DIAMETER PROTOCOL RFC 3588 PDF
Canonical URL: ; File formats: Plain Text PDF; Status: PROPOSED STANDARD; Obsoleted by: RFC ; Updated by. Diameter is the protocol used within EPS/IMS architectures for AAA ( Authentication, Diameter is specified primarily as a base protocol by the IETF in RFC Diameter is an authentication, authorization, and accounting protocol for computer networks. The Diameter base protocol is defined by RFC ( Obsoletes: RFC ) and defines the minimum requirements for an AAA protocol. Diameter.
|Published (Last):||16 October 2016|
|PDF File Size:||4.36 Mb|
|ePub File Size:||18.57 Mb|
|Price:||Free* [*Free Regsitration Required]|
Zorn Cisco Systems, Inc. If cleared, the message is an answer. The Diameter protocol requires that agents maintain transaction state, which is used for failover purposes. Each new definition must be either defined or listed with a reference to the RFC that defines the format. Retrieved 30 April The first rpotocol octets of the Address. Please refer to Section Accounting Session State Machine Agents do not need to support all modes of operation in order to conform with the protocol specification, but MUST follow the protocol compliance guidelines in Section 2.
See Section 4 for more information on AVPs. Therefore, it is imperative that the protocool of new applications understand their requirements protlcol using Diameter. If no rule matches, the packet is treated as best effort.
Relay Agents Relay Agents are Diameter agents that accept requests and route messages to other Diameter nodes based on information found in the messages e. The End-to-End Identifier is not modified by Diameter agents 358 any kind, and the same value in the corresponding request is used in the answer.
The routing table MAY consist of only such an entry. End-to-end security policies include: Failover [ RADIUS ] does not define failover mechanisms, and dimaeter a result, failover behavior differs between implementations.
This MAY require that new AVP values be assigned to represent the new authentication transform, or any other scheme that produces similar results. Application-ID Application-ID is four octets and is used to identify to which application the message is applicable for.
The request is identified by the R equest bit in the Diameter header set to one 1to ask that a particular action be performed, such as authorizing a user or terminating a session. The communicating party may accept the request, or reject it by returning an answer message with the Result-Code AVP.
Each leg of the protoco would be a session while the entire bundle would be a multi-session. Relay Agent or Relay Relays forward requests and responses based on routing-related AVPs and realm routing table entries. In case of redirecting agents, the Hop-by-Hop Identifier is maintained in the header as the Diameter agent responds with an answer message.
A stateless agent is one that only maintains transaction state.
RFC – Diameter Base Protocol
Diameter Protocol The Diameter base protocol provides the following facilities: The originator of an Answer message MUST ensure that the End-to-End Identifier field contains the same value that was found in the corresponding request.
The keyword “any” is 0. Accounting AVPs may be considered sensitive.
Therefore, each connection is authenticated, replay and integrity protected and confidential on a per-packet basis. An example is a redirect agent that provides services to all members of a consortium, but does not wish to be burdened with relaying all messages between realms.
RFC – part 2 of 5
Byte sequences that do not correspond to the valid encoding of a code point into UTF-8 charset or are outside this range are prohibited. Reuse simplifies standardization and implementation and avoids potential interoperability issues.
The list may be specified as any combination of ranges or individual types separated by commas. Messages with the “E” bit set are commonly referred to as error messages. The values are for permanent, standard commands allocated by IANA. Since relays make decisions based on information in routing AVPs and realm forwarding tables they do not keep state on NAS resource usage or sessions in progress.
Realm Name This is the field that is typically used as a primary key in the routing table lookups. Archived from the original on 4 July The ” T ” Potentially re-transmitted message protocll — This flag is set after a link failover procedure, to aid the removal of duplicate requests.
Since redirect agents do not sit in the forwarding path, they do not alter any AVPs transiting between client diameteg server.
Failover and Failback Procedures Relays modify Diameter messages by inserting and removing routing information, but do not modify any other portion of a message.