jspωiki
DIAMETER

Overview#

DIAMETER is an authentication, authorization, and accounting protocol for networks.

DIAMETER evolved from and replaces the much less capable RADIUS protocol.

DIAMETER belongs to the Application Layer protocols in the Internet Protocol Suite.

DIAMETER Applications extend the base protocol by adding new commands and/or attributes, such as those for use with the Extensible Authentication Protocol (EAP).

The name is a play on words, derived from the RADIUS protocol, which is the predecessor (a DIAMETER is twice the radius). Diameter is not directly backwards compatible but provides an upgrade path for RADIUS. The main features provided by Diameter but lacking in RADIUS are:

  • Support for SCTP
  • Capability negotiation
  • Application Layer acknowledgements, Diameter defines failover methods and State machines (RFC 3539)
  • Extensibility; new commands can be defined
  • Aligned on 32 bit boundaries
  • intended to work in both local and roaming AAA situations.
  • uses TCP or SCTP and NOT UDP.
  • uses Transport Layer Security (IPSEC or TLS).
  • supports stateless as well as stateful modes.
  • uses AVPs. Diameter allows defining new commands and attributes. It is easy to extend.

More Information#

There might be more information for this subject on one of the following: