RFC 6733 - Diameter Base Protocol

Abstract

The Diameter base protocol is intended to provide an Authentication, Authorization, and Accounting (AAA) framework for applications such as network access or IP mobility in both local and roaming situations. This document specifies the message format, transport, error reporting, accounting, and security services used by all Diameter applications. The Diameter base protocol as defined in this document obsoletes RFC 3588 and RFC 5719, and it must be supported by all new Diameter implementations.

Status of This Memo

This is an Internet Standards Track document.

This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741.

Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc6733.

Contents

• 1. Introduction
  • 1.1. Diameter Protocol
    • 1.1.1. Description of the Document Set
    • 1.1.2. Conventions Used in This Document
    • 1.1.3. Changes from RFC 3588
  • 1.2. Terminology
  • 1.3. Approach to Extensibility
    • 1.3.1. Defining New AVP Values
    • 1.3.2. Creating New AVPs
    • 1.3.3. Creating New Commands
    • 1.3.4. Creating New Diameter Applications
• 2. Protocol Overview
  • 2.1. Transport
    • 2.1.1. SCTP Guidelines
  • 2.2. Securing Diameter Messages
  • 2.3. Diameter Application Compliance
  • 2.4. Application Identifiers
  • 2.5. Connections vs. Sessions
  • 2.6. Peer Table
  • 2.7. Routing Table
  • 2.8. Role of Diameter Agents
    • 2.8.1. Relay Agents
    • 2.8.2. Proxy Agents
    • 2.8.3. Redirect Agents
    • 2.8.4. Translation Agents
  • 2.9. Diameter Path Authorization
• 3. Diameter Header
  • 3.1. Command Codes
  • 3.2. Command Code Format Specification
  • 3.3. Diameter Command Naming Conventions
• 4. Diameter AVPs
  • 4.1. AVP Header
    • 4.1.1. Optional Header Elements
  • 4.2. Basic AVP Data Formats
  • 4.3. Derived AVP Data Formats
    • 4.3.1. Common Derived AVP Data Formats
  • 4.4. Grouped AVP Values
    • 4.4.1. Example AVP with a Grouped Data Type
  • 4.5. Diameter Base Protocol AVPs
• 5. Diameter Peers
  • 5.1. Peer Connections
  • 5.2. Diameter Peer Discovery
  • 5.3. Capabilities Exchange
    • 5.3.1. Capabilities-Exchange-Request
    • 5.3.2. Capabilities-Exchange-Answer
    • 5.3.3. Vendor-Id AVP
    • 5.3.4. Firmware-Revision AVP
    • 5.3.5. Host-IP-Address AVP
    • 5.3.6. Supported-Vendor-Id AVP
    • 5.3.7. Product-Name AVP
  • 5.4. Disconnecting Peer Connections
    • 5.4.1. Disconnect-Peer-Request
    • 5.4.2. Disconnect-Peer-Answer
    • 5.4.3. Disconnect-Cause AVP
  • 5.5. Transport Failure Detection
    • 5.5.1. Device-Watchdog-Request
    • 5.5.2. Device-Watchdog-Answer
    • 5.5.3. Transport Failure Algorithm
    • 5.5.4. Failover and Failback Procedures
  • 5.6. Peer State Machine
    • 5.6.1. Incoming Connections
    • 5.6.2. Events
    • 5.6.3. Actions
    • 5.6.4. The Election Process
• 6. Diameter Message Processing
  • 6.1. Diameter Request Routing Overview
    • 6.1.1. Originating a Request
    • 6.1.2. Sending a Request
    • 6.1.3. Receiving Requests
    • 6.1.4. Processing Local Requests
    • 6.1.5. Request Forwarding
    • 6.1.6. Request Routing
    • 6.1.7. Predictive Loop Avoidance
    • 6.1.8. Redirecting Requests
    • 6.1.9. Relaying and Proxying Requests
  • 6.2. Diameter Answer Processing
    • 6.2.1. Processing Received Answers
    • 6.2.2. Relaying and Proxying Answers
  • 6.3. Origin-Host AVP
  • 6.4. Origin-Realm AVP
  • 6.5. Destination-Host AVP
  • 6.6. Destination-Realm AVP
  • 6.7. Routing AVPs
    • 6.7.1. Route-Record AVP
    • 6.7.2. Proxy-Info AVP
    • 6.7.3. Proxy-Host AVP
    • 6.7.4. Proxy-State AVP
  • 6.8. Auth-Application-Id AVP
  • 6.9. Acct-Application-Id AVP
  • 6.10. Inband-Security-Id AVP
  • 6.11. Vendor-Specific-Application-Id AVP
  • 6.12. Redirect-Host AVP
  • 6.13. Redirect-Host-Usage AVP
  • 6.14. Redirect-Max-Cache-Time AVP
• 7. Error Handling
  • 7.1. Result-Code AVP
    • 7.1.1. Informational
    • 7.1.2. Success
    • 7.1.3. Protocol Errors
    • 7.1.4. Transient Failures
    • 7.1.5. Permanent Failures
  • 7.2. Error Bit
  • 7.3. Error-Message AVP
  • 7.4. Error-Reporting-Host AVP
  • 7.5. Failed-AVP AVP
  • 7.6. Experimental-Result AVP
  • 7.7. Experimental-Result-Code AVP
• 8. Diameter User Sessions
  • 8.1. Authorization Session State Machine
  • 8.2. Accounting Session State Machine
  • 8.3. Server-Initiated Re-Auth
    • 8.3.1. Re-Auth-Request
    • 8.3.2. Re-Auth-Answer
  • 8.4. Session Termination
    • 8.4.1. Session-Termination-Request
    • 8.4.2. Session-Termination-Answer
  • 8.5. Aborting a Session
    • 8.5.1. Abort-Session-Request
    • 8.5.2. Abort-Session-Answer
  • 8.6. Inferring Session Termination from Origin-State-Id
  • 8.7. Auth-Request-Type AVP
  • 8.8. Session-Id AVP
  • 8.9. Authorization-Lifetime AVP
  • 8.10. Auth-Grace-Period AVP
  • 8.11. Auth-Session-State AVP
  • 8.12. Re-Auth-Request-Type AVP
  • 8.13. Session-Timeout AVP
  • 8.14. User-Name AVP
  • 8.15. Termination-Cause AVP
  • 8.16. Origin-State-Id AVP
  • 8.17. Session-Binding AVP
  • 8.18. Session-Server-Failover AVP
  • 8.19. Multi-Round-Time-Out AVP
  • 8.20. Class AVP
  • 8.21. Event-Timestamp AVP
• 9. Accounting
  • 9.1. Server Directed Model
  • 9.2. Protocol Messages
  • 9.3. Accounting Application Extension and Requirements
  • 9.4. Fault Resilience
  • 9.5. Accounting Records
  • 9.6. Correlation of Accounting Records
  • 9.7. Accounting Command Codes
    • 9.7.1. Accounting-Request
    • 9.7.2. Accounting-Answer
  • 9.8. Accounting AVPs
    • 9.8.1. Accounting-Record-Type AVP
    • 9.8.2. Acct-Interim-Interval AVP
    • 9.8.3. Accounting-Record-Number AVP
    • 9.8.4. Acct-Session-Id AVP
    • 9.8.5. Acct-Multi-Session-Id AVP
    • 9.8.6. Accounting-Sub-Session-Id AVP
    • 9.8.7. Accounting-Realtime-Required AVP
• 10. AVP Occurrence Tables
  • 10.1. Base Protocol Command AVP Table
  • 10.2. Accounting AVP Table
• 11. IANA Considerations
  • 11.1. AVP Header
    • 11.1.1. AVP Codes
    • 11.1.2. AVP Flags
  • 11.2. Diameter Header
    • 11.2.1. Command Codes
    • 11.2.2. Command Flags
  • 11.3. AVP Values
  • 11.4. _diameters Service Name and Port Number Registration
  • 11.5. SCTP Payload Protocol Identifiers
  • 11.6. S-NAPTR Parameters
• 12. Diameter Protocol-Related Configurable Parameters
• 13. Security Considerations
  • 13.1. TLS/TCP and DTLS/SCTP Usage
  • 13.2. Peer-to-Peer Considerations
  • 13.3. AVP Considerations
• 14. References
  • 14.1. Normative References
  • 14.2. Informative References
• Appendix A. Acknowledgements
  • A.1. This Document
  • A.2. RFC 3588
• Appendix B. S-NAPTR Example
• Appendix C. Duplicate Detection
• Appendix D. Internationalized Domain Names