Diameter is an authentication, authorization, and accounting protocol for computer networks. It evolved from the earlier RADIUS protocol. It belongs to the application layer protocols in the internet protocol suite. Diameter Applications extend the base protocol by adding new commands The Diameter base protocol is defined by RFC (Obsoletes: RFC ). Canonical URL: ; File formats: Plain Text PDF; Status: PROPOSED STANDARD; Obsoleted by: RFC ; Updated by. Diameter is specified primarily as a base protocol by the IETF in RFC and then DIAMETER base protocol must be used in conjunction with DIAMETER.
|Published (Last):||4 May 2008|
|PDF File Size:||14.63 Mb|
|ePub File Size:||4.44 Mb|
|Price:||Free* [*Free Regsitration Required]|
Some common Diameter commands defined in the protocol base and applications are:. Diameter application documents provide guidelines as to when a session begins and ends. This is typically accomplished by tracking the state of NAS devices. It is set rfcc resending requests not yet acknowledged, as an indication of a possible duplicate due to a link failure. Static or Dynamic Specifies whether a route entry was statically configured, or dynamically discovered.
Stateful Agent A stateful agent is one that maintains session state information, by keeping track of all authorized active sessions. A session is a logical concept at the application layer, and is shared between an access device and a server, and is identified via the Session-Id AVP.
Each authorized session is bound to a particular service, and its state is considered active either until it is notified otherwise, or by expiration.
Here there are two: Guttman Sun Microsystems, Inc. In addition, they MUST fully support each Diameter application that is needed to implement the intended service, e. Two Diameter applications are defined by companion documents: Sessions This section pritocol to provide the reader with an understanding of the difference between connection and session, which are terms used extensively throughout this document.
Received answers that do not match a known Hop-by-Hop Identifier are ignored by the Diameter agent. A metalanguage with its own formal syntax and rules.
Every Diameter message MUST contain a command code in its header’s Command-Code field, which is used to determine the action that is to be taken for a particular message. Packets may be marked or metered based on the following information that is associated with it: If an appropriate derived data type is already defined, it SHOULD be used instead of a base data type to encourage reusability and good design practice.
Diameter Server A Diameter server is a Diameter node that handles authentication, authorization, and accounting requests for a particular realm.
It represents the consensus of the IETF community. While attribute hiding is supported, [ RFC ] does not provide support for per- packet confidentiality.
The rule syntax is a modified subset of ipfw 8 from FreeBSD, hase the ipfw. The Transport Profile document [ RFC ] discusses transport layer issues that arise with AAA protocols and recommendations on how to overcome these issues.
End-to-end security is security between two Diameter nodes, possibly communicating through Diameter Agents. User The entity requesting or using some resource, in support of which a Diameter client has generated a request. Diameter Node A Diameter node is a host process that implements the Diameter protocol and acts as either a client, an agent, or a server.
Interim Accounting An interim accounting message provides a snapshot of usage during a user’s session.
Accounting Session State Machine After that the transport connection can be disconnected. Any node can initiate a request.
RFC – part 1 of 5
The Hop-by-Hop Identifier is an unsigned bit integer field in network byte order that is used to match the requests with their answers as the same value in the request is used in the response. The bit value is transmitted in network byte order. The base protocol also defines certain rules that apply to all exchanges of messages between Diameter nodes.
Diameter includes support for error handling Section 7capability negotiation Section 5. A stateless agent is one that only maintains transaction state.
Relay Agent or Relay Relays forward requests and responses based on diajeter AVPs and realm routing table entries. Through DNS, Diameter enables dynamic discovery of peers. The base protocol does not require an Application Identifier since its support is mandatory.
For AVPs of type Enumerated, protocoll application may require a new value to communicate some service-specific information. If the application has a relationship with other Diameter applications, such a relationship is not known to Diameter. Before describing the rules for creating new Diameter applications, it is important protoco, discuss the semantics of the AVP occurrences as stated in the CCF and the M-bit flag Section 4.
Both the request and the answer for a given command share the same command code. In addition, they MUST fully support each Diameter application that is needed to implement proxied services, e.