Diameter is an authentication, authorization, and accounting protocol for computer networks. It evolved from the earlier RADIUS protocol. It belongs to the application layer protocols in the internet protocol suite. Diameter Applications extend the base protocol by adding new commands The Diameter base protocol is defined by RFC (Obsoletes: RFC ). Canonical URL: ; File formats: Plain Text PDF; Status: PROPOSED STANDARD; Obsoleted by: RFC ; Updated by. Diameter is specified primarily as a base protocol by the IETF in RFC and then DIAMETER base protocol must be used in conjunction with DIAMETER.
|Published (Last):||25 September 2015|
|PDF File Size:||17.39 Mb|
|ePub File Size:||7.44 Mb|
|Price:||Free* [*Free Regsitration Required]|
A Diameter node MAY act as an agent for certain requests while acting as a server for others.
If cleared, the message is an answer. Diameter Server A Diameter server is a Diameter node that handles authentication, authorization, and accounting requests for a particular realm.
Match if the TCP header contains the comma separated list of flags specified in spec. Please refer to the current edition of the “Internet Official Protocol Standards” STD 1 for the standardization state and status of proocol protocol.
The supported TCP flags are: Which AVPs are sensitive is determined by service provider policy. This behavior is handled via the Tc timer, whose recommended value is 30 seconds. As such, there is no versioning support provided by these Application Ids themselves; every Diameter application is a standalone application. However, just because a new authentication application id is required, does not imply that a new accounting diamefer id is required.
RFC – part 1 of 5
Realm The string in the NAI that immediately follows the ‘ ‘ character. Furthermore, all Diameter messages contain an Application Identifier, which is used in the message forwarding process.
A broker is either a relay, proxy or redirect agent, and MAY be operated by roaming consortiums. Diameter Header A summary of the Diameter header format is shown below. Diameter Node A Diameter node is a host process that implements the Diameter protocol and acts as either a client, an agent, or a server.
Therefore, each connection is authenticated, replay and integrity protected and confidential on a per-packet basis. A Realm Routing Table Entry contains the following fields: Role of Diameter Agents In addition to client and servers, the Diameter protocol introduces relay, proxy, redirect, and translation agents, each of which is defined in Section 1.
Typically, diamter is accomplished by tracking the state diamrter NAS devices. Packets may be marked or metered based on the following information that is associated with it: Each of these AVPs follows – in the order in which they are specified – including their headers and padding.
AVPs are used by the base Diameter protocol to support the following required features: Upon reboot implementations MAY set the high order 12 bits to contain the low order 12 bits of current time, and the low order 20 bits to a random value. Transaction state implies that proticol forwarding a request, the Hop-by-Hop Identifier is saved; the field is replaced with a locally unique identifier, which diametef restored to its original value when the corresponding answer is received.
The Message Length field indicates the length of the Diameter message in bytes, including the header fields and the padded AVPs.
An example is a redirect agent that provides services basf all members of a consortium, but does not wish to be burdened with relaying all messages between realms.
A efc that contains a tcpflags specification can never match a fragmented packet that has a non-zero offset. There are many other miscellaneous fixes that have been introduced in this document that may not be considered significant, but they have value nonetheless. A home realm may also wish to check that each accounting request message corresponds to a Diameter response authorizing the session. The originator of an Answer message MUST ensure that the End-to-End Identifier field contains the same value that was found in the corresponding request.
This scenario is advantageous since it does not require that the consortium dia,eter routing updates to its members when changes are made to a member’s infrastructure. Proxy Agent or Proxy In addition to forwarding requests and responses, proxies make policy decisions relating to resource usage and provisioning.
The application can be an authentication application, an accounting application, or a vendor-specific application. While implementation of data object security is not mandatory within Diamwter, these capabilities are supported, and are described in [ AAACMS ].
A Diameter node may act as an agent for certain requests while acting as a server for others. While attribute hiding is supported, [ RFC ] does not provide support for per- packet confidentiality.