Diameter_(protocol)

For the geometric term, see Diameter

Diameter is a computer networking protocol for AAA (Authentication, Authorization and Accounting). It is a successor to RADIUS.

Upgrade from RADIUS

The name is a pun on the RADIUS protocol, which is the predecessor (a diameter is twice the radius). Diameter is not directly backwards compatible, but provides an upgrade path for RADIUS. The main differences are :

• it uses reliable transport protocols (TCP or SCTP, not UDP)
• it uses network or transport level security (IPsec or TLS)
• it has transition support for RADIUS but Diameter is not full Radius compatible
• it has larger address space for AVPs (Attribute Value Pairs) and identifiers (32-bit instead of 8-bit)
• it is a client-server protocol, with exception of supporting some server-initiated messages as well
• both stateful and stateless models can be used
• it has dynamic discovery of peers (using DNS SRV and NAPTR)
• it has capability negotiation
• it supports application layer acknowledgements, defines failover methods and state machines (RFC 3539)
• it has error notification
• it has better roaming support
• it is more easily extended; new commands and attributes can be defined
• it is aligned on 32 bit boundaries
• it has basic support for user-sessions and accounting

Protocol description

The Diameter Base Protocol is defined by RFC 3588, and defines the minimum requirements for an AAA protocol. Diameter Applications can extend the base protocol, by adding new commands and/or attributes. An application is not a program, but a protocol based on Diameter. Diameter security is provided by IPSEC or TLS, both well-regarded protocols.

This short section requires expansion.

Packet format

Commands

Each command is assigned a command code, which is used for both requests and answers.

This section is a stub. You can help Wikipedia by expanding this section.

Attribute-Value Pairs (AVP)

State machines

This section is a stub. You can help Wikipedia by expanding this section.

Message flows

This section is a stub. You can help Wikipedia by expanding this section.

Applications

A Diameter Application is not a software application, but a protocol based on the Diameter Base protocol (defined in RFC 3588). Each application is defined by an application identifier and can add new command codes and/or new mandatory AVPs. Adding a new optional AVP does not require a new application.

Examples of Diameter applications :

• Diameter Mobile IPv4 Application (MobileIP, RFC 4004)
• Diameter Network Access Server Application (NASREQ, RFC 4005)
• Diameter Extensible Authentication Protocol Application (RFC 4072)
• Diameter Credit-Control Application (DCCA, RFC 4006)
• Diameter Session Initiation Protocol Application (RFC 4740)
• various applications in the 3GPP IP Multimedia Subsystem

(Generic Bootstrapping Architecture): Bootstrapping Server Function

External links

• http://www.cisco.com/en/US/products/ps6638/products_data_sheet09186a00804fe332.html Cisco page outlining differences between RADIUS and DIAMETER
• http://sourceforge.net/projects/openblox/ Open Source Java IMS optimised Full Diameter solution
• http://www.diva-portal.org/diva/getDocument?urn_nbn_se_liu_diva-1195-1__fulltext.pdf Paper about Diameter by Håkan Ventura
• http://www.csg.uzh.ch/staff/morariu/opendiameter/ OpenDiameter Debian and Ubuntu repository
• http://www.amazon.com/AAA-Network-Security-Mobile-Access/dp/0470011947/ref=sr_1_1?ie=UTF8&s=books&qid=1203514099&sr=1-1 AAA and Network Security for Mobile Access: Radius, Diameter, EAP, PKI and IP Mobility

This software-related article is a stub. You can help Wikipedia by expanding it.

This article is licensed under the GNU Free Documentation License. It uses material from Wikipedia