tech-invite   World Map     

IETF     RFCs     Groups     SIP     ABNFs    |    3GPP     Specs     Glossaries     Architecture     IMS     UICC    |    search

RFC 3525

 
 
 

Gateway Control Protocol Version 1

Part 3 of 7, p. 59 to 89
Prev RFC Part       Next RFC Part

 


prevText      Top      Up      ToC       Page 59 
7.2.6 AuditCapabilities

   The AuditCapabilities Command returns the possible values of
   properties, events, signals and statistics associated with
   Terminations.

     TerminationID
     [,MediaDescriptor]
     [,ModemDescriptor]
     [,MuxDescriptor]
     [,EventsDescriptor]
     [,SignalsDescriptor]
     [,ObservedEventsDescriptor]
     [,EventBufferDescriptor]
     [,StatisticsDescriptor]
      AuditCapabilities(TerminationID,
         AuditDescriptor
         )

   The appropriate descriptors, with the possible values for the
   Termination are returned from AuditCapabilities.  Descriptors may be
   repeated where there are multiple possible values.  If a wildcarded
   response is requested, only one command return is generated, with the
   contents containing the union of the values of all Terminations
   matching the wildcard.  This convention may reduce the volume of data
   required to audit a group of Terminations.

   Interpretation of what capabilities are requested for various values
   of ContextID and TerminationID is the same as in AuditValue.

   The EventsDescriptor returns the list of possible events on the
   Termination together with the list of all possible values for the
   EventsDescriptor Parameters.  EventBufferDescriptor returns the same
   information as EventsDescriptor.  The SignalsDescriptor returns the
   list of possible signals that could be applied to the Termination
   together with the list of all possible values for the Signals
   Parameters.  StatisticsDescriptor returns the names of the statistics
   being kept on the termination.  ObservedEventsDescriptor returns the
   names of active events on the Termination.  DigitMap and Packages are
   not legal in AuditCapability.

Top      Up      ToC       Page 60 
   The following illustrates other information that can be obtained with
   the AuditCapabilties Command:

   ContextID TerminationID Information Obtained

   Specific  wildcard      Audit of matching Terminations in a Context

   Specific  specific      Audit of a single Termination in a Context

   Null      Root          Audit of MG state and events

   Null      wildcard      Audit of all matching Terminations in the
                            Null Context

   Null      specific      Audit of a single Termination outside of any
                            Context

   All       wildcard      Audit of all matching Terminations and the
                            Context to which they are associated

   All       Root          Same as for AuditValue

   All       Specific      Same as for AuditValue

7.2.7 Notify

   The Notify Command allows the Media Gateway to notify the Media
   Gateway Controller of events occurring within the Media Gateway.

     TerminationID
      Notify(TerminationID,
         ObservedEventsDescriptor,
         [ErrorDescriptor]
         )

   The TerminationID parameter specifies the Termination issuing the
   Notify Command.  The TerminationID shall be a fully qualified name.

   The ObservedEventsDescriptor contains the RequestID and a list of
   events that the Media Gateway detected in the order that they were
   detected.  Each event in the list is accompanied by parameters
   associated with the event and optionally an indication of the time
   that the event was detected.  Procedures for sending Notify commands
   with RequestID equal to 0 are for further study.

   Notify Commands with RequestID not equal to 0 shall occur only as the
   result of detection of an event specified by an Events descriptor
   which is active on the Termination concerned.

Top      Up      ToC       Page 61 
   The RequestID returns the RequestID parameter of the EventsDescriptor
   that triggered the Notify Command.  It is used to correlate the
   notification with the request that triggered it.  The events in the
   list must have been requested via the triggering EventsDescriptor or
   embedded events descriptor unless the RequestID is 0 (which is for
   further study).

   The ErrorDescriptor may be sent in the Notify Command as a result of
   Error 518 - Event buffer full.

7.2.8 ServiceChange

   The ServiceChange Command allows the Media Gateway to notify the
   Media Gateway Controller that a Termination or group of Terminations
   is about to be taken out of service or has just been returned to
   service.  The Media Gateway Controller may indicate that
   Termination(s) shall be taken out of or returned to service.   The
   Media Gateway may notify the MGC that the capability of a Termination
   has changed.  It also allows a MGC to hand over control of a MG to
   another MGC.

   TerminationID,

     [ServiceChangeDescriptor]
      ServiceChange ( TerminationID,
         ServiceChangeDescriptor
         )

   The TerminationID parameter specifies the Termination(s) that are
   taken out of or returned to service.  Wildcarding of Termination
   names is permitted, with the exception that the CHOOSE mechanism
   shall not be used.  Use of the "Root" TerminationID indicates a
   ServiceChange affecting the entire Media Gateway.

   The ServiceChangeDescriptor contains the following parameters as
   required:

   -  ServiceChangeMethod
   -  ServiceChangeReason
   -  ServiceChangeDelay
   -  ServiceChangeAddress
   -  ServiceChangeProfile
   -  ServiceChangeVersion
   -  ServiceChangeMgcId
   -  TimeStamp

Top      Up      ToC       Page 62 
   The ServiceChangeMethod parameter specifies the type of ServiceChange
   that will or has occurred:

   1) Graceful - indicates that the specified Terminations will be taken
      out of service after the specified ServiceChangeDelay; established
      connections are not yet affected, but the Media Gateway Controller
      should refrain from establishing new connections and should
      attempt to gracefully tear down existing connections on the
      Termination(s) affected by the serviceChange command.  The MG
      should set Termination serviceState at the expiry of
      ServiceChangeDelay or the removal of the Termination from an
      active Context (whichever is first), to "out of service".

   2) Forced - indicates that the specified Terminations were taken
      abruptly out of service and any established connections associated
      with them may be lost.  For non-Root terminations, the MGC is
      responsible for cleaning up the Context (if any) with which the
      failed Termination is associated.  At a minimum the Termination
      shall be subtracted from the Context.  The Termination
      serviceState should be "out of service".  For the root
      termination, the MGC can assume that all connections are lost on
      the MG and thus can consider that all the terminations have been
      subtracted.

   3) Restart - indicates that service will be restored on the specified
      Terminations after expiration of the ServiceChangeDelay.  The
      serviceState should be set to "inService" upon expiry of
      ServiceChangeDelay.

   4) Disconnected - always applied with the Root TerminationID,
      indicates that the MG lost communication with the MGC, but it was
      subsequently restored to the same MGC (possibly after trying other
      MGCs on a pre-provisioned list).  Since MG state may have changed,
      the MGC may wish to use the Audit command to resynchronize its
      state with the MG's.

   5) Handoff - sent from the MGC to the MG, this reason indicates that
      the MGC is going out of service and a new MGC association must be
      established.  Sent from the MG to the MGC, this indicates that the
      MG is attempting to establish a new association in accordance with
      a Handoff received from the MGC with which it was previously
      associated.

   6) Failover - sent from MG to MGC to indicate the primary MG is out
      of service and a secondary MG is taking over.  This serviceChange
      method is also sent from the MG to the MGC when the MG detects
      that MGC has failed.

Top      Up      ToC       Page 63 
   7) Another value whose meaning is mutually understood between the MG
      and the MGC.

   The ServiceChangeReason parameter specifies the reason why the
   ServiceChange has or will occur.  It consists of an alphanumeric
   token (IANA registered) and, optionally, an explanatory string.

   The optional ServiceChangeAddress parameter specifies the address
   (e.g., IP port number for IP networks) to be used for subsequent
   communications.  It can be specified in the input parameter
   descriptor or the returned result descriptor.  ServiceChangeAddress
   and ServiceChangeMgcId parameters must not both be present in the
   ServiceChangeDescriptor or the ServiceChangeResultDescriptor.  The
   ServiceChangeAddress provides an address to be used within the
   Context of the association currently being negotiated, while the
   ServiceChangeMgcId provides an alternate address where the MG should
   seek to establish another association.  Note that the use of
   ServiceChangeAddress is not encouraged.  MGCs and MGs must be able to
   cope with the ServiceChangeAddress being either a full address or
   just a port number in the case of TCP transports.

   The optional ServiceChangeDelay parameter is expressed in seconds.
   If the delay is absent or set to zero, the delay value should be
   considered to be null.  In the case of a "graceful"
   ServiceChangeMethod, a null delay indicates that the Media Gateway
   Controller should wait for the natural removal of existing
   connections and should not establish new connections.  For "graceful"
   only, a null delay means the MG must not set serviceState "out of
   service" until the Termination is in the null Context.

   The optional ServiceChangeProfile parameter specifies the Profile (if
   any) of the protocol supported.  The ServiceChangeProfile includes
   the version of the profile supported.

   The optional ServiceChangeVersion parameter contains the protocol
   version and is used if protocol version negotiation occurs (see
   11.3).

   The optional TimeStamp parameter specifies the actual time as kept by
   the sender.  As such, it is not necessarily absolute time according
   to, for example, a local time zone - it merely establishes an
   arbitrary starting time against which all future timestamps
   transmitted by a sender during this association shall be compared.
   It can be used by the responder to determine how its notion of time
   differs from that of its correspondent.  TimeStamp is sent with a
   precision of hundredths of a second.

Top      Up      ToC       Page 64 
   The optional Extension parameter may contain any value whose meaning
   is mutually understood by the MG and MGC.

   A ServiceChange Command specifying the "Root" for the TerminationID
   and ServiceChangeMethod equal to Restart is a registration command by
   which a Media Gateway announces its existence to the Media Gateway
   Controller.  The Media Gateway may also announce a registration
   command by specifying the "Root" for the TerminationID and
   ServiceChangeMethod equal to Failover when the MG detects MGC
   failures.  The Media Gateway is expected to be provisioned with the
   name of one primary and optionally some number of alternate Media
   Gateway Controllers.  Acknowledgement of the ServiceChange Command
   completes the registration process, except when the MGC has returned
   an alternative ServiceChangeMgcId as described in the following
   paragraph.  The MG may specify the transport ServiceChangeAddress to
   be used by the MGC for sending messages in the ServiceChangeAddress
   parameter in the input ServiceChangeDescriptor.  The MG may specify
   an address in the ServiceChangeAddress parameter of the ServiceChange
   request, and the MGC may also do so in the ServiceChange reply.  In
   either case, the recipient must use the supplied address as the
   destination for all subsequent transaction requests within the
   association.  At the same time, as indicated in clause 9, transaction
   replies and pending indications must be sent to the address from
   which the corresponding requests originated.  This must be done even
   if it implies extra messaging because commands and responses cannot
   be packed together.  The TimeStamp parameter shall be sent with a
   registration command and its response.

   The Media Gateway Controller may return a ServiceChangeMgcId
   parameter that describes the Media Gateway Controller that should
   preferably be contacted for further service by the Media Gateway.  In
   this case the Media Gateway shall reissue the ServiceChange command
   to the new Media Gateway Controller.  The MGC specified in a
   ServiceChangeMgcId, if provided, shall be contacted before any
   further alternate MGCs.  On a HandOff message from MGC to MG, the
   ServiceChangeMgcId is the new MGC that will take over from the
   current MGC.

   The return from ServiceChange is empty except when the Root
   terminationID is used.  In that case it includes the following
   parameters as required:

   -  ServiceChangeAddress, if the responding MGC wishes to specify a
      new destination for messages from the MG for the remainder of the
      association;

   -  ServiceChangeMgcId, if the responding MGC does not wish to sustain
      an association with the MG;

Top      Up      ToC       Page 65 
   -  ServiceChangeProfile, if the responder wishes to negotiate the
      profile to be used for the association;

   -  ServiceChangeVersion, if the responder wishes to negotiate the
      version of the protocol to be used for the association.

   The following ServiceChangeReasons are defined.  This list may be
   extended by an IANA registration as outlined in 13.3.

      900 Service Restored
      901 Cold Boot
      902 Warm Boot
      903 MGC Directed Change
      904 Termination malfunctioning
      905 Termination taken out of service
      906 Loss of lower layer connectivity (e.g., downstream sync)
      907 Transmission Failure
      908 MG Impending Failure
      909 MGC Impending Failure
      910 Media Capability Failure
      911 Modem Capability Failure
      912 Mux Capability Failure
      913 Signal Capability Failure
      914 Event Capability Failure
      915 State Loss

7.2.9 Manipulating and Auditing Context Attributes

   The commands of the protocol as discussed in the preceding subclauses
   apply to Terminations.  This subclause specifies how Contexts are
   manipulated and audited.

   Commands are grouped into actions (see clause 8).  An action applies
   to one Context.  In addition to commands, an action may contain
   Context manipulation and auditing instructions.

   An action request sent to a MG may include a request to audit
   attributes of a Context.  An action may also include a request to
   change the attributes of a Context.

   The Context properties that may be included in an action reply are
   used to return information to a MGC.  This can be information
   requested by an audit of Context attributes or details of the effect
   of manipulation of a Context.

Top      Up      ToC       Page 66 
   If a MG receives an action which contains both a request to audit
   context attributes and a request to manipulate those attributes, the
   response SHALL include the values of the attributes after processing
   the manipulation request.

7.2.10   Generic Command Syntax

   The protocol can be encoded in a binary format or in a text format.
   MGCs should support both encoding formats.  MGs may support both
   formats.

   The protocol syntax for the binary format of the protocol is defined
   in Annex A.  Annex C specifies the encoding of the Local and Remote
   descriptors for use with the binary format.

   A complete ABNF of the text encoding of the protocol per RFC 2234 is
   given in Annex B.  SDP is used as the encoding of the Local and
   Remote descriptors for use with the text encoding as modified in
   7.1.8.

7.3   Command Error Codes

   Errors consist of an IANA registered error code and an explanatory
   string.  Sending the explanatory string is optional.  Implementations
   are encouraged to append diagnostic information to the end of the
   string.

   When a MG reports an error to a MGC, it does so in an error
   descriptor.  An error descriptor consists of an error code and
   optionally the associated explanatory string.

   H.248.8 contains the error codes supported by Recommendations in the
   H.248 sub-series.

8  Transactions

   Commands between the Media Gateway Controller and the Media Gateway
   are grouped into Transactions, each of which is identified by a
   TransactionID.  Transactions consist of one or more Actions.  An
   Action consists of a non-empty series of Commands, Context property
   modifications, or Context property audits that are limited to
   operating within a single Context.  Consequently, each Action
   typically specifies a ContextID.  However, there are two
   circumstances where a specific ContextID is not provided with an
   Action.  One is the case of modification of a Termination outside of
   a Context.  The other is where the controller requests the gateway to
   create a new Context.  Figure 8 is a graphic representation of the
   Transaction, Action and Command relationships.

Top      Up      ToC       Page 67 
      +----------------------------------------------------------+
      | Transaction x                                            |
      |  +----------------------------------------------------+  |
      |  | Action 1                                           |  |
      |  | +---------+  +---------+  +---------+  +---------+ |  |
      |  | | Command |  | Command |  | Command |  | Command | |  |
      |  | |    1    |  |    2    |  |    3    |  |    4    | |  |
      |  | +---------+  +---------+  +---------+  +---------+ |  |
      |  +----------------------------------------------------+  |
      |                                                          |
      |  +----------------------------------------------------+  |
      |  | Action 2                                           |  |
      |  | +---------+                                        |  |
      |  | | Command |                                        |  |
      |  | |    1    |                                        |  |
      |  | +---------+                                        |  |
      |  +----------------------------------------------------+  |
      |                                                          |
      |  +----------------------------------------------------+  |
      |  | Action 3                                           |  |
      |  | +---------+  +---------+  +---------+              |  |
      |  | | Command |  | Command |  | Command |              |  |
      |  | |    1    |  |    2    |  |    3    |              |  |
      |  | +---------+  +---------+  +---------+              |  |
      |  +----------------------------------------------------+  |
      +----------------------------------------------------------+

               Figure 8: Transactions, Actions and Commands

   Transactions are presented as TransactionRequests.  Corresponding
   responses to a TransactionRequest are received in a single reply,
   possibly preceded by a number of TransactionPending messages (see
   8.2.3).

   Transactions guarantee ordered Command processing.  That is, Commands
   within a Transaction are executed sequentially.  Ordering of
   Transactions is NOT guaranteed - transactions may be executed in any
   order, or simultaneously.

   At the first failing Command in a Transaction, processing of the
   remaining Commands in that Transaction stops.  If a command contains
   a wildcarded TerminationID, the command is attempted with each of the
   actual TerminationIDs matching the wildcard.  A response within the
   TransactionReply is included for each matching TerminationID, even if
   one or more instances generated an error.  If any TerminationID
   matching a wildcard results in an error when executed, any commands
   following the wildcarded command are not attempted.

Top      Up      ToC       Page 68 
   Commands may be marked as "Optional" which can override this
   behaviour - if a command marked as Optional results in an error,
   subsequent commands in the Transaction will be executed.  If a
   command fails, the MG shall as far as possible restore the state that
   existed prior to the attempted execution of the command before
   continuing with command processing.

   A TransactionReply includes the results for all of the Commands in
   the corresponding TransactionRequest.  The TransactionReply includes
   the return values for the Commands that were executed successfully,
   and the Command and error descriptor for any Command that failed.

   TransactionPending is used to periodically notify the receiver that a
   Transaction has not completed yet, but is actively being processed.

   Applications SHOULD implement an application level timer per
   transaction.  Expiration of the timer should cause a retransmission
   of the request.  Receipt of a Reply should cancel the timer.  Receipt
   of Pending should restart the timer.

8.1   Common parameters

8.1.1 Transaction Identifiers

   Transactions are identified by a TransactionID, which is assigned by
   sender and is unique within the scope of the sender.  A response
   containing an error descriptor to indicate that the TransactionID is
   missing in a request shall use TransactionID 0 in the corresponding
   TransactionReply.

8.1.2 Context Identifiers

   Contexts are identified by a ContextID, which is assigned by the
   Media Gateway and is unique within the scope of the Media Gateway.
   The Media Gateway Controller shall use the ContextID supplied by the
   Media Gateway in all subsequent Transactions relating to that
   Context.  The protocol makes reference to a distinguished value that
   may be used by the Media Gateway Controller when referring to a
   Termination that is currently not associated with a Context, namely
   the null ContextID.

   The CHOOSE wildcard is used to request that the Media Gateway create
   a new Context.

   The MGC may use the ALL wildcard to address all Contexts on the MG.
   The null Context is not included when the ALL wildcard is used.

Top      Up      ToC       Page 69 
   The MGC shall not use partially specified ContextIDs containing the
   CHOOSE or ALL wildcards.

8.2   Transaction Application Programming Interface

   Following is an Application Programming Interface (API) describing
   the Transactions of the protocol.  This API is shown to illustrate
   the Transactions and their parameters and is not intended to specify
   implementation (e.g., via use of blocking function calls).  It will
   describe the input parameters and return values expected to be used
   by the various Transactions of the protocol from a very high level.
   Transaction syntax and encodings are specified in later subclauses.

8.2.1 TransactionRequest

   The TransactionRequest is invoked by the sender.  There is one
   Transaction per request invocation.  A request contains one or more
   Actions, each of which specifies its target Context and one or more
   Commands per Context.

     TransactionRequest(TransactionId {
         ContextID {Command ... Command},
            . . .
         ContextID {Command ... Command } })

   The TransactionID parameter must specify a value for later
   correlation with the TransactionReply or TransactionPending response
   from the receiver.

   The ContextID parameter must specify a value to pertain to all
   Commands that follow up to either the next specification of a
   ContextID parameter or the end of the TransactionRequest, whichever
   comes first.

   The Command parameter represents one of the Commands mentioned in 7.2
   (Command Application Programming Interface).

8.2.2 TransactionReply

   The TransactionReply is invoked by the receiver.  There is one reply
   invocation per transaction.  A reply contains one or more Actions,
   each of which must specify its target Context and one or more
   Responses per Context.  The TransactionReply is invoked by the
   responder when it has processed the TransactionRequest.

Top      Up      ToC       Page 70 
   A TransactionRequest has been processed:

   -  when all actions in that TransactionRequest have been processed;
      or

   -  when an error is encountered in processing that
      TransactionRequest, except when the error is in an optional
      command.

   A command has been processed when all descriptors in that command
   have been processed.

   A SignalsDescriptor is considered to have been processed when it has
   been established that the descriptor is syntactically valid, the
   requested signals are supported and they have been queued to be
   applied.

   An EventsDescriptor or EventBufferDescriptor is considered to have
   been processed when it has been established that the descriptor is
   syntactically valid, the requested events can be observed, any
   embedded signals can be generated, any embedded events can be
   detected, and the MG has been brought into a state in which the
   events will be detected.

     TransactionReply(TransactionID {
         ContextID { Response ... Response },
            . . .
         ContextID { Response ... Response } })

   The TransactionID parameter must be the same as that of the
   corresponding TransactionRequest.

   The ContextID parameter must specify a value to pertain to all
   Responses for the action.  The ContextID may be specific, all or
   null.

   Each of the Response parameters represents a return value as
   mentioned in 7.2, or an error descriptor if the command execution
   encountered an error.  Commands after the point of failure are not
   processed and, therefore, Responses are not issued for them.

   An exception to this occurs if a command has been marked as optional
   in the Transaction request.  If the optional command generates an
   error, the transaction still continues to execute, so the Reply
   would, in this case, have Responses after an Error.

   Section 7.1.19 Error Descriptor specifies the generation of error
   descriptors.  The text below discusses several individual cases.

Top      Up      ToC       Page 71 
   If the receiver encounters an error in processing a ContextID, the
   requested Action response will consist of the Context ID and a single
   error descriptor, 422 - Syntax Error in Action.

   If the receiver encounters an error such that it cannot determine a
   legal Action, it will return a TransactionReply consisting of the
   TransactionID and a single error descriptor, 422 - Syntax Error in
   Action.  If the end of an action cannot be reliably determined but
   one or more commands can be parsed, it will process them and then
   send 422 - Syntax Error in Action as the last action for the
   transaction.  If the receiver encounters an error such that is cannot
   determine a legal Transaction, it will return a TransactionReply with
   a null TransactionID and a single error descriptor (403 - Syntax
   Error in TransactionRequest).

   If the end of a transaction cannot be reliably determined and one or
   more Actions can be parsed, it will process them and then return 403
   - Syntax Error in Transaction as the last action reply for the
   transaction.  If no Actions can be parsed, it will return 403 -
   Syntax Error in TransactionRequest as the only reply.

   If the terminationID cannot be reliably determined, it will send 442
   - Syntax Error in Command as the action reply.

   If the end of a command cannot be reliably determined, it will return
   442 - Syntax Error in Command as the reply to the last action it can
   parse.

8.2.3 TransactionPending

   The receiver invokes the TransactionPending.  A TransactionPending
   indicates that the Transaction is actively being processed, but has
   not been completed.  It is used to prevent the sender from assuming
   the TransactionRequest was lost where the Transaction will take some
   time to complete.

     TransactionPending(TransactionID { } )

   The TransactionID parameter must be the same as that of the
   corresponding TransactionRequest.  A property of root
   (normalMGExecutionTime) is settable by the MGC to indicate the
   interval within which the MGC expects a response to any transaction
   from the MG.  Another property (normalMGCExecutionTime) is settable
   by the MGC to indicate the interval within which the MG should expect
   a response to any transaction from the MGC.  Senders may receive more
   than one TransactionPending for a command.  If a duplicate request is

Top      Up      ToC       Page 72 
   received when pending, the responder may send a duplicate pending
   immediately, or continue waiting for its timer to trigger another
   TransactionPending.

8.3   Messages

   Multiple Transactions can be concatenated into a Message.  Messages
   have a header, which includes the identity of the sender.  The
   Message Identifier (MID) of a message is set to a provisioned name
   (e.g., domain address/domain name/device name) of the entity
   transmitting the message.  Domain name is a suggested default.  An
   H.248.1 entity (MG/MGC) must consistently use the same MID in all
   messages it originates for the duration of control association with
   the peer (MGC/MG).

   Every Message contains a Version Number identifying the version of
   the protocol the message conforms to.  Versions consist of one or two
   digits, beginning with version 1 for the present version of the
   protocol.

   The transactions in a message are treated independently.  There is no
   order implied; there is no application or protocol acknowledgement of
   a message.  A message is essentially a transport mechanism.  For
   example, message X containing transaction requests A, B, and C may be
   responded to with message Y containing replies to A and C and message
   Z containing the reply to B.  Likewise, message L containing request
   D and message M containing request E may be responded to with message
   N containing replies to both D and E.

9  Transport

   The transport mechanism for the protocol should allow the reliable
   transport of transactions between a MGC and MG.  The transport shall
   remain independent of what particular commands are being sent and
   shall be applicable to all application states.  There are several
   transports defined for the protocol, which are defined in Annexes to
   this RFC and other Recommendations of the H.248
   sub-series.  Additional Transports may be defined as additional

   Recommendations of the H.248 sub-series.  For transport of the
   protocol over IP, MGCs shall implement both TCP and UDP/ALF, a MG
   shall implement TCP or UDP/ALF or both.

   The MG is provisioned with a name or address (such as DNS name or IP
   address) of a primary and zero or more secondary MGCs (see 7.2.8)
   that is the address the MG uses to send messages to the MGC.  If TCP
   or UDP is used as the protocol transport and the port to which the
   initial ServiceChange request is to be sent is not otherwise known,

Top      Up      ToC       Page 73 
   that request should be sent to the default port number for the
   protocol.  This port number is 2944 for text-encoded operation or
   2945 for binary-encoded operation, for either UDP or TCP.  The MGC
   receives the message containing the ServiceChange request from the MG
   and can determine the MG's address from it.  As described in 7.2.8,
   either the MG or the MGC may supply an address in the
   ServiceChangeAddress parameter to which subsequent transaction
   requests must be addressed, but responses (including the response to
   the initial ServiceChange request) must always be sent back to the
   address which was the source of the corresponding request.  For
   example, in IP networks, this is the source address in the IP header
   and the source port number in the TCP/UDP/SCTP header.

9.1   Ordering of Commands

   This RFC does not mandate that the underlying transport protocol
   guarantees the sequencing of transactions sent to an entity.  This
   property tends to maximize the timeliness of actions, but it has a
   few drawbacks.  For example:

   -  Notify commands may be delayed and arrive at the MGC after the
      transmission of a new command changing the EventsDescriptor.

   -  If a new command is transmitted before a previous one is
      acknowledged, there is no guarantee that prior command will be
      executed before the new one.

   Media Gateway Controllers that want to guarantee consistent operation
   of the Media Gateway may use the following rules.  These rules are
   with respect to commands that are in different transactions.
   Commands that are in the same transaction are executed in order (see
   clause 8).

   1) When a Media Gateway handles several Terminations, commands
      pertaining to the different Terminations may be sent in parallel,
      for example following a model where each Termination (or group of
      Terminations) is controlled by its own process or its own thread.

   2) On a Termination, there should normally be at most one outstanding
      command (Add or Modify or Move), unless the outstanding commands
      are in the same transaction.  However, a Subtract command may be
      issued at any time.  In consequence, a Media Gateway may sometimes
      receive a Modify command that applies to a previously subtracted
      Termination.  Such commands should be ignored, and an error code
      should be returned.

Top      Up      ToC       Page 74 
   3) For transports that do not guarantee in-sequence delivery of
      messages (i.e., UDP), there should normally be on a given
      Termination at most one outstanding Notify command at any time.

   4) In some cases, an implicitly or explicitly wildcarded Subtract
      command that applies to a group of Terminations may step in front
      of a pending Add command.  The Media Gateway Controller should
      individually delete all Terminations for which an Add command was
      pending at the time of the global Subtract command.  Also, new Add
      commands for Terminations named by the wildcarding (or implied in
      a Multiplex descriptor) should not be sent until the wildcarded
      Subtract command is acknowledged.

   5) AuditValue and AuditCapability are not subject to any sequencing.

   6) ServiceChange shall always be the first command sent by a MG as
      defined by the restart procedure.  Any other command or response
      must be delivered after this ServiceChange command.

   These rules do not affect the command responder, which should always
   respond to commands.

9.2   Protection against Restart Avalanche

   In the event that a large number of Media Gateways are powered on
   simultaneously and they were to all initiate a ServiceChange
   transaction, the Media Gateway Controller would very likely be
   swamped, leading to message losses and network congestion during the
   critical period of service restoration.  In order to prevent such
   avalanches, the following behaviour is suggested:

   1) When a Media Gateway is powered on, it should initiate a restart
      timer to a random value, uniformly distributed between 0 and a
      maximum waiting delay (MWD).  Care should be taken to avoid
      synchronicity of the random number generation between multiple
      Media Gateways that would use the same algorithm.

   2) The Media Gateway should then wait for either the end of this
      timer or the detection of a local user activity, such as for
      example an off-hook transition on a residential Media Gateway.

   3) When the timer elapses, or when an activity is detected, the Media
      Gateway should initiate the restart procedure.

   The restart procedure simply requires the MG to guarantee that the
   first message that the Media Gateway Controller sees from this MG is
   a ServiceChange message informing the Media Gateway Controller about
   the restart.

Top      Up      ToC       Page 75 
     NOTE - The value of MWD is a configuration parameter that depends
     on the type of the Media Gateway.  The following reasoning may be
     used to determine the value of this delay on residential gateways.

   Media Gateway Controllers are typically dimensioned to handle the
   peak hour traffic load, during which, in average, 10% of the lines
   will be busy, placing calls whose average duration is typically 3
   minutes.  The processing of a call typically involves 5 to 6 Media
   Gateway Controller transactions between each Media Gateway and the
   Media Gateway Controller.  This simple calculation shows that the
   Media Gateway Controller is expected to handle 5 to 6 transactions
   for each Termination, every 30 minutes on average, or, to put it
   otherwise, about one transaction per Termination every 5 to 6 minutes
   on average.  This suggests that a reasonable value of MWD for a
   residential gateway would be 10 to 12 minutes.  In the absence of
   explicit configuration, residential gateways should adopt a value of
   600 seconds for MWD.

   The same reasoning suggests that the value of MWD should be much
   shorter for trunking gateways or for business gateways, because they
   handle a large number of Terminations, and also because the usage
   rate of these Terminations is much higher than 10% during the peak
   busy hour, a typical value being 60%.  These Terminations, during the
   peak hour, are this expected to contribute about one transaction per
   minute to the Media Gateway Controller load.  A reasonable algorithm
   is to make the value of MWD per "trunk" Termination six times shorter
   than the MWD per residential gateway, and also inversely proportional
   to the number of Terminations that are being restarted.  For example
   MWD should be set to 2.5 seconds for a gateway that handles a T1
   line, or to 60 milliseconds for a gateway that handles a T3 line.

10 Security Considerations

   This clause covers security when using the protocol in an IP
   environment.

10.1  Protection of Protocol Connections

   A security mechanism is clearly needed to prevent unauthorized
   entities from using the protocol defined in this RFC for setting up
   unauthorized calls or interfering with authorized calls.  The
   security mechanism for the protocol when transported over IP networks
   is IPsec [RFC 2401 to RFC 2411].

   The AH header [RFC 2402] affords data origin authentication,
   connectionless integrity and optional anti-replay protection of
   messages passed between the MG and the MGC.  The ESP header [RFC
   2406] provides confidentiality of messages, if desired.  For

Top      Up      ToC       Page 76 
   instance, the ESP encryption service should be requested if the
   session descriptions are used to carry session keys, as defined in
   SDP.

   Implementations of the protocol defined in this RFC employing the ESP
   header SHALL comply with section 5 of [RFC 2406], which defines a
   minimum set of algorithms for integrity checking and encryption.
   Similarly, implementations employing the AH header SHALL comply with
   section 5 of [RFC 2402], which defines a minimum set of algorithms
   for integrity checking using manual keys.

   Implementations SHOULD use IKE [RFC 2409] to permit more robust
   keying options.  Implementations employing IKE SHOULD support
   authentication with RSA signatures and RSA public key encryption.

10.2  Interim AH scheme

   Implementation of IPsec requires that the AH or ESP header be
   inserted immediately after the IP header.  This cannot be easily done
   at the application level.  Therefore, this presents a deployment
   problem for the protocol defined in this RFC where the underlying
   network implementation does not support IPsec.

   As an interim solution, an optional AH header is defined within the
   H.248.1 protocol header.  The header fields are exactly those of the
   SPI, SEQUENCE NUMBER and DATA fields as defined in [RFC 2402].  The
   semantics of the header fields are the same as the "transport mode"
   of [RFC 2402], except for the calculation of the Integrity Check
   Value (ICV).  In IPsec, the ICV is calculated over the entire IP
   packet including the IP header.  This prevents spoofing of the IP
   addresses.  To retain the same functionality, the ICV calculation
   should be performed across all the transactions (concatenated) in the
   message prepended by a synthesized IP header consisting of a 32-bit
   source IP address, a 32-bit destination address and a 16-bit UDP
   destination port encoded as 20 hex digits.  When the interim AH
   mechanism is employed when TCP is the transport Layer, the UDP Port
   above becomes the TCP port, and all other operations are the same.

   Implementations of the H.248.1 protocol SHALL implement IPsec where
   the underlying operating system and the transport network supports
   IPsec.  Implementations of the protocol using IPv4 SHALL implement
   the interim AH scheme.  However, this interim scheme SHALL NOT be
   used when the underlying network layer supports IPsec.  IPv6
   implementations are assumed to support IPsec and SHALL NOT use the
   interim AH scheme.

Top      Up      ToC       Page 77 
   All implementations of the interim AH mechanism SHALL comply with
   section 5 of RFC 2402 which defines a minimum set of algorithms for
   integrity checking using manual keys.

   The interim AH interim scheme does not provide protection against
   eavesdropping, thus forbidding third parties from monitoring the
   connections set up by a given Termination.  Also, it does not provide
   protection against replay attacks.  These procedures do not
   necessarily protect against denial of service attacks by misbehaving
   MGs or misbehaving MGCs.  However, they will provide an
   identification of these misbehaving entities, which should then be
   deprived of their authorization through maintenance procedures.

10.3  Protection of Media Connections

   The protocol allows the MGC to provide MGs with "session keys" that
   can be used to encrypt the audio messages, protecting against
   eavesdropping.

   A specific problem of packet networks is "uncontrolled barge-in".
   This attack can be performed by directing media packets to the IP
   address and UDP port used by a connection.  If no protection is
   implemented, the packets must be decompressed and the signals must be
   played on the "line side".

   A basic protection against this attack is to only accept packets from
   known sources, checking for example that the IP source address and
   UDP source port match the values announced in the Remote descriptor.
   This has two inconveniences: it slows down connection establishment
   and it can be fooled by source spoofing:

   -  To enable the address-based protection, the MGC must obtain the
      remote session description of the egress MG and pass it to the
      ingress MG.  This requires at least one network round trip, and
      leaves us with a dilemma: either allow the call to proceed without
      waiting for the round trip to complete, and risk for example,
      "clipping" a remote announcement, or wait for the full round trip
      and settle for slower call-set up procedures.

   -  Source spoofing is only effective if the attacker can obtain valid
      pairs of source destination addresses and ports, for example by
      listening to a fraction of the traffic.  To fight source spoofing,
      one could try to control all access points to the network.  But
      this is in practice very hard to achieve.

Top      Up      ToC       Page 78 
   An alternative to checking the source address is to encrypt and
   authenticate the packets, using a secret key that is conveyed during
   the call set-up procedure.  This will not slow down the call set-up,
   and provides strong protection against address spoofing.

11 MG-MGC Control Interface

   The control association between MG and MGC is initiated at MG cold
   start, and announced by a ServiceChange message, but can be changed
   by subsequent events, such as failures or manual service events.
   While the protocol does not have an explicit mechanism to support
   multiple MGCs controlling a physical MG, it has been designed to
   support the multiple logical MG (within a single physical MG) that
   can be associated with different MGCs.

11.1  Multiple Virtual MGs

   A physical Media Gateway may be partitioned into one or more Virtual
   MGs.  A virtual MG consists of a set of statically partitioned
   physical Terminations and/or sets of ephemeral Terminations.  A
   physical Termination is controlled by one MGC.  The model does not
   require that other resources be statically allocated, just
   Terminations.  The mechanism for allocating Terminations to virtual
   MGs is a management method outside the scope of the protocol.  Each
   of the virtual MGs appears to the MGC as a complete MG client.

   A physical MG may have only one network interface, which must be
   shared across virtual MGs.  In such a case, the packet/cell side
   Termination is shared.  It should be noted however, that in use, such
   interfaces require an ephemeral instance of the Termination to be
   created per flow, and thus sharing the Termination is
   straightforward.  This mechanism does lead to a complication, namely
   that the MG must always know which of its controlling MGCs should be
   notified if an event occurs on the interface.

   In normal operation, the Virtual MG will be instructed by the MGC to
   create network flows (if it is the originating side), or to expect
   flow requests (if it is the terminating side), and no confusion will
   arise.  However, if an unexpected event occurs, the Virtual MG must
   know what to do with respect to the physical resources it is
   controlling.

   If recovering from the event requires manipulation of a physical
   interface's state, only one MGC should do so.  These issues are
   resolved by allowing any of the MGCs to create EventsDescriptors to
   be notified of such events, but only one MGC can have read/write

Top      Up      ToC       Page 79 
   access to the physical interface properties; all other MGCs have
   read-only access.  The management mechanism is used to designate
   which MGC has read/write capability, and is designated the Master
   MGC.

   Each virtual MG has its own Root Termination.  In most cases the
   values for the properties of the Root Termination are independently
   settable by each MGC.  Where there can only be one value, the
   parameter is read-only to all but the Master MGC.

   ServiceChange may only be applied to a Termination or set of
   Terminations partitioned to the Virtual MG or created (in the case of
   ephemeral Terminations) by that Virtual MG.

11.2  Cold start

   A MG is pre-provisioned by a management mechanism outside the scope
   of this protocol with a primary and (optionally) an ordered list of
   secondary MGCs.  Upon a cold start of the MG, it will issue a
   ServiceChange command with a "Restart" method, on the Root
   Termination to its primary MGC.  If the MGC accepts the MG, it sends
   a Transaction Reply not including a ServiceChangeMgcId parameter.  If
   the MGC does not accept the MG's registration, it sends a Transaction
   Reply, providing the address of an alternate MGC to be contacted by
   including a ServiceChangeMgcId parameter.

   If the MG receives a Transaction Reply that includes a
   ServiceChangeMgcId parameter, it sends a ServiceChange to the MGC
   specified in the ServiceChangeMgcId.  It continues this process until
   it gets a controlling MGC to accept its registration, or it fails to
   get a reply.  Upon failure to obtain a reply, either from the primary
   MGC, or a designated successor, the MG tries its pre-provisioned
   secondary MGCs, in order.  If the MG is unable to establish a control
   relationship with any MGC, it shall wait a random amount of time as
   described in 9.2 and then start contacting its primary, and if
   necessary, its secondary MGCs again.

   It is possible that the reply to a ServiceChange with Restart will be
   lost, and a command will be received by the MG prior to the receipt
   of the ServiceChange response.  The MG shall issue Error 505 -
   Command Received before a ServiceChange Reply has been received.

11.3  Negotiation of protocol version

   The first ServiceChange command from a MG shall contain the version
   number of the protocol supported by the MG in the
   ServiceChangeVersion parameter.  Upon receiving such a message, if
   the MGC supports only a lower version, then the MGC shall send a

Top      Up      ToC       Page 80 
   ServiceChangeReply with the lower version and thereafter all the
   messages between MG and MGC shall conform to the lower version of the
   protocol.  If the MG is unable to comply and it has established a
   transport connection to the MGC, it should close that connection.  In
   any event, it should reject all subsequent requests from the MGC with
   error 406 - Version Not Supported.

   If the MGC supports a higher version than the MG but is able to
   support the lower version proposed by the MG, it shall send a
   ServiceChangeReply with the lower version and thereafter all the
   messages between MG and MGC shall conform to the lower version of the
   protocol.  If the MGC is unable to comply, it shall reject the
   association, with error 406 - Version Not Supported.

   Protocol version negotiation may also occur at "handoff" and
   "failover" ServiceChanges.

   When extending the protocol with new versions, the following rules
   should be followed:

   1) Existing protocol elements, i.e., procedures, parameters,
      descriptor, property, values, should not be changed unless a
      protocol error needs to be corrected or it becomes necessary to
      change the operation of the service that is being supported by the
      protocol.

   2) The semantics of a command, a parameter, a descriptor, a property,
      or a value should not be changed.

   3) Established rules for formatting and encoding messages and
      parameters should not be modified.

   4) When information elements are found to be obsolete they can be
      marked as not used.  However, the identifier for that information
      element will be marked as reserved.  In that way it can not be
      used in future versions.

11.4  Failure of a MG

   If a MG fails, but is capable of sending a message to the MGC, it
   sends a ServiceChange with an appropriate method (graceful or forced)
   and specifies the Root TerminationID.  When it returns to service, it
   sends a ServiceChange with a "Restart" method.

   Allowing the MGC to send duplicate messages to both MGs accommodates
   pairs of MGs that are capable of redundant failover of one of the
   MGs.  Only the Working MG shall accept or reject transactions.  Upon
   failover, the primary MG sends a ServiceChange command with a

Top      Up      ToC       Page 81 
   "Failover" method and a "MG Impending Failure" reason.  The MGC then
   uses the secondary MG as the active MG.  When the error condition is
   repaired, the Working MG can send a "ServiceChange" with a "Restart"
   method.

     Note: Redundant failover MGs require a reliable transport, because
     the protocol provides no means for a secondary MG running ALF to
     acknowledge messages sent from the MGC.

11.5  Failure of an MGC

   If the MG detects a failure of its controlling MGC, it attempts to
   contact the next MGC on its pre-provisioned list.  It starts its
   attempts at the beginning (primary MGC), unless that was the MGC that
   failed, in which case it starts at its first secondary MGC.  It sends
   a ServiceChange message with a "Failover" method and a "MGC Impending
   Failure" reason.  If the MG is unable to establish a control
   relationship with any MGC, it shall wait a random amount of time as
   described in section 9.2 and then start again contacting its primary,
   and (if necessary) its secondary MGCs.  When contacting its
   previously controlling MGC, the MG sends the ServiceChange message
   with "Disconnected" method.

   In partial failure, or for manual maintenance reasons, an MGC may
   wish to direct its controlled MGs to use a different MGC.  To do so,
   it sends a ServiceChange method to the MG with a "HandOff" method,
   and its designated replacement in ServiceChangeMgcId.  If "HandOff"
   is supported, the MG shall send a ServiceChange message with a
   "Handoff" method and a "MGC directed change" reason to the designated
   MGC.  If it fails to get a reply from the designated MGC, the MG
   shall behave as if its MGC failed, and start contacting secondary
   MGCs as specified in the previous paragraph.  If the MG is unable to
   establish a control relationship with any MGC, it shall wait a random
   amount of time as described in 9.2 and then start contacting its
   primary, and if necessary, its secondary MGCs again.

   No recommendation is made on how the MGCs involved in the Handoff
   maintain state information; this is considered to be out of scope of
   this RFC.  The MGC and MG may take the following steps when Handoff
   occurs.  When the MGC initiates a HandOff, the handover should be
   transparent to Operations on the Media Gateway.  Transactions can be
   executed in any order, and could be in progress when the
   ServiceChange is executed.  Accordingly, commands in progress
   continue and replies to all commands from the original MGC must be
   sent to the transport address from which they were sent.  If the
   service relationship with the sending MGC has ended, the replies
   should be discarded.  The MG may receive outstanding transaction
   replies from the new MGC.  No new messages shall be sent to the new

Top      Up      ToC       Page 82 
   MGC until the control association is established.  Repeated
   transaction requests shall be directed to the new MGC.  The MG shall
   maintain state on all Terminations and Contexts.

   It is possible that the MGC could be implemented in such a way that a
   failed MGC is replaced by a working MGC where the identity of the new
   MGC is the same as the failed one.  In such a case,
   ServiceChangeMgcId would be specified with the previous value and the
   MG shall behave as if the value was changed, and send a ServiceChange
   message, as above.

   Pairs of MGCs that are capable of redundant failover can notify the
   controlled MGs of the failover by the above mechanism.

12 Package definition

   The primary mechanism for extension is by means of Packages.
   Packages define additional Properties, Events, Signals and Statistics
   that may occur on Terminations.

   Packages defined by IETF will appear in separate RFCs.

   Packages defined by ITU-T may appear in the relevant Recommendations
   (e.g., as Recommendations of the H.248 sub-series).

   1) A public document or a standard forum document, which can be
      referenced as the document that describes the package following
      the guideline above, should be specified.

   2) The document shall specify the version of the Package that it
      describes.

   3) The document should be available on a public web server and should
      have a stable URL.  The site should provide a mechanism to provide
      comments and appropriate responses should be returned.

12.1  Guidelines for defining packages

   Packages define Properties, Events, Signals, and Statistics.

   Packages may also define new error codes according to the guidelines
   given in 13.2.  This is a matter of documentary convenience: the
   package documentation is submitted to IANA in support of the error
   code registration.  If a package is modified, it is unnecessary to
   provide IANA with a new document reference in support of the error
   code unless the description of the error code itself is modified.

Top      Up      ToC       Page 83 
   Names of all such defined constructs shall consist of the PackageID
   (which uniquely identifies the package) and the ID of the item (which
   uniquely identifies the item in that package).  In the text encoding
   the two shall be separated by a forward slash ("/") character.
   Example: togen/playtone is the text encoding to refer to the play
   tone signal in the tone generation package.

   A Package will contain the following sections:

12.1.1   Package

   Overall description of the package, specifying:

      Package Name: only descriptive

      PackageID: is an identifier

      Description:

      Version:

         A new version of a package can only add additional Properties,
         Events, Signals, Statistics and new possible values for an
         existing parameter described in the original package.  No
         deletions or modifications shall be allowed.  A version is an
         integer in the range from 1 to 99.

      Designed to be extended only (Optional):

         This indicates that the package has been expressly designed to
         be extended by others, not to be directly referenced.  For
         example, the package may not have any function on its own or be
         nonsensical on its own.  The MG SHOULD NOT publish this
         PackageID when reporting packages.

      Extends (Optional): existing package Descriptor

         A package may extend an existing package.  The version of the
         original package must be specified.  When a package extends
         another package it shall only add additional Properties,
         Events, Signals, Statistics and new possible values for an
         existing parameter described in the original package.  An
         extended package shall not redefine or overload an identifier
         defined in the original package and packages it may have
         extended (multiple levels of extension).  Hence, if package B
         version 1 extends package A version 1, version 2 of B will not
         be able to extend the A version 2 if A version 2 defines a name
         already in B version 1.

Top      Up      ToC       Page 84 
12.1.2   Properties

   Properties defined by the package, specifying:

      Property Name: only descriptive

      PropertyID: is an identifier

      Description:

      Type: One of:

         Boolean

         String: UTF-8 string

         Octet String: A number of octets.  See Annex A and Annex B.3
         for encoding

         Integer: 4 byte signed integer

         Double: 8 byte signed integer

         Character: unicode UTF-8 encoding of a single letter.  Could be
         more than one octet.

         Enumeration: one of a list of possible unique values (see 12.3)

         Sub-list: a list of several values from a list.  The type of
         sub-list SHALL also be specified.  The type shall be chosen
         from the types specified in this section (with the exception of
         sub-list).  For example, Type: sub-list of enumeration.  The
         encoding of sub-lists is specified in Annexes A and B.3.

      Possible values:

         A package MUST specify either a specific set of values or a
         description of how values are determined.  A package MUST also
         specify a default value or the default behaviour when the value
         is omitted from its descriptor.  For example, a package may
         specify that procedures related to the property are suspended
         when its value is omitted.  A default value (but not
   procedures)
         may be specified as provisionable.

      Defined in:

         Which H.248.1 descriptor the property is defined in.

Top      Up      ToC       Page 85 
         LocalControl is for stream dependent properties.
         TerminationState is for stream independent properties.  These
         are expected to be the most common cases, but it is possible
         for properties to be defined in other descriptors.

      Characteristics: Read/Write or both, and (optionally), global:

         Indicates whether a property is read-only, or read-write, and
         if it is global.  If Global is omitted, the property is not
         global.  If a property is declared as global, the value of the
         property is shared by all Terminations realizing the package.

12.1.3   Events

   Events defined by the package, specifying:

      Event name: only descriptive

      EventID: is an identifier

      Description:

      EventsDescriptor Parameters:

         Parameters used by the MGC to configure the event, and found in
         the EventsDescriptor.  See 12.2.

      ObservedEventsDescriptor Parameters:

         Parameters returned to the MGC in Notify requests and in
         replies to command requests from the MGC that audit
         ObservedEventsDescriptor, and found in the
         ObservedEventsDescriptor.  See 12.2.

12.1.4   Signals

   Signals defined by the package, specifying:

      Signal Name: only descriptive

      SignalID: is an identifier.  SignalID is used in a
      SignalsDescriptor

      Description

      SignalType: one of:

         OO (On/Off)

Top      Up      ToC       Page 86 
         TO (TimeOut)

         BR (Brief)

      NOTE - SignalType may be defined such that it is dependent on the
      value of one or more parameters.  The package MUST specify a
      default signal type.  If the default type is TO, the package MUST
      specify a default duration which may be provisioned.  A default
      duration is meaningless for BR.

      Duration: in hundredths of seconds

      Additional Parameters: see 12.2

12.1.5   Statistics

   Statistics defined by the package, specifying:

      Statistic name: only descriptive

      StatisticID: is an identifier

      StatisticID is used in a StatisticsDescriptor

      Description:

      Units: unit of measure, e.g., milliseconds, packets

12.1.6   Procedures

   Additional guidance on the use of the package.

12.2  Guidelines to defining Parameters to Events and Signals

   Parameter Name: only descriptive

   ParameterID: is an identifier.  The textual ParameterID of parameters
   to Events and Signals shall not start with "EPA" and "SPA",
   respectively.  The textual ParameterID shall also not be "ST",
   "Stream", "SY", "SignalType", "DR", "Duration", "NC",
   "NotifyCompletion", "KA", "Keepactive", "EB", "Embed", "DM" or
   "DigitMap".

   Type: One of:

      Boolean

      String: UTF-8 octet string

Top      Up      ToC       Page 87 
      Octet String: A number of octets.  See Annex A and Annex B.3 for
      encoding

      Integer: 4-octet signed integer

      Double: 8-octet signed integer

      Character: unicode UTF-8 encoding of a single letter.  Could be
      more than one octet.

      Enumeration: one of a list of possible unique values (see 12.3)

      Sub-list: a list of several values from a list (not supported for
      statistics).  The type of sub-list SHALL also be specified.  The
      type shall be chosen from the types specified in this section
      (with the exception of sub-list).  For example, Type: sub-list of
      enumeration.  The encoding of sub-lists is specified in Annexes A
      and B.3.

   Possible values:

      A package MUST specify either a specific set of values or a
      description of how values are determined.  A package MUST also
      specify a default value or the default behavior when the value is
      omitted from its descriptor.  For example, a package may specify
      that procedures related to the parameter are suspended when it
      value is omitted.  A default value (but not procedures) may be
      specified as provisionable.

   Description:

12.3  Lists

   Possible values for parameters include enumerations.  Enumerations
   may be defined in a list.  It is recommended that the list be IANA
   registered so that packages that extend the list can be defined
   without concern for conflicting names.

12.4  Identifiers

   Identifiers in text encoding shall be strings of up to 64 characters,
   containing no spaces, starting with an alphabetic character and
   consisting of alphanumeric characters and/or digits, and possibly
   including the special character underscore ("_").

Top      Up      ToC       Page 88 
   Identifiers in binary encoding are 2 octets long.

   Both text and binary values shall be specified for each identifier,
   including identifiers used as values in enumerated types.

12.5  Package registration

   A package can be registered with IANA for interoperability reasons.
   See clause 13 for IANA Considerations.

13 IANA Considerations

13.1  Packages

   The following considerations SHALL be met to register a package with
   IANA:

   1) A unique string name, unique serial number and version number is
      registered for each package.  The string name is used with text
      encoding.  The serial number shall be used with binary encoding.
      Serial Numbers 0x8000 to 0xFFFF are reserved for private use.
      Serial number 0 is reserved.

   2) A contact name, email and postal addresses for that contact shall
      be specified.  The contact information shall be updated by the
      defining organization as necessary.

   3) A reference to a document that describes the package, which should
      be public:

      The document shall specify the version of the Package that it
      describes.

      If the document is public, it should be located on a public web
      server and should have a stable URL.  The site should provide a
      mechanism to provide comments and appropriate responses should be
      returned.

   4) Packages registered by other than recognized standards bodies
      shall have a minimum package name length of 8 characters.

   5) All other package names are first come-first served if all other
      conditions are met.

Top      Up      ToC       Page 89 
13.2  Error codes

   The following considerations SHALL be met to register an error code
   with IANA:

   1) An error number and a one-line (80-character maximum) string is
      registered for each error.

   2) A complete description of the conditions under which the error is
      detected shall be included in a publicly available document.  The
      description shall be sufficiently clear to differentiate the error
      from all other existing error codes.

   3) The document should be available on a public web server and should
      have a stable URL.

   4) Error numbers registered by recognized standards bodies shall have
      3- or 4-character error numbers.

   5) Error numbers registered by all other organizations or individuals
      shall have 4-character error numbers.

   6) An error number shall not be redefined nor modified except by the
      organization or individual that originally defined it, or their
      successors or assigns.

13.3  ServiceChange reasons

   The following considerations SHALL be met to register service change
   reason with IANA:

   1) A one-phrase, 80-character maximum, unique reason code is
      registered for each reason.

   2) A complete description of the conditions under which the reason is
      used is detected shall be included in a publicly available
      document.  The description shall be sufficiently clear to
      differentiate the reason from all other existing reasons.

   3) The document should be available on a public web server and should
      have a stable URL.


Next RFC Part