Diameter (protocol)

Unlike RADIUS it includes no encryption but can be protected by transport-level security (IPSEC or TLS).

Examples of Diameter applications: (Generic Bootstrapping Architecture): Bootstrapping Server Function The Diameter protocol was initially developed by Pat R. Calhoun, Glen Zorn, and Ping Pan in 1998 to provide a framework for authentication, authorization, and accounting (AAA) that could overcome the limitations of RADIUS.

RADIUS cannot deal effectively with remote access, IP mobility, and policy control.

[1] Like RADIUS, Diameter provides AAA functionality, but uses TCP and SCTP instead of UDP, therefore delegating detection and handling of communication problems to those protocols.

The Diameter protocol is enhanced further by the development of the 3rd Generation Partnership Project (3GPP) IP Multimedia Subsystem (IMS).

The S6a, S6b, Gx, Gy, Sy, Rx, Cx, Dh, Dx, Rf, Ro, Sh and Zh interfaces are supported by Diameter applications.

The IANA has assigned TCP and SCTP port number 3868 to Diameter, as stated in section 11.4 of RFC 6733.

The "T" (Potentially re-transmitted message) bit – This flag is set after a link failover procedure, to aid the removal of duplicate requests.

For instance, the value of the Application-ID and of the Auth-Application-ID Attribute in the Credit-Control-Request (CCR) and Credit-Control-Answer (CCA) Command for the Diameter Credit-Control Application is 4.

The Diameter protocol requires that relaying and proxying agents maintain transaction state, which is used for failover purposes.

The End-to-End Identifier is an unsigned 32-bit integer field (in network byte order) that is used to detect duplicate messages along with the combination of the Origin-Host AVP.

The RFC 3588 defines a core state machine for maintaining connections between peers and processing messages.

This is part of the basic protocol functionality and all stacks should support it and as such abstract from the connectivity related operations.

The communication between two diameter peers starts with the establishment of a transport connection (TCP or SCTP).

If no messages have been exchanged for some time either side may send a Device-Watchdog-Request (DWR) and the other peer must respond with Device-Watchdog-Answer.

Either side may terminate the communication by sending a Disconnect-Peer-Request (DPR) which the other peer must respond to with Disconnect-Peer-Answer.