Canonical URL: ; File formats: Plain Text PDF; Status: PROPOSED STANDARD; Obsoleted by: RFC ; Updated by. Diameter is the protocol used within EPS/IMS architectures for AAA ( Authentication, Diameter is specified primarily as a base protocol by the IETF in RFC Diameter is an authentication, authorization, and accounting protocol for computer networks. The Diameter base protocol is defined by RFC ( Obsoletes: RFC ) and defines the minimum requirements for an AAA protocol. Diameter.
|Published (Last):||18 April 2017|
|PDF File Size:||7.55 Mb|
|ePub File Size:||10.18 Mb|
|Price:||Free* [*Free Regsitration Required]|
Senders of request messages MUST insert a unique identifier on each message. This document assigns bit 0 ‘R’equestbit 1 ‘P’roxybit 2 ‘E’rror and bit 3 ‘T’. The Dismeter provides for several types of identification data.
Communications Protocols and Network Security
Retrieved from ” https: This MUST include the name and acronym for the protocol, along with reference to a diiameter that describes the transport protocol. An example is a message set used to terminate a session. The ” R ” Request bit — If set, the message is a request.
Accounting requests without corresponding authorization responses SHOULD be subjected to further scrutiny, as should accounting requests indicating a difference between the requested and provided service. This can be accomplished via use of inbound and outbound filter policy. Application-ID is used to identify for which Diameter application the message is applicable. The Proxy-Info AVP allows stateless agents to add local state to a Diameter request, with the guarantee that the same state will be present in the answer.
Proxies that wish to limit resources MUST maintain session state. Integer32 32 bit signed value, in network byte order. Siameter Command Naming Conventions Diameter command names typically includes one or more English words followed by the verb Request or Answer.
This document assigns bit 0 ‘V’endor Specificbit 1 ‘M’andatory and bit 2 ‘P’rotected. Where close to real-time performance is required, failover thresholds need to be kept low and this may lead to an increased likelihood of duplicates.
Secondly, hashing techniques or other schemes, such as the use of diameteer T dixmeter in the received messages, may be used to eliminate the need to do a full search even in this set except for rare cases.
The routing table MAY also include a “default route”, which is typically used for all messages that cannot be locally processed.
RFC – part 2 of 5
The following values have been placed into the registry: Each English word is delimited by a hyphen. The specific transport protocol associated with that service field. The rule syntax is a modified subset of ipfw 8 from FreeBSD, and the ipfw.
The service field being registered.
Information on RFC » RFC Editor
Direction in or out Source and destination IP address possibly masked Protocol Source and destination port lists or ranges DSCP values no mask or range Rules for the appropriate direction are evaluated in order, with the first matched rule terminating the evaluation. As these codes are only for experimental and testing purposes, no guarantee is made for interoperability between Diameter peers using experimental commands, as outlined in [ IANA-EXP ].
As an example, it can be usually be assumed that duplicates appear within a time window of longest recorded network partition or device fault, perhaps a day. If cleared, the message MUST be locally processed. Unsigned64 64 bit unsigned value, in network byte order. The Diameter protocol requires that relaying and proxying agents maintain transaction state, which is used for failover purposes.
Which AVPs are sensitive is determined by service provider policy. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF Secretariat. This does not affect the selection of port numbers.
AVPs containing keys and passwords should be considered sensitive. Additionally, application specific state machines can be introduced either later or at a higher abstraction layer.
This avoids the potential for continually bringing connections up and down.
These restrictions can be awkward at best. However, servers that do this MUST ensure that duplicates are found even when the first transmitted request arrives at the server after the retransmitted request. After that the transport connection can be disconnected. The values are for permanent, duameter commands allocated by IANA.
For example, a Diameter peer may be authentic, but that does not mean that it is authorized to act as a Diameter Server advertising a set of Diameter applications.
Packets diametsr be marked or metered based on the following information that is associated with it: A stateful agent is one that maintains session state information; by keeping track of all authorized active sessions.