Diameter is an authentication, authorization, and accounting protocol for computer networks. It evolved from the earlier RADIUS protocol. It belongs to the application layer protocols in the internet protocol suite. Diameter Applications extend the base protocol by adding new commands The Diameter base protocol is defined by RFC (Obsoletes: RFC ). Canonical URL: ; File formats: Plain Text PDF; Status: PROPOSED STANDARD; Obsoleted by: RFC ; Updated by. Diameter is specified primarily as a base protocol by the IETF in RFC and then DIAMETER base protocol must be used in conjunction with DIAMETER.
|Published (Last):||28 February 2004|
|PDF File Size:||16.42 Mb|
|ePub File Size:||14.60 Mb|
|Price:||Free* [*Free Regsitration Required]|
The base Diameter protocol concerns itself with capabilities negotiation, how messages are sent and how peers may eventually be abandoned. Diameter AVPs Diameter AVPs carry specific authentication, accounting, diaemter, routing and security information as well as configuration details for the request and reply. The first two octets of the Address. Similarly, for the originator of a Diameter message, a “P” in the “MAY” column means that if a message containing that AVP is to be sent via a Diameter agent proxy, redirect or relay then the message MUST NOT be sent unless there is end-to-end security between the originator and the recipient or the originator has locally trusted configuration that indicates that end-to-end security is not needed.
Loughney Nokia Research Center G. Creating New Authentication Applications This document also defines the Diameter failover algorithm and state machine.
35888 Transaction state implies that upon forwarding a request, the Hop-by-Hop Identifier is saved; the field is replaced with a locally unique identifier, which is restored to its original value when the corresponding answer is received. Diameter Applications can extend the base protocol by adding new commands, attributes, or both. Since relays do not make policy decisions, they do not examine or alter non-routing AVPs.
As a result, relays never originate messages, do not need to understand the semantics of messages or non-routing AVPs, and are capable of handling any Diameter application or message type.
Please refer to Section A Diameter node MAY initiate connections from a source port other than the one that it declares it accepts incoming connections on, and MUST be prepared to receive connections on port It is also possible for the base protocol to be extended for use in new applications, via the addition of new commands or AVPs.
Diameter Base Protocol Support
Bawe creation of a new accounting application should be viewed as a last resort and MUST NOT be used unless a new command or additional mechanisms e. In accounting, [ RADACCT ] assumes that replay protection is provided by the backend billing server, rather than within the protocol itself. Authorization Session State Machine Typically, time constraints are imposed in order to limit financial risk.
It is set when resending requests not yet acknowledged as an indication of a possible duplicate due to a link failure.
Downstream Downstream is used to identify the direction of a particular Diameter message from the home server towards the Diameter client. Server Identifier One or more servers the message is to be routed to. Match if the ICMP type is in the list types. A given Diameter instance of the peer state machine MUST NOT use more than one transport connection to communicate with a given peer, unless multiple instances exist on the peer in which case a separate connection per process is allowed.
An overview of some the major changes are given below.
Initially, it is expected that Diameter will be deployed within new network devices, as well as within gateways enabling communication between legacy RADIUS devices and Diameter agents.
Failover [ RADIUS ] does not define failover mechanisms, and as a result, failover behavior differs between implementations. Network Working Group P. The ” T ” Potentially re-transmitted message bit — This flag is set after a link failover procedure, to aid the 5388 of duplicate requests.
It is the decision of the protocol designer when to develop a new Diameter application rather rrc extending Diameter in other ways.
Diameter (protocol) – Wikipedia
These services are provided by supporting AVP integrity and confidentiality between two peers, communicating through agents. Time constraints are typically imposed in order to limit financial risk. Diameter Protocol Related Configurable Parameters When creating a request, the End-to-End Identifier is set to a locally unique value.
Once the receiver has completed the request it issues protockl corresponding answer, which includes a result code that communicates one of the following: After that the transport connection can be disconnected.
A stateful agent is one that bae session state information; by keeping track of all authorized active sessions. At this time the focus of Diameter is network access and accounting applications.