subscription identifier. For each of the enumerated values of the Subscription-Id-Type AVP, there is a corresponding sub- AVP for use within the Subscription-Id-Extension group AVP. If a new identifier type is required a corresponding new sub-AVP SHOULD be defined for use within the Subscription-Id-Extension group AVP. If full backward compatibility with [RFC4006] is required, then the Subscription-Id AVP MUST be used to indicate identifier types enumerated in the Subscription-Id-Type AVP, whereas the Subscription- Id-Extension AVP MUST be used only for newly defined identifier types. If full backward compatibility with [RFC4006] is not required, then the Subscription-Id-Extension AVP MAY be used to carry out the existing identifier types. In this case, Subscription-Id- Extension AVP MAY be sent together with Subscription-Id AVP. Exactly one sub-AVP MUST be included inside the Subscription-Id- Extension AVP. It is defined as follows (per the grouped-avp-def of [RFC6733]): Bertz, et al. Expires November 19, 2018 [Page 83] Internet-Draft Diameter Credit-Control Application May 2018 Subscription-Id-Extension ::= < AVP Header: TBD7 > [ Subscription-Id-E164 ] [ Subscription-Id-IMSI ] [ Subscription-Id-SIP-URI ] [ Subscription-Id-NAI ] [ Subscription-Id-Private ] [ AVP ] 8.59. Subscription-Id-E164 AVP The Subscription-Id-E164 (AVP Code TBD8) is of type UTF8String. The Subscription-Id-E164 AVP contains the international E.164 format (e.g., MSISDN), according to the ITU-T E.164 numbering plan defined in [E164] and [CE164]. 8.60. Subscription-Id-IMSI AVP The Subscription-Id-IMSI (AVP Code TBD9) is of type UTF8String. The Subscription-Id-IMSI AVP contains the international IMSI format, according to the ITU-T E.212 numbering plan as defined in [E212] and [CE212]. 8.61. Subscription-Id-SIP-URI AVP The Subscription-Id-SIP-URI (AVP Code TBD10) is of type UTF8String. The Subscription-Id-SIP-URI AVP contains the identifier in the form of a SIP URI, as defined in [RFC3261]. 8.62. Subscription-Id-NAI AVP The Subscription-Id-NAI (AVP Code TBD11) is of type UTF8String. The Subscription-Id-NAI AVP contains the identifier in the form of a Network Access Identifier, as defined in [RFC7542]. 8.63. Subscription-Id-Private AVP The Subscription-Id-Private (AVP Code TBD12) is of type UTF8String. The Subscription-Id-Private AVP contains a credit-control server private identifier. 8.64. Redirect-Server-Extension AVP The Redirect-Server-Extension AVP (AVP Code TBD13) is of type Grouped and contains the address information of the redirect server (e.g., HTTP redirect server, SIP Server) with which the end user is to be connected when the account cannot cover the service cost. It MUST be present inside the QoS-Final-Unit-Indication AVP when the Final-Unit- Bertz, et al. Expires November 19, 2018 [Page 84] Internet-Draft Diameter Credit-Control Application May 2018 Action AVP is set to REDIRECT. If the type of the redirect server is one of the enumerated values of the Redirect-Address-Type AVP, then the credit-control server SHOULD send the information in the Redirect-Server AVP, in addition to or instead of the Redirect- Server-Extension AVP. This is in order to preserve backward compatibility with credit-control clients that support only [RFC4006]. Exactly one AVP MUST be included inside the Redirect- Server-Extension AVP. It is defined as follows (per the grouped-avp-def of [RFC6733]): Redirect-Server-Extension ::= < AVP Header: TBD13 > [ Redirect-Address-IPAddress ] [ Redirect-Address-URL ] [ Redirect-Address-SIP-URI ] [ AVP ] 8.65. Redirect-Address-IPAddress AVP The Redirect-Address-IPAddress AVP (AVP Code TBD14) is of type Address and defines the IPv4 or IPv6 address of the redirect server with which the end user is to be connected when the account cannot cover the service cost. When encoded as an IPv6 address in 16 bytes, the IPv4-mapped IPv6 format [RFC4291] MAY be used to indicate an IPv4 address. 8.66. Redirect-Address-URL AVP The Redirect-Address-URL AVP (AVP Code TBD15) is of type UTF8String and defines the address of the redirect server with which the end user is to be connected when the account cannot cover the service cost. The address type is in the form of Uniform Resource Locator, as defined in [RFC3986]. 8.67. Redirect-Address-SIP-URI AVP The Redirect-Address-SIP-URI AVP (AVP Code TBD16) is of type UTF8String and defines the address of the redirect server with which the end user is to be connected when the account cannot cover the service cost. The address type is in the form of SIP Uniform Resource Identifier, as defined in [RFC3261]. Bertz, et al. Expires November 19, 2018 [Page 85] Internet-Draft Diameter Credit-Control Application May 2018 8.68. QoS-Final-Unit-Indication AVP The QoS-Final-Unit-Indication AVP (AVP Code TBD17) is of type Grouped and indicates that the Granted-Service-Unit AVP in the Credit- Control-Answer, or in the AA answer, contains the final units for the service. After these units have expired, the Diameter credit-control client is responsible for executing the action indicated in the Final-Unit-Action AVP (see Section 5.6). If more than one unit type is received in the Credit-Control-Answer, the unit type that first expired SHOULD cause the credit-control client to execute the specified action. In the first interrogation, the QoS-Final-Unit-Indication AVP with Final-Unit-Action REDIRECT or RESTRICT_ACCESS can also be present with no Granted-Service-Unit AVP in the Credit-Control-Answer or in the AA answer. This indicates to the Diameter credit-control client to execute the specified action immediately. If the home service provider policy is to terminate the service, naturally, the server SHOULD return the appropriate transient failure (see Section 9.1) in order to implement the policy-defined action. The Final-Unit-Action AVP defines the behavior of the service element when the user's account cannot cover the cost of the service and MUST always be present if the QoS-Final-Unit-Indication AVP is included in a command. If the Final-Unit-Action AVP is set to TERMINATE, the QoS-Final-Unit- Indication group MUST NOT contain any other AVPs. If the Final-Unit-Action AVP is set to REDIRECT at least the Redirect-Server-Extension AVP MUST be present. The Filter-Rule AVP or the Filter-Id AVP MAY be present in the Credit-Control-Answer message if the user is also allowed to access other services that are not accessible through the address given in the Redirect-Server- Extension AVP or if the access to these services needs to be limited in some way (e.g., QoS). If the Final-Unit-Action AVP is set to RESTRICT_ACCESS, either the Filter-Rule AVP or the Filter-Id AVP SHOULD be present. The Filter-Rule AVP is defined in [RFC5777]. The Filter-Rule AVP can be used to define a specific condition and action combination. If used only with traffic conditions, it should define which traffic should allowed when no more service units are granted. However, if QoS or treatment information exists in the AVP, these actions should be executed, e.g., limiting the allowed traffic with certain QoS. Bertz, et al. Expires November 19, 2018 [Page 86] Internet-Draft Diameter Credit-Control Application May 2018 When multiple Filter-Rule AVPs exist, precedence should be determined as defined in [RFC5777]. The Filter-Id AVP is defined in [RFC7155]. The Filter-Id AVP can be used to reference an IP filter list installed in the access device by means other than the Diameter credit-control application, e.g., locally configured or configured by another entity. If the Final-Unit-Action AVP is set to TERMINATE, or set to RESTRICT_ACCESS and the action required is allow only traffic that could be classified using an IPFilterRule, or set to REDIRECT of a type which is one of the types in the Redirect-Address-Type AVP, then the credit-control server SHOULD send the information in the Final- Unit-Indication AVP, in addition to or instead of the QoS-Final-Unit- Indication AVP. This is in order to preserve backward compatibility with credit-control clients that support only [RFC4006]. The QoS-Final-Unit-Indication AVP is defined as follows (per the grouped-avp-def of [RFC6733]): QoS-Final-Unit-Indication ::= < AVP Header: TBD17 > { Final-Unit-Action } *[ Filter-Rule ] *[ Filter-Id ] [ Redirect-Server-Extension ] *[ AVP ] 9. Result Code AVP Values This section defines new Result-Code AVP [RFC6733] values that must be supported by all Diameter implementations that conform to this specification. The Credit-Control-Answer message includes the Result-Code AVP, which may indicate that an error was present in the Credit-Control-Request message. A rejected Credit-Control-Request message SHOULD cause the user's session to be terminated. 9.1. Transient Failures Errors that fall within the transient failures category are used to inform a peer that the request could not be satisfied at the time it was received, but that the request MAY be able to be satisfied in the future. DIAMETER_END_USER_SERVICE_DENIED 4010 Bertz, et al. Expires November 19, 2018 [Page 87] Internet-Draft Diameter Credit-Control Application May 2018 Internet-Draft 6tisch-architecture June 2016 node with 6LoWPAN ND, is then carried over RPL to the RPL root, and then to the 6BBR. Efficient ND being an adaptation of 6LoWPAN ND, it makes sense to keep those two homogeneous in the way they use the source and the target addresses in the Neighbor Solicitation (NS) messages for registration, as well as in the options that they use for that process. 6LoWPAN Node 6LR 6LBR 6BBR (RPL leaf) (router) (root) | | | | | 6LoWPAN ND |6LoWPAN ND+RPL | Efficient ND | IPv6 ND | LLN link |Route-Over mesh| IPv6 link | Backbone | | | | | NS(ARO) | | | |-------------->| | | | 6LoWPAN ND | DAR (then DAO)| | | |-------------->| | | | | NS(ARO) | | | |-------------->| | | | | DAD | | | |------> | | | | | | | NA(ARO) | | | |<--------------| | | DAC | | | |<--------------| | | NA(ARO) | | | |<--------------| | | Figure 5: (Re-)Registration Flow over Multi-Link Subnet As the network builds up, a node should start as a leaf to join the RPL network, and may later turn into both a RPL-capable router and a 6LR, so as to accept leaf nodes to recursively join the network. 3.8. Dependencies on Work In Progress In order to control the complexity and the size of the 6TiSCH work, the architecture and the associated IETF work are staged and the WG is expected to recharter multiple times. This document is incremented as the work progresses following the evolution of the WG charter and the availability of dependent work. The intent is to publish when the WG concludes. At the time of this writing: Thubert Expires December 12, 2016 [Page 14] Internet-Draft 6tisch-architecture June 2016 o The architecture of the operation of RPL over a dynamic schedule is being studied at 6TISCH as the second iteration of the charter. o The need of a reactive routing protocol to establish on-demand constraint-optimized routes and a reservation protocol to establish Layer-3 Tracks is being discussed at 6TiSCH but not chartered for. o the components and protocols that are required to implement this stage of architecture are not fully available from the IETF. In particular, the requirements on an evolution of 6LoWPAN Neighbor Discovery that are needed to implement the Backbone Router as covered by this stage of the architecture are detailed in [I-D.thubert-6lo-rfc6775-update-reqs], and a number of those requirements are fulfilled in [I-D.ietf-6lo-backbone-router]. o The work on centralized Track computation is deferred to a subsequent iteration of the 6TiSCH charter. The idea at the time of this writing is that 6TiSCH will apply the concepts of Deterministic Networking on a Layer-3 network. The 6TiSCH Architecture should thus inherit from the DetNet [I-D.finn-detnet-architecture] architecture and thus depends on it. The Path Computation Element (PCE) should be a core component of that architecture. Around the PCE, a protocol such as an extension to a TEAS [TEAS] protocol will be required to expose the 6TiSCH node capabilities and the network peers to the PCE, and a protocol such as a lightweight PCEP or an adaptation of CCAMP [CCAMP] G-MPLS formats and procedures will be used to publish the Tracks, as computed by the PCE, to the 6TiSCH nodes. o The security model and in particular the join process are being discussed at 6lo and 6TiSCH. PANA is presented in Section 3.1 as a candidate of choice for the join process but alternatives are discussed. Work resulting from [ACE] could be considered as well. Related contributions are presented in Appendix A. o The current charter positions 6TiSCH on IEEE802.15.4 only. Though most of the design should be portable on other link types, 6TiSCH has a strong dependency on IEEE802.15.4 and its evolution. At the time of this writing, a revision of the IEEE802.15.4 standard is expected early 2016. That revision should integrate TSCH as well as other amendments and fixes into the main specification. The impact on this Architecture should be minimal to non-existent, but deeper work such as 6top and security may be impacted. A 6TiSCH Interest Group was formed at IEEE to maintain the synchronization and help foster work at the IEEE should 6TiSCH demand it. Thubert Expires December 12, 2016 [Page 15] Internet-Draft 6tisch-architecture June 2016 o Work is being proposed at IEEE (802.15.12 PAR) for an LLC that would logically include the 6top sublayer. The interaction with the 6top sublayer and the Scheduling Functions described in this document are yet to be defined. o ISA100 [ISA100] Common Network Management (CNM) is another external work of interest for 6TiSCH. The group, referred to as ISA100.20, defines a Common Network Management framework that should enable the management of resources that are controlled by heterogeneous protocols such as ISA100.11a [ISA100.11a], WirelessHART [WirelessHART], and 6TiSCH. Interestingly, the establishment of 6TiSCH Deterministic paths, called Tracks, are also in scope, and ISA100.20 is working on requirements for DetNet. 4. Deeper Dive 4.1. 6LoWPAN (and RPL) 4.1.1. RPL Leaf Support in 6LoWPAN ND RPL needs a set of information in order to advertise a leaf node through a DAO message and establish reachability. At the bare minimum the leaf device must provide a sequence number that matches the RPL specification in section 7. Section 5.3 of [I-D.ietf-6lo-backbone-router], on the Extended Address Registration Option (EARO), already incorporates that addition with a new field in the option called the Transaction ID. If for some reason the node is aware of RPL topologies, then providing the RPL InstanceID for the instances to which the node wishes to participate would be a welcome addition. In the absence of such information, the RPL router must infer the proper instanceID from external rules and policies. On the backbone, the InstanceID is expected to be mapped onto a an overlay that matches the instanceID, for instance a VLANID. This architecture leverages [I-D.ietf-6lo-backbone-router] that extends 6LoWPAN ND [RFC6775] to carry the counter as an abstract Transaction ID (TID). 4.1.2. RPL Root And 6LBR 6LoWPAN ND is unclear on how the 6LBR is discovered, and how the liveliness of the 6LBR is asserted over time. On the other hand, the discovery and liveliness of the RPL root are obtained through the RPL Thubert Expires December 12, 2016 [Page 16] Internet-Draft 6tisch-architecture June 2016 protocol. This architecture suggests to collocate these functions by default, in which case the discovery of the 6LBR is automatic for RPL leaves. When 6LoWPAN ND is coupled with RPL, the 6LBR and RPL root functionalities are co-located in order that the address of the 6LBR be indicated by RPL DIO messages and to associate the unique ID from the DAR/DAC exchange with the state that is maintained by RPL. The DAR/DAC exchange becomes a preamble to the DAO messages that are used from then on to reconfirm the registration, thus eliminating a duplication of functionality between DAO and DAR messages. Even though the root of the RPL network is integrated with the 6LBR, it is logically separated from the Backbone Router (6BBR) that is used to connect the 6TiSCH LLN to the backbone. This way, the root has all information from 6LoWPAN ND and RPL about the LLN devices attached to it. This architecture also expects that the root of the RPL network (proxy-)registers the 6TiSCH nodes on their behalf to the 6BBR, for whatever operation the 6BBR performs on the backbone, such as ND proxy, or redistribution in a routing protocol. This relies on an extension of the 6LoWPAN ND registration described in [I-D.ietf-6lo-backbone-router]. This model supports the movement of a 6TiSCH device across the Multi- Link Subnet, and allows the proxy registration of 6TiSCH nodes deep into the 6TiSCH LLN by the 6LBR / RPL root. This requires an alteration from [RFC6775] whereby the Target Address of the NS message is registered as opposed to the Source, which, in the case of a proxy registration, is that of the 6LBR / RPL root itself. 4.2. TSCH and 6top 4.2.1. 6top 6top is a logical link control sitting between the IP layer and the TSCH MAC layer, which provides the link abstraction that is required for IP operations. The 6top operations are specified in [I-D.ietf-6tisch-6top-protocol]. In particular, 6top provides a management interface that enables an external management entity to schedule cells and slotFrames, and allows the addition of complementary functionality, for instance to support a dynamic schedule management based on observed resource usage as discussed in Section 4.4.2. The 6top data model and management interfaces are further discussed in Section 4.4.3. Thubert Expires December 12, 2016 [Page 17] Internet-Draft 6tisch-architecture June 2016 4.2.1.1. Hard Cells The architecture defines "soft" cells and "hard" cells. "Hard" cells are owned and managed by an separate scheduling entity (e.g. a PCE) that specifies the slotOffset/channelOffset of the cells to be added/moved/deleted, in which case 6top can only act as instructed, and may not move hard cells in the TSCH schedule on its own. 4.2.1.2. Soft Cells 6top contains a monitoring process which monitors the performance of cells, and can move a cell in the TSCH schedule when it performs poorly. This is only applicable to cells which are marked as "soft". To reserve a soft cell, the higher layer does not indicate the exact slotOffset/channelOffset of the cell to add, but rather the resulting bandwidth and QoS requirements. When the monitoring process triggers a cell reallocation, the two neighbor devices communicating over this cell negotiate its new position in the TSCH schedule. 4.2.2. Scheduling Functions and the 6P protocol In the case of soft cells, the cell management entity that controls the dynamic attribution of cells to adapt to the dynamics of variable rate flows is called a Scheduling Function (SF). There may be multiple SFs with more or less aggressive reaction to the dynamics of the network. The 6TiSCH 6top Scheduling Function Zero (SF0) [I-D.ietf-6tisch-6top-sf0] provides a simple scheduling function that can be used by default by devices that support dynamic scheduling of soft cells. The SF may be seen as divided between an upper bandwidth adaptation logic that is not aware of the particular technology that is used to obtain and release bandwidth, and an underlying service that maps those needs in the actual technology, which means mapping the bandwidth onto cells in the case of TSCH. Thubert Expires December 12, 2016 [Page 18] Internet-Draft 6tisch-architecture June 2016 +------------------------+ +------------------------+ | Scheduling Function | | Scheduling Function | | Bandwidth adaptation | | Bandwidth adaptation | +------------------------+ +------------------------+ | Scheduling Function | | Scheduling Function | | TSCH mapping to cells | | TSCH mapping to cells | +------------------------+ +------------------------+ | 6top cells negotiation | <- 6P -> | 6top cells negotiation | +------------------------+ +------------------------+ Device A Device B Figure 6: SF/6P stack in 6top The SF relies on 6top services that implement the 6top Protocol (6P) [I-D.ietf-6tisch-6top-protocol] to negotiate the precise cells that will be allocated or freed based on the schedule of the peer. It may be for instance that a peer wants to use a particular time slot that is free in its schedule, but that timeslot is already in use by the other peer for a communication with a third party on a different cell. The 6P protocol enables the peers to find an agreement in a transactional manner that ensures the final consistency of the nodes state. 4.2.3. 6top and RPL Objective Function operations An implementation of a RPL [RFC6550] Objective Function (OF), such as the RPL Objective Function Zero (OF0) [RFC6552] that is used in the Minimal 6TiSCH Configuration [I-D.ietf-6tisch-minimal] to support RPL over a static schedule, may leverage, for its internal computation, the information maintained by 6top. Most OFs require metrics about reachability, such as the ETX. 6top creates and maintains an abstract neighbor table, and this state may be leveraged to feed an OF and/or store OF information as well. In particular, 6top creates and maintains an abstract neighbor table. A neighbor table entry contains a set of statistics with respect to that specific neighbor including the time when the last packet has been received from that neighbor, a set of cell quality metrics (e.g. RSSI or LQI), the number of packets sent to the neighbor or the number of packets received from it. This information can be obtained through 6top management APIs as detailed in the 6top sublayer specification [I-D.wang-6tisch-6top-sublayer] and used for instance to compute a Rank Increment that will determine the selection of the preferred parent. 6top provides statistics about the underlying layer so the OF can be tuned to the nature of the TSCH MAC layer. 6top also enables the RPL OF to influence the MAC behaviour, for instance by configuring the Thubert Expires December 12, 2016 [Page 19] Internet-Draft 6tisch-architecture June 2016 periodicity of IEEE802.15.4 Extended Beacons (EB's). By augmenting the EB periodicity, it is possible to change the network dynamics so as to improve the support of devices that may change their point of attachment in the 6TiSCH network. Some RPL control messages, such as the DODAG Information Object (DIO) are ICMPv6 messages that are broadcast to all neighbor nodes. With 6TiSCH, the broadcast channel requirement is addressed by 6top by configuring TSCH to provide a broadcast channel, as opposed to, for instance, piggybacking the DIO messages in Enhance Beacons. Consideration was given towards finding a way to embed the Route Advertisements and the RPL DIO messages (both of which are multicast) into the IEEE802.15.4 Enhanced Beacons. It was determined that this produced undue timer coupling among layers, that the resulting packet size was potentially too large, and required it is not yet clear that there is any need for Enhanced Beacons in a production network. 4.2.4. Network Synchronization Nodes in a TSCH network must be time synchronized. A node keeps synchronized to its time source neighbor through a combination of frame-based and acknowledgment-based synchronization. In order to maximize battery life and network throughput, it is advisable that RPL ICMP discovery and maintenance traffic (governed by the trickle timer) be somehow coordinated with the transmission of time synchronization packets (especially with enhanced beacons). This could be achieved through an interaction of the 6top sublayer and the RPL objective Function, or could be controlled by a management entity. Time distribution requires a loop-less structure. Nodes taken in a synchronization loop will rapidly desynchronize from the network and become isolated. It is expected that a RPL DAG with a dedicated global Instance is deployed for the purpose of time synchronization. That Instance is referred to as the Time Synchronization Global Instance (TSGI). The TSGI can be operated in either of the 3 modes that are detailed in section 3.1.3 of RPL [RFC6550], "Instances, DODAGs, and DODAG Versions". Multiple uncoordinated DODAGs with independent roots may be used if all the roots share a common time source such as the Global Positioning System (GPS). In the absence of a common time source, the TSGI should form a single DODAG with a virtual root. A backbone network is then used to synchronize and coordinate RPL operations between the backbone routers that act as sinks for the LLN. Optionally, RPL's periodic operations may be used to transport the network synchronization. This may mean that 6top would need to trigger (override) the trickle timer if no other traffic has occurred for such a time that nodes may get out of synchronization. Thubert Expires December 12, 2016 [Page 20] Internet-Draft 6tisch-architecture June 2016 A node that has not joined the TSGI advertises a MAC level Join Priority of 0xFF to notify its neighbors that is not capable of serving as time parent. A node that has joined the TSGI advertises a MAC level Join Priority set to its DAGRank() in that Instance, where DAGRank() is the operation specified in section 3.5.1 of [RFC6550], "Rank Comparison". A root is configured or obtains by some external means the knowledge of the RPLInstanceID for the TSGI. The root advertises its DagRank in the TSGI, that must be less than 0xFF, as its Join Priority (JP) in its IEEE802.15.4 Extended Beacons (EB). We'll note that the JP is now specified between 0 and 0x3F leaving 2 bits in the octet unused in the IEEE802.15.4e specification. After consultation with IEEE authors, it was asserted that 6TiSCH can make a full use of the octet to carry an integer value up to 0xFF. A node that reads a Join Priority of less than 0xFF should join the neighbor with the lesser Join Priority and use it as time parent. If the node is configured to serve as time parent, then the node should join the TSGI, obtain a Rank in that Instance and start advertising its own DagRank in the TSGI as its Join Priority in its EBs. 4.2.5. SlotFrames and Priorities 6TiSCH enables in essence the capability to use IPv6 over a MAC layer that enables to schedule some of the transmissions. In order to ensure that the medium is free of contending packets when time arrives for a scheduled transmission, a window of time is defined around the scheduled transmission time where the medium must be free of contending energy. One simple way to obtain such a window is to format time and frequencies in cells of transmission of equal duration. This is the method that is adopted in IEEE802.15.4 TSCH as well as the Long Term Evolution (LTE) of cellular networks. In order to describe that formatting of time and frequencies, the 6TiSCH architecture defines a global concept that is called a Channel Distribution and Usage (CDU) matrix; a CDU matrix is a matrix of cells with an height equal to the number of available channels (indexed by ChannelOffsets) and a width (in timeslots) that is the period of the network scheduling operation (indexed by slotOffsets) for that CDU matrix. The size of a cell is a timeslot duration, and values of 10 to 15 milliseconds are typical in 802.15.4 TSCH to accommodate for the transmission of a frame and an ack, including the security validation on the receive side which may take up to a few milliseconds on some device architecture. Thubert Expires December 12, 2016 [Page 21] Internet-Draft 6tisch-architecture June 2016 A CDU matrix iterates over and over with a pseudo-random rotation from an epoch time. In a given network, there might be multiple CDU matrices that operate with different width, so they have different durations and represent different periodic operations. It is recommended that all CDU matrices in a 6TiSCH domain operate with the same cell duration and are aligned, so as to reduce the chances of interferences from slotted-aloha operations. The knowledge of the CDU matrices is shared between all the nodes and used in particular to define slotFrames. A slotFrame is a MAC-level abstraction that is common to all nodes and contains a series of timeslots of equal length and precedence. It is characterized by a slotFrame_ID, and a slotFrame_size. A slotFrame aligns to a CDU matrix for its parameters, such as number and duration of timeslots. Multiple slotFrames can coexist in a node schedule, i.e., a node can have multiple activities scheduled in different slotFrames, based on the precedence of the 6TiSCH topologies. The slotFrames may be aligned to different CDU matrices and thus have different width. There is typically one slotFrame for scheduled traffic that has the highest precedence and one or more slotFrame(s) for RPL traffic. The timeslots in the slotFrame are indexed by the SlotOffset; the first cell is at SlotOffset 0. When a packet is received from a higher layer for transmission, 6top inserts that packet in the outgoing queue which matches the packet best (Differentiated Services [RFC2474] can therefore be used). At each scheduled transmit slot, 6top looks for the frame in all the outgoing queues that best matches the cells. If a frame is found, it is given to the TSCH MAC for transmission. 4.2.6. Distributing the reservation of cells 6TiSCH expects a high degree of scalability together with a distributed routing functionality based on RPL. To achieve this goal, the spectrum must be allocated in a way that allows for spatial reuse between zones that will not interfere with one another. In a large and spatially distributed network, a 6TiSCH node is often in a good position to determine usage of spectrum in its vicinity. Use cases for distributed routing are often associated with a statistical distribution of best-effort traffic with variable needs for bandwidth on each individual link. With 6TiSCH, the abstraction of an IPv6 link is implemented as a pair of bundles of cells, one in each direction; the size of a bundle is optimal when both the energy wasted idle listening and the packet drops due to congestion loss are minimized. This can be maintained if the number of cells in a bundle Thubert Expires December 12, 2016 [Page 22] Internet-Draft 6tisch-architecture June 2016 is adapted dynamically, and with enough reactivity, to match the variations of best-effort traffic. In turn, the agility to fulfill the needs for additional cells improves when the number of interactions with other devices and the protocol latencies are minimized. 6TiSCH limits that interaction to RPL parents that will only negotiate with other RPL parents, and performs that negotiation by groups of cells as opposed to individual cells. The 6TiSCH architecture allows RPL parents to adjust dynamically, and independently from the PCE, the amount of bandwidth that is used to communicate between themselves and their children, in both directions; to that effect, an allocation mechanism enables a RPL parent to obtain the exclusive use of a portion of a CDU matrix within its interference domain. Note that a PCE is expected to have precedence in the allocation, so that a RPL parent would only be able to obtain portions that are not in-use by the PCE. The 6TiSCH architecture introduces the concept of chunks [I-D.ietf-6tisch-terminology]) to operate such spectrum distribution for a whole group of cells at a time. The CDU matrix is formatted into a set of chunks, each of them identified uniquely by a chunk-ID. The knowledge of this formatting is shared between all the nodes in a 6TiSCH network. 6TiSCH also defines the process of chunk ownership appropriation whereby a RPL parent discovers a chunk that is not used in its interference domain (e.g lack of energy detected in reference cells in that chunk); then claims the chunk, and then defends it in case another RPL parent would attempt to appropriate it while it is in use. The chunk is the basic unit of ownership that is used in that process. +-----+-----+-----+-----+-----+-----+-----+ +-----+ chan.Off. 0 |chnkA|chnkP|chnk7|chnkO|chnk2|chnkK|chnk1| ... |chnkZ| +-----+-----+-----+-----+-----+-----+-----+ +-----+ chan.Off. 1 |chnkB|chnkQ|chnkA|chnkP|chnk3|chnkL|chnk2| ... |chnk1| +-----+-----+-----+-----+-----+-----+-----+ +-----+ ... +-----+-----+-----+-----+-----+-----+-----+ +-----+ chan.Off. 15 |chnkO|chnk6|chnkN|chnk1|chnkJ|chnkZ|chnkI| ... |chnkG| +-----+-----+-----+-----+-----+-----+-----+ +-----+ 0 1 2 3 4 5 6 M Figure 7: CDU matrix Partitioning in Chunks As a result of the process of chunk ownership appropriation, the RPL parent has exclusive authority to decide which cell in the Thubert Expires December 12, 2016 [Page 23] Internet-Draft 6tisch-architecture June 2016 appropriated chunk can be used by which node in its interference domain. In other words, it is implicitly delegated the right to manage the portion of the CDU matrix that is represented by the chunk. The RPL parent may thus orchestrate which transmissions occur in any of the cells in the chunk, by allocating cells from the chunk to any form of communication (unicast, multicast) in any direction between itself and its children. Initially, those cells are added to the heap of free cells, then dynamically placed into existing bundles, in new bundles, or allocated opportunistically for one transmission. The appropriation of a chunk can also be requested explicitly by the PCE to any node. In that case, the node still may need to perform the appropriation process to validate that no other node has claimed that chunk already. After a successful appropriation, the PCE owns the cells in that chunk, and may use them as hard cells to set up Tracks. 4.3. Communication Paradigms and Interaction Models [I-D.ietf-6tisch-terminology] defines the terms of Communication Paradigms and Interaction Models, which can be placed in parallel to the Information Models and Data Models that are defined in [RFC3444]. A Communication Paradigms would be an abstract view of a protocol exchange, and would come with an Information Model for the information that is being exchanged. In contrast, an Interaction Models would be more refined and could point on standard operation such as a Representational state transfer (REST) "GET" operation and would match a Data Model for the data that is provided over the protocol exchange. section 2.1.3 of [I-D.ietf-roll-rpl-industrial-applicability] and next sections discuss application-layer paradigms, such as Source- sink (SS) that is a Multipeer to Multipeer (MP2MP) model primarily used for alarms and alerts, Publish-subscribe (PS, or pub/sub) that is typically used for sensor data, as well as Peer-to-peer (P2P) and Peer-to-multipeer (P2MP) communications. Additional considerations on Duocast and its N-cast generalization are also provided. Those paradigms are frequently used in industrial automation, which is a major use case for IEEE802.15.4 TSCH wireless networks with [ISA100.11a] and [WirelessHART], that provides a wireless access to [HART] applications and devices. This specification focuses on Communication Paradigms and Interaction Models for packet forwarding and TSCH resources (cells) management. Management mechanisms for the TSCH schedule at Link-layer (one-hop), Network-layer (multithop along a Track), and Application-layer Thubert Expires December 12, 2016 [Page 24] Internet-Draft 6tisch-architecture June 2016 (remote control) are discussed in Section 4.4. Link-layer frame forwarding interactions are discussed in Section 4.5, and Network- layer Packet routing is addressed in Section 4.6. 4.4. Schedule Management Mechanisms 6TiSCH uses 4 paradigms to manage the TSCH schedule of the LLN nodes: Static Scheduling, neighbor-to-neighbor Scheduling, remote monitoring and scheduling management, and Hop-by-hop scheduling. Multiple mechanisms are defined that implement the associated Interaction Models, and can be combined and used in the same LLN. Which mechanism(s) to use depends on application requirements. 4.4.1. Static Scheduling In the simplest instantiation of a 6TiSCH network, a common fixed schedule may be shared by all nodes in the network. Cells are shared, and nodes contend for slot access in a slotted aloha manner. A static TSCH schedule can be used to bootstrap a network, as an initial phase during implementation, or as a fall-back mechanism in case of network malfunction. This schedule is pre-established, for instance decided by a network administrator based on operational needs. It can be pre-configured into the nodes, or, more commonly, learned by a node when joining the network using standard IEEE802.15.4 Information Elements (IE). Regardless, the schedule remains unchanged after the node has joined a network. RPL is used on the resulting network. This "minimal" scheduling mechanism that implements this paradigm is detailed in [I-D.ietf-6tisch-minimal]. 4.4.2. Neighbor-to-neighbor Scheduling In the simplest instantiation of a 6TiSCH network described in Section 4.4.1, nodes may expect a packet at any cell in the schedule and will waste energy idle listening. In a more complex instantiation of a 6TiSCH network, a matching portion of the schedule is established between peers to reflect the observed amount of transmissions between those nodes. The aggregation of the cells between a node and a peer forms a bundle that the 6top layer uses to implement the abstraction of a link for IP. The bandwidth on that link is proportional to the number of cells in the bundle. If the size of a bundle is configured to fit an average amount of bandwidth, peak traffic is dropped. If the size is configured to allow for peak emissions, energy is be wasted idle listening. The 6top sublayer [I-D.wang-6tisch-6top-sublayer] defines a protocol for neighbor nodes to reserve soft cells to transmit to one another. Thubert Expires December 12, 2016 [Page 25] Internet-Draft 6tisch-architecture June 2016 Because this reservation is done without global knowledge of the schedule of nodes in the LLN, scheduling collisions are possible. 6top defines a monitoring process which continuously Tracks the packet delivery ratio of soft cells. It uses these statistics to trigger the reallocation of a soft cell in the schedule, using a negotiation protocol between the neighbors nodes communicating over that cell. In the most efficient instantiations of a 6TiSCH network, the size of the bundles that implement the links may be changed dynamically in order to adapt to the need of end-to-end flows routed by RPL. An optional Scheduling Function (SF) such as SF0 [I-D.ietf-6tisch-6top-sf0] is used to monitor bandwidth usage and perform requests for dynamic allocation by the 6top sublayer. The SF component is not part of the 6top sublayer. It may be collocated on the same device or may be partially or fully offloaded to an external system. Monitoring and relocation is done in the 6top layer. For the upper layer, the connection between two neighbor nodes appears as an number of cells. Depending on traffic requirements, the upper layer can request 6top to add or delete a number of cells scheduled to a particular neighbor, without being responsible for choosing the exact slotOffset/channelOffset of those cells. 4.4.3. Remote Monitoring and Schedule Management The 6top interface document [I-D.ietf-6tisch-6top-interface] specifies the generic data model that can be used to monitor and manage resources of the 6top sublayer. Abstract methods are suggested for use by a management entity in the device. The data model also enables remote control operations on the 6top sublayer. The capability to interact with the node 6top sublayer from multiple hops away can be leveraged for monitoring, scheduling, or a combination of thereof. The architecture supports variations on the deployment model, and focuses on the flows rather than whether there is a proxy or a translation operation en-route. [I-D.ietf-6tisch-coap] defines an mapping of the 6top set of commands, which is described in [I-D.ietf-6tisch-6top-interface], to CoAP resources. This allows an entity to interact with the 6top layer of a node that is multiple hops away in a RESTful fashion. The entity issuing the CoAP requests can be a central scheduling entity (e.g. a PCE), a node multiple hops away with the authority to modify the TSCH schedule (e.g. the head of a local cluster), or a external device monitoring the overall state of the network (e.g. Thubert Expires December 12, 2016 [Page 26] Internet-Draft 6tisch-architecture June 2016 NME). It is also possible that a mapping entity on the backbone transforms a non-CoAP protocol such as PCEP into the RESTful interfaces that the 6TiSCH devices support. With respect to Centralized routing and scheduling, the 6TiSCH Architecture is (expected to be) be an extension of the detnet work Deterministic Networking Architecture [I-D.finn-detnet-architecture], which studies Layer-3 aspects of Deterministic Networks, and covers networks that span multiple Layer-2 domains. The DetNet architecture is a form of SDN Architecture and is composed of three planes, a (User) Application Plane, a Controller Plane (where the PCE operates), and a Network Plane which in our case is the 6TiSCH LLN. The generic SDN architecture is discussed in Software-Defined Networking (SDN): Layers and Architecture Terminology [RFC7426] and is represented below: Thubert Expires December 12, 2016 [Page 27] Internet-Draft 6tisch-architecture June 2016 SDN Layers and Architecture Terminology per RFC 7426 o--------------------------------o | | | +-------------+ +----------+ | | | Application | | Service | | | +-------------+ +----------+ | | Application Plane | o---------------Y----------------o | *-----------------------------Y---------------------------------* | Network Services Abstraction Layer (NSAL) | *------Y------------------------------------------------Y-------* | | | Service Interface | | | o------Y------------------o o---------------------Y------o | | Control Plane | | Management Plane | | | +----Y----+ +-----+ | | +-----+ +----Y----+ | | | Service | | App | | | | App | | Service | | | +----Y----+ +--Y--+ | | +--Y--+ +----Y----+ | | | | | | | | | | *----Y-----------Y----* | | *---Y---------------Y----* | | | Control Abstraction | | | | Management Abstraction | | | | Layer (CAL) | | | | Layer (MAL) | | | *----------Y----------* | | *----------Y-------------* | | | | | | | o------------|------------o o------------|---------------o | | | CP | MP | Southbound | Southbound | Interface | Interface | | *------------Y---------------------------------Y----------------* | Device and resource Abstraction Layer (DAL) | *------------Y---------------------------------Y----------------* | | | | | o-------Y----------o +-----+ o--------Y----------o | | | Forwarding Plane | | App | | Operational Plane | | | o------------------o +-----+ o-------------------o | | Network Device | +---------------------------------------------------------------+ Figure 8 The PCE establishes end-to-end Tracks of hard cells, which are described in more details in Section 4.5.1. The DetNet work is expected to enable end to end Deterministic Path across heterogeneous Thubert Expires December 12, 2016 [Page 28] Internet-Draft 6tisch-architecture June 2016 network (e.g. a 6TiSCH LLN and an Ethernet Backbone). This model fits the 6TiSCH extended configuration, whereby a 6BBR federates multiple 6TiSCH LLN in a single subnet over a backbone that can be, for instance, Ethernet or Wi-Fi. In that model, 6TiSCH 6BBRs synchronize with one another over the backbone, so as to ensure that the multiple LLNs that form the IPv6 subnet stay tightly synchronized. If the Backbone is Deterministic, then the Backbone Router ensures that the end-to-end deterministic behavior is maintained between the LLN and the backbone. It is the responsibility of the PCE to compute a deterministic path and to end across the TSCH network and an IEEE802.1 TSN Ethernet backbone, and that of DetNet to enable end-to- end deterministic forwarding. 4.4.4. Hop-by-hop Scheduling A node can reserve a Track to a destination node multiple hops away by installing soft cells at each intermediate node. This forms a Track of soft cells. It is the responsibility of the 6top sublayer of each node on the Track to monitor these soft cells and trigger relocation when needed. This hop-by-hop reservation mechanism is expected to be similar in essence to [RFC3209] and/or [RFC4080]/[RFC5974]. The protocol for a node to trigger hop-by-hop scheduling is not yet defined. 4.5. Forwarding Models By forwarding, this specification means the per-packet operation that allows to deliver a packet to a next hop or an upper layer in this node. Forwarding is based on pre-existing state that was installed as a result of a routing computation Section 4.6. 6TiSCH supports three different forwarding model, G-MPLS Track Forwarding (TF), 6LoWPAN Fragment Forwarding (FF) and IPv6 Forwarding (6F). 4.5.1. Track Forwarding A Track is a directional path between a source and a destination. In a Track cell, the normal operation of IEEE802.15.4 Automatic Repeat- reQuest (ARQ) usually happens, though the acknowledgment may be omitted in some cases, for instance if there is no scheduled cell for a retry. Track Forwarding is the simplest and fastest. A bundle of cells set to receive (RX-cells) is uniquely paired to a bundle of cells that are set to transmit (TX-cells), representing a layer-2 forwarding state that can be used regardless of the network layer protocol. Thubert Expires December 12, 2016 [Page 29] Internet-Draft 6tisch-architecture June 2016 This model can effectively be seen as a Generalized Multi-protocol Label Switching (G-MPLS) operation in that the information used to switch a frame is not an explicit label, but rather related to other properties of the way the packet was received, a particular cell in the case of 6TiSCH. As a result, as long as the TSCH MAC (and Layer-2 security) accepts a frame, that frame can be switched regardless of the protocol, whether this is an IPv6 packet, a 6LoWPAN fragment, or a frame from an alternate protocol such as WirelessHART or ISA100.11a. A data frame that is forwarded along a Track normally has a destination MAC address that is set to broadcast - or a multicast address depending on MAC support. This way, the MAC layer in the intermediate nodes accepts the incoming frame and 6top switches it without incurring a change in the MAC header. In the case of IEEE802.15.4, this means effectively broadcast, so that along the Track the short address for the destination of the frame is set to 0xFFFF. A Track is thus formed end-to-end as a succession of paired bundles, a receive bundle from the previous hop and a transmit bundle to the next hop along the Track, and a cell in such a bundle belongs to at most one Track. For a given iteration of the device schedule, the effective channel of the cell is obtained by adding a pseudo-random number to the channelOffset of the cell, which results in a rotation of the frequency that used for transmission. The bundles may be computed so as to accommodate both variable rates and retransmissions, so they might not be fully used at a given iteration of the schedule. The 6TiSCH architecture provides additional means to avoid waste of cells as well as overflows in the transmit bundle, as follows: In one hand, a TX-cell that is not needed for the current iteration may be reused opportunistically on a per-hop basis for routed packets. When all of the frame that were received for a given Track are effectively transmitted, any available TX-cell for that Track can be reused for upper layer traffic for which the next-hop router matches the next hop along the Track. In that case, the cell that is being used is effectively a TX-cell from the Track, but the short address for the destination is that of the next-hop router. It results that a frame that is received in a RX-cell of a Track with a destination MAC address set to this node as opposed to broadcast must be extracted from the Track and delivered to the upper layer (a frame with an unrecognized MAC address is dropped at the lower MAC layer and thus is not received at the 6top sublayer). On the other hand, it might happen that there are not enough TX-cells in the transmit bundle to accommodate the Track traffic, for instance Thubert Expires December 12, 2016 [Page 30] Internet-Draft 6tisch-architecture June 2016 if more retransmissions are needed than provisioned. In that case, the frame can be placed for transmission in the bundle that is used for layer-3 traffic towards the next hop along the Track as long as it can be routed by the upper layer, that is, typically, if the frame transports an IPv6 packet. The MAC address should be set to the next-hop MAC address to avoid confusion. It results that a frame that is received over a layer-3 bundle may be in fact associated to a Track. In a classical IP link such as an Ethernet, off-Track traffic is typically in excess over reservation to be routed along the non- reserved path based on its QoS setting. But with 6TiSCH, since the use of the layer-3 bundle may be due to transmission failures, it makes sense for the receiver to recognize a frame that should be re- Tracked, and to place it back on the appropriate bundle if possible. A frame should be re-Tracked if the Per-Hop-Behavior group indicated in the Differentiated Services Field in the IPv6 header is set to Deterministic Forwarding, as discussed in Section 4.6.1. A frame is re-Tracked by scheduling it for transmission over the transmit bundle associated to the Track, with the destination MAC address set to broadcast. There are 2 modes for a Track, transport mode and tunnel mode. 4.5.1.1. Transport Mode In transport mode, the Protocol Data Unit (PDU) is associated with flow-dependant meta-data that refers uniquely to the Track, so the 6top sublayer can place the frame in the appropriate cell without ambiguity. In the case of IPv6 traffic, this flow identification is transported in the Flow Label of the IPv6 header. Associated with the source IPv6 address, the Flow Label forms a globally unique identifier for that particular Track that is validated at egress before restoring the destination MAC address (DMAC) and punting to the upper layer. | ^ +--------------+ | | | IPv6 | | | +--------------+ | | | 6LoWPAN HC | | | +--------------+ ingress egress | 6top | sets +----+ +----+ restores +--------------+ dmac to | | | | dmac to | TSCH MAC | brdcst | | | | self +--------------+ | | | | | | | LLN PHY | +-------+ +--...-----+ +-------+ +--------------+ Track Forwarding, Transport Mode Thubert Expires December 12, 2016 [Page 31] Internet-Draft 6tisch-architecture June 2016 4.5.1.2. Tunnel Mode In tunnel mode, the frames originate from an arbitrary protocol over a compatible MAC that may or may not be synchronized with the 6TiSCH network. An example of this would be a router with a dual radio that is capable of receiving and sending WirelessHART or ISA100.11a frames with the second radio, by presenting itself as an access Point or a Backbone Router, respectively. In that mode, some entity (e.g. PCE) can coordinate with a WirelessHART Network Manager or an ISA100.11a System Manager to specify the flows that are to be transported transparently over the Track. +--------------+ | IPv6 | +--------------+ | 6LoWPAN HC | +--------------+ set restore | 6top | +dmac+ +dmac+ +--------------+ to|brdcst to|nexthop | TSCH MAC | | | | | +--------------+ | | | | | LLN PHY | +-------+ +--...-----+ +-------+ +--------------+ | ingress egress | | | +--------------+ | | | LLN PHY | | | +--------------+ | | | TSCH MAC | | | +--------------+ | dmac = | dmac = |ISA100/WiHART | | nexthop v nexthop +--------------+ Figure 9: Track Forwarding, Tunnel Mode In that case, the flow information that identifies the Track at the ingress 6TiSCH router is derived from the RX-cell. The dmac is set to this node but the flow information indicates that the frame must be tunneled over a particular Track so the frame is not passed to the upper layer. Instead, the dmac is forced to broadcast and the frame is passed to the 6top sublayer for switching. At the egress 6TiSCH router, the reverse operation occurs. Based on metadata associated to the Track, the frame is passed to the appropriate link layer with the destination MAC restored. Thubert Expires December 12, 2016 [Page 32] Internet-Draft 6tisch-architecture June 2016 4.5.1.3. Tunnel Metadata Metadata coming with the Track configuration is expected to provide the destination MAC address of the egress endpoint as well as the tunnel mode and specific data depending on the mode, for instance a service access point for frame delivery at egress. If the tunnel egress point does not have a MAC address that matches the configuration, the Track installation fails. In transport mode, if the final layer-3 destination is the tunnel termination, then it is possible that the IPv6 address of the destination is compressed at the 6LoWPAN sublayer based on the MAC address. It is thus mandatory at the ingress point to validate that the MAC address that was used at the 6LoWPAN sublayer for compression matches that of the tunnel egress point. For that reason, the node that injects a packet on a Track checks that the destination is effectively that of the tunnel egress point before it overwrites it to broadcast. The 6top sublayer at the tunnel egress point reverts that operation to the MAC address obtained from the tunnel metadata. 4.5.2. Fragment Forwarding Considering that 6LoWPAN packets can be as large as 1280 bytes (the IPv6 MTU), and that the non-storing mode of RPL implies Source Routing that requires space for routing headers, and that a IEEE802.15.4 frame with security may carry in the order of 80 bytes of effective payload, an IPv6 packet might be fragmented into more than 16 fragments at the 6LoWPAN sublayer. This level of fragmentation is much higher than that traditionally experienced over the Internet with IPv4 fragments, where fragmentation is already known as harmful. In the case to a multihop route within a 6TiSCH network, Hop-by-Hop recomposition occurs at each hop in order to reform the packet and route it. This creates additional latency and forces intermediate nodes to store a portion of a packet for an undetermined time, thus impacting critical resources such as memory and battery. [I-D.thubert-roll-forwarding-frags] describes a mechanism whereby the datagram tag in the 6LoWPAN Fragment is used as a label for switching at the 6LoWPAN sublayer. The draft allows for a degree of flow control based on an Explicit Congestion Notification, as well as end- to-end individual fragment recovery. Thubert Expires December 12, 2016 [Page 33] Internet-Draft 6tisch-architecture June 2016 | ^ +--------------+ | | | IPv6 | | +----+ +----+ | +--------------+ | | | | | | | 6LoWPAN HC | | learn learn | +--------------+ | | | | | | | 6top | | | | | | | +--------------+ | | | | | | | TSCH MAC | | | | | | | +--------------+ | | | | | | | LLN PHY | +-------+ +--...-----+ +-------+ +--------------+ Figure 10: Forwarding First Fragment In that model, the first fragment is routed based on the IPv6 header that is present in that fragment. The 6LoWPAN sublayer learns the next hop selection, generates a new datagram tag for transmission to the next hop, and stores that information indexed by the incoming MAC address and datagram tag. The next fragments are then switched based on that stored state. | ^ +--------------+ | | | IPv6 | | | +--------------+ | | | 6LoWPAN HC | | replay replay | +--------------+ | | | | | | | 6top | | | | | | | +--------------+ | | | | | | | TSCH MAC | | | | | | | +--------------+ | | | | | | | LLN PHY | +-------+ +--...-----+ +-------+ +--------------+ Figure 11: Forwarding Next Fragment A bitmap and an ECN echo in the end-to-end acknowledgment enable the source to resend the missing fragments selectively. The first fragment may be resent to carve a new path in case of a path failure. The ECN echo set indicates that the number of outstanding fragments should be reduced. 4.5.3. IPv6 Forwarding As the packets are routed at Layer-3, traditional QoS and RED operations are expected to prioritize flows; the application of Thubert Expires December 12, 2016 [Page 34] Internet-Draft 6tisch-architecture June 2016 Differentiated Services is further discussed in [I-D.svshah-tsvwg-lln-diffserv-recommendations]. | ^ +--------------+ | | | IPv6 | | +-QoS+ +-QoS+ | +--------------+ | | | | | | | 6LoWPAN HC | | | | | | | +--------------+ | | | | | | | 6top | | | | | | | +--------------+ | | | | | | | TSCH MAC | | | | | | | +--------------+ | | | | | | | LLN PHY | +-------+ +--...-----+ +-------+ +--------------+ Figure 12: IP Forwarding 4.6. Centralized vs. Distributed Routing 6TiSCH supports a mixed model of centralized routes and distributed routes. Centralized routes can for example be computed by a entity such as a PCE. Distributed routes are computed by RPL. Both methods may inject routes in the Routing Tables of the 6TiSCH routers. In either case, each route is associated with a 6TiSCH topology that can be a RPL Instance topology or a Track. The 6TiSCH topology is indexed by a Instance ID, in a format that reuses the RPLInstanceID as defined in RPL [RFC6550]. Both RPL and PCE rely on shared sources such as policies to define Global and Local RPLInstanceIDs that can be used by either method. It is possible for centralized and distributed routing to share a same topology. Generally they will operate in different slotFrames, and centralized routes will be used for scheduled traffic and will have precedence over distributed routes in case of conflict between the slotFrames. 4.6.1. Packet Marking and Handling All packets inside a 6TiSCH domain must carry the Instance ID that identifies the 6TiSCH topology that is to be used for routing and forwarding that packet. The location of that information must be the same for all packets forwarded inside the domain. For packets that are routed by a PCE along a Track, the tuple formed by the IPv6 source address and a local RPLInstanceID in the packet identify uniquely the Track and associated transmit bundle. Thubert Expires December 12, 2016 [Page 35] Internet-Draft 6tisch-architecture June 2016 Additionally, an IP packet that is sent along a Track uses the Differentiated Services Per-Hop-Behavior Group called Deterministic Forwarding, as described in [I-D.svshah-tsvwg-deterministic-forwarding]. For packets that are routed by RPL, that information is the RPLInstanceID which is carried in the RPL Packet Information, as discussed in section 11.2 of [RFC6550], "Loop Avoidance and Detection". The RPL Packet Information (RPI) is carried in IPv6 packets as a RPL option in the IPv6 Hop-By-Hop Header [RFC6553]. A compression mechanism for the RPL packet artifacts that integrates the compression of IP-in-IP encapsulation and the Routing Header type 3 [RFC6554] with that of the RPI in a 6LoWPAN dispatch/header type is concurrently being evaluated as [I-D.ietf-roll-routing-dispatch]. Either way, the method and format used for encoding the RPLInstanceID is generalized to all 6TiSCH topological Instances, which include both RPL Instances and Tracks. 5. IANA Considerations This specification does not require IANA action. 6. Security Considerations This architecture operates on IEEE802.15.4 and expects link-layer security to be enabled at all times between connected devices, except for the very first step of the device join process, where a joining device may need some initial, unsecured exchanges so as to obtain its initial key material. Work has already started at the 6TiSCH Security Design Team and an overview of the current state of that work is presented in Section 6.1. Future work on 6TiSCH security and will examine in deeper detail how to secure transactions end-to-end, and to maintain the security posture of a device over its lifetime. The result of that work will be described in a subsequent volume of this architecture. 6.1. Join Process Highlights The architecture specifies three logical elements to describe the join process: Joining Node (JN): Node that wishes to become part of the network; Thubert Expires December 12, 2016 [Page 36] Internet-Draft 6tisch-architecture June 2016 Join Coordination Entity (JCE) : A Join Coordination Entity (JCE) that arbitrates network access and hands out network parameters (such as keying material); Join Assistant (JA), a one-hop (radio) neighbor of the joining node that acts as proxy network node and may provide connectivity with the JCE. The join protocol consists of three major activities: Device Authentication: The JN and the JA mutually authenticate each other and establish a shared key, so as to ensure on-going authenticated communications. This may involve a server as a third party. Authorization: The JA decides on whether/how to authorize a JN (if denied, this may result in loss of bandwidth). Conversely, the JN decides on whether/how to authorize the network (if denied, it will not join the network). Authorization decisions may involve other nodes in the network. Configuration/Parameterization: The JA distributes configuration information to the JN, such as scheduling information, IP address assignment information, and network policies. This may originate from other network devices, for which the JA may act as proxy. This step may also include distribution of information from the JN to the JA and other nodes in the network and, more generally, synchronization of information between these entities. The device joining process is depicted in Figure 13, where it is assumed that devices have access to certificates and where entities have access to the root CA keys of their communicating parties (initial set-up requirement). Under these assumptions, the authentication step of the device joining process does not require online involvement of a third party. Mutual authentication is performed between the JN and the JA using their certificates, which also results in a shared key between these two entities. The JA assists the JN in mutual authentication with a remote server node (primarily via provision of a communication path with the server), which also results in a shared (end-to-end) key between those two entities. The server node may be a JCE that arbitrages the network authorization of the JN (where the JA will deny bandwidth if authorization is not successful); it may distribute network-specific configuration parameters (including network-wide keys) to the JN. In its turn, the JN may distribute and synchronize information (including, e.g., network statistics) to the server node and, if so Thubert Expires December 12, 2016 [Page 37] Internet-Draft 6tisch-architecture June 2016 desired, also to the JA. The actual decision of the JN to become part of the network may depend on authorization of the network itself. The server functionality is a role which may be implemented with one (centralized) or multiple devices (distributed). In either case, mutual authentication is established with each physical server entity with which a role is implemented. Note that in the above description, the JA does not solely act as a relay node, thereby allowing it to first filter traffic to be relayed based on cryptographic authentication criteria - this provides first- level access control and mitigates certain types of denial-of-service attacks on the network at large. Depending on more detailed insight in cost/benefit trade-offs, this process might be complemented by a more "relaxed" mechanism, where the JA acts as a relay node only. The final architecture will provide mechanisms to also cover cases where the initial set-up requirements are not met or where some other out-of-sync behavior occurs; it will also suggest some optimizations in case JCE-related information is already available with the JA (via caching of information). When a device rejoins the network in the same authorization domain, the authorization step could be omitted if the server distributes the authorization state for the device to the JA when the device initially joined the network. However, this generally still requires the exchange of updated configuration information, e.g., related to time schedules and bandwidth allocation. Thubert Expires December 12, 2016 [Page 38] Internet-Draft 6tisch-architecture June 2016 {joining node} {neighbor} {server, etc.} Example: +---------+ +---------+ +---------+ | Joining | | Join | +--| CA |certificate | Node | |Assistant| | +---------+ issuance +---------+ +---------+ | +---------+ | | +--|Authoriz.| membership |<----Beaconing------| | +---------+ test (JCE) | | | +---------+ |<--Authentication-->| +--| Routing | IP address | |<--Authorization-->| +--------- assignment |<-------------------| | +---------+ | | +--| Gateway | backbone, |------------------->| | +---------+ cloud | |<--Configuration-->| +---------+ |<-------------------| +--|Bandwidth| PCE +---------+ schedule . . . . . . Figure 13: Network joining, with only authorization by third party 7. Acknowledgments 7.1. Contributors The co-authors of this document are listed below: Robert Assimiti for his breakthrough work on RPL over TSCH and initial text and guidance. Kris Pister for creating it all and his continuing guidance through the elaboration of this design. Michael Richardson for his leadership role in the Security Design Team and his contribution throughout this document. Rene Struik for the security section and his contribution to the Security Design Team. Xavier Vilajosana who lead the design of the minimal support with RPL and contributed deeply to the 6top design and the G-MPLS operation of Track switching. Qin Wang who lead the design of the 6top sublayer and contributed related text that was moved and/or adapted in this document. Thubert Expires December 12, 2016 [Page 39] Internet-Draft 6tisch-architecture June 2016 Thomas Watteyne for his contribution to the whole design, in particular on TSCH and security. 7.2. Special Thanks Special thanks to Tero Kivinen, Jonathan Simon, Giuseppe Piro, Subir Das and Yoshihiro Ohba for their deep contribution to the initial security work, and to Diego Dujovne for starting and leading the SF0 effort. Special thanks also to Pat Kinney for his support in maintaining the connection active and the design in line with work happening at IEEE802.15.4. Special thanks to Ted Lemon who was the INT Area A-D while this specification was developed for his great support and help throughout. Also special thanks to Ralph Droms who performed the first INT Area Directorate review, that was very deep and through and radically changed the orientations of this document. 7.3. And Do not Forget This specification is the result of multiple interactions, in particular during the 6TiSCH (bi)Weekly Interim call, relayed through the 6TiSCH mailing list at the IETF. The authors wish to thank: Alaeddine Weslati, Chonggang Wang, Georgios Exarchakos, Zhuo Chen, Alfredo Grieco, Bert Greevenbosch, Cedric Adjih, Deji Chen, Martin Turon, Dominique Barthel, Elvis Vogli, Geraldine Texier, Malisa Vucinic, Guillaume Gaillard, Herman Storey, Kazushi Muraoka, Ken Bannister, Kuor Hsin Chang, Laurent Toutain, Maik Seewald, Maria Rita Palattella, Michael Behringer, Nancy Cam Winget, Nicola Accettura, Nicolas Montavont, Oleg Hahm, Patrick Wetterwald, Paul Duffy, Peter van der Stock, Rahul Sen, Pieter de Mil, Pouria Zand, Rouhollah Nabati, Rafa Marin-Lopez, Raghuram Sudhaakar, Sedat Gormus, Shitanshu Shah, Steve Simlo, Tengfei Chang, Tina Tsou, Tom Phinney, Xavier Lagrange, Ines Robles and Samita Chakrabarti for their participation and various contributions. 8. References Thubert Expires December 12, 2016 [Page 40] Internet-Draft 6tisch-architecture June 2016 8.1. Normative References [I-D.finn-detnet-architecture] Finn, N., Thubert, P., and M. Teener, "Deterministic Networking Architecture", draft-finn-detnet- architecture-04 (work in progress), March 2016. [I-D.ietf-6lo-backbone-router] Thubert, P., Bertz, et al. Expires November 19, 2018 [Page 88] Internet-Draft Diameter Credit-Control Application May 2018 0 The AVP MUST NOT be present in the message. 0+ Zero or more instances of the AVP MAY be present in the message. 0-1 Zero or one instance of the AVP MAY be present in the message. It is considered an error if there is more than one instance of the AVP. 1 One instance of the AVP MUST be present in the message. 1+ At least one instance of the AVP MUST be present in the message. 10.1. Credit-Control AVP Table The table in this section is used to represent which credit-control applications specific AVPs defined in this document are to be present in the credit-control messages. +-----------+ | Command | | Code | |-----+-----+ Attribute Name | CCR | CCA | ------------------------------|-----+-----+ Acct-Multi-Session-Id | 0-1 | 0-1 | Auth-Application-Id | 1 | 1 | CC-Correlation-Id | 0-1 | 0 | CC-Session-Failover | 0 | 0-1 | CC-Request-Number | 1 | 1 | CC-Request-Type | 1 | 1 | CC-Sub-Session-Id | 0-1 | 0-1 | Check-Balance-Result | 0 | 0-1 | Cost-Information | 0 | 0-1 | Credit-Control-Failure- | 0 | 0-1 | Handling | | | Destination-Host | 0-1 | 0 | Destination-Realm | 1 | 0 | Direct-Debiting-Failure- | 0 | 0-1 | Handling | | | Event-Timestamp | 0-1 | 0-1 | Failed-AVP | 0 | 0+ | Final-Unit-Indication | 0 | 0-1 | QoS-Final-Unit-Indication | 0 | 0-1 | Granted-Service-Unit | 0 | 0-1 | Multiple-Services-Credit- | 0+ | 0+ | Control | | | Multiple-Services-Indicator | 0-1 | 0 | Origin-Host | 1 | 1 | Origin-Realm | 1 | 1 | Origin-State-Id | 0-1 | 0-1 | Bertz, et al. Expires November 19, 2018 [Page 89] Internet-Draft Diameter Credit-Control Application May 2018 Proxy-Info | 0+ | 0+ | Redirect-Host | 0 | 0+ | Redirect-Host-Usage | 0 | 0-1 | Redirect-Max-Cache-Time | 0 | 0-1 | Requested-Action | 0-1 | 0 | Requested-Service-Unit | 0-1 | 0 | Route-Record | 0+ | 0+ | Result-Code | 0 | 1 | Service-Context-Id | 1 | 0 | Service-Identifier | 0-1 | 0 | Service-Parameter-Info | 0+ | 0 | Session-Id | 1 | 1 | Subscription-Id | 0+ | 0 | Subscription-Id-Extension | 0+ | 0 | Termination-Cause | 0-1 | 0 | User-Equipment-Info | 0-1 | 0 | User-Equipment-Info-Extension | 0-1 | 0 | Used-Service-Unit | 0+ | 0 | User-Name | 0-1 | 0-1 | Validity-Time | 0 | 0-1 | ------------------------------|-----+-----+ 10.2. Re-Auth-Request/Answer AVP Table This section defines AVPs that are specific to the Diameter credit- control application and that MAY be included in the Diameter Re-Auth- Request/Answer (RAR/RAA) message [RFC6733]. Re-Auth-Request/Answer command MAY include the following additional AVPs: +---------------+ | Command Code | |-------+-------+ Attribute Name | RAR | RAA | ------------------------------+-------+-------+ CC-Sub-Session-Id | 0-1 | 0-1 | G-S-U-Pool-Identifier | 0-1 | 0-1 | Service-Identifier | 0-1 | 0-1 | Rating-Group | 0-1 | 0-1 | ------------------------------+-------+-------+ 11. RADIUS/Diameter Credit-Control Interworking Model This section defines the basic principles for the Diameter credit- control/RADIUS prepaid inter-working model; that is, a message translation between a RADIUS based prepaid solution and a Diameter credit-control application. A complete description of the protocol Bertz, et al. Expires November 19, 2018 [Page 90] Internet-Draft Diameter Credit-Control Application May 2018 translations between RADIUS and the Diameter credit-control application is beyond the scope of this specification and SHOULD be addressed in another appropriate document, such as the RADIUS prepaid specification. The Diameter credit-control architecture may have a Translation Agent capable of translation between RADIUS prepaid and Diameter credit- control protocols. An AAA server (usually the home AAA server) may act as a Translation Agent and as a Diameter credit-control client for service elements that use credit-control mechanisms other than Diameter credit-control for instance, RADIUS prepaid. In this case, the home AAA server contacts the Diameter credit-control server as part of the authorization process. The interworking architecture is illustrated Figure 9, and interworking flow in Figure 10. In a roaming situation the service element (e.g., the NAS) may be located in the visited network, and a visited AAA server is usually contacted. The visited AAA server connects then to the home AAA server. RADIUS Prepaid +--------+ +---------+ protocol +------------+ +--------+ | End |<----->| Service |<---------->| Home AAA | |Business| | User | | Element | | Server | |Support | +--------+ +-->| | |+----------+|->|System | | +---------+ ||CC Client || | | | |+----------+| | | +--------+ | +------^-----+ +----^---+ | End |<--+ Credit-Control | | | User | Protocol | | +--------+ +-------V--------+ | |Credit-Control |----+ | Server | +----------------+ Figure 9: Credit-control architecture with service element containing translation agent, translating RADIUS prepaid to Diameter credit- control protocol When the AAA server acting as a Translation Agent receives an initial RADIUS Access-Request message from service element (e.g., NAS access), it performs regular authentication and authorization. If the RADIUS Access-Request message indicates that the service element is capable of credit-control, and if the home AAA server finds that the subscriber is a prepaid subscriber, then a Diameter credit- control request SHOULD be sent toward the credit-control server to perform credit authorization and to establish a credit-control session. After the Diameter credit-control server checks the end user's account balance, rates the service, and reserves credit from Bertz, et al. Expires November 19, 2018 [Page 91] Internet-Draft Diameter Credit-Control Application May 2018 the end user's account, the reserved quota is returned to the home AAA server in the Diameter Credit-Control-Answer. Then the home AAA server sends the reserved quota to the service element in the RADIUS Access-Accept. At the expiry of the allocated quota, the service element sends a new RADIUS Access-Request containing the units used this far to the home AAA server. The home AAA server shall map a RADIUS Access-Request containing the reported units to the Diameter credit-control server in a Diameter Credit-Control-Request (UPDATE_REQUEST). The Diameter credit-control server debits the used units from the end user's account and allocates a new quota that is returned to the home AAA server in the Diameter Credit-Control-Answer. The quota is transferred to the service element in the RADIUS Access-Accept. When the end user terminates the service, or when the entire quota has been used, the service element sends a RADIUS Access-Request. To debit the used units from the end user's account and to stop the credit-control session, the home AAA server sends a Diameter Credit- Control-Request (TERMINATION_REQUEST) to the credit-control server. The Diameter credit-control server acknowledges the session termination by sending a Diameter Credit-Control-Answer to the home AAA server. The RADIUS Access-Accept is sent to the NAS. A following diagram illustrates a RADIUS prepaid - Diameter credit- control interworking sequence. Bertz, et al. Expires November 19, 2018 [Page 92] Internet-Draft Diameter Credit-Control Application May 2018 Service Element Translation Agent (e.g., NAS) (CC Client) CC Server | Access-Request | | |----------------------->| | | | CCR (initial) | | |----------------------->| | | CCA (Granted-Units) | | |<-----------------------| | Access-Accept | | | (Granted-Units) | | |<-----------------------| | : : : | Access-Request | | | (Used-Units) | | |----------------------->| | | | CCR (update, | | | Used-Units) | | |----------------------->| | | CCA (Granted-Units) | | |<-----------------------| | Access-Accept | | | (Granted-Units) | | |<-----------------------| | : : : | Access-Request | | |----------------------->| | | | CCR (terminate, | | | Used-Units) | | |----------------------->| | | CCA | | |<-----------------------| | Access-Accept | | |<-----------------------| | | | | Figure 10: Message flow example with RADIUS prepaid - Diameter credit-control interworking 12. IANA Considerations This section contains the namespaces that have either been created in this specification, or the values assigned to existing namespaces managed by IANA. In the subsections below, when we speak about review by a Designated Expert, please note that the designated expert will be assigned by the IESG. Initially, such Expert discussions take place on the AAA WG mailing list. Bertz, et al. Expires November 19, 2018 [Page 93] Internet-Draft Diameter Credit-Control Application May 2018 12.1. Application Identifier This specification assigns the value 4, 'Diameter Credit Control', to the Application Identifier namespace defined in [RFC6733]. See Section 1.3 for more information. 12.2. Command Codes This specification uses the value 272 from the Command code namespace defined in [RFC6733] for the Credit-Control-Request (CCR) and Credit- Control-Answer (CCA) commands. 12.3. AVP Codes See Section 8 for the assignment of the namespace in this specification. This document describes new AVP codes beyond those described in RFC4006. IANA is requested to allocated codes for the AVPs defined in the following Table 7. +-----------------------------------+-------+--------------------+ | Attribute Name | Code | Defined in section | +-----------------------------------+-------+--------------------+ | User-Equipment-Info-Extension | TBD1 | 8.52 | | User-Equipment-Info-IMEISV | TBD2 | 8.53 | | User-Equipment-Info-MAC | TBD3 | 8.54 | | User-Equipment-Info-EUI64 | TBD4 | 8.55 | | User-Equipment-Info-ModifiedEUI64 | TBD5 | 8.56 | | User-Equipment-Info-IMEI | TBD6 | 8.57 | | Subscription-Id-Extension | TBD7 | 8.58 | | Subscription-Id-E164 | TBD8 | 8.59 | | Subscription-Id-IMSI | TBD9 | 8.60 | | Subscription-Id-SIP-URI | TBD10 | 8.61 | | Subscription-Id-NAI | TBD11 | 8.62 | | Subscription-Id-Private | TBD12 | 8.63 | | Redirect-Server-Extension | TBD13 | 8.64 | | Redirect-Address-IPAddress | TBD14 | 8.65 | | Redirect-Address-URL | TBD15 | 8.66 | | Redirect-Address-SIP-URI | TBD16 | 8.67 | | QoS-Final-Unit-Indication | TBD17 | 8.68 | +-----------------------------------+-------+--------------------+ Table 7: Requested AVP Assignments Bertz, et al. Expires November 19, 2018 [Page 94] Internet-Draft Diameter Credit-Control Application May 2018 12.4. Result-Code AVP Values This specification assigns the values 4010, 4011, 4012, 5030, 5031 from the Result-Code AVP value namespace defined in [RFC6733]. See Section 9 for the assignment of the namespace in this specification. 12.5. CC-Request-Type AVP As defined in Section 8.3, the CC-Request-Type AVP includes Enumerated type values 1 - 4. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [RFC8126], under the conditions for enumerated values described in [RFC7423] Section 5.6. 12.6. CC-Session-Failover AVP As defined in Section 8.4, the CC-Failover-Supported AVP includes Enumerated type values 0 - 1. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [RFC8126], under the conditions for enumerated values described in [RFC7423] Section 5.6. 12.7. CC-Unit-Type AVP As defined in Section 8.32, the CC-Unit-Type AVP includes Enumerated type values 0 - 5. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [RFC8126], under the conditions for enumerated values described in [RFC7423] Section 5.6. 12.8. Check-Balance-Result AVP As defined in Section 8.6, the Check-Balance-Result AVP includes Enumerated type values 0 - 1. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [RFC8126], under the conditions for enumerated values described in [RFC7423] Section 5.6. 12.9. Credit-Control AVP As defined in Section 8.13, the Credit-Control AVP includes Enumerated type values 0 - 1. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [RFC8126], under the conditions for enumerated values described in [RFC7423] Section 5.6. Bertz, et al. Expires November 19, 2018 [Page 95] Internet-Draft Diameter Credit-Control Application May 2018 12.10. Credit-Control-Failure-Handling AVP As defined in Section 8.14, the Credit-Control-Failure-Handling AVP includes Enumerated type values 0 - 2. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [RFC8126], under the conditions for enumerated values described in [RFC7423] Section 5.6. 12.11. Direct-Debiting-Failure-Handling AVP As defined in Section 8.15, the Direct-Debiting-Failure-Handling AVP includes Enumerated type values 0 - 1. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [RFC8126], under the conditions for enumerated values described in [RFC7423] Section 5.6. 12.12. Final-Unit-Action AVP As defined in Section 8.35, the Final-Unit-Action AVP includes Enumerated type values 0 - 2. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [RFC8126], under the conditions for enumerated values described in [RFC7423] Section 5.6. 12.13. Multiple-Services-Indicator AVP As defined in Section 8.40, the Multiple-Services-Indicator AVP includes Enumerated type values 0 - 1. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [RFC8126], under the conditions for enumerated values described in [RFC7423] Section 5.6. 12.14. Redirect-Address-Type AVP As defined in Section 8.38, the Redirect-Address-Type AVP includes Enumerated type values 0 - 3. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [RFC8126], under the conditions for enumerated values described in [RFC7423] Section 5.6. 12.15. Requested-Action AVP As defined in Section 8.41, the Requested-Action AVP includes Enumerated type values 0 - 3. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [RFC8126], under the conditions for enumerated values described in [RFC7423] Section 5.6. Bertz, et al. Expires November 19, 2018 [Page 96] Internet-Draft Diameter Credit-Control Application May 2018 12.16. Subscription-Id-Type AVP As defined in Section 8.47, the Subscription-Id-Type AVP includes Enumerated type values 0 - 4. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [RFC8126], under the conditions for enumerated values described in [RFC7423] Section 5.6. 12.17. Tariff-Change-Usage AVP As defined in Section 8.27, the Tariff-Change-Usage AVP includes Enumerated type values 0 - 2. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [RFC8126], under the conditions for enumerated values described in [RFC7423] Section 5.6. 12.18. User-Equipment-Info-Type AVP As defined in Section 8.50, the User-Equipment-Info-Type AVP includes Enumerated type values 0 - 3. IANA has created and is maintaining a namespace for this AVP. All remaining values are available for assignment by a Designated Expert [RFC8126], under the conditions for enumerated values described in [RFC7423] Section 5.6. 13. Credit-Control Application Related Parameters Tx timer When real-time credit-control is required, the credit-control client contacts the credit-control server before and while the service is provided to an end user. Due to the real-time nature of the application, the communication delays SHOULD be minimized; e.g., to avoid an overly long service setup time experienced by the end user. The Tx timer is introduced to control the waiting time in the client in the Pending state. When the Tx timer elapses, the credit-control client takes an action to the end user according to the value of the Credit-Control-Failure-Handling AVP or Direct-Debiting-Failure-Handling AVP. The recommended value is 10 seconds. Tcc timer The Tcc timer supervises an ongoing credit-control session in the credit-control server. It is RECOMMENDED to use the Validity-Time as input to set the Tcc timer value. In case of transient failures in the network, the Diameter credit-control server might change to Idle Bertz, et al. Expires November 19, 2018 [Page 97] Internet-Draft Diameter Credit-Control Application May 2018 state. To avoid this, the Tcc timer MAY be set so that Tcc equals to 2 x Validity-Time. Credit-Control-Failure-Handling and Direct-Debiting-Failure-Handling Client implementations may offer the possibility of locally configuring these AVPs. In such a case their value and behavior is defined in Section 5.7 for the Credit-Control-Failure-Handling and in Section 6.5 for the Direct-Debiting-Failure-Handling. 14. Security Considerations Security considerations regarding the Diameter protocol itself are discussed in [RFC6733]. Use of this application of Diameter MUST take into consideration the security issues and requirements of the base protocol. This application includes a mechanism for application layer replay protection by means of the Session-Id from [RFC6733] and CC-Request- Number, which is specified in this document. The Diameter credit- control application is often used within one domain, and there may be a single hop between the peers. In these environments, the use of TLS/TCP, DTLS/SCTP or IPsec is sufficient. The details of TLS/TCP, DTLS/SCTP or IPsec related security considerations are discussed in the [RFC6733]. Because this application handles monetary transactions (directly or indirectly), it increases the interest for various security attacks. Therefore, all parties communicating with each other MUST be authenticated, including, for instance, TLS client-side authentication. In addition, authorization of the client SHOULD be emphasized; i.e., that the client is allowed to perform credit- control for a certain user. The specific means of authorization are outside of the scope of this specification but can be, for instance, manual configuration. Another kind of threat is malicious modification, injection, or deletion of AVPs or complete credit-control messages. The credit- control messages contain sensitive billing related information (such as subscription Id, granted units, used units, cost information) whose malicious modification can have financial consequences. Sometimes simply delaying the credit-control messages can cause disturbances in the credit-control client or server. Even without any modification to the messages, an adversary can eavesdrop on transactions that contain privacy-sensitive information about the user. Also, by monitoring the credit-control messages one Bertz, et al. Expires November 19, 2018 [Page 98] Internet-Draft Diameter Credit-Control Application May 2018 can collect information about the credit-control server's billing models and business relationships. When third-party relays or proxy are involved, the hop-by-hop security does not necessarily provide sufficient protection for Diameter user session. In some cases, it may be inappropriate to send Diameter messages, such as CCR and CCA, containing sensitive AVPs via untrusted Diameter proxy agents, as there are no assurances that third-party proxies will not modify the credit-control commands or AVP values. 14.1. Direct Connection with Redirects A Diameter credit-control agent cannot always know whether agents between it and the end user's Diameter credit-control server are reliable. In this case, the Diameter credit-control agent doesn't have a routing entry in its Diameter Routing Table (defined in [RFC6733], section 2.7) for the realm of the credit-control server in the end user's home domain. The Diameter credit-control agent can have a default route configured to a local Redirect agent, and it redirects the CCR message to the redirect agent. The local Redirect agent then returns a redirect notification (Result-code 3006, DIAMETER_REDIRECT_INDICATION) to the credit-control agent, as well as Diameter credit-control server(s) information (Redirect-Host AVP) and information (Redirect-Host-Usage AVP) about how the routing entry resulting from the Redirect-Host is to be used. The Diameter credit- control agent then forwards the CCR message directly to one of the hosts identified by the CCA message from the redirect agent. If the value of the Redirect-Host-Usage AVP is unequal to zero, all following messages are sent to the host specified in the Redirect- Host AVP until the time specified by the Redirect-Max-Cache-Time AVP is expired. There are some authorization issues even with redirects. There may be attacks toward nodes that have been properly authorized, but that abuse their authorization or have been compromised. These issues are discussed more widely in [RFC4072], Section 8. 15. Privacy Considerations As the Diameter protocol, and especially credit-control application, deals with subscribers and their actions, extra care should be taken regarding the privacy of the subscribers. In terms of [RFC6973], both the credit-control client and credit-control server are intermediary entities, wherein the subscribers' privacy may be compromised even if no security issues exist, and only authorized entities have access to the privacy-sensitive information. "IPv6 Backbone Router", draft-ietf-6lo- backbone-router-01 (work in progress), March 2016. [I-D.ietf-6tisch-minimal] Vilajosana, X. and K. Pister, "Minimal 6TiSCH Configuration", draft-ietf-6tisch-minimal-15 (work in progress), February 2016. [I-D.ietf-6tisch-terminology] Palattella, M., Thubert, P., Watteyne, T., and Q. Wang, "Terminology in IPv6 over the TSCH mode of IEEE 802.15.4e", draft-ietf-6tisch-terminology-07 (work in progress), March 2016. [I-D.ietf-roll-routing-dispatch] Thubert, P., Bormann, C., Toutain, L., and R. Cragie, "6LoWPAN Routing Header", draft-ietf-roll-routing- dispatch-00 (work in progress), March 2016. [RFC0768] Postel, J., "User Datagram Protocol", STD 6, RFC 768, DOI 10.17487/RFC0768, August 1980, <http://www.rfc-editor.org/info/rfc768>. [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 (IPv6) Specification", RFC 2460, DOI 10.17487/RFC2460, December 1998, <http://www.rfc-editor.org/info/rfc2460>. [RFC4861] Narten, T., Nordmark, E., Simpson, W., and H. Soliman, "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861, DOI 10.17487/RFC4861, September 2007, <http://www.rfc-editor.org/info/rfc4861>. [RFC4862] Thomson, S., Narten, T., and T. Jinmei, "IPv6 Stateless Address Autoconfiguration", RFC 4862, DOI 10.17487/RFC4862, September 2007, <http://www.rfc-editor.org/info/rfc4862>. Thubert Expires December 12, 2016 [Page 41] Internet-Draft 6tisch-architecture June 2016 [RFC6282] Hui, J., Ed. and P. Thubert, "Compression Format for IPv6 Datagrams over IEEE 802.15.4-Based Networks", RFC 6282, DOI 10.17487/RFC6282, September 2011, <http://www.rfc-editor.org/info/rfc6282>. [RFC6550] Winter, T., Ed., Thubert, P., Ed., Brandt, A., Hui, J., Kelsey, R., Levis, P., Pister, K., Struik, R., Vasseur, JP., and R. Alexander, "RPL: IPv6 Routing Protocol for Low-Power and Lossy Networks", RFC 6550, DOI 10.17487/RFC6550, March 2012, <http://www.rfc-editor.org/info/rfc6550>. [RFC6551] Vasseur, JP., Ed., Kim, M., Ed., Pister, K., Dejean, N., and D. Barthel, "Routing Metrics Used for Path Calculation in Low-Power and Lossy Networks", RFC 6551, DOI 10.17487/RFC6551, March 2012, <http://www.rfc-editor.org/info/rfc6551>. [RFC6552] Thubert, P., Ed., "Objective Function Zero for the Routing Protocol for Low-Power and Lossy Networks (RPL)", RFC 6552, DOI 10.17487/RFC6552, March 2012, <http://www.rfc-editor.org/info/rfc6552>. [RFC6553] Hui, J. and JP. Vasseur, "The Routing Protocol for Low- Power and Lossy Networks (RPL) Option for Carrying RPL Information in Data-Plane Datagrams", RFC 6553, DOI 10.17487/RFC6553, March 2012, <http://www.rfc-editor.org/info/rfc6553>. [RFC6554] Hui, J., Vasseur, JP., Culler, D., and V. Manral, "An IPv6 Routing Header for Source Routes with the Routing Protocol for Low-Power and Lossy Networks (RPL)", RFC 6554, DOI 10.17487/RFC6554, March 2012, <http://www.rfc-editor.org/info/rfc6554>. [RFC6775] Shelby, Z., Ed., Chakrabarti, S., Nordmark, E., and C. Bormann, "Neighbor Discovery Optimization for IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs)", RFC 6775, DOI 10.17487/RFC6775, November 2012, <http://www.rfc-editor.org/info/rfc6775>. [RFC7252] Shelby, Z., Hartke, K., and C. Bormann, "The Constrained Application Protocol (CoAP)", RFC 7252, DOI 10.17487/RFC7252, June 2014, <http://www.rfc-editor.org/info/rfc7252>. Thubert Expires December 12, 2016 [Page 42] Internet-Draft 6tisch-architecture June 2016 [RFC7554] Watteyne, T., Ed., Palattella, M., and L. Grieco, "Using IEEE 802.15.4e Time-Slotted Channel Hopping (TSCH) in the Internet of Things (IoT): Problem Statement", RFC 7554, DOI 10.17487/RFC7554, May 2015, <http://www.rfc-editor.org/info/rfc7554>. 8.2. Informative References [I-D.ietf-6tisch-6top-interface] Wang, Q. and X. Vilajosana, "6TiSCH Operation Sublayer (6top) Interface", draft-ietf-6tisch-6top-interface-04 (work in progress), July 2015. [I-D.ietf-6tisch-6top-protocol] Wang, Q. and X. Vilajosana, "6top Protocol (6P)", draft- ietf-6tisch-6top-protocol-00 (work in progress), April 2016. [I-D.ietf-6tisch-6top-sf0] Dujovne, D., Grieco, L., Palattella, M., and N. Accettura, "6TiSCH 6top Scheduling Function Zero (SF0)", draft-ietf- 6tisch-6top-sf0-00 (work in progress), May 2016. [I-D.ietf-6tisch-coap] Sudhaakar, R. and P. Zand, "6TiSCH Resource Management and Interaction using CoAP", draft-ietf-6tisch-coap-03 (work in progress), March 2015. [I-D.ietf-detnet-use-cases] Grossman, E., Gunther, C., Thubert, P., Wetterwald, P., Raymond, J., Korhonen, J., Kaneko, Y., Das, S., Zha, Y., Varga, B., Farkas, J., Goetz, F., and J. Schmitt, "Deterministic Networking Use Cases", draft-ietf-detnet- use-cases-09 (work in progress), March 2016. [I-D.ietf-manet-aodvv2] Perkins, C., Ratliff, S., Dowdell, J., Steenbrink, L., and V. Mercieca, "Ad Hoc On-demand Distance Vector Version 2 (AODVv2) Routing", draft-ietf-manet-aodvv2-16 (work in progress), May 2016. [I-D.ietf-roll-rpl-industrial-applicability] Phinney, T., Thubert, P., and R. Assimiti, "RPL applicability in industrial networks", draft-ietf-roll- rpl-industrial-applicability-02 (work in progress), October 2013. Thubert Expires December 12, 2016 [Page 43] Internet-Draft 6tisch-architecture June 2016 [I-D.richardson-6tisch-security-architecture] Richardson, M., "security architecture for 6top: requirements and structure", draft-richardson-6tisch- security-architecture-02 (work in progress), April 2014. [I-D.struik-6tisch-security-architecture-elements] Struik, R., Ohba, Y., and S. Das, "6TiSCH Security Architectural Elements, Desired Protocol Properties, and Framework", draft-struik-6tisch-security-architecture- elements-01 (work in progress), October 2014. [I-D.svshah-tsvwg-deterministic-forwarding] Shah, S. and P. Thubert, "Deterministic Forwarding PHB", draft-svshah-tsvwg-deterministic-forwarding-04 (work in progress), August 2015. [I-D.svshah-tsvwg-lln-diffserv-recommendations] Shah, S. and P. Thubert, "Differentiated Service Class Recommendations for LLN Traffic", draft-svshah-tsvwg-lln- diffserv-recommendations-04 (work in progress), February 2015. [I-D.thubert-6lo-rfc6775-update-reqs] Thubert, P. and P. Stok, "Requirements for an update to 6LoWPAN ND", draft-thubert-6lo-rfc6775-update-reqs-07 (work in progress), April 2016. [I-D.thubert-roll-forwarding-frags] Thubert, P. and J. Hui, "LLN Fragment Forwarding and Recovery", draft-thubert-roll-forwarding-frags-02 (work in progress), September 2013. [I-D.vanderstok-core-comi] Stok, P. and A. Bierman, "CoAP Management Interface", draft-vanderstok-core-comi-09 (work in progress), March 2016. [I-D.wang-6tisch-6top-sublayer] Wang, Q. and X. Vilajosana, Bertz, et al. Expires November 19, 2018 [Page 99] Internet-Draft Diameter Credit-Control Application May 2018 15.1. Privacy Sensitive AVPs The following AVPs contain privacy-sensitive information at different levels: 1. CC-Correlation-Id AVP: may contain privacy-sensitive information as the service-provider may encode personal information that helps it correlate different subscriptions and access technologies. 2. Check-Balance-Result AVP: contains information on the balance status of the subscriber. 3. Currency-Code AVP: contains information on the subscriber's locale. 4. Cost-Unit AVP: contains privacy-sensitive information, as a human readable format of the Cost-Information AVP. 5. Service-Identifier AVP: may contain privacy-sensitive information about the subscriber's internet activity. 6. Rating-Group AVP: may contain privacy-sensitive information about the subscriber's internet activity. 7. Restriction-Filter-Rule AVP: the information inside IPFilterRule may be used to infer services used by the subscriber. 8. Redirect-Server-Address AVP: the service-provider may embed personal information on the subscriber in the URL/I (e.g. to create a personalized message). However, the service-provider may anonymise the subscriber's identity instead in the URL/I, and let the redirect server query the information directly. Similar AVPs are: Redirect-Address-URL, Redirect-Address-SIP- URI. 9. Service-Context-Id AVP: depending with how the service-provider uses it, it may contain privacy-sensitive information about the service (e.g. in a 3GPP network Service-Context-Id AVP has a different value for: Packet Switching, SMS and MMS etc.) 10. Service-Parameter-Info AVP: depending with how the service- provider uses it, it may contain privacy-sensitive information about the subscriber (e.g. location). 11. Subscription-Id-Data AVP: contains the identity of the subscriber. Similar AVPs are: Subscription-Id-E164, Bertz, et al. Expires November 19, 2018 [Page 100] Internet-Draft Diameter Credit-Control Application May 2018 Subscription-Id-IMSI, Subscription-Id-SIP-URI, Subscription-Id- NAI, Subscription-Id-Private. 12. User-Equipment-Info-Value AVP: contains the identity of the device of the subscriber. Similar AVPs are: User-Equipment- Info-IMEISV, User-Equipment-Info-MAC, User-Equipment-Info-EUI64, User-Equipment-Info-ModifiedEUI64, User-Equipment-Info-IMEI. 13. QoS-Final-Unit-Indication AVP: grouped AVP which may contains privacy-sensitive information in its sub-AVPs (e.g IPFilterRule, redirect address). Note that some AVPs which are used in this document are defined in [RFC6733] and may contain privacy-sensitive information. These AVPs are not listed above. 15.2. Data Minimization Due to the nature of the credit-control application, some personal data and identity information must be stored in both credit-control client and credit-control server. This, however, could be minimized by following these guidelines: 1. Data stored in the credit-control client does not need to be persisted across sessions. All data could be deleted once the session end, and reconstructed once a new session is initialized. Note that, while the credit-control server is usually owned by the service provider with which the subscriber already has some direct legal or business relationship (where privacy level could be agreed upon), this is not always true for the credit-control client, that may be owned by a third-party. 2. Some information about the subscriber has to be stored in persistent storage in the credit-control server (e.g. identity, balance), however, per transaction information does not have to be stored in persistent storage, and per session information may be deleted from persistent storage once the session ends. 3. In some cases, per transaction information has to be stored on the credit-control server, client, or both, for regulatory, auditability or debugging reasons. However, this could be minimized by following these guidelines: A. Data retention does not need to exceed the required duration. B. Transaction information could be aggregated in some cases. E.g. prefer information per sessions over information per Bertz, et al. Expires November 19, 2018 [Page 101] Internet-Draft Diameter Credit-Control Application May 2018 rating-group; prefer hourly byte summary over per transaction byte counts. C. If not strictly needed, the more sensitive information (E.g. location, equipment type) could be filtered out of such logs. This information is often used to make rating decisions, and in this case, the rating decision should be logged instead of the data used to make them. D. Due to the reasons explained in 1, the credit-control server would be a preferred location for storing such transaction information, instead of the credit-control client 15.3. Diameter Agents Diameter agents, as described in [RFC6733], may be owned by third- parties. If end-to-end security is supported between credit-control client and credit-control server, the operator can use it to encrypt privacy-sensitive AVPs (as listed in Section 15.1), and prevent such information from leaking into the agent. In some cases, the Diameter agent needs access into privacy-sensitive AVPs, in order to take correct routing decisions, or even modify the content of these AVPs. For example, a proxy agent may need to look into the Subscription-Id-IMSI AVP, in order to extract the mobile country and network codes of the user, and use them to lookup the destination to which the request should be routed (see: section 2.8.2 in [RFC6733]). In such a case, the credit-control client and credit- control server may use a mechanism that anonymizes the identity of the subscriber, as well as a mechanism to encrypt other AVPs not used by the agent. 16. References 16.1. Normative References [CE164] "Complement to ITU-T Recommendation E.164 (05/1997):"List of ITU-T Recommendation E.164 assigned country codes"", June 2000. [CE212] "Complement to ITU-T Recommendation E.212 (11/1997):" List of mobile country or geographical area codes"", February 1999. [E164] "Recommendation E.164/I.331 (05/97): The International Public Telecommunication Numbering Plan.", 1997. Bertz, et al. Expires November 19, 2018 [Page 102] Internet-Draft Diameter Credit-Control Application May 2018 [E212] "Recommendation E.212 (11/98): The international identification plan for mobile terminals and mobile users.", 1998. [EUI64] IEEE, ""Guidelines for 64-bit Global Identifier (EUI-64) Registration Authority"", March 1997, <http://standards.ieee.org/regauth/oui/tutorials/ EUI64.html >. [ISO4217] "Codes for the representation of currencies and funds, International Standard ISO 4217", 2001. [RFC0791] Postel, J., "Internet Protocol", STD 5, RFC 791, DOI 10.17487/RFC0791, September 1981, <https://www.rfc-editor.org/info/rfc791>. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <https://www.rfc-editor.org/info/rfc2119>. [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP: Session Initiation Protocol", RFC 3261, DOI 10.17487/RFC3261, June 2002, <https://www.rfc-editor.org/info/rfc3261>. [RFC3539] Aboba, B. and J. Wood, "Authentication, Authorization and Accounting (AAA) Transport Profile", RFC 3539, DOI 10.17487/RFC3539, June 2003, <https://www.rfc-editor.org/info/rfc3539>. [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform Resource Identifier (URI): Generic Syntax", STD 66, RFC 3986, DOI 10.17487/RFC3986, January 2005, <https://www.rfc-editor.org/info/rfc3986>. [RFC4006] Hakala, H., Mattila, L., Koskinen, J-P., Stura, M., and J. Loughney, "Diameter Credit-Control Application", RFC 4006, DOI 10.17487/RFC4006, August 2005, <https://www.rfc-editor.org/info/rfc4006>. [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing Architecture", RFC 4291, DOI 10.17487/RFC4291, February 2006, <https://www.rfc-editor.org/info/rfc4291>. Bertz, et al. Expires November 19, 2018 [Page 103] Internet-Draft Diameter Credit-Control Application May 2018 [RFC5777] Korhonen, J., Tschofenig, H., Arumaithurai, M., Jones, M., Ed., and A. Lior, "Traffic Classification and Quality of Service (QoS) Attributes for Diameter", RFC 5777, DOI 10.17487/RFC5777, February 2010, <https://www.rfc-editor.org/info/rfc5777>. [RFC5952] Kawamura, S. and M. Kawashima, "A Recommendation for IPv6 Address Text Representation", RFC 5952, DOI 10.17487/RFC5952, August 2010, <https://www.rfc-editor.org/info/rfc5952>. [RFC6733] Fajardo, V., Ed., Arkko, J., Loughney, J., and G. Zorn, Ed., "Diameter Base Protocol", RFC 6733, DOI 10.17487/RFC6733, October 2012, <https://www.rfc-editor.org/info/rfc6733>. [RFC7155] Zorn, G., Ed., "Diameter Network Access Server Application", RFC 7155, DOI 10.17487/RFC7155, April 2014, <https://www.rfc-editor.org/info/rfc7155>. [RFC7423] Morand, L., Ed., Fajardo, V., and H. Tschofenig, "Diameter Applications Design Guidelines", BCP 193, RFC 7423, DOI 10.17487/RFC7423, November 2014, <https://www.rfc-editor.org/info/rfc7423>. [RFC7542] DeKok, A., "The Network Access Identifier", RFC 7542, DOI 10.17487/RFC7542, May 2015, <https://www.rfc-editor.org/info/rfc7542>. [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 8126, DOI 10.17487/RFC8126, June 2017, <https://www.rfc-editor.org/info/rfc8126>. [TGPPIMEI] 3rd Generation Partnership Project, "Technical Specification Group Core Network, Numbering, addressing and identification, (release 13), 3GPP TS 23.003 v. 13.5.0", 2016-04. 16.2. Informative References [RFC2866] Rigney, C., "RADIUS Accounting", RFC 2866, DOI 10.17487/RFC2866, June 2000, <https://www.rfc-editor.org/info/rfc2866>. Bertz, et al. Expires November 19, 2018 [Page 104] Internet-Draft Diameter Credit-Control Application May 2018 [RFC3580] Congdon, P., Aboba, B., Smith, A., Zorn, G., and J. Roese, "IEEE 802.1X Remote Authentication Dial In User Service (RADIUS) Usage Guidelines", RFC 3580, DOI 10.17487/RFC3580, September 2003, <https://www.rfc-editor.org/info/rfc3580>. [RFC3725] Rosenberg, J., Peterson, J., Schulzrinne, H., and G. Camarillo, "Best Current Practices for Third Party Call Control (3pcc) in the Session Initiation Protocol (SIP)", BCP 85, RFC 3725, DOI 10.17487/RFC3725, April 2004, <https://www.rfc-editor.org/info/rfc3725>. [RFC4004] Calhoun, P., Johansson, T., Perkins, C., Hiller, T., Ed., and P. McCann, "Diameter Mobile IPv4 Application", RFC 4004, DOI 10.17487/RFC4004, August 2005, <https://www.rfc-editor.org/info/rfc4004>. [RFC4072] Eronen, P., Ed., Hiller, T., and G. Zorn, "Diameter Extensible Authentication Protocol (EAP) Application", RFC 4072, DOI 10.17487/RFC4072, August 2005, <https://www.rfc-editor.org/info/rfc4072>. [RFC6973] Cooper, A., Tschofenig, H., Aboba, B., Peterson, J., Morris, J., Hansen, M., and R. Smith, "Privacy Considerations for Internet Protocols", RFC 6973, DOI 10.17487/RFC6973, July 2013, <https://www.rfc-editor.org/info/rfc6973>. [TGPPCHARG] 3rd Generation Partnership Project, "Technical Specification Group Services and System Aspects, Service aspects; Charging and Billing, (release 13), 3GPP TS 22.115 v. 13.3.0", 2016-03. Appendix A. Acknowledgements The original authors of RFC4006 are: Harri Hakala, Leena Mattila, Juha-Pekka Koskinen, Marco Stura, and John Loughney. The authors would like to thank Bernard Aboba, Jari Arkko, Robert Ekblad, Pasi Eronen, Benny Gustafsson, Robert Karlsson, Avi Lior, Paco Marin, Jussi Maki, Jeff Meyer, Anne Narhi, John Prudhoe, Christopher Richards, Juha Vallinen, and Mark Watson for their comments and suggestions. Bertz, et al. Expires November 19, 2018 [Page 105] Internet-Draft Diameter Credit-Control Application May 2018 Appendix B. Credit-Control Sequences B.1. Flow I NAS End User (CC Client) AAA Server CC Server |(1)User Logon |(2)AA Request (CC AVPs) | |------------------>|------------------->| | | | |(3)CCR(initial, CC AVPs) | | |------------------->| | | | (4)CCA(Granted-Units) | | |<-------------------| | |(5)AA Answer(Granted-Units) | |(6)Access granted |<-------------------| | |<----------------->| | | | | | | : : : : | |(7)CCR(update,Used-Units) | | |------------------->|(8)CCR | | | | (update,Used-Units) | | |------------------->| | | |(9)CCA(Granted-Units) | |(10)CCA(Granted-Units)<------------------| | |&"6TiSCH Operation Sublayer (6top)", draft-wang-6tisch-6top-sublayer-04 (work in progress), November 2015. [RFC2474] Nichols, K., Blake, S., Baker, F., and D. Black, "Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers", RFC 2474, DOI 10.17487/RFC2474, December 1998, <http://www.rfc-editor.org/info/rfc2474>. Thubert Expires December 12, 2016 [Page 44] Internet-Draft 6tisch-architecture June 2016 [RFC2545] Marques, P. and F. Dupont, "Use of BGP-4 Multiprotocol Extensions for IPv6 Inter-Domain Routing", RFC 2545, DOI 10.17487/RFC2545, March 1999, <http://www.rfc-editor.org/info/rfc2545>. [RFC3209] Awduche, D., Berger, L., Gan, D., Li, T., Srinivasan, V., and G. Swallow, "RSVP-TE: Extensions to RSVP for LSP Tunnels", RFC 3209, DOI 10.17487/RFC3209, December 2001, <http://www.rfc-editor.org/info/rfc3209>. [RFC3444] Pras, A. and J. Schoenwaelder, "On the Difference between Information Models and Data Models", RFC 3444, DOI 10.17487/RFC3444, January 2003, <http://www.rfc-editor.org/info/rfc3444>. [RFC3610] Whiting, D., Housley, R., and N. Ferguson, "Counter with CBC-MAC (CCM)", RFC 3610, DOI 10.17487/RFC3610, September 2003, <http://www.rfc-editor.org/info/rfc3610>. [RFC3963] Devarapalli, V., Wakikawa, R., Petrescu, A., and P. Thubert, "Network Mobility (NEMO) Basic Support Protocol", RFC 3963, DOI 10.17487/RFC3963, January 2005, <http://www.rfc-editor.org/info/rfc3963>. [RFC3971] Arkko, J., Ed., Kempf, J., Zill, B., and P. Nikander, "SEcure Neighbor Discovery (SEND)", RFC 3971, DOI 10.17487/RFC3971, March 2005, <http://www.rfc-editor.org/info/rfc3971>. [RFC3972] Aura, T., "Cryptographically Generated Addresses (CGA)", RFC 3972, DOI 10.17487/RFC3972, March 2005, <http://www.rfc-editor.org/info/rfc3972>. [RFC4080] Hancock, R., Karagiannis, G., Loughney, J., and S. Van den Bosch, "Next Steps in Signaling (NSIS): Framework", RFC 4080, DOI 10.17487/RFC4080, June 2005, <http://www.rfc-editor.org/info/rfc4080>. [RFC4291] Hinden, R. and S. Deering, "IP Version 6 Addressing Architecture", RFC 4291, DOI 10.17487/RFC4291, February 2006, <http://www.rfc-editor.org/info/rfc4291>. [RFC4389] Thaler, D., Talwar, M., and C. Patel, "Neighbor Discovery Proxies (ND Proxy)", RFC 4389, DOI 10.17487/RFC4389, April 2006, <http://www.rfc-editor.org/info/rfc4389>. Thubert Expires December 12, 2016 [Page 45] Internet-Draft 6tisch-architecture June 2016 [RFC4429] Moore, N., "Optimistic Duplicate Address Detection (DAD) for IPv6", RFC 4429, DOI 10.17487/RFC4429, April 2006, <http://www.rfc-editor.org/info/rfc4429>. [RFC4903] Thaler, D., "Multi-Link Subnet Issues", RFC 4903, DOI 10.17487/RFC4903, June 2007, <http://www.rfc-editor.org/info/rfc4903>. [RFC4919] Kushalnagar, N., Montenegro, G., and C. Schumacher, "IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): Overview, Assumptions, Problem Statement, and Goals", RFC 4919, DOI 10.17487/RFC4919, August 2007, <http://www.rfc-editor.org/info/rfc4919>. [RFC5191] Forsberg, D., Ohba, Y., Ed., Patil, B., Tschofenig, H., and A. Yegin, "Protocol for Carrying Authentication for Network Access (PANA)", RFC 5191, DOI 10.17487/RFC5191, May 2008, <http://www.rfc-editor.org/info/rfc5191>. [RFC5340] Coltun, R., Ferguson, D., Moy, J., and A. Lindem, "OSPF for IPv6", RFC 5340, DOI 10.17487/RFC5340, July 2008, <http://www.rfc-editor.org/info/rfc5340>. [RFC5889] Baccelli, E., Ed. and M. Townsley, Ed., "IP Addressing Model in Ad Hoc Networks", RFC 5889, DOI 10.17487/RFC5889, September 2010, <http://www.rfc-editor.org/info/rfc5889>. [RFC5974] Manner, J., Karagiannis, G., and A. McDonald, "NSIS Signaling Layer Protocol (NSLP) for Quality-of-Service Signaling", RFC 5974, DOI 10.17487/RFC5974, October 2010, <http://www.rfc-editor.org/info/rfc5974>. [RFC6275] Perkins, C., Ed., Johnson, D., and J. Arkko, "Mobility Support in IPv6", RFC 6275, DOI 10.17487/RFC6275, July 2011, <http://www.rfc-editor.org/info/rfc6275>. [RFC6347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer Security Version 1.2", RFC 6347, DOI 10.17487/RFC6347, January 2012, <http://www.rfc-editor.org/info/rfc6347>. [RFC6620] Nordmark, E., Bagnulo, M., and E. Levy-Abegnoli, "FCFS SAVI: First-Come, First-Served Source Address Validation Improvement for Locally Assigned IPv6 Addresses", RFC 6620, DOI 10.17487/RFC6620, May 2012, <http://www.rfc-editor.org/info/rfc6620>. Thubert Expires December 12, 2016 [Page 46] Internet-Draft 6tisch-architecture June 2016 [RFC6655] McGrew, D. and D. Bailey, "AES-CCM Cipher Suites for Transport Layer Security (TLS)", RFC 6655, DOI 10.17487/RFC6655, July 2012, <http://www.rfc-editor.org/info/rfc6655>. [RFC6830] Farinacci, D., Fuller, V., Meyer, D., and D. Lewis, "The Locator/ID Separation Protocol (LISP)", RFC 6830, DOI 10.17487/RFC6830, January 2013, <http://www.rfc-editor.org/info/rfc6830>. [RFC6997] Goyal, M., Ed., Baccelli, E., Philipp, M., Brandt, A., and J. Martocci, "Reactive Discovery of Point-to-Point Routes in Low-Power and Lossy Networks", RFC 6997, DOI 10.17487/RFC6997, August 2013, <http://www.rfc-editor.org/info/rfc6997>. [RFC7426] Haleplidis, E., Ed., Pentikousis, K., Ed., Denazis, S., Hadi Salim, J., Meyer, D., and O. Koufopavlou, "Software- Defined Networking (SDN): Layers and Architecture Terminology", RFC 7426, DOI 10.17487/RFC7426, January 2015, <http://www.rfc-editor.org/info/rfc7426>. 8.3. Other Informative References [ACE] IETF, "Authentication and Authorization for Constrained Environments", <https://dataTracker.ietf.org/doc/charter- ietf-ace/>. [CCAMP] IETF, "Common Control and Measurement Plane", <https://dataTracker.ietf.org/doc/charter-ietf-ccamp/>. [DETNET] IETF, "Deterministic Networking", <https://datatracker.ietf.org/doc/charter-ietf-detnet/>. [DICE] IETF, "DTLS In Constrained Environments", <https://dataTracker.ietf.org/doc/charter-ietf-dice/>. [HART] www.hartcomm.org, "Highway Addressable remote Transducer, a group of specifications for industrial process and control devices administered by the HART Foundation". [IEC62439] IEC, "Industrial communication networks - High availability automation networks - Part 3: Parallel Redundancy Protocol (PRP) and High-availability Seamless Redundancy (HSR) - IEC62439-3", 2012, <https://webstore.iec.ch/publication/7018>. Thubert Expires December 12, 2016 [Page 47] Internet-Draft 6tisch-architecture June 2016 [IEEE802.1TSNTG] IEEE Standards Association, "IEEE 802.1 Time-Sensitive Networks Task Group", March 2013, <http://www.ieee802.org/1/pages/avbridges.html>. [IEEE802154] IEEE standard for Information Technology, "IEEE std. 802.15.4, Part. 15.4: Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications for Low-Rate Wireless Personal Area Networks". [IEEE802154e] IEEE standard for Information Technology, "IEEE standard for Information Technology, IEEE std. 802.15.4, Part. 15.4: Wireless Medium Access Control (MAC) and Physical Layer (PHY) Specifications for Low-Rate Wireless Personal Area Networks, June 2011 as amended by IEEE std. 802.15.4e, Part. 15.4: Low-Rate Wireless Personal Area Networks (LR-WPANs) Amendment 1: MAC sublayer", April 2012. [ISA100] ISA/ANSI, "ISA100, Wireless Systems for Automation", <https://www.isa.org/isa100/>. [ISA100.11a] ISA/ANSI, "Wireless Systems for Industrial Automation: Process Control and Related Applications - ISA100.11a-2011 - IEC 62734", 2011, <http://www.isa.org/Community/ SP100WirelessSystemsforAutomation>. [PCE] IETF, "Path Computation Element", <https://dataTracker.ietf.org/doc/charter-ietf-pce/>. [TEAS] IETF, "Traffic Engineering Architecture and Signaling", <https://dataTracker.ietf.org/doc/charter-ietf-teas/>. [WirelessHART] www.hartcomm.org, "Industrial Communication Networks - Wireless Communication Network and Communication Profiles - WirelessHART - IEC 62591", 2010. Appendix A. Personal submissions relevant to upcoming work This document covers a portion of the total work that is needed to cover the full 6TiSCH architecture. Missing portions at this time include Deterministic Networking with Track Forwarding, Dynamic Scheduling, and Security. Thubert Expires December 12, 2016 [Page 48] Internet-Draft 6tisch-architecture June 2016 [I-D.richardson-6tisch-security-architecture] elaborates on the potential use of 802.1AR certificates, and some options for the join process are presented in more details. [I-D.struik-6tisch-security-architecture-elements] describes 6TiSCH security architectural elements with high level requirements and the security framework that are relevant for the design of the 6TiSCH security solution. Author's Address Pascal Thubert (editor) Cisco Systems, Inc Building D 45 Allee des Ormes - BP1200 MOUGINS - Sophia Antipolis 06254 FRANCE Phone: +33 497 23 26 34 Email: pthubert@cisco.com Thubert Expires December 12, 2016 [Page 49]