Diameter protocol introduction
â— Introduction
Diameter series protocol is a new generation AAA protocol developed by IETF. AAA is AuthenTIcaTIon (authentication), AuthorizaTIon (authorization), AccounTIng (accounting). Authentication is used to confirm the user's identity; Authorization is used to determine whether the user is authorized to use a certain network resource; Accounting is used to monitor the user's use of network resources, according to the detected records User charges.
â— Features of Diameter protocol
Previous AAA protocols such as RADIUS and TACACS were mainly designed for PPP services and terminal services. With the development of network technology, new access methods such as wireless access, DSL access, and mobile IP appear one after another. Ethernet also continues to develop. The network access server (NAS) in AAA itself gradually becomes more and more complicated . These developments and changes have put forward new requirements for the AAA agreement. The original AAA protocol can no longer fully meet these requirements, but the new generation AAA protocol-Diameter protocol can meet these needs, mainly including the following aspects:
(1) Good failover mechanism. The Diameter protocol supports information confirmation and failure detection mechanisms at the application layer.
(2) Transport layer security. The Diameter protocol guarantees transmission security through IPsec and TLS, where TLS is optional for the client.
(3) Reliable transmission. Diameter protocol provides reliable transmission via TCP or SCTP.
(4) Support various types of agents, including relay agents, redirect agents, Proxy agents, protocol conversion agents
(5) Support server-initiated messages. For example, the server may send a message requesting the client to re-authenticate.
(6) Maintain compatibility with existing network AAA protocols (such as RADIUS).
(7) Support capability negotiation mechanism between nodes.
(8) Support peer self-discovery and configuration mechanism.
(9) Support roaming. The Diameter protocol defines inter-domain roaming, message routing, and secure transmission, and can provide secure roaming services.
â— Framework structure of Diameter protocol
Diameter protocol includes IP transmission, security protocol, Diameter basic protocol and different application protocols. The Diameter basic protocol provides a basic framework for various application protocols. It defines the protocol's transmission mechanism, message format, message processing, error handling, billing, and security services. Application protocols rely on basic protocols to provide AAA services for an application. It is constantly evolving. The IETF has determined some standards for application protocols, while others are still in the process of being developed. Applications that have been identified as protocol standards are: Mobile IP Application Protocol (MIPv4), Network Access Service Application Protocol (NAS or NASREQ), Credit Control Application Protocol (Credit-Control), Extended Authentication Application Protocol (EAP), etc. Standards still under discussion and development include: SIP application protocol, etc.
As mentioned earlier, Diameter protocol provides reliable transmission through TCP or SCTP, and guarantees the security of transmission through Ipsec and TLS. Diameter provides various application services based on the basic protocol.
â— Diameter protocol message format
Diameter basic protocol defines the message format of Diameter protocol:
The header of the Diameter message includes 20 bytes. The first 4 bytes include 8-bit version information (currently 1) and 24-bit message length (including the length of the header).
The next 4 bytes include an 8-bit message flag and a 24-bit command code. The message flags are R, P, E, T. R is 1 or 0 means request (Request) and response (Answer) respectively; P means whether this message is allowed to be processed, forwarded or redirected by the agent; E means whether it is a message error; T means this message is a retransmitted message. r is a reserved flag.
The command code is used to indicate the command corresponding to this message (where 0 to 255 are reserved for RADIUS backward compatibility). The basic protocol defines the following basic command codes:
The Diameter application protocol will add the necessary command codes as needed. For example, the NAS application protocol defines the following command codes:
For another example, 3GPP (R5) applied to IANA (Network Address Allocation Authority) to retain the command codes of 300 ~ 313 for 3G applications. The following commands have been defined for the Cx / Dx / Sh / Dh interface (At present these commands have not been defined by the existing IETF Diameter protocol):
The following 12 bytes are the application identifier, hop-by-hop identifier, and end-to-end identifier, where the application identifier is used to indicate the application to which the message applies:
The hop-by-hop identifier is used to help match the corresponding relationship between the request and the response. For example, the I-CSCF sends a UAR message to the HSS to query which S-CSCF should be selected, and the HSS sends a UAA to respond to the query request; the hop-by-hop identifier of UAR and UAA is the same.
End-to-end identification is mainly used for checking duplicate messages.
After the message header is an attribute value pair (AVP). A message can include multiple AVPs. AVP contains information such as authentication, authorization, accounting, message routing, and security.
â— AVP format
The V flag indicates whether this AVP has a Vendor-ID field. If the V flag is 1, the Vendor-ID cannot be 0. If the V flag is 0, it means there is no Vendor-ID.
The M flag indicates whether this AVP is mandatory. If an AVP with M of 1 is received, if the Diameter client or server or agent cannot recognize the AVP or AVP value, the AVP must be discarded.
The P flag indicates whether this AVP requires end-to-end secure encryption.
If the V flag is 0, the AVP code uses the AVP code value defined by the IANA organization. The basic agreement defines some basic AVP Code and data (Data) types. Among them AVP Code 1 to 255 is used for compatibility with the original Radius protocol. Each application protocol also defines corresponding AVP Code and Data types according to different applications. Since there are many AVP Codes, they are not listed here one by one, only two examples:
Vendor-ID is the manufacturer's identification, for example, the Vendor-ID of the 3GPP organization is 10415. If Vendor-ID is not 0, the manufacturer can define its own AVP code and Data type. Here are just two examples of AVP defined by 3GPP in TS29.229:
Cold Forging is a forming process below the recrystallizing temperature of the material, and it is forged below the recovery temperature. It is customary to call the forging of unheated blank cold forging in production. Most of the cold forging materials are aluminum and some alloys, copper and some alloys, low carbon steel, medium carbon steel and low alloy structural steel with low deformation resistance and good plasticity at room temperature. Cold forgings have good surface quality and high dimensional accuracy, and can replace some cutting. Cold forging can strengthen the metal and improve the strength of the parts.
Round Heat Sink,Cold Forging Process,Aluminum Fin Heatsink,Aluminum Round Heat Sink
Dongguan Formal Precision Metal Parts Co,. Ltd , https://www.formalmetal.com