2. Agenda
• Origin of Diameter
• Main Features of Diameter
o Diameter Base protocol
o Type of Diameter Nodes
• Main Applications
• Messages Overview
Company Confidential 2
3. Why did we need
Diameter?
• Diameter is an
Authentication, Authorization
and Accounting protocol
(AAA) for computer
networks, and an alternative
to RADIUS.
• Diameter provides an
upgrade path for the “old”
RADIUS (Remote
Authentication Dial In User
Service) and solves several
limitations.
In the early 1990s, Radius has
been developed to control
Dial-in access
4. AAA
• Authenticate users or devices before granting them
access to a network
• Authorize those users or devices for certain network
services
• Account for usage of those services
Company Confidential 4
5. DIAMETER = 2 *
RADIUS
RADIUS DIAMETER
Reliable
transport
No (uses UDP) TCP, SCTP
Failover Not defined by
standard
Failover is defined for
network errors and actions
Security Not mandatory and not
end to end
Mandatory and end to end
Agent roles Not defined (other
then client and server)
Defines many (such as
proxy, relay and redirect)
Transactions ID up to 255, other
implicit methods
End to end and node by
node each 2^32 range
Vendor specific Not explicit Through negotiation
Dynamic
configuration
No Defined in the standard
5
12. Capabilities Exchange
• Capabilities Exchange
– Use of Capabilities-Exchange (CER/CEA) messages
– Message exchange advertises:
• Peer Identity
• Security schemes – Indicates the use of TLS
• SCTP host addresses if used
– CER/CEA may or may not be protected
• Peer Table Creation
– Lists all peers that passes capabilities negotiation
– Indicates the connection status of each peers
– Also used for message routing
Diameter Tutorial - IETF67
13. Diameter Sessions – definitions
• What is a session?
o A session is a related progression of events devoted to a
particular activity
• Applications provide guidelines as to when a
session begins and ends
• Sessions are identified by Session-Id
o Globally and eternally unique
<DiameterIdentity>;<high 32 bits>;<low 32 bits>[;<optional value>]
• DiameterIdentity: Senders identity in FQDN
• High and Low 32 bits: Decimal representation of a 64-bit value,
monotonically increased
• Optional value: Implementation specific, i.e. MAC address, timestamp
etc
Diameter Tutorial - IETF67
14. Types of Diameter Nodes
• Diameter Clients and Servers
– Request and Answer Originators
• Where application normally reside
– Advertises supported applications only
• Diameter Agents
– Request and Answer forwarders
– Adds routing information to the message
– Relay Agents
• Provides basic message forwarding
• Does not inspect content of the message other than Destination-
Host and/or Realm and AppIds
• Advertises support all applications
Diameter Tutorial - IETF67
15. Types of Diameter Nodes – (cont.)
– Proxy Agents
• Inspects and possibly modifies contents of the request or answer it is
forwarding.
– Useful in scenarios such policy enforcement, admission control,
provisioning etc
– Can maintain session state
• Examples: Translation agents, RADIUS<->DIAMETER
– Re-Direct Agents
• Does not forward messages but notifies the previous hop of the new
next-hop to use
• Advertises support all applications
Diameter Tutorial - IETF67
18. Main Applications in 3gpp
Policy:
- Gx
- Rx
- S9
- Sd
Charging:
- Gy
- Gz (Rf)
- Sy
Subscriber Info:
- Sh
Company Confidential 18
19. Gx/Rx Application
• Gx:
o Interface between the PCEF (Policy and Charging Enforcement Function)
and the PCRF (Policy Control and Charging Rule Function)
o PCRF provides PCC rules (QoS and Charging rules) to PCEF at session
establishment
o PCRF can push PCC Rules for new bearers creation
• Rx:
o Interface between the AF (Application Function) and the PCRF
o Enables 3rd party applications (IMS, SBC, etc) to create dynamically
bearers
Company Confidential 19
20. Gy/Gz Application
• Gy:
o Diameter Credit Control Application (DCCA)
o Online Charging
o OCS (Online Charging) Allocates Quotas to PCEF
• Gz:
o Offline Charging
o Also known as Rf
o Report usage to OFCS (Offline Charging)
Company Confidential 20
22. Message Flow
• Transport (TCP/SCTP)
• Capabilities Exchange
• Messages (CCR/CCA, etc)
• Watch Dog
• Disconnect
• Transport Disconnect
Company Confidential 22
23. Messages
Message name Abbreviation Command code
Capabilities-Exchanging-Request CER 257
Capabilities-Exchanging-Answer CEA 257
Device-Watchdog-Request DWR 280
Device-Watchdog-Answer DWA 280
Credit-Control-Request CCR 272
Credit-Control-Answer CCA 272
Re-Auth-Request RAR 258
Re-Auth-Answer RAA 258
Session-Termination-Request STR 275
Session-Termination-Answer STA 275
Disconnect-Peer-Request DPR 282
Disconnect-Peer-Answer DPA 282
Company Confidential 23
24. Gx Interface
Rx
AF
Policy and Charging
Rules Function
(PCRF)
Gx
PCEF
GW
Online Charging System (OCS)
Subscription Profile
Service Data Flow
Based
Credit Control
CAMEL
SCP
Repository
(SPR)
Gy
Gz
Sp
Offline
Charging
System
(OFCS)
Company Confidential 24
25. Gx Messages - CCR
• CCR command: sent by the PCEF to PCRF for 2
purposes:
o To request from PCRF for PCC rules for a bearer
o To indicate bearer or PCC rule related events or the termination of the IP
CAN bearer and/or session
Company Confidential 25
27. Gx Messages - CCA
• The CCA command is sent from the PCRF to PCEF
as a response to a CCR command.
• It provides the PCEF with
o PCC rules and event triggers for the bearer/session
o Selected bearer control mode for the IP-CAN session
Company Confidential 27
30. Gx Messages - RAR
• The RAR command: sent by the PCRF to the PCEF in
order to provision PCC rules and event triggers using
the PUSH procedure to initiate the provision of
unsolicited PCC rules.
o NOTE: If the RAR command is received by the PCEF without providing any
operation on PCC rules or any QoS information, the PCEF will respond with
a CCR command requesting PCC rules.
Company Confidential 30
32. Gx Messages - RAA
• The RAA command: sent by the PCEF to the PCRF in
response to the RAR command.
<RA-Answer> ::= < Diameter Header: 258, PXY >
< Session-Id >
{ Origin-Host }
{ Origin-Realm }
[ Result-Code ]
[ Experimental-Result ]
[ Origin-State-Id ]
[ Event-Trigger ]
*[ Charging-Rule-Report]
[ Access-Network-Charging-Address ]
*[ Access-Network-Charging-Identifier-Gx ]
[ Bearer-Identifier ]
[ Error-Message ]
[ Error-Reporting-Host ]
*[ Failed-AVP ]
*[ Proxy-Info ]
*[ AVP ]
Company Confidential 32
33. Rx Interface
Rx
AF
Policy and Charging
Rules Function
(PCRF)
Gx
PCEF
GW
Online Charging System (OCS)
Subscription Profile
Service Data Flow
Based
Credit Control
CAMEL
SCP
Repository
(SPR)
Gy
Gz
Sp
Offline
Charging
System
(OFCS)
Company Confidential 33
35. Rx Messages
• AAR: sent by an AF to the PCRF in order to provide it
with the Session Information
• AAA: sent by the PCRF to the AF in response to the AAR
command
• RAR: (Re Authentication Request): sent by the PCRF to
the AF in order to indicate an Rx specific action
• RAA: sent by the AF to the PCRF in response to the RAR
command
• STR (Session Termination Req): sent by the AF to inform
the PCRF that an established session shall be terminated
• STA: sent by the PCRF to the AF in response to the STR
command.
Company Confidential 35