Canonical URL: ; File formats: Plain Text PDF; Status: PROPOSED STANDARD; Obsoleted by: RFC ; Updated by. Diameter is an authentication, authorization, and accounting protocol for computer networks. The Diameter base protocol is defined by RFC ( Obsoletes: RFC ) and defines the minimum requirements for an AAA protocol. Diameter. Diameter is the protocol used within EPS/IMS architectures for AAA ( Authentication, Diameter is specified primarily as a base protocol by the IETF in RFC
|Published (Last):||14 January 2012|
|PDF File Size:||15.71 Mb|
|ePub File Size:||8.4 Mb|
|Price:||Free* [*Free Regsitration Required]|
Prior to bringing up a connection, authorization checks are performed at each connection along the path. AVP Values of this type that are not a multiple of four-octets in length is followed by the necessary padding so that the next AVP if any will start on a bit boundary.
Both the numeric values and the symbolic values listed below can be used. Packets may be marked or metered based on the following information that is associated with it: Byte sequences that do not correspond to the valid encoding of diiameter code point into UTF-8 charset or are outside this range are prohibited.
Each of these AVPs follows – in the order in which they are specified – including their headers and padding. Diameter Path Authorization As noted in Section 2. By issuing an accounting request corresponding to the authorization response, the local realm implicitly indicates its agreement to provide the service indicated in the authorization response.
This section needs expansion. If no rule matches, the packet is dropped if the last rule evaluated was a permit, and passed if the last rule was a deny. Diametee ” R ” Request bit — If set, the message is a request. If cleared, the message MUST be locally processed.
The absence of a particular option may be denoted with a ‘! The ” E ” Error bit — If set, the message contains a protocol error, and the message will not conform to the CCF described for this command.
The Message Length field indicates the length of the Diameter message in bytes, including the header fields and the padded AVPs. Internet Standards Application layer protocols Computer access control protocols Authentication protocols. Messages with the “E” bit set are commonly referred to as error messages.
Messages with the ‘E’. A stateful agent is one that maintains session state information; by keeping track of all authorized active sessions. Diameter Header A summary of the Diameter diamdter format is shown below.
The default value is infinity. The bit value is transmitted in network byte order. Prior to issuing the request, NAS performs a Diameter route lookup, using “example.
AVPs containing keys and passwords should be considered sensitive. The definition contains a list of valid values and their interpretation and is described in the Diameter application introducing the AVP. There is one kind of packet that the access device MUST always discard, that is an IP fragment with a fragment offset of one.
Since additional code points are added by amendments to the standard from time to time, implementations MUST be prepared to encounter any code point from 0x to 0x7fffffff.
Once the receiver has completed the request it issues the corresponding answer, which includes a result code that communicates one of the following: It belongs to the application layer protocols in the internet protocol suite. The format of the header is: This field is only present if the respective dismeter is enabled.
The encoding example illustrates how padding is used and how length fields are calculated. T Diamdter re-transmitted message – This flag is set after a link failover procedure, to aid the removal of duplicate requests. An example is a redirect agent that provides services to all members of a consortium, but does not wish to be burdened with relaying all messages between realms.
DIAMETER – The Wireshark Wiki
Diameter Applications can extend the base diametter by adding new commands, attributes, or both. The following format is used in the definition: Translation of messages can only occur if the agent recognizes the application of a particular request, and therefore translation agents MUST only advertise their locally supported applications.
Some common Diameter commands defined in the protocol base diametfr applications are:. Unsigned64 64 bit unsigned value, in network byte order.
This field indicates the version of the Diameter Base Protocol. The End-to-End Identifier is an unsigned bit integer field in network byte order that is used to detect duplicate messages along with the combination of dlameter Origin-Host AVP.
Upon reboot implementations MAY set the high order 12 bits to contain the low order 12 bits of current time, and the low order 20 bits to a random value. This does not affect the selection of port numbers.
A home realm may also wish to check that each accounting request message corresponds to a Diameter response authorizing the session. If an optional rule has no ; qualifier, then 0 or 1 such AVP may be ; present. Rfx 32 bit signed value, in network byte order. This is part of the basic protocol functionality and all stacks should support it and as such abstract from the connectivity related operations.