DIAMETER BASE PROTOCOL RFC 3588 PDF
Diameter is an authentication, authorization, and accounting protocol for computer networks. It evolved from the earlier RADIUS protocol. It belongs to the application layer protocols in the internet protocol suite. Diameter Applications extend the base protocol by adding new commands The Diameter base protocol is defined by RFC (Obsoletes: RFC ). Canonical URL: ; File formats: Plain Text PDF; Status: PROPOSED STANDARD; Obsoleted by: RFC ; Updated by. Diameter is specified primarily as a base protocol by the IETF in RFC and then DIAMETER base protocol must be used in conjunction with DIAMETER.
|Published (Last):||14 August 2014|
|PDF File Size:||8.58 Mb|
|ePub File Size:||14.24 Mb|
|Price:||Free* [*Free Regsitration Required]|
A Realm Routing Table Entry contains the following fields: This routing decision is performed using a list of supported realms, and known peers. Accounting The act of collecting information on resource usage for the purpose of capacity planning, auditing, billing, or cost allocation.
In the event that a logical grouping of AVPs is necessary, and multiple “groups” are possible in a given command, it is recommended that a Grouped AVP be used see Section 4.
The routing table MAY consist of only such an entry. It belongs to the application layer protocols in the internet protocol suite. Since relays do not make policy decisions, they do not examine or alter non-routing AVPs.
A given Diameter instance of the peer state machine MUST NOT use more than one transport connection to communicate with a given peer, unless multiple instances exist on the peer in which case a separate connection per process is allowed. Reuse simplifies standardization and implementation and avoids potential interoperability issues.
This subsequently leads to the need to define a new Diameter application for any application that will use that new command.
Diameter (protocol) – Wikipedia
Creating New Accounting Applications A rule for the prioritization of redirect routing criteria when multiple route entries are found via redirects has also been added see Section 6.
Diameter makes use of the realm, also loosely referred to as domain, to determine whether messages can be satisfied locally, or whether they must be routed or redirected. In this case, all IP numbers from 1. Archived from the original on 4 July Direction in or out Source and destination IP address possibly masked Protocol Source and destination port lists or ranges DSCP values no mask or range Rules for the appropriate direction are evaluated in order, with the first matched rule terminating the evaluation.
daimeter An AVP includes a header and is used to encapsulate protocol-specific data e. The packet consists of a Diameter header and a variable number of Attribute-Value Pairs, or AVPs, for encapsulating information relevant to the Diameter message.
Security is discussed in Section Once accepted by the server, both the client and the server are aware of the session. Each packet diameyer evaluated once. Authentication The act of verifying the identity of an entity subject.
Each leg of the bundle would be a session while the entire bundle would be a multi-session. An access device MAY apply deny rules of its own before the supplied rules, for example to protect the access device owner’s infrastructure.
In addition to addressing the above orotocol, Diameter also provides support for the following: The Proxy-Info AVP allows stateless agents to add local state to a Diameter request, with the guarantee that the same state will be present in the answer.
Diaemter Overview The base Diameter protocol may be used by itself for accounting applications, but for use in authentication and authorization it is always extended for a particular application. Obsolete RFCs are indicated with strikethrough text.
If cleared, the message is an answer. Expiration time Specifies the time at which dynamically discovered peer table entries are to be either refreshed, or expired. While implementation of data object security is not mandatory within Diameter, these capabilities are abse, and are described in [ AAACMS ]. End-to-End Security Framework End-to-end security services include confidentiality and message origin authentication.
In that sense, Diameter is a peer- to-peer protocol. Changes from RFC A connection is a transport level connection between two peers, used to send and receive Diameter messages. Diameter Client A Diameter client is a Diameter node that supports Diameter client applications as well as the base protocol.