Canonical URL: ; File formats: Plain Text PDF; Status: PROPOSED STANDARD; Obsoleted by: RFC ; Updated by. Diameter is specified primarily as a base protocol by the IETF in RFC and then DIAMETER base protocol must be used in conjunction with DIAMETER. Diameter is an authentication, authorization, and accounting protocol for computer networks. It evolved from the earlier RADIUS protocol. It belongs to the application layer protocols in the internet protocol suite. Diameter Applications extend the base protocol by adding new commands The Diameter base protocol is defined by RFC (Obsoletes: RFC ).

Author: Kazilabar Bamuro
Country: Serbia
Language: English (Spanish)
Genre: Education
Published (Last): 13 August 2007
Pages: 146
PDF File Size: 4.26 Mb
ePub File Size: 8.20 Mb
ISBN: 145-9-88248-888-4
Downloads: 17693
Price: Free* [*Free Regsitration Required]
Uploader: Nerr

Happy to help you again. Protcol rule that contains a tcpflags specification can never match a fragmented packet that has a non-zero offset.

These Diameter agents are useful for several reasons: Hop-by-Hop Identifier The Hop-by-Hop Identifier is an unsigned bit integer field in network byte order and aids in matching requests and replies. Guttman Sun Microsystems, Inc. Creating New Accounting Applications In that sense, Diameter is a peer- to-peer protocol.

The combination of the Origin-Host see Section 6. Received diametter that do not match a known Hop-by-Hop Identifier are ignored by the Diameter agent. It is also possible for the base protocol to be extended for use in new applications, via the addition of new commands or AVPs. An administrative domain MAY act as a local realm for certain users, while being a home realm for others.


;rotocol Command Code is used to determine the action that is to be taken for a particular message.

Diameter (protocol) – Wikipedia

Diameter Client A Diameter Client is a device at the edge of the network that performs access control. The list may be specified as any combination of ranges or individual types separated by commas. The format of the header is: Accounting Dizmeter act of collecting information on resource usage for the purpose of capacity planning, auditing, billing or cost allocation.

The End-to-End Identifier is an unsigned bit integer field in network byte order that is used to detect duplicate messages along with the combination of the Origin-Host AVP.

Accounting AVPs may be considered sensitive. Auditability RADIUS does not define data-object security mechanisms, and as a result, untrusted proxies may modify attributes or even packet headers without being detected. As a result, relays never originate messages, do not need to understand the semantics of messages or non-routing AVPs, and are capable of handling any Diameter application or message type.

Hi Gaurav, Thanks proocol highlighting this statement. The originator of an Answer message MUST ensure that the End-to-End Identifier field contains the same value that was found in the corresponding request.

It is also suggested that inter-domain traffic would primarily use TLS. Zorn Cisco Systems, Inc. Bqse Agents Redirect agents are useful in scenarios where the Diameter routing configuration needs to be centralized.

For a match to occur, the same IP version must be present in the packet that was used in describing the IP address. All proxies MUST maintain transaction state.


Diameter (protocol)

The AddressType is used to discriminate the content and format of the remaining octets. No Mechanism of Capability Update.

Since redirect agents do not relay messages, and only return an answer with the information necessary for Diameter agents to communicate directly, they do not modify messages. The Hop-by-Hop identifier is normally a monotonically increasing number, whose start value was randomly generated.

The absence of a particular option may be denoted with a ‘! Match if the ICMP type is in the list types. Usage of Application Id.

Songs Collection March 12, at 4: The ‘P’ bit indicates the need for encryption for end-to-end security. Diameter Path Authorization As noted in Section 2.

Diameter Application Compliance Application Identifiers are advertised during the capabilities exchange phase see Section 5. Peer connection B is established between the Relay and the Server.

As noted in Section 6. This limits the usefulness of IPsec in inter-domain AAA applications such as roaming where it may be desirable to define a distinct certificate hierarchy for use in a AAA deployment. Description of the Document Set Transaction state The Diameter protocol requires that agents maintain transaction state, which is used for failover purposes.

P roxiable – If set, the message MAY be proxied, relayed or redirected. Default Port is