Diameter protocol was created on 1998 to be a successor of RADIUS protocol, the main goal was to create a protocol more secure and implemented on signalling network.
It can use TCP or SCTP at transport layer and as TLS and DTLS for transport layer security and it has a fail over mechanism using internal watchdogs.
It has another mechanism to discover peers and configure them in order to maintained the sessions bindings.
Diameter communicate as a client and a server
Diameter Protocol RFCs
- First RFC 3588
- Additional Updates RFC 5729, 5719, 6408
- The RFC 6733 made all other obsolete.
RFC 6733 Specifies
- Protocol Format
- Transport
- Peer Connection
- User Sessions
- Accounting
Types of Nodes
- Clients
- Servers
- Agents
Node
Any device using the Diameter protocol stack.
Client
A Diameter client is any device who trigger a request to a server requesting information about the user and its level of access on the local or roaming network (AAA).
Types of Diameter Clients
- MME
- PCEF
Server
Handles AAA requests
- PCRF
- HSS
Diameter Agents
Relay
Route messages without change them
Proxy
Route a message and can change it
Redirect
Just simple redirect the traffic
Translation
Converts into another protocol
DEA Diameter Edge Agent
Located at border network
DRA Diameter Routing Agent
Core network providing routing capabilities
IWF Node
Convert into another protocol
DSC Diameter Signaling Controller
Groups DEA / DRA / IWF into one single device.
Diameter Applications
https://tools.ietf.org/html/rfc6733
AWS Backup AWS EFS AWS FSx AWS S3 AWS S3 Glacier AWS S3 Regions AWS S3 Storage Class AWS Storage Services backhaul 5g business computer server calea lawful intercept cloud access control system cloud based phone cloud management platform CloudWatch Metrics hybrid cloud infrastructure hybrid cloud management hybrid cloud tools industrial iot connectivity interception iot connectivity providers iot connectivity solutions iot mobile devices juniper 5g juniper networks 5g lawful interception lawful interception solutions legal interception linux server setup machine server nfv framework purchase server hardware red hat open hybrid cloud rpi sim card S3 Buckets Properties S3 Free Tier S3 S-IA Class S3 Z-IA Class server for files servers technology ssh from windows to linux Storage Gateway subscription software terminal server security Unlimited Storage
Pingback: Ultimate Guide How to Secure SSH Server | Update 2021 - PopLab Linux