Professional Documents
Culture Documents
V900R009C01
Gy Interface Specification
Issue 01
Date 2011-10-31
All other trademarks and trade names mentioned in this document are the property of their respective
holders.
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and
the customer. All or part of the products, services and features described in this document may not be
within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements,
information, and recommendations in this document are provided "AS IS" without warranties, guarantees
or representations of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute the warranty of any kind, express or implied.
Website: http://www.huawei.com
Email: support@huawei.com
Purpose
This document describes the detailed specification of Gn reference point implemented in
UGW9811.
Intended Audience
This document is intended for:
Policy planning engineers
Installation and commissioning engineers
Technical support engineers
Symbol Conventions
The symbols that may be found in this document are defined as follows.
Symbol Description
Change History
Changes between document issues are cumulative. The latest document issue contains all the
changes made in earlier issues.
Issue 01 (2011-10-31)
Initial field trial release.
Contents
1 Protocol Definition
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Hop-by-Hop Identifier |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| End-to-End Identifier |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| AVPs ...
+-+-+-+-+-+-+-+-+-+-+-+-+-
AVP Code
The AVP Code, combined with the Vendor-Id field, identifies the attribute uniquely. AVP
numbers 1 through 255 are reserved for backward compatibility with RADIUS, without
setting the Vendor-Id field. AVP numbers 256 and above are used for Diameter, which are
allocated by IANA.
AVP Flags
The AVP Flags field informs the receiver how each attribute must be handled. The 'r'
(reserved) bits are unused and SHOULD be set to 0. Note that subsequent Diameter
applications MAY define additional bits within the AVP Header, and an unrecognized bit
SHOULD be considered an error. The 'P' bit indicates the need for encryption for end-to-end
security.
The 'M' Bit, known as the Mandatory bit, indicates whether support of the AVP is required. If
an AVP with the 'M' bit set is received by a Diameter client, server, proxy, or translation agent
and either the AVP or its value is unrecognized, the message MUST be rejected. Diameter
Relay and redirect agents MUST NOT reject messages with unrecognized AVPs.
AVPs with the 'M' bit cleared are informational only and a receiver that receives a message
with such an AVP that is not supported, or whose value is not supported, MAY simply ignore
the AVP.
The 'V' bit, known as the Vendor-Specific bit, indicates whether the optional Vendor-ID field
is present in the AVP header. When set the AVP Code belongs to the specific vendor code
address space.
Unless otherwise noted, AVPs will have the following default AVP
Flags field settings:
The 'M' bit MUST be set. The 'V' bit MUST NOT be set.
AVP Length
The AVP Length field is three octets, and indicates the number of octets in this AVP including
the AVP Code, AVP Length, AVP Flags, Vendor-ID field (if present) and the AVP data. If a
message is received with an invalid attribute length, the message SHOULD be rejected.
Time
The Time format is derived from the OctetString AVP Base Format. The string MUST contain
four octets, in the same format as the first four bytes are in the NTP timestamp format. This
represents the number of seconds since 0h on 1 January 1900 with respect to the Coordinated
Universal Time (UTC). On 6h 28m 16s UTC, 7 February 2036 the time value will overflow.
SNTP describes a procedure to extend the time to 2104.This procedure MUST be supported
by all DIAMETER nodes.
UTF8String
The UTF8String format is derived from the OctetString AVP Base Format. This is a human
readable string represented using the ISO/IEC IS 10646-1 character set, encoded as an
OctetString using the UTF-8 transformation format described in RFC 2279.
DiameterIdentity
The DiameterIdentity format is derived from the OctetString AVP Base Format.
DiameterIdentity = FQDN
DiameterIdentity value is used to uniquely identify a Diameter node for purposes of duplicate
connection and routing loop detection.
The contents of the string MUST be the FQDN of the Diameter node. If multiple Diameter
nodes run on the same host, each Diameter node MUST be assigned a unique
DiameterIdentity. If a Diameter node can be identified by several FQDNs, a single FQDN
should be picked at startup, and used as the only DiameterIdentity for that node, whatever the
connection it is sent on.
Enumerated
Enumerated is derived from the Integer32 AVP Base Format. The definition contains a list of
valid values and their interpretation and is described in the Diameter application introducing
the AVP.
2 Interface Description
In IEC mode, GW identify charging event first and then forwards the charging event to the
OCS;
Then OCS determines the value of the requested resource usage and debits this value from
the subscriber account immediately and response the resource usage to GW to authorise this
charging event request.
GW executes the resource usage according to the user request and the OCS authorisation.
After completion of the resource usage, if the service access failed, GW informs OCS
accordingly about the failure to refund the corresponding quota to the subscriber account
immediately
1. Service Request
3. Perfor m
Charging Control
5. Service Delivery
In ECUR mode, GW identify charging event first and then forwards the charging event to the
OCS; Then OCS determines the value of the requested resource usage and reserves this value
from the subscriber account;
The OCS response the resource usage to GW to authorise this charging event request.
GW executes the resource usage according to the user request and the OCS authorisation.
After completion (or failure) of the resource usage, the GW informs the OCS accordingly
about the completion or failure;
In line with the result report from the GW, the OCS either debits the reserved amount from
the subscriber account (success), or it refund the unused amount back to the subscriber
account (failure).
Huawei GW supports both kinds of ECUR mode and it could be configured locally. And
normally refered the old ECUR mode with CC-Update interaction as eECUR (enhanced-
ECUR) mode, and the new ECUR without CC-Update interaction as sECUR(standard-
ECUR).
In SCUR mode Session based online charging always involves reservation within the credit
control procedure (SCUR), as there is no way for the OCS to predict the amount of resource
usage that occurs during the user session.
To begin with, the GW forward generates a charging chargeable event that corresponds to the
resource usage request and maps onto the user session, and forwards it to the OCS. In the
OCS, the online charging session is started and a certain amount quota reserved from the user
subscriber account. This amount is determined by the OCS based on the information reported
with the charging event and on local configuration, i.e. operator policy.
Further charging events are sent from the GW to the OCS upon the detection of further
chargeable events within the session .e.g. the expiry of in intervals configured on the GW or
instructed by the OCS, or when the authorised quota expires, or when session characteristics
change (e.g. change of QoS of a PDP context). The OCS then furnishes a new quota to the
GW as required, or rejects the charging event, e.g. due to exhaust of credit on the subscriber
account.
As described above about the three modes of online charging, SCUR is the basic online
charging mode mostly used for volume / time based charging, which interactive with OCS in
a single DCC session.ECUR / IEC is an additional mode to handle event based charging,
which interactive with OCS in another DCC session different with SCUR session.
For event based charging, IEC mode is recommended because of saving lots of signaling
normally ( most service access could be success and saves signaling for refund quota).
3 Interface Definition
[User-Equipment-Info]
[Service-Information]
*[AVP]
[Credit-Control-Failure-Handling]
[Direct-Debiting-Failure-Handling]
[Service-Information]
[Validity-Time]
*[AVP]
For the specific definitions, refer to RFC 3588 “Diameter Base Protocol”.
3.1.4 Re-Auth-Answer(RAA)
The Re-Auth-Answer (RAA), indicated by the Command-Code set to 258 and the message
flags' 'R' bit clear, is sent in response to the RAR. The Result-Code AVP MUST be present,
and indicates the disposition of the request.
A successful RAA message MUST be followed by an application-specific authentication
and/or authorization message.
Message Format:
<Re-Auth-Answer> ::= < Diameter Header: 258, PXY >
< Session-Id >
{ Result-Code }
{ Origin-Host }
{ Origin-Realm }
[ User-Name ]
[ Origin-State-Id ]
*[ AVP ]
For the specific definitions, refer to RFC 3588 “Diameter Base Protocol”.
3.1.5 Abort-Session-Request(ASR)
The Abort-Session-Request (ASR), indicated by the Command-Code set to 274 and the
message flags' 'R' bit set, may be sent by any server to the access device that is providing
session service, to request that the session identified by the Session-Id be stopped.
Message Format:
<Abort-Session-Request> ::= < Diameter Header: 274, REQ, PXY >
< Session-Id >
{ Origin-Host }
{ Origin-Realm }
{ Destination-Realm }
{ Destination-Host }
{ Auth-Application-Id }
[ User-Name ]
[ Origin-State-Id ]
*[ AVP ]
For the specific definitions, refer to RFC 3588 “Diameter Base Protocol”.
3.1.6 Abort-Session-Answer(ASA)
The Abort-Session-Answer (ASA), indicated by the Command-Code set to 274 and the
message flags' 'R' bit clear, is sent in response to the ASR. The Result-Code AVP MUST be
present, and indicates the disposition of the request.
If the session identified by Session-Id in the ASR was successfully terminated, Result-Code is
set to DIAMETER_SUCCESS. If the session is not currently active, Result-Code is set to
DIAMETER_UNKNOWN_SESSION_ID. If the access device does not stop the session for
any other reason, Result-Code is set to DIAMETER_UNABLE_TO_COMPLY.
Message Format:
< Abort-Session-Answer> ::= < Diameter Header: 274, PXY >
< Session-Id >
{ Result-Code }
{ Origin-Host }
{ Origin-Realm }
[ User-Name ]
[ Origin-State-Id ]
*[ AVP ]
For the specific definitions, refer to RFC 3588 “Diameter Base Protocol”.
3.1.7 Device-Watchdog-Request(DWR)
The Device-Watchdog-Request (DWR), indicated by the Command-Code set to 280 and the
Command Flags' 'R' bit set, is sent to a peer when no traffic has been exchanged between two
peers (see Section 5.5.3). Upon detection of a transport failure, this message MUST NOT be
sent to an alternate peer.
Message Format:
<Device-Watchdog-Request> ::= < Diameter Header: 280, REQ >
{ Origin-Host }
{ Origin-Realm }
[ Origin-State-Id ]
For the specific definitions, refer to RFC 3588 “Diameter Base Protocol”.
3.1.8 Device-Watchdog-Answer(DWA)
The Device-Watchdog-Answer (DWA), indicated by the Command-Code set to 280 and the
Command Flags' 'R' bit cleared, is sent as a response to the Device-Watchdog-Request
message.
Message Format:
<DWA> ::= < Diameter Header: 280 >
{ Result-Code }
{ Origin-Host }
{ Origin-Realm }
[ Original-State-Id ]
For the specific definitions, refer to RFC 3588 “Diameter Base Protocol”.
3.1.9 Disconnect-Peer-Request(DPR)
The Disconnect-Peer-Request (DPR), indicated by the Command-Code set to 282 and the
Command Flags' 'R' bit set, is sent to a peer to inform its intentions to shutdown the transport
connection. Upon detection of a transport failure, this message MUST NOT be sent to an
alternate peer.
Message Format:
<DPR> ::= < Diameter Header: 282, REQ >
{ Origin-Host }
{ Origin-Realm }
{ Disconnect-Cause }
For the specific definitions, refer to RFC 3588 “Diameter Base Protocol”.
3.1.10 Disconnect-Peer-Answer(DPA)
The Disconnect-Peer-Answer (DPA), indicated by the Command-Code set to 282 and the
Command Flags' 'R' bit cleared, is sent as a response to the Disconnect-Peer-Request
message. Upon receipt of this message, the transport connection is shutdown.
Message Format:
<DPA> ::= < Diameter Header: 282 >
{ Result-Code }
{ Origin-Host }
{ Origin-Realm }
For the specific definitions, refer to RFC 3588 “Diameter Base Protocol”.
For the specific definitions, refer to RFC 3588 “Diameter Base Protocol”.
For the specific definitions, refer to RFC 3588 “Diameter Base Protocol”.
3.2.2 Allocation-Retention-Priority
AVP name Allocation-Retention-Priority
3.2.3 APN-Aggregated-Max-Bitrate-UL
AVP name APN-Aggregated-Max-Bitrate-UL
AVP code 1041
AVP type Unsigned32
Note: The APN-Aggregated-Max-Bitrate-UL AVP (AVP code 1041) is of type
Unsigned32, and it indicates the maximum aggregate bit rate in bits per seconds for
the uplink direction across all non-GBR bearers related with the same APN.
3.2.4 Auth-Application-Id
AVP name Auth-Application-Id
3.2.5 Base-Time-Interval
AVP name Base-Time-Interval
3.2.6 Bearer-Identifier
AVP name Bearer-Identifier
3.2.7 CC-Request-Type
AVP name CC-Request-Type
3.2.8 CC-Request-Number
AVP name CC-Request-Number
3.2.9 CC-Time
AVP name CC-Time
Note: This AVP defines the requested, allocated or used time in the unit of second.
3.2.10 CC-Total-Octets
AVP name CC-Total-Octets
3.2.11 CC-Input-Octets
AVP name CC-Input-Octets
3.2.12 CC-Output-Octets
AVP name CC-Output-Octets
3.2.13 CC-Service-Specific-Units
AVP name CC-Service-Specific-Units
Note: Requested, allocated or used units (events identified and counted by the GW).
3.2.14 CC-Unit-Type
AVP name CC-Unit-Type
3.2.15 Credit-Control-Failure-Handling
AVP name Credit-Control-Failure-Handling
Note: when the CC message sent from the client to the server fails temporarily because of
network failure, CC client uses the information in this AVP to decide how to do. When CC
server cannot charge in the service because of different service logic, it can command the
client to end the service immediately or switch to the standby server.
The following values are defined by this AVP:
TERMINATE 0
When the Credit-Control-Failure-Handling AVP is set to TERMINATE, the service MUST
only be granted for as long as there is a connection to the credit-control server. If the credit-
control client does not receive any Credit-Control-Answer message within the Tx timer, the
credit-control request is regarded as failed, and the end user's service session is terminated.
This is the default behavior if the AVP isn't included in the reply from the authorization or
credit-control server.
CONTINUE 1
When the Credit-Control-Failure-Handling AVP is set to CONTINUE, the credit-control
client SHOULD re-send the request to an alternative server in the case of transport or
temporary failures, provided that a failover procedure is supported in the credit-control
server and the credit-control client, and that an alternative server is available. Otherwise, the
service SHOULD be granted, even if credit-control messages can't be delivered.
RETRY_AND_TERMINATE 2
When the Credit-Control-Failure-Handling AVP is set to RETRY_AND_TERMINATE, the
credit-control client SHOULD re-send the request to an alternative server in the case of
transport or temporary failures, provided that a failover procedure is supported in the credit-
control server and the credit-control client, and that an alternative server is available.
Otherwise, the service SHOULD not be granted when the credit-control messages can't be
delivered.
3.2.16 CG-Address
AVP name CG-Address
3.2.17 CC-Session-Failover
AVP name CC-Session-Failover
Note: It indicates whether the AVP can transfer the CC message stream to the standby server
in a CC session process. If the CC server supports failover system, the CC message stream
can be transferred to the standby CC server in case of communication failure. If the name of
the secondary CC server can be got from home Diameter AAA server, this name can be the
address of the standby server. Failover is not necessary in application because it requires that
CC session message must be kept on the standby server.
The following values are defined in CC-Session-Failover AVP:
FAILOVER_NOT_SUPPORTED 0
When the CC-Session-Failover is configured as FAILOVER_NOT_SUPPORTED, CC
message stream cannot be transferred to the standby destination in case of communication
failure. When the authorized answer of the CC server does no include CC-Session-Failover
AVP, by default the CC server does not support failover.
FAILOVER_SUPPORTED 1
When the CC-Session-Failover is configured as FAILOVER_SUPPORTED, CC message
stream is transferred to the standby destination in case of communication failure. Meanwhile
message related to CC session needs to be transferred from the failure server to the standby
server.
3.2.18 Called-Station-Id
AVP name Called-Station-Id
AVP code 30
AVP type UTF8String
Note: Includes the APN name that the user is connected to. In the GGSN, it can identify both
the external network and the service type.
3.2.19 Charging-Rule-Base-Name
AVP name Charging-Rule-Base-Name
3.2.20 Destination-Host
AVP name Destination-Host
3.2.21 Direct-Debiting-Failure-Handling
AVP name Direct-Debiting-Failure-Handling
TERMINATE_OR_BUFFER 0
When the Direct-Debiting-Failure-Handling AVP is set to TERMINATE_OR_BUFFER,
the service MUST be granted for as long as there is a connection to the credit-control server.
If the credit-control client does not receive any Credit-Control-Answer message within the
Tx timer, the credit-control request is regarded as failed. The client SHOULD terminate the
service if it can determine from the failed answer that units have not been debited.
This is the default behavior if the AVP isn't included in the reply from the authorization
server.
CONTINUE 1
When the Direct-Debiting-Failure-Handling AVP is set to CONTINUE, the service
SHOULD be granted, even if credit-control messages can't be delivered, and the request
should be deleted.
3.2.22 Destination-Realm
AVP name Destination-Realm
Note: Home field of the device on the destination end. This attribute cannot appear in the
response message.
Example: huawei.com.
3.2.23 Event-Timestamp
AVP name Event-Timestamp
AVP code 55
AVP type Time
Note: Time stamp. Count in second from 1900 00:00 UTC January 1st.
3.2.24 Event-Charging-TimeStamp
AVP name Event-Charging-TimeStamp
3.2.25 Envelope
AVP name Envelope
Note: This AVP reports the start and end time of one time envelope using the Envelope-Start-
Time and Envelope-End-Time AVPs.
Envelope ::= < AVP Header: 1266>
{ Envelope-Start-Time }
[ Envelope-End-Time ]
[ CC-Total-Octets ]
[ CC-Input-Octets ]
[ CC-Output-Octets ]
[ CC-Service-Specific-Units ]
*[ AVP ]
3.2.26 Envelope-Start-Time
AVP name Envelope-Start-Time
3.2.27 Envelope-End-Time
AVP name Envelope-End-Time
3.2.28 Envelope-Reporting
AVP name Envelope-Reporting
Note: This AVP is used in the CCA (INITIAL) to indicate whether the client shall report the
start and end of each time envelope, in those cases in which quota is consumed in envelopes.
It can take the values:
DO_NOT_REPORT_ENVELOPES (0)
REPORT_ENVELOPES (1)
REPORT_ENVELOPES_WITH_VOLUME (2)
REPORT_ENVELOPES_WITH_EVENTS (3)
REPORT_ENVELOPES_WITH_VOLUME_AND_EVENTS (4)
If this AVP is not included in the CCA (INITIAL) then the client shall not report the
individual envelopes.
3.2.29 Exponent
AVP name Exponent
3.2.30 Filter-Id
AVP name Filter-Id
AVP code 11
AVP type UTF8String
Note: The Filter-Id AVP (AVP Code 11) is of type UTF8String and contains the name of the
filter list for this user.
3.2.31 Final-Unit-Indication
AVP name Final-Unit-Indication
Note: It indicated in the CCA message or AA answers the number of the final units included
in Granted-Service-Unit. When these units are used up, the DCC client executes the actions
designated in Final-Unit-Action.
If multiple service types are received in CCA, the service unit type that is first used up
causes the DCC client to execute the designated actions.
At the first interworking, if Final-Unit-Action is REDIRECT or RESTRICT_ACCESS, CCA
or AA answer may not include Granted-Service-Unit, and this indicates that DCC client
executes the designated actions immediately. If the home service provider's policy provision
is to end the service, the server should return proper temporary failure to activate the action
designated by the policy.
Final-Unit-Action defines the action executed by service processing node when the user
account balance is not enough to pay for the service charge. If Final-Unit-Indication exists,
Final-Unit-Action must also exist.
If Final-Unit-Action is configured as TERMINATE, other AVPs in the Final-Unit-Indication
AVP group must not appear.
If Final-Unit-Action is configured as REDIRECT, Redirect-Server must appear. If users are
allowed to access to other services that cannot be got through Redirect-Server designating
address, Restriction-Filter-Rule or Filter-Id can be portable in the CCA message.
If Final-Unit-Action is configured as RESTRICT_ACCESS, the default behavior configured
in GGSN will take effect.
Filter-Id AVP can be used to refer to the IP filter list established on access device by other
non-DCC application, for example, home configuration and other entity configuration.
Final-Unit-Indication AVP is an AVP group. The ABNF grammars are as follows:
Final-Unit-Indication ::= < AVP Header: 430 >
{ Final-Unit-Action }
*[ Restriction-Filter-Rule ]
*[ Filter-Id ][ Redirect-Server ]
3.2.32 Final-Unit-Action
AVP name Final-Unit-Action
Note: It indicates the action when the user account balance is not enough to pay for the
service charge.
Final-Unit-Action defines following values:
TERMINATE 0
DCC client must end service session. This is the default processing when DCC user terminal
receives a Final-Unit-Action that is not supported.
REDIRECT 1
The service processing unit must redirect the user to the address that is designated in
Redirect-Server-Address.
RESTRICT_ACCESS 2
The default behavior configured in GGSN will take effect.
3.2.33 G-S-U-Pool-Reference
AVP name G-S-U-Pool-Reference
3.2.34 G-S-U-Pool-Identifier
AVP name G-S-U-Pool-Identifier
3.2.35 GGSN-Address
AVP name GGSN-Address
3.2.36 Granted-Service-Unit
AVP name Granted-Service-Unit
3.2.39 Max-Requested-Bandwidth-UL
AVP name Max-Requested-Bandwidth-UL
3.2.40 Max-Requested-Bandwidth-DL
AVP name Max-Requested-Bandwidth-DL
AVP code 515
AVP type Unsigned32
3.2.41 Multiple-Services-Indicator
AVP name Multiple-Services-Indicator
3.2.42 Multiple-Services-Credit-Control
AVP name Multiple-Services-Credit-Control
3.2.43 Origin-Host
AVP name Origin-Host
3.2.44 Origin-Realm
AVP name Origin-Realm
3.2.45 Origin-State-Id
AVP name Origin-State-Id
3.2.46 PDN-Connection-Id
AVP name PDN-Connection-Id
Note: The PDN-Connection-Id contains the charging identifier to identify different records
belonging to same PDN connection. This field includes Charging Id of first IP-CAN bearer
activated within the PDN connection. Together with P-GW address this uniquely identifies
the PDN connection.
3.2.47 PDP-Address
AVP name PDP-Address
3.2.48 PDP-Context-Type
AVP name PDP-Context-Type
3.2.49 Pre-emption-Capability
AVP name Pre-emption-Capability
Note: The Pre-emption-Capability AVP (AVP code 1047) is of type Enumerated. The
AVP defines whether a service data flow can get resources that were already
assigned to another service data flow with a lower priority level.
The following values are defined:
PRE-EMPTION_CAPABILITY_ENABLED (0)
This value indicates that the service data flow is allowed to get resources that were
already assigned to another service data flow with a lower prioriy level.
PRE-EMPTION_CAPABILITY_DISABLED (1)
This value indicates that the service data flow is not allowed to get resources that
were already assigned to another service data flow with a lower prioriy level. This is
the default value applicable if this AVP is not supplied.
3.2.50 Pre-emption-Vulnerability
AVP name Pre-emption-Vulnerability
3.2.51 Priority-Level
AVP name Priority-Level
AVP code 1046
AVP type Unsigned32
Note: The Priority-Level AVP (AVP code 1046) is of type Unsigned 32. The AVP is
used for deciding whether a bearer establishment or modification request can be
accepted or needs to be rejected in case of resource limitations (typically used for
admission control of GBR traffic). The AVP can also be used to decide which
existing bearers to pre-empt during resource limitations. The priority level defines
the relative importance of a resource request.
Values 1 to 15 are defined, with value 1 as the highest level of priority.
Values 1 to 8 should only be assigned for services that are authorized to receive
prioritized treatment within an operator domain. Values 9 to 15 may be assigned to
resources that are authorized by the home network and thus applicable when a UE
is roaming.
3.2.52 PS-Information
AVP name PS-Information
3.2.53 PS-Furnish-Charging-Information
AVP name PS-Furnish-Charging-Information
Note: This AVP purpose is to add online charging session specific information, received via
the Ro reference point, onto the Rf reference point in order to facilitate its inclusion in
CDRs. This information element may be received in a CCA message via the Ro reference
point. In situations where online and offline charging are active in parallel, the information
element is transparently copied into an ACR to be sent on the Rf reference point.
It has the following ABNF grammar:
PS-Furnish-Charging-Information :: = < AVP Header: 865>
{ 3GPP-Charging-Id }
{ PS-Free-Format-Data }
[ PS-Append-Free-Format-Data ]
Note: In Huawei UGW9811 the total length of PS-Free-Format-Data must be less than 63
bytes.
3.2.54 QoS-Class-Identifier
AVP name QoS-Class-Identifier
QCI_1 (1)
QCI_2 (2)
QCI_3 (3)
QCI_4 (4)
QCI_5 (5)
QCI_6 (6)
QCI_7 (7)
QCI_8 (8)
QCI_9 (9)
10-127: Reserved
255: Reserved
3.2.55 QoS-Information
AVP name QoS-Information
message or AVP, the previous information remains valid. If the QoS-Information AVP has
not been supplied from the PCRF to the PCEF previously and is omitted in a Diameter
message or AVP, no enforcement of the authorized QoS shall be performed.
AVP Format:
QoS-Information ::= < AVP Header: 1016 >
[ QoS-Class-Identifier ]
[ Max-Requested-Bandwidth-UL ]
[ Max-Requested-Bandwidth-DL ]
[ Guaranteed-Bitrate-UL ]
[ Guaranteed-Bitrate-DL ]
[ Bearer-Identifier ]
[ Allocation-Retention-Priority]
[ APN-Aggregate-Max-Bitrate-UL]
[ APN-Aggregate-Max-Bitrate-DL]
* [AVP]
3.2.56 Quota-Holding-Time
AVP name Quota-Holding-Time
3.2.57 Quota-Consumption-Time
AVP name Quota-Consumption-Time
Note: Quota consumption time. The unit is second. For some data application base on time
charging, its traffic may not be continuous. When the traffic interruption is caused by the
factors that are not related to users, for example, the server is busy and cannot reply
temporarily, users may complain the charging for this no traffic time. To provide better
customer experience, the carrier can use charging method based on time period for
discontinuous traffic. When the data packet in the user access line stops transfer for some
time, client does not calculate this time period into service time. It is indicated by Quota
consumption time.
As an optional function, the Diameter server can command the client to stop calculating user
quota consumption when data packet stops transfer for some time or after the session ends.
This is realized through Quota-Consumption-Time AVP carried in CCA message. The idle
time after the data packet stops transfer and before Quota-Consumption-Time arrives must
be calculated into user quota consumption. The calculation of user quota consumption
resumes once data packet resumes to transfer.
If data on the user access line is still allowed to transfer during CCR/CCA message exchange
process, and Quota-Consumption-Time carried by the new quota got from the exchange is
the same with that of the original quota, the CCR/CCA exchange time is also possibly
calculated in the waiting time of quota consumption time. For example, if the data packet
transfer on the user access line has stopped for five seconds (suppose QCT is ten seconds),
and CCA is got two seconds late, then QCT timer will expire three seconds later (if no data
packet is transferred after receiving CCA). And the later five second of the QCT will be
calculated in to user's new quota consumption, even if no actual data packet is transferred
during this period that is after new quota is received.
If Quota-Consumption-Time carried by the new quota is different from that of the original
quota, or data on the user line is not allowed to transfer during CCR/CCA information
exchange process, the QCT timer will be stopped. The new quota consumption is calculated
when next data stream that meets the charging rules starts.
If the value of Quota-Consumption-Time AVP is 0, or Quota-Consumption-Time AVP is not
carried in CCA, the quota consumption starts continuous calculation from the moment quota
is got.
3.2.58 Rating-Group
AVP name Rating-Group
3.2.59 Refund-Information
AVP name Refund-Information
3.2.60 Requested-Action
AVP name Requested-Action
AVP code 436
AVP type Enumerated
Note: The Requested-Action AVP (AVP Code 436) is of type Enumerated and
contains the requested action being sent by Credit-Control-Request
command where the CC-Request-Type is set to EVENT_REQUEST. The
following values are defined for the Requested-Action AVP:
DIRECT_DEBITING 0
This indicates a request to decrease the end user’s account
according to information specified in the Requested-Service-Unit
AVP and/or Service-Identifier AVP (additional rating information
may be included in service-specific AVPs or in the Service-
Parameter-Info AVP). The Granted-Service-Unit AVP in the Credit-
Control-Answer command contains the debited units.
REFUND_ACCOUNT 1
This indicates a request to increase the end user’s account
according to information specified in the Requested-Service-Unit
AVP and/or Service-Identifier AVP (additional rating information
may be included in service-specific AVPs or in the Service-
Parameter-Info AVP). The Granted-Service-Unit AVP in the Credit-
Control-Answer command contains the refunded units.
3.2.61 Result-Code
AVP name Result-Code
3.2.62 Reporting-Reason
AVP name Reporting-Reason
3.2.63 Requested-Service-Unit
AVP name Requested-Service-Unit
3.2.64 Redirect-Server
AVP name Redirect-Server
3.2.65 Redirect-Address-Type
AVP name Redirect-Address-Type
3.2.66 Redirect-server-Address
AVP name Redirect-Server-Address
3.2.67 Restriction-Filter-Rule
AVP name Restriction-Filter-Rule
3.2.68 Service-Context-Id
AVP name Service-Context-Id
3.2.69 Service-Identifier
AVP name Service-Identifier
3.2.70 Service-Information
AVP name Service-Information
3.2.71 Serving-Node-Type
AVP name Serving-Node-Type
Note: The Serving-Node-Type AVP (AVP Code 2047) is of type Enumerated and identifies
the type of Serving Node. It may take the following values:
0 SGSN
1 PMIPSGW
2 GTPSGW
3 ePDG
4 hSGW
5 MME
3.2.72 Session-Id
AVP name Session-Id
3.2.73 SGSN-Address
AVP name SGSN-Address
Note: SGSN IP address. This AVP can be used to identify the PLMN of the SGSN to which
the user logs on.
3.2.74 Start-Time
AVP name Start-Time
3.2.75 Stop-Time
AVP name Stop-Time
3.2.76 Tariff-Change-Usage
AVP name Tariff-Change-Usage
Note: It defines whether the used unit is before or after the rate switchover, or spans different
rates when rate switchover happens in a report schedule. If this AVP is neglected, it shows
that no rate switchover happens.
When the response message is Multiple-Service-Credit-Control AVP, this AVP defines
whether the allocated unit is used before or after the rate switchover.
In the response message, if this AVP is neglected, it shows that unique quota mechanism is
used.
The following values are defined in the Tariff-Change-Usage AVP:
UNIT_BEFORE_TARIFF_CHANGE 0
When present in the Multiple-Services-Credit-Control AVP, this value indicates the amount
of the units allocated for use before a tariff change occurs. When present in the Used-
Service-Unit AVP, this value indicates the amount of resource units used before a tariff
change had occurred.
UNIT_AFTER_TARIFF_CHANGE 1
When present in the Multiple-Services-Credit-Control AVP, this value indicates the amount
of the units allocated for use after a tariff change occurs. When present in the Used-Service-
Unit AVP, this value indicates the amount of resource units used after tariff change had
occurred.
UNIT_INDETERMINATE 2
The used unit contains the amount of units that straddle the tariff change (e.g., the metering
process reports to the credit-control client in blocks of n octets, and one block straddled the
tariff change). This value is to be used only in the Used-Service-Unit AVP.
3.2.77 Tariff-Time-Change
AVP name Tariff-Time-Change
3.2.78 Termination-Cause
AVP name Termination-Cause
Note: It used to indicate the reason for the session termination of the Diameter client.
The following values are defined:
DIAMETER_LOGOUT 1
The user initiated disconnect.
DIAMETER_SERVICE_NOT_PROVIDED 2
This value is used when the user disconnected prior to the receipt of the authorization answer
message.
DIAMETER_BAD_ANSWER 3
This value indicates that the authorization answer received by the access device was not
processed successfully.
DIAMETER_ADMINISTRATIVE 4
The user was not granted access, or was disconnected, due to administrative reasons, such as
the receipt of a Abort-Session-Request message.
DIAMETER_LINK_BROKEN 5
The communication to the user was abruptly disconnected.
DIAMETER_AUTH_EXPIRED 6
The user’s access was terminated since its authorized session time has expired.
DIAMETER_USER_MOVED 7
The user is receiving services from another access device.
DIAMETER_SESSION_TIMEOUT 8
The user’s session has timed out, and service has been terminated.
3.2.79 Time-Quota-Threshold
AVP name Time-Quota-Threshold
3.2.80 Time-Quota-Mechanism
AVP name Time-Quota-Mechanism
The OCS may include this AVP in a Multiple-Services-Credit-Control AVP, when granting
time quota.
3.2.81 Time-Quota-Type
AVP name Time-Quota-Type
3.2.82 Trigger
AVP name Trigger
3.2.83 Trigger-Type
AVP name Trigger-Type
3.2.84 Unit-Quota-Threshold
AVP name Unit-Quota-Threshold
3.2.85 Unit-Value
AVP name Unit-Value
3.2.86 Used-Service-Unit
AVP name Used-Service-Unit
3.2.87 User-Equipment-Info
AVP name User-Equipment-Info
3.2.88 User-Equipment-Info-Type
AVP name User-Equipment-Info-Type
3.2.89 User-Equipment-Info-Value
AVP name User-Equipment-Info-Value
3.2.90 User-Name
AVP name User-Name
AVP code 1
AVP type UTF8String
Note: The User-Name AVP (AVP Code 1) [RADIUS] is of type UTF8String, which
contains the User-Name, in a format consistent with the NAI
specification [NAI].
3.2.91 Validity-Time
AVP name Validity-Time
3.2.92 Value-Digits
AVP name Value-Digits
3.2.93 Volume-Quota-Threshold
AVP name Volume-Quota-Threshold
3.2.94 3GPP-Charging-Id
AVP name 3GPP-Charging-Id
AVP code 2
AVP type Unsigned32
Note: Charging ID. The combination of 3GPP-Charging-Id and GGSN-Address can be used
to identify the charging records of all the related SGSN and GGSN of a PDP context.
Charging ID is generated by the GGSN during PDP context activation, and is sent to the
SGSN which sends the Context request. Because the GGSN allocates Charging ID
independently, different GGSNs may allocate the same Charging ID, which needs to be
identified by the server according to the GGSN address and the start time stamp of the
charging record.
3.2.95 3GPP-PDP-Type
AVP name 3GPP-PDP-Type
AVP code 3
AVP type Enumerated
Note: PDP context type, such as Ipv4, Ipv6 or PPP.
Enumeration type:
Ipv4 0
Ipv6 1
PPP 2
3.2.96 3GPP-GPRS-Negotiated-Qos-Profile
AVP name 3GPP-GPRS-Negotiated-Qos-Profile
AVP code 5
AVP type UTF8String
Note: Negotiated QoS. It should be consistent with the requested QoS version. This avp is
replaced by QoS-Information since 3Gpp 32.299 870.
3.2.97 3GPP-IMSI-MCC-MNC
AVP name 3GPP-IMSI-MCC-MNC
AVP code 8
AVP type UTF8String
Note: The Mobile Country Code (MCC) and Mobile Network Code (MNC) messages
extracted from the IMSI.
3.2.98 3GPP-GGSN-MCC-MNC
AVP name EGPP-GGSN-MCC-MNC
AVP code 9
AVP type UTF8String
Note: The MCC and MNC of the GGSN.
3.2.99 3GPP-NSAPI
AVP name 3GPP-NSAPI
AVP code 10
AVP type OctetString
Note: The identification of the service access point to the network layer. In the MS, the
NASPI is used to identify PDP-SAP. Between the SGSN and the GGSN, the NASPI is used
to identify the PDP context that is associated with a PDP address.
3.2.100 3GPP-Session-Stop-Indicator
AVP name 3GPP-Session-Stop-Indicator
AVP code 11
AVP type BitString
Note: Session abort identification. It identifies a session is over when the session is released
and is used in CCR (final).
3.2.101 3GPP-Selection-Mode
AVP name 3GPP-Selection-Mode
AVP code 12
AVP type UTF8String
Note: Selection mode.
It is received from the Create PDP Context Request Message.
The values allowed by the GGSN:
0
MS or network provided APN, subscribed verified
1
MS provided APN, subscription not verified
2
Network provided APN, subscription not verified
3.2.102 3GPP-Charging-Characteristics
AVP name 3GPP-Charging-Charateristics
AVP code 13
AVP type Unsigned32
Note: Charging characteristics. It is received from the Create PDP Context Request Message.
3.2.103 3GPP-SGSN-MCC-MNC
AVP name 3GPP-SGSN-MCC-MNC
AVP code 18
AVP type UTF8String
Note: The PLMN identification of the SGSN.
3.2.104 3GPP-MS-TimeZone
AVP name 3GPP-MS-TimeZone
AVP code 23
AVP type OctetString
Note: Time zone of the terminal.
3.2.105 3GPP-User-Location-Info
AVP name 3GPP-User-Location-Info
AVP code 22
AVP type OctetString
Note: User location identification.
3.2.106 3GPP-RAT-Type
AVP name 3GPP-RAT-Type
AVP code 21
AVP type OctetString
Note: Radio access techniques. Radio side parameters.
Redirect-Server 434 M P - V Y
Redirect-Server-Address 435 M P - V Y
Requested-Action 436 M P - V Y
Requested-Service-Unit 437 M P - V Y
Restriction-Filter-Rule 438 M P - V Y
Result-Code 268 M P - V N
Route-Record 282 M - - P,V N
Service-Context-Id 461 M P - V Y
Service-Identifier 439 M P - V Y
Session-Id 263 M P - V Y
Subscription-Id 443 M P - V Y
Subscription-Id-Data 444 M P - V Y
Subscription-Id-Type 450 M P - V Y
Tariff-Change-Usage 452 M P - V Y
Tariff-Time-Change 451 M P - V Y
Unit-Value 445 M P - V Y
Used-Service-Unit 446 M P - V Y
User-Equipment-Info 458 - P,M - V Y
User-Equipment-Info-Type 459 - P,M - V Y
User-Equipment-Info-Value 460 - P,M - V Y
User-Name 1 M P - V Y
Value-Digits 447 M P - V Y
Validity-Time 448 M P - V Y
Vendor-Id 266 - - - - -
Vendor-Specific-Application-Id 260 - - - - -
When AVPs are applied in different site, the flag rules may be defined differently according to
Operator’s requirement.
Trigger Cod
1264 V,M P N
e
Trigger-Type 870 V,M P N
Unit-Quota-Threshold 1226 V,M P - N
3GPP-Charging-Characteristics 13 V,M P Y
3GPP-Charging-Id 2 V,M P Y
3GPP-GPRS-Negotiated-QoS-Profile 5 V,M P Y
3GPP-IMSI-MCC-MNC 8 V,M P Y
3GPP-MS-TimeZone 23 V,M P Y
3GPP-NSAPI 10 V,M P Y
3GPP-PDP-Type 3 V,M P Y
3GPP-RAT-Type 21 V,M P Y
3GPP-Selection-Mode 12 V,M P Y
3GPP-Session-Stop-Indicator 11 V,M P Y
3GPP-SGSN-MCC-MNC 18 V,M P Y
3GPP-User-Location-Info 22 V,M P Y
When AVPs are applied in different site, the flag rules may be defined differently according to
Operator’s requirement.
configured
Failover: to take failure handling according to CCFH configuration.
Block: to block all subscriber services (including subsequently requested services and
services for which quota has been allocated)
Redirect: to redirect all subscriber services (including subsequently requested services
and services for which quota has been allocated)
All other result codes which are not specially configured and not 2001/ 2002 will behave as
Command level default behavior.
All other result codes which are not specially configured and not 2001/ 2002 will behave as
MSCC level default behavior.
The default behaviour can be configured separately for Command level and MSCC level
result codes locally on GGSN.
Command level result code
Terminate with CCR-T: to tear down the PDP context and send CCR-T. It is default
value.
Terminate without CCR-T: to tear down the PDP context and not to send CCR-T.
Offline: to allow the PDP as offline service and generate the offline GCDR if
configured
Failover: to take failure handling according to CCFH configuration.
For MSCC level result code not specifically configured, MSCC level default behaviors below
could be configured:
Block: to block the service but keep the PDP context. It is default value.
Redirect: to redirect browsing services to configured web server.
Offline: to allow the service as offline service and generate the offline GCDR if
configured
Terminate: to Tear down the PDP context
1. The user sends a service request to the GGSN. After the GGSN receives the request, it sends a
CCR request to the OCS. The CCR message includes the Credit-Control AVP which is used to
describe the credit control capability and the other AVPs which are used to describe the
authorization and authentication situation.
2. The OCS carries out rating for this request and reserves the capital in the user account. Then it
sends a reply message CCA to the CCR request. The reply message includes the Granted-
Service-Unit AVP(s) and maybe also includes the other AVPs of credit control description. In
addition, the OCS may set the Validity-Time, and the AVP used to deal with message delivery
failure is possible to be included, such as Credit-Control-Failure-Handling AVP and Direct-
Debiting-Failure-Handling AVP.
3. After the GGSN receives the CCA, it authorizes the terminal users to use the corresponding
service. At the same time, the immediate credit control request is generated.
4. When the reserved capital of the user is to be used up or expire, the GGSN sends new
reservation request to the OCS again. The OCS once again reserves capital from the user
account, returns the corresponding limits to the GGSN. Then the GGSN updates the
reservation capital of the user.
5. When the user account is used up or the enabled service is to end, the GGSN sends a message
of terminating credit control service to the OCS. Set the corresponding CC-Request-Type AVP
as TERMINATION_REQUEST. The message should contain the Event-Timestamp AVP for
identifying the service end time and the Used-Service-Unit AVP used by the actual service.
The OCS needs to return the rest reserved capital to the user account and deduct the cost.
11. The OCS carries out rating, counting the traffic quota.
12. The OCS replies the CCA Update information to allocate the quota, and informs the GGSN of
the idle time timer and the minimum quota threshold.
13. The user used traffic reaches the minimum quota threshold.
14. The GGSN sends the CCR Update, reporting the used quota. The report reason is that the
used traffic reaches the minimum quota threshold.
15. The OCS carries out rating, accounting the used traffic quota. The OCS tests the oncoming
tariff switch time. Here, TS-current time is less than VT. The OCS can provide the available
quota before and after the tariff switch time.
16. The OCS replies the CCA Update information to re-allocate the quota an return the tariff
switch time of the parameter.
17. The user used traffic reaches the minimum quota threshold.
18. The GGSN reports the used traffic before and after the tariff switch time.
19. The OCS carries out rating, accounting the used traffic quota before and after the tariff switch
time.
20. The OCS replies the CCA Update information to re-allocate the quota.
1. The OCS sends the Re-Auth-Request (RAR) message to launch a re-authentication flow.
21. When the GGSN receives the RAR information with some RG, it accepts the request from the
OCS, sends a RAA with result code 2002 to the OCS to inform that the re-authentication has
started, and then send CCR message to re-auth quota of the RG indicated in RAR message.
22. After the GGSN receives the CCA containing Granted-Service-Unit, the credit control session
and the service continue with new quota granted from OCS.
The OCS can launch the abort session service by sending an Abort-Session-Request (ASR).
For example, for the pre-paid charging service, the initially authorized OCS may confirm that
the user cannot use this service any more. If the service supports abort session, the access
device receives the ASR information in which the Session-ID is the same as the current
activity session. Otherwise, the access device should send abort session to the user.
1. The OCS sends the Abort-Session-Request (ASR) message to launch a abort session flow.
23. When the GGSN receives the ASR information, it accepts the request from the OCS, sends an
ASA to the OCS to inform that the user can abort the service, sends an instruction to the use
to abort the service, and then sends CCR(Terminate) to the OCS to report the rest traffic.
24. The GGSN receives CCA(Terminate), and the session is over.
When the CCFH is set as the CONTINUE or the RETRY_AND_TERMINATE value, when
fault occurs, it will start the OCS switchover flow, If the active OCS server is abnormal, the
GGSN sends the path test message. If the path test fails, the OCS switchover will be enabled
to re-send the CCR message to the standby OCS server, as shown in the following figure.
In the following statement, "<>" means that it is compulsory and should be in the beginning
of the message, "{}" means that it is compulsory, "[]" means that it is optional, and "*[]"
means that the option can be repeated.
M Compulsory
C Condition optional
OM Compulsory option defined by the operator
OC Condition optional option defined by the operator
The different option attributes of each AVP in the specific situation (First, Intermediate, Final
and EVENT) is defined in the following table.
If an AVP has father node, then whether it appears depends on whether its father node
appears. If the optional father node does not appear, then even this AVP attribute is
compulsory, this AVP will not appear.
Document--<Gy AVP Table.xls> indicates detail information of AVPs for each DCC messages.
The clauses in the following files become the clauses of this specification through reference.
All the sequent modification sheets (excluding the corrigenda) of the referenced files marked
with date are not fit for this specification. However, the parties that reach an agreement
according to this specification are recommended to study whether the latest versions of these
files can be used. The latest versions for all the referenced files without date are fit for this
specification.
[1] IETF RFC 4006: “Diameter Credit-Control Application”.
[2] IETF RFC 3588: “Diameter Base Protocol”.
[3] 3GPP TS 32.299: “Telecommunication management; Charging management; Diameter
charging application”.
[4] 3GPP TS 32.251: “Telecommunication management; Charging management; Packet
Switched (PS) domain charging”.
[5] Gy AVP Table.xls
Diameter Security A Diameter Security Exchange is a process through which two Diameter
Exchange nodes establish end-to-end security.
A Diameter Server is one that handles authentication, authorization and
accounting requests for a particular realm. By its very nature, a
Diameter Server
Diameter Server MUST support Diameter applications in addition to the
base protocol.
Downstream is used to identify the direction of a particular Diameter
Downstream
message from the home server towards the access device.
TLS and IPsec provide hop-by-hop security, or security across a
transport connection. When relays or proxy are involved, this hop-by-
hop security does not protect the entire Diameter user session. End-to-
End-to-End Security end security is security between two Diameter nodes, possibly
communicating through Diameter Agents. This security protects the
entire Diameter communications path from the originating Diameter
node to the terminating Diameter node.
A Home Realm is the administrative domain with which the user
Home Realm
maintains an account relationship.
Home Server See Diameter Server.
An interim accounting message provides a snapshot of usage during a
user's session. It is typically implemented in order to provide for partial
Interim accounting accounting of a user's session in the case of a device reboot or other
network problem prevents the reception of a session summary
message or session record.
Local Realm A local realm is the administrative domain providing services to a user.
An administrative domain MAY act as a local realm for certain users,
while being a home realm for others. Multi-session A multi-session
represents a logical linking of several sessions. Multi-sessions are
tracked by using the Acct-Multi-Session-Id. An example of a multi-
session would be a Multi-link PPP bundle. Each leg of the bundle would
be a session while the entire bundle would be a multi-session.
Network Access Identifier The Network Access Identifier, or NAI, is used in the Diameter protocol
to extract a user's identity and realm. The identity is used to identify the
user during authentication and/or authorization, while the realm is used
for message routing purposes.
Proxy Agent or Proxy In addition to forwarding requests and responses, proxies make policy
decisions relating to resource usage and provisioning. This is typically
accomplished by tracking the state of NAS devices. While proxies
typically do not respond to client Requests prior to receiving a
Response from the server, they may originate Reject messages in
cases where policies are violated. As a result, proxies need to
understand the semantics of the messages passing through them, and
may not support all Diameter applications.
Realm The string in the NAI that immediately follows the '@' character. NAI
realm names are required to be unique, and are piggybacked on the
administration of the DNS namespace. Diameter makes use of the
realm, also loosely referred to as domain, to determine whether
messages can be satisfied locally, or whether they must be routed or
redirected. In RADIUS, realm names are not necessarily piggybacked
on the DNS namespace but may be independent of it.
Real-time Accounting Real-time accounting involves the processing of information on
resource usage within a defined time window. Time constraints are
typically imposed in order to limit financial risk.
Relay Agent or Relay Relays forward requests and responses based on routing-related AVPs
and realm routing table entries. Since relays do not make policy
decisions, they do not examine or alter non-routing AVPs. As a result,
relays never originate messages, do not need to understand the
semantics of messages or non-routing AVPs, and are capable of
handling any Diameter application or message type. Since relays make
decisions based on information in routing AVPs and realm forwarding
tables they do not keep state on NAS resource usage or sessions in
progress.
Redirect Agent Rather than forwarding requests and responses between clients and
servers, redirect agents refer clients to servers and allow them to
communicate directly. Since redirect agents do not sit in the forwarding
path, they do not alter any AVPs transiting between client and server.
Redirect agents do not originate messages and are capable of handling
any message type, although they may be configured only to redirect
messages of certain types, while acting as relay or proxy agents for
other types. As with proxy agents, redirect agents do not keep state
with respect to sessions or NAS resources.
Roaming Relationships Roaming relationships include relationships between companies and
ISPs, relationships among peer ISPs within a roaming consortium, and
relationships between an ISP and a roaming consortium.
Security Association A security association is an association between two endpoints in a
Diameter session which allows the endpoints to communicate with
integrity and confidentially, even in the presence of relays and/or
proxies.
Session A session is a related progression of events devoted to a particular
activity. Each application SHOULD provide guidelines as to when a
session begins and ends. All Diameter packets with the same Session-
Identifier are considered to be part of the same session.
Session state A stateful agent is one that maintains session state information, by
keeping track of all authorized active sessions. Each authorized session
is bound to a particular service, and its state is considered active either
until it is notified otherwise, or by expiration.
Sub-session A sub-session represents a distinct service (e.g., QoS or data
characteristics) provided to a given session. These services may
happen concurrently (e.g., simultaneous voice and data transfer during
the same session) or serially. These changes in sessions are tracked
with the Accounting-Sub-Session-Id.
Transaction state The Diameter protocol requires that agents maintain transaction state,
which is used for failover purposes. Transaction state implies that upon
forwarding a request, the Hop-by-Hop identifier is saved; the field is
replaced with a locally unique identifier, which is restored to its original
value when the corresponding answer is received. The request's state
is released upon receipt of the answer. A stateless agent is one that
only maintains transaction state.
Translation Agent A translation agent is a stateful Diameter node that performs protocol
translation between Diameter and another AAA protocol, such as
RADIUS.
Transport Connection A transport connection is a TCP or SCTP connection existing directly
between two Diameter peers, otherwise known as a Peer-to-Peer
Connection.
Upstream Upstream is used to identify the direction of a particular Diameter
message from the access device towards the home server.
User The entity requesting or using some resource, in support of which a
Diameter client has generated a request.