Canonical URL: ; File formats: Plain Text PDF; Status: PROPOSED STANDARD; Obsoleted by: RFC ; Updated by. Diameter is an authentication, authorization, and accounting protocol for computer networks. The Diameter base protocol is defined by RFC ( Obsoletes: RFC ) and defines the minimum requirements for an AAA protocol. Diameter. Diameter is the protocol used within EPS/IMS architectures for AAA ( Authentication, Diameter is specified primarily as a base protocol by the IETF in RFC

Author: Turisar Kazragul
Country: Philippines
Language: English (Spanish)
Genre: Finance
Published (Last): 12 July 2012
Pages: 32
PDF File Size: 1.94 Mb
ePub File Size: 2.95 Mb
ISBN: 904-4-34241-301-1
Downloads: 42415
Price: Free* [*Free Regsitration Required]
Uploader: Zulukree

Since Relays do not perform any application level processing, they provide relaying services for all Diameter applications, and therefore MUST advertise the Relay Application Identifier. Command Flags The Command Flags field is eight bits.

However, the protocol’s failover procedures require that agents maintain a copy of pending requests. The values are for permanent, standard commands allocated by IANA.

From Wikipedia, the free encyclopedia. The “ip” keyword means any protocol will match.

Diameter (protocol) – Wikipedia

If an AVP with the ” M ” bit set is received by a Diameter client, server, proxy, or translation agent and either the AVP or its value is unrecognized, the message must be rejected. When creating a request, the End-to-End Identifier is set to a locally unique value. Direction in or out Source and destination IP address possibly masked Protocol Source and destination port lists or ranges DSCP values no mask or range Rules for the appropriate direction are evaluated in order, with the first matched rule terminating the evaluation.


These services are provided by supporting AVP integrity and confidentiality between two peers, communicating through agents.

RFC – part 2 of 5

The RFC defines an authorization and an accounting state machine. Byte sequences that do not correspond to the valid encoding of a code point into UTF-8 charset or are outside this range are prohibited.

AVP Values of this type that are not a multiple of four-octets in length is followed by the necessary padding so that the next AVP if any will start on a bit boundary.

The absence of a dfc option may be denoted with a ‘! Diameter Header A summary of the Diameter header format is shown below. A stateless agent is one that only maintains transaction state.

This is a valid packet, but it only has one use, to try to circumvent firewalls. Relay Agents Relay Agents are Diameter agents that accept requests and route messages to dfc Diameter nodes based on information diamrter in the messages e. The packet consists of a Diameter header and a variable number of Attribute-Value Pairs, or AVPs, for encapsulating information relevant to the Diameter message.

The supported TCP options are: The rule syntax is a modified subset of ipfw 8 from FreeBSD, and the ipfw. Messages with the “E” bit set are commonly referred to as error messages. The Diameter protocol defines a policy protocol used by clients to perform policy, AAA, and resource control.

It belongs to the application layer protocols in the internet protocol suite. The following format is used in the definition: These Diameter agents are useful for several reasons: See the frag option for details on matching fragmented packets. The length of the padding is not reflected in the AVP Length field.


When set the AVP Code belongs to the specific vendor code address space. End-to-End Security Framework End-to-end security services include confidentiality and message origin authentication. A Diameter implementation MAY act as one type of agent for some requests, and as another type of agent for others. Diameter Path Authorization As noted in Section 2.

Diameter (protocol)

Both the numeric values and the symbolic values listed below can be used. When set the AVP Code belongs to the specific vendor code address space. The format of the Data field MUST be dizmeter of the following base data types or a data type derived from the base data types.

The metering options MUST be included. Integer32 32 bit signed value, in network byte order. Diameter Command Naming Conventions Diameter command names typically includes one or more English words followed by the verb Request or Answer. Senders of request messages MUST insert a unique identifier on each message.

Relaying of Diameter messages The viameter provided in Figure 2 depicts a request issued from NAS, which is an access device, for the user bob example. An access device MAY apply deny rules of its own before the supplied rules, for example to protect the access device owner’s infrastructure.