Scribd Logo
Hochladen

Willkommen bei Scribd!

  • Introduction To Diameter Protocol

    Hochgeladen von

    shema_mic
    161 Ansichten28 Seiten
    Diameter provides an Authentication, Authorization and Accounting framework flexible architecture that supports developing a variety of authentication applications such as Mobile-IP, NASREQ and ROAMOPS Addresses limitations of RADIUS protocols.

    Originalbeschreibung:

    Originaltitel

    Introduction to Diameter Protocol[1]

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Verfügbare Formate

    PDF, TXT oder online auf Scribd lesen

    Stufen Sie dieses Dokument als nützlich ein?

    Sind diese Inhalte unangemessen?

    Dieses Dokument melden
    Diameter provides an Authentication, Authorization and Accounting framework flexible architecture that supports developing a variety of authentication applications such as Mobile-IP, NASREQ and ROAMOPS Addresses limitations of RADIUS protocols.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    161 Ansichten28 Seiten

    Introduction To Diameter Protocol

    Hochgeladen von

    shema_mic
    Diameter provides an Authentication, Authorization and Accounting framework flexible architecture that supports developing a variety of authentication applications such as Mobile-IP, NASREQ and ROAMOPS Addresses limitations of RADIUS protocols.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Als PDF, TXT herunterladen oder online auf Scribd lesen
    Markieren Sie unangemessene Inhalte
    von 28

    An Introduction to

    Diameter Protocol

    Saro Velrajan
    1st Aug 2009

    1
    http://thediameter.blogspot.com 1st Aug 2009
    Pre-requisites

    Familiarity with the basics of


    - TCP/IP networking &
    - RADIUS protocol

    2
    http://thediameter.blogspot.com 1st Aug 2009
    Agenda

    Protocol Basics

    Functional Nodes

    Key Features

    Messages

    Summary / References

    3
    http://thediameter.blogspot.com 1st Aug 2009
    Protocol Basics

    4
    http://thediameter.blogspot.com 1st Aug 2009
    Why Diameter?

    Networks have evolved in the last 10 years. Need a


    protocol that is flexible enough

    Need for more reliability & security

    Need a protocol that addresses limitations of


    RADIUS protocol

    5
    http://thediameter.blogspot.com 1st Aug 2009
    What is Diameter?

    Provides an Authentication, Authorization &


    Accounting framework

    Flexible architecture that supports developing a


    variety of authentication applications such as
    Mobile-IP, NASREQ & ROAMOPS

    Addresses limitations of RADIUS protocols

    6
    http://thediameter.blogspot.com 1st Aug 2009
    Diameter Protocol Architecture

    NASREQ Mobile IP SIP

    CMS
    Diameter Base Protocol
    Security

    7
    http://thediameter.blogspot.com 1st Aug 2009
    Differences between RADIUS & Diameter

    Feature RADIUS Diameter


    Transport Connectionless (UDP) Connection-Oriented
    Protocol (TCP & SCTP)
    Ports 1812 & 1813 3868 (Base Protocol)

    Security Hop-to-Hop Hop-to-Hop


    End-to-End
    Capabilities Not Supported Negotiate supported
    Negotiation applications and
    security level
    Peer Static configuration Static configuration and
    Discovery dynamic lookup

    8
    http://thediameter.blogspot.com 1st Aug 2009
    Differences between RADIUS & Diameter
    (Contd.)

    Feature RADIUS Diameter


    Server Initiated Not Supported Supported. for
    Message (Extensions available) example, re-
    authentication
    message, Session
    termination
    Maximum 255 octets 16,777,215 octets
    Attribute Data Size

    Vendor-specific Vendor-specific Vendor-specific


    Support attributes only attributes and
    messages

    9
    http://thediameter.blogspot.com 1st Aug 2009
    Functional Nodes

    10
    http://thediameter.blogspot.com 1st Aug 2009
    Diameter Nodes

    Diameter Client
    Diameter Server
    Diameter Proxy/Relay Agent
    Diameter Redirect Agent
    Diameter Translation Agent

    11
    http://thediameter.blogspot.com 1st Aug 2009
    Proxy/Relay Agent

    1. Request
    Diameter
    Diameter Proxy/Relay
    4. Response
    Client Agent

    3. Response 2. Request

    Diameter
    Server

    • Proxy/Relay forward messages to appropriate Diameter Server


    • Proxy can modify message content and apply rules

    12
    http://thediameter.blogspot.com 1st Aug 2009
    Redirect Agent

    1. Request 2. Request

    Diameter Diameter Diameter


    Client 6. Response Proxy 3. Response Redirect
    Agent Agent

    5. Response 4. Request

    Diameter
    Server

    • Redirection agent returns a response with redirection information


    • Request routing information maintained in a central location

    13
    http://thediameter.blogspot.com 1st Aug 2009
    Translation Agent

    1. RADIUS Request 2. Diameter Request

    RADIUS Diameter Diameter


    Client 4. RADIUS Response Translation 3. Diameter Response Redirect
    Agent Agent

    • Translation Agent converts RADIUS messages to Diameter format and vice versa
    • Provides an upgrade path & seamless migration for RADIUS based network
    systems

    14
    http://thediameter.blogspot.com 1st Aug 2009
    Key Features

    15
    http://thediameter.blogspot.com 1st Aug 2009
    Diameter Features

    Peer Detection

    Capabilities Exchange

    Transport Failure Detection

    Failover/Fallback Procedures

    Accounting

    16
    http://thediameter.blogspot.com 1st Aug 2009
    Messages

    17
    http://thediameter.blogspot.com 1st Aug 2009
    Diameter Message Format

    Version Message Length


    Message
    Header Flags Command Code

    Application Identifier

    Hop by Hop Identifier

    End to End Identifier

    Message AVP Code


    Body Attribute Value Pairs (AVPs) Flags AVP Length
    Vendor-ID (optional)

    Data

    18
    http://thediameter.blogspot.com 1st Aug 2009
    Diameter Messages – Supported by BASE
    Protocol

     Capabilities Exchange Request/Response


     Accounting Request/Response
     Re-Auth Request/Response
     Session Termination Request/Response
     Abort Session Request/Response
     Disconnect Peer Request/Response
     Device Watchdog Request/Response

    19
    http://thediameter.blogspot.com 1st Aug 2009
    Connection Setup & Tear Down

    Capabilities Exchange Request

    Capabilities Exchange Response

    Other Diameter Diameter


    Diameter
    Message Server
    Client
    Exchanges

    Disconnect Peer Request

    Disconnect Peer Response

    20
    http://thediameter.blogspot.com 1st Aug 2009
    Subscriber Session – With Accounting

    Session LOGIN
    AA-Request
    AA-Response

    Accounting-Request
    Accounting-Response Diameter
    Diameter
    Client Server

    Session LOGOUT
    Accounting-Request
    Accounting-Response

    21
    http://thediameter.blogspot.com 1st Aug 2009
    Subscriber Session – Without Accounting (Stateful)

    Session LOGIN
    AA-Request
    AA-Response

    Diameter Diameter
    Client Server
    Session LOGOUT
    Session-Terminate-Request
    Session-Terminate-Response

    22
    http://thediameter.blogspot.com 1st Aug 2009
    Subscriber Session – Without Accounting (Stateless)

    Session LOGIN
    AA-Request
    (No Session State Maintained)
    Diameter Diameter
    Client Server
    AA-Response

    23
    http://thediameter.blogspot.com 1st Aug 2009
    Subscriber Session Termination –
    Client Initiated

    Session-Terminate-Request
    Diameter Diameter
    Client Session-Terminate-Response Server

    24
    http://thediameter.blogspot.com 1st Aug 2009
    Subscriber Session Termination –
    Server Initiated

    Abort Session Request Diameter


    Diameter
    Client Server
    Abort Session Response

    25
    http://thediameter.blogspot.com 1st Aug 2009
    Diameter - Summary

    Provides an Authentication, Authorization &


    Accounting framework

    Flexible architecture that supports developing a


    variety of applications such as Mobile-IP, NASREQ &
    ROAMOPS

    Addresses limitations of RADIUS protocol

    26
    http://thediameter.blogspot.com 1st Aug 2009
    References

    Diameter RFC 3588


    http://www.faqs.org/rfcs/rfc3588.html

    The Internet NG Project

    http://ing.ctit.utwente.nl/WU5/D5.1/Technology/diameter/

    Introduction to Diameter

    http://docs.hp.com/en/T1428-90011/T1428-90011.pdf
    http://www-128.ibm.com/developerworks/library/wi-diameter/index.html

    27
    http://thediameter.blogspot.com 1st Aug 2009
    Thank You!

    28
    http://thediameter.blogspot.com 1st Aug 2009

    Das könnte Ihnen auch gefallen