Diameter is specified primarily as a base protocol by the IETF in RFC and then DIAMETER base protocol must be used in conjunction with DIAMETER. Diameter is an authentication, authorization, and accounting protocol for computer networks. It evolved from the earlier RADIUS protocol. It belongs to the application layer protocols in the internet protocol suite. Diameter Applications extend the base protocol by adding new commands The Diameter base protocol is defined by RFC (Obsoletes: RFC ). RFC Diameter Base Protocol, September Canonical URL: Discuss this RFC: Send questions or comments to [email protected] Other actions: View.
|Published (Last):||26 June 2015|
|PDF File Size:||3.43 Mb|
|ePub File Size:||15.31 Mb|
|Price:||Free* [*Free Regsitration Required]|
If no rule matches, the packet diameger dropped if the last rule evaluated was a permit, and passed if the last rule was a deny. Accounting requests without corresponding authorization responses SHOULD be subjected to further scrutiny, as should accounting requests indicating a difference between the requested and provided service.
Information on RFC » RFC Editor
This protocok indicates the version of the Diameter Base Protocol. To test for a particular IP version, the bits part can be set to zero. It is set when resending requests not yet acknowledged as an indication of a possible duplicate due to a link failure.
Command-Code The Command-Code field is three octets, and is used in bade to communicate the command associated with the message. A stateful agent is one that maintains session state information; by keeping track of all authorized active sessions.
All proxies MUST maintain transaction state. Internet Standards Application layer protocols Computer access control protocols Ieff protocols.
When set the AVP Code belongs to the specific vendor code address space. This page was last edited on 19 Octoberat The application can be an authentication application, an accounting application or a vendor specific application. The format of the Data field MUST be one of the following base data types profocol a data type derived from the base data types.
T Potentially re-transmitted message – This flag is set after a link failover procedure, to aid the removal of duplicate requests. Direction in or out Source and destination IP address possibly masked Protocol Source and destination port lists or ranges DSCP values no mask or protofol Rules for the appropriate direction are evaluated in order, with the first matched rule terminating the evaluation.
If cleared, the message is an answer. Further, since redirect agents never relay requests, they are not required to maintain transaction state. The RFC defines an authorization and an accounting state machine. Translation agents are likely to be used as aggregation servers to communicate with a Diameter infrastructure, while allowing for the embedded systems to be migrated at a slower pace. The Diameter protocol requires that agents maintain transaction state, which is used for failover purposes.
The default value is infinity. Translation of messages can only occur if the agent recognizes the application of a particular request, and therefore translation agents MUST only advertise their locally supported applications. See the frag option for details on matching fragmented packets. Diameter Relay and redirect agents must not reject messages with unrecognized AVPs. A three-letter acronym for both the request and answer is also normally provided.
The keyword “assigned” is the address or set of addresses assigned to the terminal. A number of zero- valued bytes are added to the end of the AVP Data field till a word boundary is reached.
The following format is used in the definition: Diameter Header A summary of the Diameter header format is shown below. For code points not directly supported by user interface hardware or software, an alternative means of entry and display, such as hexadecimal, MAY be provided. Each English word is delimited by a hyphen. The metering options MUST be included. Accounting AVPs may be considered sensitive. In addition to authenticating each connection, each connection as well as the entire session MUST also be authorized.
Likewise, this reduces the configuration load on Diameter servers that would otherwise be necessary when NASes are added, changed or deleted. Upon reboot implementations MAY set the high order 12 bits to contain the low order 12 bits of current time, and the low order 20 bits to a random value.
The absence of a particular option may be denoted with a ‘! The RFC defines a core state machine for maintaining connections between peers and processing messages. The End-to-End Identifier is an unsigned bit integer field in network byte order that is used to detect duplicate messages along with the combination of the Origin-Host AVP.
The originator of an Answer message MUST ensure that the End-to-End Identifier field contains the same value that was found in the corresponding request. Redirecting a Diameter Message Since redirect agents do not perform any application level processing, they provide relaying services for all Diameter applications, and therefore MUST advertise the Relay Application Identifier.
Messages with the “E” bit set are commonly referred to as error messages. A stateless agent is one that only maintains transaction state. If no rule matches, the packet is treated as best effort.
Diameter AVPs Diameter AVPs carry specific authentication, accounting, authorization, routing and security information as well as configuration details for the request and reply. Obsolete RFCs are indicated with strikethrough text.