Canonical URL: ; File formats: Plain Text PDF; Status: PROPOSED STANDARD; Obsoleted by: RFC ; Updated by. Diameter is an authentication, authorization, and accounting protocol for computer networks. The Diameter base protocol is defined by RFC ( Obsoletes: RFC ) and defines the minimum requirements for an AAA protocol. Diameter. Diameter is the protocol used within EPS/IMS architectures for AAA ( Authentication, Diameter is specified primarily as a base protocol by the IETF in RFC
|Published (Last):||23 May 2017|
|PDF File Size:||18.27 Mb|
|ePub File Size:||6.28 Mb|
|Price:||Free* [*Free Regsitration Required]|
It is set when resending requests not yet acknowledged as an indication of a possible duplicate due to a link failure. Application-ID is used to identify for which Diameter application the message is applicable.
Unsigned64 64 bit unsigned value, in network byte order. P roxiable – If set, the message MAY be proxied, relayed or redirected. Duplicate answer messages that are to be locally consumed see Section 6.
Diameter (protocol) – Wikipedia
If cleared, the message MUST be locally duameter. The use of Relays is advantageous since it eliminates the need for NASes to be configured djameter the necessary security information they would otherwise require to communicate with Diameter servers in other realms. Adding a new optional AVP does not require a new application. A Diameter implementation MAY act as one type of agent for some requests, and as another type of agent for others. The “ip” keyword means any protocol will match.
End-to-end security policies include: Each packet is evaluated once. The Diameter protocol requires that relaying and proxying agents maintain transaction state, which is used for failover purposes.
Each new definition must be either defined or listed with a reference diametr the RFC that defines the format. Transaction state implies that upon forwarding a request, its Hop-by-Hop Identifier is saved; the 3588 is replaced with a locally unique identifier, which is restored to its original value when the corresponding answer is received.
Relaying of Diameter messages The example provided in Figure 2 depicts a request issued from NAS, which is an access device, for the user bob example.
Once the receiver has completed the request it issues the corresponding answer, which includes a result code that communicates one of the following: The encoding example illustrates how padding is used and how length fields are calculated. It is important to note that although proxies MAY provide a value-add function for NASes, they do not allow access devices to use end-to- end security, since modifying messages breaks authentication.
The request’s state is released upon receipt of the answer. The fields are transmitted in network byte order.
The absence of a particular flag may be denoted with a ‘! See the frag option for details on matching fragmented packets. T Potentially re-transmitted message – This flag is set diameeter a link failover procedure, to aid the removal of duplicate requests. Diameter Command Naming Conventions Diameter command names typically includes one or more English words followed by the verb Request or Answer.
Redirecting a Diameter Message Since redirect agents do not perform any application level processing, they provide relaying services for all Diameter applications, and therefore MUST advertise the Relay Application Identifier.
If an optional rule has no ; qualifier, then dkameter or 1 such AVP may be ; present.
Diameter agents only need to be concerned about the number of requests they send based on a single received request; retransmissions by other entities need not be tracked. This is known as the Realm Routing Table, as is defined further in Section 2. Given that the Diameter protocol introduces the concept of long-lived authorized sessions, translation agents MUST be session diaketer and MUST maintain transaction state.
This requires that proxies maintain the state of their downstream peers e. End-to-End Identifier The End-to-End Identifier is an unsigned bit integer field in network byte order and is used to detect duplicate messages.
From Wikipedia, the free encyclopedia. As ofthe only value supported is 1.
Diameter Base Protocol Support
Diameeter additional code points are added by amendments to the standard from time to time, implementations MUST be prepared to encounter any code point from 0x to 0x7fffffff. 5388 request is identified by the R equest bit in the Diameter header set to one 1to ask that a particular action be performed, such as authorizing a user or terminating a session.
Every Diameter message MUST contain a command code in its header’s Command-Code field, which is used to determine the action that is to be taken for a particular message. The dfc “any” is 0. AVP Values of this type that are not a multiple of four-octets in length is followed by the necessary padding so that the next AVP if any will start on a bit boundary. Prior to issuing the request, NAS performs a Diameter route lookup, using “example.