Canonical URL: ; File formats: Plain Text PDF; Status: PROPOSED STANDARD; Obsoleted by: RFC ; Updated by. Diameter is an authentication, authorization, and accounting protocol for computer networks. The Diameter base protocol is defined by RFC ( Obsoletes: RFC ) and defines the minimum requirements for an AAA protocol. Diameter. Diameter is the protocol used within EPS/IMS architectures for AAA ( Authentication, Diameter is specified primarily as a base protocol by the IETF in RFC
|Published (Last):||28 February 2008|
|PDF File Size:||15.73 Mb|
|ePub File Size:||16.18 Mb|
|Price:||Free* [*Free Regsitration Required]|
DIAMETER – The Wireshark Wiki
After that the transport connection can be disconnected. Each authorized session is bound to a particular service, and its state is considered active either until it is notified otherwise, or by expiration.
The End-to-End Identifier is an unsigned bit integer field in network byte order that is used to detect duplicate messages along with the combination of the Origin-Host AVP. When set the AVP Code belongs to the specific vendor code address space.
RFC – part 2 of 5
Diameter agents only need to be concerned about the number of requests they send based on a single received request; retransmissions by other entities need not be tracked. The keyword “any” is 0.
Any AVP for which the P bit may be set or which may be encrypted may be considered sensitive. Integer32 32 bit signed value, in network byte order. The Hop-by-Hop identifier is normally a monotonically increasing number, whose start value was randomly diameteer.
Message Length The Message Length field is three octets and indicates the length of the Diameter message including the header fields. If cleared, the message MUST be locally processed. The Message Length field indicates the length of the Diameter message in bytes, including the header fields and the padded AVPs.
Only this exact IP number will match the rule. This requires that proxies maintain the state of their downstream peers e. A rule that contains a tcpflags rcc can never match a fragmented packet that has a non-zero offset.
The request is identified by the R equest bit in the Diameter header set to one 1to ask that a particular action be performed, such as diamster a user or terminating a session.
The originator of an Answer message MUST ensure that the End-to-End Identifier field contains the same value that was found in the corresponding request.
As ofthe only value supported is 1. Transaction state implies that upon forwarding a request, its Hop-by-Hop identifier is saved; the field is replaced diamefer a locally unique identifier, which is restored to its original value when the corresponding answer is received.
The ” E ” Error bit rffc If set, the message contains a protocol error, and the message will not conform to the CCF described for this command. The packet consists of a Diameter header and a variable number of Attribute-Value Pairs, or AVPs, for encapsulating information relevant to the Diameter message. It is set when resending requests not yet acknowledged, as an indication of a possible duplicate due to a link failure.
Prior to issuing the request, NAS performs a Diameter route lookup, using “example. This AVP would be encoded as follows: The following bits are assigned: The AddressType is used to discriminate the content and format of the riameter octets. If cleared, the message is an answer. If no rule matches, the packet is treated as best effort.
Each English word is delimited by a hyphen. The sender MUST ensure that the Hop-by-Hop identifier in a request is diameger on a given connection at any gfc time, and MAY attempt to ensure that the number is unique across reboots. If cleared, the message is an answer. A number of zero- valued bytes are added to the end of the Diametre Data field till a word boundary is reached.
In case of redirecting agents, the Hop-by-Hop Identifier is maintained in the header as the Diameter agent responds with an answer message. The absence of a particular flag may be denoted with a ‘!
Retrieved 30 April The supported TCP options are: Due to space constraints, the short form DiamIdent is used to represent DiameterIdentity.
Relays modify Diameter daimeter by inserting and removing routing information, but do not modify any other portion of a message. It belongs to the application layer protocols in the internet protocol suite.
By authorizing a request, the home Diameter server is implicitly indicating its willingness to engage in the business transaction as specified by the contractual relationship between the server and the previous hop. The following Command Codes are defined in the Diameter base diameterr Further, since redirect agents never relay diaeter, they are not required to maintain transaction state. End-to-end security policies include: For example, where TLS or IPsec transmission- level security is sufficient, there may be no need for end-to-end security.
On 6h 28m 16s UTC, 7 February the time value will overflow. You can help by adding to it.