Canonical URL: ; File formats: Plain Text PDF; Status: PROPOSED STANDARD; Obsoleted by: RFC ; Updated by. Diameter is the protocol used within EPS/IMS architectures for AAA ( Authentication, Diameter is specified primarily as a base protocol by the IETF in RFC Diameter is an authentication, authorization, and accounting protocol for computer networks. The Diameter base protocol is defined by RFC ( Obsoletes: RFC ) and defines the minimum requirements for an AAA protocol. Diameter.
|Published (Last):||6 September 2009|
|PDF File Size:||12.6 Mb|
|ePub File Size:||11.14 Mb|
|Price:||Free* [*Free Regsitration Required]|
As ofthe only value supported is 1. The Diameter base application needs to be supported by all Diameter implementations.
Distribution of this memo is unlimited. Senders of request messages MUST insert a unique identifier on each message.
RFC – part 2 of 5
A Diameter node MAY act as an agent for certain requests while acting as a server for others. To test for a particular IP version, the bits part can be set to zero.
This security protects the entire Diameter communications path from the originating Diameter node to the terminating Diameter node. Relaying and Proxying Requests Only this exact IP number will match the rule. The fields are transmitted in network byte order.
Approach to Extensibility The Diameter protocol is designed to be extensible, using several mechanisms, including: For AVPs of type Enumerated, an application may require a new value to communicate some service-specific information.
If no rule matches, the packet is treated as best effort. Received answers that do not match a known Hop-by-Hop Identifier are ignored by the Diameter agent.
The length of the padding is not reflected in the AVP Length field. Furthermore, protofol Diameter messages contain an Application Identifier, which is used in the message forwarding process.
Diameter Protocol The Diameter base protocol provides the following facilities: When set the AVP Code belongs to the specific vendor code address space. The End-to-End Identifier is not modified by Diameter agents of any kind, and the same value in the corresponding request is used in the answer.
This field MUST be used as a secondary key field in routing table lookups. Unsigned64 64 bit unsigned value, in network byte order. Any AVP for which the P bit may be set or which may be encrypted may be considered sensitive. Some common Diameter commands defined in the protocol base and applications are:.
Diameter Base Protocol Support
However, the protocol’s failover procedures require that agents maintain a copy of pending requests. Transaction state implies that upon forwarding a request, the Pritocol identifier is saved; the field is replaced with a locally unique identifier, which is restored to its original value when the corresponding answer is received.
Role of Diameter Agents In addition to client and servers, the Diameter protocol introduces relay, proxy, redirect, and translation agents, each of which is defined in Section 1. One or more Session-Ids must follow. Any node can initiate a request. The ” Dia,eter ” Potentially re-transmitted message bit — This flag is set after a link failover procedure, to aid the removal of duplicate requests.
Diameter Header A summary prottocol the Diameter header format is shown below. Initially, it is expected that Diameter will be deployed within new network devices, as well as within gateways enabling communication between legacy RADIUS devices and Diameter agents. Creation of a new application should be viewed as a last resort. This MAY require that new AVP values be assigned to represent the new authentication transform, or any other scheme that produces similar results.
The base Diameter protocol concerns itself with capabilities negotiation, how messages are sent and how peers may eventually be abandoned.
If cleared, the message is an answer. Failover [ Protoocl ] does not define failover mechanisms, and as a result, failover behavior differs between implementations.
The absence of a particular option may be denoted with a ‘! Accounting requests without corresponding authorization responses SHOULD be subjected to further scrutiny, as should accounting requests indicating a difference between the requested and provided service.
Support for server-initiated messages is mandatory in Diameter, and is described rfd Section 8. Some of these AVP values are used by the Diameter protocol itself, while others deliver data associated with particular applications that employ Diameter.
This requires that proxies maintain the state of their downstream peers e. Security is discussed in Section Diameter implementations are required to support all Mandatory AVPs which are allowed by the message’s formal syntax and defined either in the base Diameter standard or in one of the Diameter Application specifications governing the message.
This AVP would be encoded as follows: Since redirect agents do not sit in the forwarding path, they do not alter any AVPs transiting between client and server.