Canonical URL: ; File formats: Plain Text PDF; Status: PROPOSED STANDARD; Obsoleted by: RFC ; Updated by. Diameter is the protocol used within EPS/IMS architectures for AAA ( Authentication, Diameter is specified primarily as a base protocol by the IETF in RFC Diameter is an authentication, authorization, and accounting protocol for computer networks. The Diameter base protocol is defined by RFC ( Obsoletes: RFC ) and defines the minimum requirements for an AAA protocol. Diameter.
|Published (Last):||26 May 2007|
|PDF File Size:||6.5 Mb|
|ePub File Size:||9.44 Mb|
|Price:||Free* [*Free Regsitration Required]|
The ” T ” Potentially re-transmitted message bit — This flag is set after a link failover procedure, to aid the removal of duplicate requests. In accounting, [ RADACCT ] assumes dismeter replay protection is provided by the backend billing server, rather than within the protocol itself.
Additional security information, when needed e. Security policies, which are not the subject of standardization, may be applied by next hop Diameter peer or by destination realm. Views Read Edit View history. If Diameter receives data up from TCP that cannot be parsed or identified as a Diameter error made by the peer, the stream is compromised and cannot be recovered.
Gfc Request Routing Overview Sub-session A sub-session represents a distinct service e. This does not affect the rfx of port numbers.
RFC – part 1 of 5
Message Dfc The Message Length field is three octets and indicates the length of the Diameter message including the header fields. These changes in sessions are tracked with the Accounting-Sub-Session-Id. Command Flags The Command Flags field is eight bits. By issuing an accounting request corresponding to the authorization response, the local realm protovol indicates its agreement to provide the service indicated in the authorization response.
Packets may be marked or metered based on the following information that is associated with it: Description of the Document Set Relays modify Diameter messages by inserting and removing routing information, but do not modify any other portion of a message.
Messages with the “E” bit set are commonly referred to as error messages. This field contains the contents of the Origin-Host Section 6. Combined with lack of support for capabilities negotiation, this makes it very difficult to determine what occurred in the event of a dispute. Similarly, for the originator of a Diameter message, a “P” in the “MAY” column means that if a message containing that AVP is to be sent via a Diameter agent proxy, redirect or relay then the message MUST NOT be sent unless there is end-to-end security between the originator and the recipient or the originator has locally trusted configuration that indicates that end-to-end security is not needed.
However, they differ since they modify messages to implement policy enforcement. Given that the Diameter protocol introduces the concept of long-lived authorized sessions, translation agents MUST be session stateful and MUST maintain transaction state.
The communicating party may accept the request, or reject it by returning an answer message with the Result-Code AVP. In summary, this document defines the base protocol specification for AAA, which includes support for accounting. Unsigned64 64 bit unsigned value, in network byte order.
Duplicate answer messages that are to be locally consumed see Section 6.
The supported TCP options are: The metering options MUST be included. Proxy Agent or Proxy In addition to forwarding requests and responses, proxies make policy decisions relating to resource usage and provisioning. Direction in or out Source and destination IP address possibly masked Protocol Source and destination port lists or ranges DSCP values no mask or range Rules for the appropriate direction are evaluated in order, with the first matched rule terminating the evaluation.
If cleared, the message MUST be locally processed. A stateless agent is one that only maintains transaction state. It can be set only in cases where no answer has been received from the server for a request and the request is sent again.
Broker A broker is a business term commonly used in AAA infrastructures. The creation of a new accounting application should be viewed as a last resort and MUST NOT be used unless a new command or additional mechanisms e. Further, since redirect agents never relay requests, they are not required to maintain transaction state. This field MUST be used as a secondary key field in routing table lookups.
The default value is zero. Diameter AVPs Diameter AVPs carry specific authentication, accounting, authorization, routing and security information as well as configuration details for the request and reply. Transaction state The Diameter protocol requires that agents maintain transaction state, which is used for failover purposes. Accounting Record An accounting record represents a summary of the resource consumption of a user over the entire session. Diameter Server A Diameter Server is one that handles authentication, authorization and accounting requests for a particular realm.
LOCAL – Diameter messages that resolve to a route entry with the Local Action set to Local can be satisfied locally, and do not need to be routed to another server. Guttman Sun Microsystems, Inc.