The Diameter base protocol is intended to provide an Authentication, Authorization and Accounting (AAA) framework for applications such as network access or. Diameter is the protocol used within EPS/IMS architectures for AAA ( Authentication, Diameter is specified primarily as a base protocol by the IETF in RFC Diameter is an authentication, authorization, and accounting protocol for computer networks. The Diameter base protocol is defined by RFC ( Obsoletes: RFC ) and defines the minimum requirements for an AAA protocol. Diameter.

Author: Zulkinris Majind
Country: Angola
Language: English (Spanish)
Genre: Love
Published (Last): 28 January 2015
Pages: 194
PDF File Size: 15.34 Mb
ePub File Size: 12.51 Mb
ISBN: 137-9-67074-278-4
Downloads: 61994
Price: Free* [*Free Regsitration Required]
Uploader: Vudok

Diameter Command Naming Conventions Diameter command names typically includes one rfc 3588 diameter more English words followed by the verb Request or Diaemter. It is suggested that IPsec can be used primarily at the edges and in intra-domain traffic, such as using pre-shared keys between a NAS a local AAA proxy.

diqmeter Should a new Diameter usage scenario find itself unable to diametsr within an existing application without requiring major changes to the specification, it may rfc 3588 diameter desirable to create a new Diameter application.

The absence of a particular flag may be denoted with a ‘! Transaction state implies that upon forwarding a request, rfc 3588 diameter Hop-by-Hop identifier is saved; the field is replaced with a locally unique identifier, which is restored to its original value when the corresponding answer is received.

P roxiable – If set, the message MAY be proxied, relayed or redirected. Redirect Agents Redirect rfc 3588 diameter are useful in scenarios where the Diameter dia,eter configuration needs to be centralized. This is rfc 3588 diameter as the Realm Routing Table, as is defined further in Section 2. It can be set only in cases where no answer has been received from the server for a request and the request is sent again.

The use of Relays is advantageous since it eliminates the need for NASes to be configured with the necessary rfc 3588 diameter information they would otherwise require to communicate with Diameter servers in other realms.

As ofthe only value supported is 1.

Information on RFC ยป RFC Editor

It is important to note that although proxies MAY provide a value-add function for NASes, they do not allow access devices to use end-to- end security, since modifying messages breaks authentication. The set of AVPs included in the message is determined by a particular Diameter application. Rfc 3588 diameter KV May 21, at Thus, the Message Length field is always a multiple of 4.

RFC clearly states about loop avoidance or recovery. This is typically accomplished by tracking the state of NAS devices. The receiver of a Capabilities Exchange message advertising Relay service MUST assume that the sender supports all current and future applications.

Agents do not need to support all modes of operation in order to conform with the protocol specification, but MUST follow the protocol compliance guidelines in Section 2. Every Diameter message MUST contain rfc 3588 diameter command code in its header’s Command-Code field, which is used to determine the action that is rfc 3588 diameter be taken for a diametter message.


In order to provide well defined failover behavior, Diameter supports application-layer acknowledgements, and defines failover algorithms and the associated state machine. Unknown December 11, rfc 3588 diameter 9: If the base accounting is used without any mandatory AVPs, new commands dianeter additional mechanisms e. LOCAL – Diameter messages that resolve to a route entry with the Local Action set to Local can be satisfied locally, and rfc 3588 diameter not need to be routed to another server.

End-to-End Identifier The End-to-End Identifier is an unsigned bit integer field in network byte order and is used to detect duplicate messages. For code points not directly supported by user rfc 3588 diameter hardware or software, an djameter means of entry and display, such as hexadecimal, MAY be provided.

This AVP would be encoded rfcc follows: Diameter Request Routing Overview Home Realm A Home Realm is the administrative domain with which the user maintains an account relationship.

Diameter Base Protocol

Unknown January 18, at 3: For example, administrators within the home realm may not wish to honor requests that have been routed through an untrusted realm. Received answers that do not match a known Hop-by-Hop Identifier are ignored by the Diameter agent.

The values are for permanent, standard rfc 3588 diameter allocated by Rfc 3588 diameter. This comment has been removed by the author. Retrieved 12 October The format of the Data field MUST be rfc 3588 diameter of the following base data types or a data type derived from the base data types. At each step, forwarding of an authorization response is considered evidence of a willingness to take on financial risk relative to the session. Each of these AVPs follows – in the order in which they are specified – including their headers and padding.

RFC – part 1 of 5

Derivation of dynamic session keys is enabled via transmission-level security. This section needs expansion. See the text from RFC Section: