Internet DRAFT - draft-maglione-pana-acct-time

draft-maglione-pana-acct-time





   PANA Working Group                                                   
   Internet Draft                                           R. Maglione 
   Expires: December, 2006                                     M. Ullio 
                                                          V. Vercellone 
                                                         Telecom Italia 
                                                                        
                                                              June 2006 
    
    
      Problem Statement for a time-basis accounting in an "always-on" 
                     Broadband Network access scenario 
                   draft-maglione-pana-acct-time-00.txt    
    
    
Status of this Memo 
    
   By submitting this Internet-Draft, each author represents that any 
   applicable patent or other IPR claims of which he or she is aware 
   have been or will be disclosed, and any of which he or she becomes 
   aware will be disclosed, in accordance with Section 6 of BCP 79. 
    
   Internet-Drafts are working documents of the Internet Engineering 
   Task Force (IETF), its areas, and its working groups.  Note that 
   other groups may also distribute working documents as Internet- 
   Drafts. 
    
   Internet-Drafts are draft documents valid for a maximum of six months 
   and may be updated, replaced, or obsoleted by other documents at any 
   time.  It is inappropriate to use Internet-Drafts as reference 
   material or to cite them other than as "work in progress." 
    
   The list of current Internet-Drafts can be accessed at 
   http://www.ietf.org/ietf/1id-abstracts.txt. 
    
   The list of Internet-Draft Shadow Directories can be accessed at 
   http://www.ietf.org/shadow.html. 
    
   This Internet-Draft will expire on December, 2006. 
    
Copyright Notice 
    
   Copyright (C) The Internet Society (2006). 
    
    
Abstract 
    
   Two main models for providing DSL Internet Access are currently 
   available: one is based on PPP protocol and provides flexible AAA 
   (Authentication, Authorization and Accounting) mechanism, dynamic IP 
   address assignment and is generally used by Internet Service 
 
 
Maglione, et al.        Expires December, 2006                [Page 1] 
            Problem Statement for a time-basis accounting   June 2006 
 
 
   Providers (ISPs) for temporary or semi-permanent Broadband 
   connections which may be billed on a time-basis. The other is based 
   on DHCP or static IP addressing, generally lacks flexible AAA 
   mechanism and is most of the time associated to flat-rate broadband 
   connections. The evolution of services and access techniques may 
   quickly lead to a wide deployment of non-PPP based access model 
   associated with flat rates charge, providing "always-on" Internet 
   connections. However, even in this scenario, ISPs may still require 
   that some services are billed on a time basis. This Internet Draft 
   describes the problem typically faced by ISPs when a time-basis 
   billing model is required for non-PPP Broadband Connections. It also 
   introduces requirements that a possible solution should satisfy in 
   order to address the problem. Moreover the document covers a brief 
   analysis of the Status of Art. 
    
    
    
Table of Contents 
    
   1. Specification of Requirements..................................2 
   2. Introduction...................................................2 
   3. Terminology....................................................3 
   4. Problem Statement..............................................4 
   5. Requirements of the Solution...................................5 
   6. Brief analysis of current possible approaches..................6 
      6.1 Web Portal based approach..................................6 
      6.2 DHCP based approach........................................7 
      6.3 PANA based approach........................................7 
   7. Conclusions....................................................8 
   8. Security Considerations........................................8 
   9. IANA Considerations............................................8 
   10. References....................................................8 
   Acknowledgments...................................................9 
   Author's Addresses................................................9 
   Intellectual Property Statement...................................9 
   Disclaimer of Validity...........................................10 
   Copyright Statement..............................................10 
    
    
1. Specification of Requirements 
    
   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 
   document are to be interpreted as described in RFC 2119. 
    
    
2. Introduction 
    
    
 
 
Maglione, et al.        Expires December, 2006                [Page 2] 
            Problem Statement for a time-basis accounting   June 2006 
 
 
   Traditionally access to data networks typically involves the 
   establishment of logical connections realized through PPP [1] (Point-
   to-Point Protocol) protocol sessions. This applies in particular for 
   clients connected on copper lines that use xDSL-type (Digital 
   Subscriber Line) transmission techniques, called Broadband Access 
   techniques, to connect to the Internet.  
   In such scenario, access functionalities are provided by edge 
   routers, called BRAS (Broadband Remote Access Servers), that 
   terminate the access connections and perform the routing functions 
   for the client traffic. The user terminal connects via DSLAM (Digital 
   Subscriber Line Access Multiplexer) to a broadband access network in 
   order to reach dedicated BRAS edge routers that provide Internet 
   connection. 
                                                           
        -------------         -------       ------                
      | User Terminal | ---- | DSLAM | --- | BRAS | --- | Internet | 
        -------------         -------       ------            
    
    
   An increasing interest is being currently witnessed for the adoption 
   of "always-on" type access models; in that case, the terminal has a 
   "steady" connectivity to the network. The evolution towards an 
   increasing use of the "always-on" models is also motivated by the 
   need of an integrated offer, on xDSL broadband access lines, of VoIP 
   (Voice over IP) and video communication services; in fact, for this 
   type of applications, the terminal must always be on-line and 
   reachable from the network. 
    
   In this scenario Internet Service Providers are focused on providing 
   Triple-Play services (a bundle of voice, data and video services) 
   built on top of a convergent network infrastructure based on the IP 
   protocol. 
   The idea to build a single convergent network infrastructure to offer 
   heterogeneous services is mainly driven by a cost reduction objective 
   that an integrated and flexible network could achieve. 
   However the evolution toward a multi-service network will require new 
   mechanism to support different charging and accounting policies 
   according to different service requirements and access methodologies. 
    
3. Terminology 
    
   Session:  
       
      a generic context that is created for every user who            
      interacts with the edge router device. Various types of         
      sessions may be defined, depending on the packet types that  
      are being handled by the session. In this problem statement  
      the term session refers namely to an IP session. This is a   

 
 
Maglione, et al.        Expires December, 2006                [Page 3] 
            Problem Statement for a time-basis accounting   June 2006 
 
 
      Layer 3 session because it includes all IP packets exchanged    
      with a subscriber device at a single IP address. 
    
    
   Broadband Remote Access Server (BRAS): 
       
      the edge router device that provides Internet connection. 
    
    
   ISP:  Internet Service Provider (ISP): 
       
      a company that supplies Internet connectivity to home and business 
      customers. 
    
    
   Public Switched Telephone Network (PSTN): 
       
      the established international telephone system carrying voice data 
      over circuit switched connections. 
    
   Digital Subscriber Line (DSL): 
    
      a technology for bringing high-bandwidth information to homes and 
      small businesses over ordinary copper PSTN lines. The widely used 
      term xDSL refers to different variations of DSL, such as ADSL, 
      HDSL, VDSL and SDSL. 
    
    
   Network Access Provider (NAP): 
   
      a service provider that provides physical and link-layer 
      connectivity to an access network it manages. 
    
    
   Walled Garden:  
   
      in this context, the term is used to designate an environment 
      allowing to control the access from the users to a restricted set 
      of network resources, e.g. Web content and services. 
    
    
4. Problem Statement 
    
   DSL access to the Service Provider network is currently based on 
   logical links built using PPP protocol. 
   This model is usually called "virtual dial-up" because it simulates 
   the traditional narrowband connection originally built by using modem 
   devices connected to PSTN lines.    
   The transition to the "virtual dial-up" technique happened smoothly 
   for two main reasons: it was based on standard and widely deployed 
   protocols like PPP and RADIUS [2] (and therefore could easily be 
 
 
Maglione, et al.        Expires December, 2006                [Page 4] 
            Problem Statement for a time-basis accounting   June 2006 
 
 
   integrated by ISP's in their network infrastructure) and it provided 
   the same user experience as the traditional dial-up service to end 
   users. 
   The evolution of xDSL technology will rapidly increase available 
   bandwidth for final users, driving the demand for value-added 
   services, such as VoIP, Video and Online Gaming (also known as 
   "triple" and "quadruple" play services) requiring "always on" 
   broadband connections.  In such scenarios, the classical virtual dial 
   up approach is affected by scalability issues, and therefore it will 
   be gradually replaced by an "always-on" model based on IP sessions. 
   Evolving towards purely IP based access models also implies the 
   absence of Authorization and Accounting records which are normally 
   available when using virtual dial up approach: in this case, 
   deploying service charged on a time basis would be extremely 
   difficult. It could be argued that an always-on connection is 
   normally associated to a flat-rate charge; however the evolution of 
   ISP's service portfolio may still require a time base charging method 
   for value added services going beyond standard offers.   
   In other words, even with an "always-on" paradigm, it may still be 
   required to identify "sessions" associated with special services in 
   order to measure the exact duration of such services and charge them 
   on a time basis. 
    
    
5. Requirements of the Solution 
 
   This section describes the requirements for a solution that provides 
   a non-PPP based access method to an IP network: 
    
   1)it MUST be able to authenticate the users before allowing them the 
   network access; this is required to guarantee an appropriate security 
   level and for associating to each user his profile typically 
   specifying also the accounting policies to be applied to the user; 
    
   2)it SHOULD support different authentication methods, in order to be 
   able to select the proper/adapted security level for different 
   scenarios; 
    
   3)it MUST support different accounting policies like time-basis 
   charging, volume-basis charging, flat and prepaid charging in order 
   to be applied to most common Service Provider commercial offers; 
    
   4)it MUST be able to dynamically modify the session attributes when a 
   particular event happens. Typical situation that may require ISPs to 
   modify user capabilities is when prepaid credit expires: in this case 
   ISP may want to provide to the user limited or no access to the 
   network; 
    

 
 
Maglione, et al.        Expires December, 2006                [Page 5] 
            Problem Statement for a time-basis accounting   June 2006 
 
 
   5)it MUST be able to modify the accounting policy related to a 
   specific session, without terminating the established session; this 
   allows ISPs to offer dynamic activation of new services that may 
   require different charging policy. 
    
   Moreover, in a particular scenario where the ISP and the NAP are not 
   the same entity, the ability to dynamically select the Internet 
   Service Provider MAY translate into an additional requirement for a 
   suitable solution. 
    
6. Brief analysis of current possible approaches 
    
   There are currently different approaches that try to address the 
   time-basis billing problem in non-PPP based network scenario; they 
   can all be classified in three main categories: 
   a)a Service Selection architecture, based on the interaction with a 
   dedicated service access Web portal; 
   b)an architecture based on dynamic address assignment functionality 
   through DHCP (Dynamic Host Configuration Protocol) servers [4]; 
   c)a solution based on PANA protocol [5] [6]. 
    
   As the next sections will show, none of these approaches completely 
   satisfies all the requirements listed above, thus either a new 
   solution or an extension of an existing one, is required to solve the 
   problem.      
    
6.1 Web Portal based approach 
    
   In the case of a Service Selection architecture, a Web portal could 
   typically be used to manage with the login for those users wishing to 
   access services with a time-based accounting. The Web portal allows 
   the selection of the desired service among those offered from the 
   network. This occurs by using the HTTP (HyperText Transfer Protocol) 
   [3] protocol, through an edge element of the IP network. As the user 
   opens the HTTP browser, his traffic is re-directed by the edge 
   network element towards the Web server, hosting the services access 
   portal, located on a specific IP subnet. The Web server asks the user 
   for its authentication credentials and, if that step is successful, 
   the Web server presents to the user a menu of the available services 
   out of which the desired service may be selected. Upon a service 
   request, an appropriate session is created and the associated RADIUS 
   accounting function started. 
    
    
   This approach has two main limitations: 
   it relies on redirection of http traffic thus it requires pre-  
   establishing an http session even if the end-user does not need to 
   send http traffic; it is not based on a standard solution but it 
   relies on proprietary methodologies. 
 
 
Maglione, et al.        Expires December, 2006                [Page 6] 
            Problem Statement for a time-basis accounting   June 2006 
 
 
    
6.2 DHCP based approach 
    
   DHCP protocol is built on a client-server model, where designated 
   DHCP servers allocate network addresses and deliver configuration 
   parameters to dynamically configured hosts.  DHCP supports three 
   mechanisms for IP address allocation: "automatic allocation", 
   "dynamic allocation" and "manual allocation". In "dynamic 
   allocation", DHCP assigns an IP address to a client for a limited 
   period of time (or until the client explicitly relinquishes the 
   address). Dynamic allocation is particularly useful for assigning an 
   address to a client that will only need temporary connection to the 
   network or for sharing a limited pool of IP addresses among a group 
   of clients that do not need permanent IP addresses. 
   The session duration can be identified by the interval between the 
   time the IP address request is received and the time the IP address 
   is released. 
    
   Time-basis accounting based on this approach may be inaccurate in 
   case the customer disconnects from the network without releasing the 
   address. In that case the DHCP server removes the related association 
   only when the configured lease time expires. While the initial 
   address request to the DHCP server can in fact be used to start a 
   time-based accounting procedure, the accounting stop can be adversely 
   affected in terms of accuracy if the client disconnects without 
   sending an explicit disconnection message, thus making it necessary 
   to wait for the lease time expiry. On the other hand a reduction in 
   the value of the lease time entails a more frequent interaction in 
   terms of messages with the DHCP server, thus finally limiting 
   scalability. 
    
6.3 PANA based approach 
    
   PANA protocol has been designed to provide users authentication and 
   authorization in an IP-Based access network; it is able to transport 
   EAP protocol, thus it can work with EAP authentication methods. As 
   PANA is based on the IP protocol, it is independent from the link 
   layer technologies used. Therefore it can be adopted in an 
   heterogeneous access technology environment.  
    
   PANA is a very flexible protocol, it provides the capability to 
   dynamically modify different parameters of an established session, 
   but it is not currently able to change the accounting policy 
   associated to a specific session. This is a limitation for an ISP 
   that would like to offer a service that requires modifying the 
   charging policy according to the user behavior. For example, in the 
   broadband scenario, a user could subscribe to a service that allows 
   access to a controlled network portion, called Walled Garden, for a 
   flat rate charge. When the user tries to access to a destination 
 
 
Maglione, et al.        Expires December, 2006                [Page 7] 
            Problem Statement for a time-basis accounting   June 2006 
 
 
   outside the Walled Garden the ISP may want to adopt a time-basis 
   charging model for that specific traffic. This should be accomplished 
   without interrupting the user established session. 
    
    
7. Conclusions 
    
   From the preliminary analysis described above, it appears that PANA 
   protocol is flexible and extensible enough to potentially address the 
   problem presented. We think that PANA framework could be leveraged, 
   with minimal impact, to satisfy the aforementioned requirements, that 
   will be further discussed in a next version of the contribution. 
   Therefore we ask the PANA Working Group to consider the time-basis 
   accounting problem as a discussion item within the PANA framework. 
    
    
8. Security Considerations 
    
   This document raises no security issue. 
    
9. IANA Considerations 
    
   This document has no actions for IANA. 
    
10. References 
    
   [1] Simpson, W., "The Point-to-Point Protocol (PPP)", RFC1661, July 
   1994 
    
    
   [2] C. Rigney, S. Willens, Livingston, A. Rubens, Merit, W. Simpson, 
   Daydreamer "Remote Authentication Dial In User Service (RADIUS)", 
   RFC2865, June 2000 
    
    
   [3] Droms, R., "Dynamic Host Configuration Protocol", RFC2131, March 
   1997 
    
    
   [4] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., 
   Leach, P., and T. Berners-Lee, "Hypertext Transfer Protocol -- 
   HTTP/1.1", RFC 2616, June 1999 
    
    
   [5] Jayaraman, P., "PANA Framework", draft-ietf-pana-framework-06 
   (work in progress), March 2006 
    
    

 
 
Maglione, et al.        Expires December, 2006                [Page 8] 
            Problem Statement for a time-basis accounting   June 2006 
 
 
   [6] Forsberg, D., "Protocol for Carrying Authentication for Network 
   Access (PANA)", draft-ietf-pana-pana-11 (work in progress), March 
   2006 
    
    
    
Acknowledgments 
    
   We would like to thank Gerardo Giaretta for his valuable comments to 
   this document. 
    
    
Author's Addresses 
    
   Roberta Maglione 
   Telecom Italia 
   Via G. Reiss Romoli 274 
   10148 Torino 
   Italy 
   Email: roberta.maglione@telecomitalia.it 
    
    
   Mario Ullio 
   Telecom Italia 
   Via G. Reiss Romoli 274 
   10148 Torino 
   Italy 
   Email: mario.ullio@telecomitalia.it  
    
    
   Vinicio Vercellone 
   Telecom Italia 
   Via G. Reiss Romoli 274 
   10148 Torino 
   Italy 
   Email: vinicio.vercellone@telecomitalia.it  
    
    
    
Intellectual Property Statement 
    
   The IETF takes no position regarding the validity or scope of any 
   Intellectual Property Rights or other rights that might be claimed to 
   pertain to the implementation or use of the technology described in 
   this document or the extent to which any license under such rights 
   might or might not be available; nor does it represent that it has 
   made any independent effort to identify any such rights.  Information 
   on the procedures with respect to rights in RFC documents can be 
   found in BCP 78 and BCP 79. 
 
 
Maglione, et al.        Expires December, 2006                [Page 9] 
            Problem Statement for a time-basis accounting   June 2006 
 
 
    
   Copies of IPR disclosures made to the IETF Secretariat and any 
   assurances of licenses to be made available, or the result of an 
   attempt made to obtain a general license or permission for the use of 
   such proprietary rights by implementers or users of this 
   specification can be obtained from the IETF on-line IPR repository at 
   http://www.ietf.org/ipr. 
    
   The IETF invites any interested party to bring to its attention any 
   copyrights, patents or patent applications, or other proprietary 
   rights that may cover technology that may be required to implement 
   this standard.  Please address the information to the IETF at 
   ietf-ipr@ietf.org. 
 
 
Disclaimer of Validity 
 
   This document and the information contained herein are provided on an 
   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 
   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET 
   ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, 
   INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE 
   INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 
   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 
 
 
Copyright Statement 
    
   Copyright (C) The Internet Society (2006).  This document is subject 
   to the rights, licenses and restrictions contained in BCP 78, and 
   except as set forth therein, the authors retain all their rights. 


















 
 
Maglione, et al.        Expires December, 2006               [Page 10]