Reference RFC: http://www.ietf.org/rfc/rfc3588.txt
RFC 3588 diameter based protocol
Table of contents
1. introduction ....................................... .......... 6
1.1. diameter protocol ..................................... 9
1.1.1. Description of the document set ...... 10
1.2. Approach to extensibility ......
1.2.1. Defining new AVP values ......
1.2.2. Creating new avps...
1.2.3. Creating new authentication applications... 11
1.2.4. Creating New Accounting applications ...... 12
1.2.5. Application Authentication Procedures ...... 14
1.3. terminology ....................................... .... 14
2. protocol overview ...................................... ...... 18
2.1. transport ....................................... ...... 20
2.1.1. sctp guidelines...
2.2. Securing diameter messages...
2.3. Diameter application compliance ...... 21
2.4. Application Identifiers...
2.5. Connections vs. Sessions ......
2.6. peer table ...................................... ...... 23
2.7. realm-based routing table...
2.8. Role of diameter agents...
2.8.1. Relay agents...
2.8.2. Proxy agents...
2.8.3. Redirect agents...
2.8.4. Translation agents...
2.9. End-to-end security framework ......
2.10. diameter path authorization ......
3. diameter header ...................................... ........ 32
3.1. command codes ......................................... 35
3.2. Command code ABNF specification ...... 36
3.3. Diameter command naming conventions ...... 38
4. diameter avps ...................................... .......... 38
4.1. AVP header ...................................... ...... 39
4.1.1. optional Header elements ......
4.2. Basic AVP data formats...
4.3. derived AVP data formats...
4.4. grouped AVP values .................................... 49
4.4.1. Example AVP with a grouped data type ...... 50
4.5. Diameter Base protocol avps ......
5. diameter peers ...................................... ......... 56
5.1. peer connections ...................................... 56
5.2. Diameter Peer Discovery ......
5.3. Capabilities exchange...
5.3.1. capabilities-exchange-request ...... 60
5.3.2. capabilities-exchange-Answer ...... 60
5.3.3. Vendor-id avp ......
5.3.4. Firmware-revision AVP ...... 61
Calhoun, et al. Standards track [page 2]
RFC 3588 diameter based protocol September 2003
5.3.5. Host-IP-address AVP...
5.3.6. Supported-vendor-id avp ......
5.3.7. Product-name AVP...
5.4. Disconnecting peer connections ............ 62
5.4.1. Disconnect-peer-request...
5.4.2. Disconnect-peer-answer...
5.4.3. Disconnect-cause AVP ......
5.5. Transport failure detection ......
5.5.1. device-watchdog-request ...... 64
5.5.2. device-watchdog-Answer ......
5.5.3. Transport failure algorithm ...... 65
5.5.4. Failover and failback procedures ...... 65
5.6. peer state machine .................................... 66
5.6.1. incoming connections...
5.6.2. events ....................................... 69
5.6.3. actions ...................................... 70
5.6.4. The election process...
6. Diameter Message Processing ...... ..............
6.1. Diameter Request Routing overview ...... 71
6.1.1. originating a request...
6.1.2. Sending a request...
6.1.3. Refreshing ing requests...
6.1.4. Processing local requests... 73
6.1.5. Request forwarding...
6.1.6. Request Routing...
6.1.7. redirecting requests ...... 74
6.1.8. Relaying and proxying requests ...... 75
6.2. Diameter answer processing...
6.2.1. Processing canceled ed answers ...... 77
6.2.2. Relaying and proxying answers ...... 77
6.3. origin-host AVP ....................................... 77
6.4. origin-realm AVP .................................... .. 78
6.5. destination-host AVP .................................. 78
6.6. Destination-realm AVP...
6.7. routing avps ...................................... .... 78
6.7.1. Route-record AVP ......
6.7.2. Proxy-Info AVP...
6.7.3. Proxy-host AVP...
6.7.4. Proxy-state AVP ......
6.8. Auth-Application-id avp ......
6.9. Acct-Application-id avp...
6.10. inband-security-id avp ................................ 79
6.11. vendor-specific-Application-id avp ...... 80
6.12. redirect-host AVP ..................................... 80
6.13. Redirect-host-usage AVP...
6.14. Redirect-max-Cache-time AVP ......
6.15. e2E-Sequence AVP ...................................... 82
Calhoun, et al. Standards track [Page 3]
RFC 3588 diameter based protocol September 2003
7. error handling ...................................... ......... 82
7.1. result-code AVP ....................................... 84
7.1.1. Informational ..............
7.1.2. success ...................................... 84
7.1.3. Protocol errors...
7.1.4. Transient failures...
7.1.5. Permanent failures...
7.2. error bit ...................................... ....... 88
7.3. error-message AVP ..................................... 89
7.4. Error-reporting-host AVP...
7.5. failed-AVP .................................... .... 89
7.6. Experimental-result AVP ......
7.7. Experimental-result-code AVP ......
8. diameter user sessions ..................................... .. 90
8.1. Authorization session state machine ...... 92
8.2. Accounting session state machine...
8.3. Server-initiated re-auth ......
8.3.1. Re-auth-request...
8.3.2. Re-auth-answer...
8.4. session termination ......
8.4.1. Session-termination-request... 104
8.4.2. Session-termination-answer... 105
8.5. aborting a session .................................... 105
8.5.1. Abort-session-request ...... ............ 106
8.5.2. Abort-session-Answer .......... 106
8.6. inferring session termination from origin-state-ID... 107
8.7. auth-request-type AVP ................................. 108
8.8. session-id avp .................................... .... 108
8.9. Authorization-lifetime AVP ......
8.10. auth-Grace-period AVP ................................. 110
8.11. auth-session-state AVP ................................ 110
8.12. re-auth-request-type AVP .............................. 110
8.13. session-Timeout AVP ................................... 111
8.14. user-name AVP .................................... ..... 111
8.15. Termination-cause AVP ......
8.16. origin-state-id avp ................................... 112
8.17. session-binding AVP ................................... 113
8.18. Session-server-failover AVP ......
8.19. multi-Round-Time-out AVP .............................. 114
8.20. class AVP ...................................... ....... 114
8.21. event-timestamp AVP ................................... 115
9. accounting ....................................... ............ 115
9.1. Server directed model...
9.2. protocol messages ..................................... 116
9.3. application document requirements ...... 116
9.4. fault resilience ...................................... 116
9.5. accounting records .................................... 117
9.6. Correlation of accounting records ...... 118
Calhoun, et al. Standards track [page 4]
RFC 3588 diameter based protocol September 2003
9.7. Accounting Command-codes...
9.7.1. Accounting-request...
9.7.2. Accounting-answer...
9.8. accounting avps ....................................... 121
9.8.1. Accounting-record-type AVP ...... 121
9.8.2. Acct-Interim-interval AVP... 122
9.8.3. Accounting-record-number AVP ...... 123
9.8.4. Acct-session-id avp ......
9.8.5. Acct-Multi-session-id avp .......... 123
9.8.6. Accounting-sub-session-id avp ...... 123
9.8.7. Accounting-Realtime-required AVP .......... 123
10. AVP occurrence table ..................................... .... 124
10.1. Base protocol command AVP table...
10.2. Accounting AVP table...
11. iana considerations ...................................... .... 127
11.1. AVP header ...................................... ...... 127
11.1.1. AVP code ..................................... 127
11.1.2. AVP flags .................................... 128
11.2. diameter header ....................................... 128
11.2.1. Command codes...
11.2.2. Command flags...
11.3. Application Identifiers...
11.4. AVP values ...................................... ...... 129
11.4.1. Result-code AVP values ...... 129
11.4.2. Accounting-record-type AVP values ...... 130
11.4.3. Termination-cause AVP values ...... 130
11.4.4. Redirect-host-usage AVP values ........ 130
11.4.5. Session-server-failover AVP values ...... 130
11.4.6. Session-binding AVP values... 130
11.4.7. Disconnect-cause AVP values... 130
11.4.8. Auth-request-type AVP values... 130
11.4.9. Auth-session-state AVP values ...... 130
11.4.10. Re-auth-request-type AVP values ...... 131
11.4.11. Accounting-Realtime-required AVP values... 131
11.5. Diameter TCP/sctp port numbers ...... 131
11.6. naptr service fields ......
12. Diameter protocol related parameter able parameters ...... 131
13. security considerations ...................................... 132
13.1. IPSec usage ...................................... ..... 133
13.2. TLS usage ...................................... ....... 134
13.3. Peer-to-Peer considerations ......
14. references ....................................... ............ 136
14.1. Normative references ......
14.2. Informative references...
15. acknowledgements ....................................... ...... 140
Appendix A. Diameter service template ...... .......... 141
Appendix B. naptr example ....................................... 142
Appendix C. Duplicate detection... 143