Diameter is an authentication, authorization, and accounting protocol for computer networks. It evolved from the earlier RADIUS protocol. It belongs to the application layer protocols in the internet protocol suite. Diameter Applications extend the base protocol by adding new commands The Diameter base protocol is defined by RFC (Obsoletes: RFC ). Canonical URL: ; File formats: Plain Text PDF; Status: PROPOSED STANDARD; Obsoleted by: RFC ; Updated by. Diameter is specified primarily as a base protocol by the IETF in RFC and then DIAMETER base protocol must be used in conjunction with DIAMETER.
|Published (Last):||19 January 2008|
|PDF File Size:||9.14 Mb|
|ePub File Size:||8.17 Mb|
|Price:||Free* [*Free Regsitration Required]|
The metering options MUST be included. Realm The string in the NAI frc immediately follows the ‘ ‘ character. The changes introduced in this document focus on fixing issues that have surfaced during the implementation of Diameter RFC Byte sequences that do not correspond to the valid encoding of a code point into UTF-8 charset or are outside this range are prohibited.
A Basr client generates Diameter messages to request authentication, authorization, and accounting services for the user.
Since redirect agents do not receive answer messages, they cannot maintain session state. It is set when resending requests not yet acknowledged, as an indication of a possible duplicate due to a link failure.
The set of AVPs included in the message is determined by a particular Diameter application.
Information on RFC » RFC Editor
This security protects the entire Diameter communications path from the originating Diameter node to the terminating Diameter node. The length of the padding is not reflected in the AVP Length field.
Since the expected behavior is not defined, it varies between implementations. An access device that is unable to interpret or apply a deny rule MUST terminate the session. In order to preserve interoperability, a Diameter implementation MUST be able to exclude from a Diameter message any Mandatory AVP which is neither defined in the base Diameter protocol nor in any of the Diameter Application specifications governing the message in which it appears.
Message Length The Message Length field is three octets and indicates the length of the Diameter message including the header fields. Therefore, it is imperative that the designers of new applications understand their requirements before using Diameter.
A Diameter agent is a node that does not provide local user authentication or authorization services; protofol include proxies, redirects, and relay agents.
The encoding example illustrates how padding is used and how length fields are calculated. The absence of a particular option may be denoted with a ‘! This page was last edited on 19 Octoberat Changes from RFC Derivation of dynamic session keys is enabled via transmission-level security. This field contains prohocol contents of the Origin-Host Section 6. Capabilities exchange in the open state has been re-introduced in a separate specification [ RFC ], which clearly defines new commands for this feature.
It is the decision of the protocol designer when to develop a new Diameter application rather prrotocol extending Diameter in other ways.
Each packet is evaluated once.
Failover and Failback Procedures The Diameter protocol requires that relaying and proxying agents maintain transaction state, which is used for failover purposes. Local Realm A local realm is the administrative domain providing services to a user.
Furthermore, if the transport characteristics of a command are changed for example, with respect to the number of round trips requireda new Command Code MUST be registered. The AddressType is used to discriminate the content and format of the remaining octets. This field is only present if the portocol bit-flag is enabled. The circumstances requiring the use of end-to-end security are determined by policy on each of the peers. The Diameter protocol was initially developed by Pat R.
However, just because a new authentication application id is required, does not imply that a new accounting application id is required. A given Diameter instance of the peer state machine MUST NOT use more than one transport connection to communicate with a given peer, unless multiple instances exist on the peer in which case a separate connection per rf is allowed.