Title Details

Diameter: New Generation AAA Protocol – Design, Practice, and Applications
Buy Rights Online Buy Rights

Rights Contact Login For More Details

More About This Title Diameter: New Generation AAA Protocol – Design, Practice, and Applications

  • English

English

Presents the principles, design, development and applications of the Diameter protocol suite

The Diameter protocol was born in the Internet Engineering Task Force (IETF) and designed to be a general-purpose Authentication, Authorization, and Accounting (AAA) protocol applicable to many network environments. This book is for everyone who wants to understand the Diameter protocol and its applications. This book explains the place Diameter holds in global telecommunication networks and teaches system architects and designers how to incorporate Diameter into their network environments. 

Diameter: New Generation AAA Protocol - Design, Practice and Applications begins by describing the foundation of Diameter step-by-step, starting with building blocks of the protocol, and progressing from a simple two-party exchange to a multi-party exchange involving complex routing. It discusses the motivation for using Diameter, talks about its predecessor, RADIUS, and introduces the open source Diameter implementation, freeDiameter. The book expands beyond protocol basics to cover end-to-end communication, security functionality, and real-world applications, extending to the backend infrastructure of mobile telecommunications. In addition, an advanced chapter teaches readers how to develop Diameter extensions for their own AAA applications. 

  • Written by an experienced author team who are members of the group that standardized Diameter in the IETF and are at the forefront of this cutting-edge technology
  • Presents the still-developing topic of Diameter from both introductory and advanced levels
  • Makes available for download a virtual machine containing the open source implementation: https://diameter-book.info
  • Provides hands-on experience via freeDiameter examples and exercises throughout the book

Diameter: New Generation AAA Protocol - Design, Practice and Applications will appeal to system architects and system designers, programmers, standardization experts new to Diameter, students and researchers interested in technology that is deployed by many network operators. 

  • English

English

HANNES TSCHOFENIG is employed by Arm Ltd. where his focus is on improving the security of Internet of Things device. While working for Nokia Siemens Networks he co-chaired the IETF Diameter Maintenance and Extensions (DIME) working group.

SÉBASTIEN DECUGIS is a former Senior Visiting Researcher at Keio University in Japan, and developer of the freeDiameter implementation.

JEAN MAHONEY has more than a decade's worth of experience with IETF specifications and the servers and clients built on top of them. Jean is currently the co-chair of the IETF SIPCORE working group and Gen-ART Secretary.

JOUNI KORHONEN is Principal R&D Engineer with Nordic Semiconductor, and co-author of Deploying IPv6 in 3GPP Networks.

  • English

English

Dedication iii

Disclaimer v

Foreword xiii

Preface xv

About the Authors xix

Acknowledgements xxi

List of Abbreviations xxiii

1 Introduction 1

1.1 What Is AAA? 1

1.2 Open Standards and the IETF 2

1.3 What Is Diameter? 3

1.3.1 Diameter versus RADIUS 4

1.3.2 Diameter Improvements 5

1.4 What Is freeDiameter? 6

2 Concepts 7

2.1 Introduction 7

2.2 Diameter Nodes 7

2.3 Diameter Protocol Structure 8

2.4 Diameter Applications 8

2.5 Connections 10

2.5.1 Transport Layer 10

2.5.2 Peer-to-Peer Messaging Layer 10

2.5.3 Setting up a Connection between freeDiameter Peers 11

2.6 Diameter Message Overview 11

2.6.1 The Command Code Format 12

2.6.2 Message Structure 13

2.6.3 Attribute-Value Pairs (AVPs) 14

2.6.4 Derived AVP Data Formats 18

2.7 Diameter Sessions 19

2.8 Transaction Results 19

2.8.1 Successful Transactions 20

2.8.2 Protocol Errors 20

2.8.3 Transient Failures 21

2.8.4 Permanent Failures 22

2.9 Diameter Agents 24

2.9.1 Saving State 24

2.9.2 Redirect Agents 24

2.9.3 Relay Agents 24

2.9.4 Proxy Agents 26

2.9.5 Translation Agents 26

3 Communication between Neighboring Peers 27

3.1 Introduction 27

3.2 Peer Connections and Diameter Sessions 27

3.3 The DiameterIdentity 28

3.4 Peer Discovery 29

3.4.1 Static Discovery 29

3.4.2 Dynamic Discovery 30

3.5 Connection Establishment 35

3.5.1 The Election Process: Handling Simultaneous Connection Attempts 35

3.6 Capabilities Exchange 36

3.6.1 freeDiameter example 36

3.6.2 The Capabilities Exchange Request 37

3.6.3 Capabilities Exchange Answer 38

3.6.4 Hop-by-Hop Identifiers 39

3.7 The Peer Table 40

3.8 Peer Connection Maintenance 41

3.8.1 Transport Failure, Failover and Failback Procedures 43

3.8.2 Peer State Machine 47

3.9 Advanced Transport and Peer Topics 51

3.9.1 TCP Multi-homing 51

3.9.2 SCTP Multi-homing 51

3.9.3 Avoiding Head-of-Line Blocking 55

3.9.4 Multiple Connection Instances 55

4 Diameter End-to-End Communication 59

4.1 Introduction 59

4.2 The Routing Table 59

4.3 Diameter Request Routing 61

4.3.1 AVPs to Route Request Messages 62

4.3.2 Routing AVPs 63

4.4 Request Routing Error Handling 65

4.4.1 Detecting Duplicated Messages 65

4.4.2 Error Codes 66

4.5 Answer Message Routing 67

4.5.1 Relaying and Proxying Answer Messages 67

4.6 Intra-Realm versus Inter-Realm Communication 67

4.7 Diameter Routing and Inter-Connection Networks 68

4.7.1 Inter-Connection Approaches 68

4.7.2 Dynamic Diameter Node Discovery 70

4.8 Diameter Overload Control 72

4.8.1 Overload Reports 75

4.8.2 Overload Control State 76

4.8.3 Overload Abatement Considerations 77

5 Diameter Security 79

5.1 Introduction 79

5.2 Background 80

5.2.1 Unkeyed Primitives 81

5.2.2 Symmetric Key Primitives 82

5.2.3 Asymmetric Key Primitives 82

5.2.4 Key Length Recommendations 84

5.3 Security Threats 85

5.4 Security Services 88

5.4.1 Diameter Security Model 88

5.4.2 Relation to Threats 91

5.4.3 Mitigating Other Threats 91

5.5 PKI Example Configuration in freeDiameter 92

5.5.1 The Configuration File 93

5.5.2 The Certificate 94

5.5.3 Protecting Exchanges via TLS 95

5.6 Security Evolution 100

6 Diameter Applications 101

6.1 Introduction 101

6.2 Base Accounting 101

6.2.1 Actors 102

6.2.2 Accounting Application Setup 102

6.2.3 Accounting Services 103

6.2.4 Accounting Records 105

6.2.5 Correlation of Accounting Records 106

6.2.6 Sending Accounting Information 106

6.2.7 Accounting AVPs 108

6.2.8 freeDiameter Example 108

6.2.9 Fault Resilience 109

6.2.10 Example: 3GPP Rf Interface for Mobile Offline Charging 110

6.3 Credit-Control 114

6.3.1 Credit-Control-Request Command 115

6.3.2 Credit-Control-Answer Command 118

6.3.3 Failure Handling 120

6.3.4 Extensibility 120

6.3.5 Example: 3GPP Ro Interface for Online Charging 120

6.4 Quality of Service 122

6.4.1 Actors 123

6.4.2 Modes of Operation 123

6.4.3 Authorization 124

6.4.4 Establishing and Managing a QoS Application Session 127

6.4.5 Re-Authorizing a Session 130

6.4.6 Terminating a Session 130

6.5 Interworking RADIUS and Diameter 131

6.6 S6a Interface 137

6.6.1 Evolved Packet Core 137

6.6.2 S6a Overview 139

6.6.3 Authentication 140

6.6.4 Location Management 143

6.6.5 Subscriber Data Handling 148

6.6.6 Fault Recovery 152

6.6.7 Notifications 154

6.6.8 Ending Subscriber Sessions 156

6.6.9 Extensibility 158

7 Guidelines for Extending Diameter 161

7.1 Introduction 161

7.2 Registration Policies 162

7.3 Overview of Extension Strategies 163

7.4 Extending Attribute-Value Pairs 164

7.4.1 Extending Existing AVPs 164

7.5 Extending Commands 165

7.5.1 Allocating New Command Flags 165

7.5.2 Adding New AVPs 166

7.5.3 Creating New Commands 167

7.6 Creating New Applications 168

7.6.1 The Application-Id 168

7.7 Lessons Learned 169

7.8 Vendor-specific Extensions 172

7.8.1 AVPs 172

7.8.2 Command Codes 172

7.8.3 Diameter Applications 172

7.9 Prototyping with freeDiameter 173

A freeDiameter Tutorial 175

A.1 Introduction to Virtual Machines 175

A.2 Installing the Virtualization Software 176

A.3 Creating Your Own Environment 176

A.4 Downloading the VM Image 176

A.5 Installing and Starting the Master VM ‘freeDiameter’ 176

A.6 Creating a Connection Between Two Diameter Peers 177

A.6.1 Building client.example.net 178

A.6.2 Building server.example.net 179

A.6.3 Creating the Diameter Connection 180

B freeDiameter from Sources 185

B.1 Introduction 185

B.2 Tools and Dependencies 185

B.2.1 Runtime Dependencies 186

B.3 Obtaining freeDiameter Source Code 187

B.4 Configuring the Build 188

B.5 Compiling freeDiameter 190

B.6 Installing freeDiameter 191

B.7 freeDiameter Configuration File 191

B.8 Running and Debugging freeDiameter 192

B.9 Extensions for Debug Support 194

B.9.1 Extended Trace 194

B.9.2 Logging Diameter Messages: dbg msg dumps.fdx 195

B.9.3 Measuring Processing Time: dbg msg timings.fdx 198

B.9.4 Viewing Queue Statistics: dbg monitor.fdx 198

B.9.5 Understanding Routing Decisions: dbg rt.fdx 199

B.9.6 The Interactive Python Shell Extension: dbg interactive.fdx 200

B.10 Further Reading 202

C The freeDiameter Framework 203

C.1 Introduction 203

C.2 Framework Modules 203

C.3 freeDiameter API Overview 204

C.3.1 libfdproto.h 205

C.3.2 libfdcore.h 207

C.3.3 extension.h 209

C.4 freeDiameter Architectures 209

D S6a Application Common AVPs 211

D.1 Introduction 211

D.2 Auth-Session-State AVP 211

D.3 Error-Diagnostic AVP 211

D.4 Experimental-Result AVP 212

D.5 Supported-Features AVP 212

D.5.1 Feature-List-ID 1 213

D.5.2 Feature-List-ID 2 215

D.6 Subscription-Data AVP 218

References 223

Glossary 233

Index

loading