Diameter Protocol

 
 
Diameter is AAA (authentication, Authorization, and Accounting protocol) such as RADIUS protocol. As name suggest, DIAMETER is double of RADIUS protocol. while there are many difference between two protocols but one of the main difference is diameter provides the security and reliability because diameter uses TCP/SCTP on transport level, it uses TLS and DTLS. whereas RADIUS runs over the UDP.
 
Diameter protocol is peer to peer protocol so that any node can initiates a request, all data delivered in form of AVPs and provides following facilities:
 
- Ability to exchange messages and deliver AVPs.
- Capability Negotiation
- Error Notification
- Application specific services.
 
 
Diameter base protocol is run on port 3868 for both TCP and SCTP. TLS and Datagram Transport Layer Security (DTLS) uses port 5658. It is assumed TLS run on top of TCP and DTLS is run on top of SCTP. When no transport connection available with peer node, peer should try to connect it periodically with in Tc timer(default 30sec).
 
When connecting to a peer node and more than one connection are available, TLS should be tried first, and followed by DTLS, and then TCP and finnaly by SCTP. So the connection priority should be TLS -> DTLS -> TCP -> SCTP.
 
Diameter over SCTP: While Diameter runs over SCTP, diameter message should be mapped into SCTP streams in a way to avoid head-of-line blocking. To make sure above requirement diameter message should be sent with enabling out-of-order delivery. But out-of-order delivery have special concerns during connection establishment and termination. During connection establishment with out-of-delivery, while diameter exchanging capability message (CER/CEA) it could be possible application specific message come first before connection established. So to avoid this race condition, the receiver should not start out-of-delivery until connection established (CEA-CAR and first DWR-DWA). 
 
Connection Vs Session::
 
Connection refers to transport level connection between two peers that used to send and receives diameter message. A session is logical concept at application level that exist between diameter client and server and it is identified via the session-id AVP.
 
 
 
     P1 <--- Connection1 ---> P2 <---- Connection2 -----> P3
 
      <------------------ Session ------------------------>  
 
Diameter Peer Table:
 
This table is used in message forwarding and is referred by the routing table. It contains following entries:
 
- Host Identity: This field contains the content of Origin-Host AVP found in CER and CEA messages.
- StatusT: This is used for status of peer node.
- Static or Dynamic: Specify whether entity was statically configured or dynamically discovered.
- Expiration Time: Specify the expiration time for dynamically discovered entity.
- TLS/TCP or DTLS/SCTP Enabled: specify type of transport either TCP/TLS or DTLS/SCTP
 
Diameter Routing Table:
 
This table is used for all realm based routing lookup. It contains following entries:
 
- Realm Name: Store realm name, used as primary key for lookup.
- Application ID: Stores Application ID, used as secondary key.
- Local Action: specify how message should be treated and following actions are supported:
    1. LOCAL: Diameter message processed locally.
    2. RELAY: Message routed next hop and routing done without modifying any non routing entity.
    3. PROXY: Message routed to next Diameter entity based on routing lookup and message modified before forwarding based on local policy.
    4. REDIRECT: Message returned to sender with redirection information.
- Server ID: Identity of servers to which message has to routed and it should be present in host ID of peer table.
- Static or Dynamic: Specify whether entity was statically configured or dynamically discovered.
- Expiration Time: Specify the expiration time for dynamically discovered entity.
 
Diameter Agents:
 
1- RELAY AGENT: Relay Agents accepts request and route message to other diameter node based on information in message based on routing table. Relay agent inserts or remove routing information but do change in other portion of message.
 
2- PROXY AGENTS: routes message based routing table and it can enforce local policy before forwarding message to next entity.
 
3- REDIRECT AGENT: Redirect agents does not relay message but sent answer to originator with required information to redirect request.
 
4- TRANSLATION AGENT: used to translated message between two protocols like diameter <-> radius, TACACS <-> diameter.
 
 
Diameter Message Header: 
 
 1                                                                           4
 -------------------------------------------------
| Version=1 (L=1)     | Message Length  (L=3)    |
--------------------------------------------------
| Command Flags (L=1) |    Command Code (L=3)    |
|  RPETrrrr                 |                                          |
--------------------------------------------------
|             Application-ID                     |
--------------------------------------------------
|             Hop-by-Hop Identifier              |
--------------------------------------------------
|             End-to-End Identifier              |
--------------------------------------------------
| AVPs....
-------------
 
Command Flags:
 
R- Request - Set for request
P- Proxiable - If set, Message is proxied
E- Error - If set, referred to as error message.
T- Potentially retransmitted Message - If set, retransmitted message.
rrrr - Reserved.
 
Application-ID: Used to identify the application, application can be authentication, accounting or vender-specific application.
 
Hop-by-Hop Identifier: Used to match request and answer.
 
End-to-End Identifier: used to detect duplicated message.
 
Command Codes:
 
ASR - Abort Session Request - Code 274
ASA - Abort Session Answer  - Code 274
ACR - Accounting Request    - Code 271
ACA - Accounting Answer     - Code 271
CER - Capability-Exchange-Request - Code 257
CEA - Capability-Exchange-Answer  - Code 257
DWR - Device-Watchdog-Request - Code 280
DWA - Device-Watchdog-Answer - Code 280
DPR - Disconnect-Peer-Request - Code 282
DPR - Disconnect-Peer-Answer - Code 282
RAR - Re-Auth-Request - Code 258
RAA - Re-Auth-Answer - Code 258
STR - Session-Termination-Request - Code 275
STA - Session-Termination-Answer - Code 275
 
 
Diameter AVPs:
 
Diameter AVPs carry accounting, authorization, and routing information as well configuration.
 
AVP Header:
 
-------------------------------------------------
|                      AVP Code                  |
-------------------------------------------------
|Flags VMPrrrrr |       AVP Length               |
--------------------------------------------------
|              vender-ID                         |
--------------------------------------------------
| Data ....
-----------------------------------
 
Flags: P - reserved - set to 0
M - Mandatory - receiver must understand and parse AVP and return error if unable to understand it.
V - Vender ID - If set, specify optional Vender specific field is present.
        
 
 
 
 
 
 
 
 
||

Comments

  1. Are you looking for a perfect PC control USB headset for home or business use? Then this Sennheiser 2-ear-control-pc-usb-headset is exactly what you are looking for. Whether you run a small or big business, this device will add more value to what you do.

    ReplyDelete
  2. If you're looking for help in using it, just dial Quickbooks Customer Service +1 888-210-4052 to speak with a live representative.

    ReplyDelete
  3. If you are looking for a Dell laptop repair center in Noida Sector 18, then you are in luck. Dell offers door-to-door service to its clients at affordable rates. If your computer is beyond repair, you can also get a free estimate from the service center before you make your appointment. You can even fix an appointment at your convenience. To schedule an appointment, you can visit the our Dell service center's website.
    Dell service center in sector 18 Noida

    ReplyDelete
  4. What a wonderful information it really helps me a lot to understand new things also have a look on this Best Bariatric surgeon in Delhi NCR

    ReplyDelete
  5. Thank you for this important information it contains very good knowledge and helps me a lot Best hernia Surgeon in Delhi NCR

    ReplyDelete
  6. Awesome Blog! Thanks for sharing this post. It is an interesting post for everyone. When i read about this post then got more information. I like it.

    ESD Gloves

    Nitrile Gloves

    ESD Table Mat

    ReplyDelete
  7. Thank you for this informative post it really helps me a lot to undestand new things keep doing this work also have a look on this Best oesophagus Surgeon in Delhi NCR

    ReplyDelete
  8. If you're looking for a reliable Best Computer Course in Laxmi Nagarthat offers excellent educational programs along with placement assistance then look no further than BIIT Technology (Brahmanand Institute of Information & Technology).

    Call For Enquiry- 9318356685

    ReplyDelete
  9. Thanks.
    CakesNcakesshop is the best cake shop in mohali. Visit:- Birthday Cakes For Boys

    ReplyDelete

Post a Comment

Popular posts from this blog

SRVCC - Single Radio Voice Call Continuity

Intelligent Networks (IN) and CAMEL

Diameter Messages