Diameter is Message (Packet) based protocol. There are two types of messages Request Messages and Answer Messages.And the Message structure is of following sort.
Command Flags
Diameter Message Structure |
Version
This Version field MUST be set to 1 to indicate Diameter Version 1.
Message Length
Contain the length of Message Header + (Data) Avp
The Command Flags field is eight bits. The following bits are
assigned:
0 1 2 3 4 5 6 7
+-+-+-+-+-+-+-+-+
|R P E T r r r r|
+-+-+-+-+-+-+-+-+
R(equest) - If set, the message is a request. If cleared, the
message is an answer.
P(roxiable) - If set, the message MAY be proxied, relayed or
redirected. If cleared, the message MUST be locally processed.
E(rror) - If set, the message contains a protocol error, This bit MUST NOT be set in request messages.
T(Potentially re-transmitted message) - This flag is set after a link Failover procedures to aid the removal of duplicate requests.
It is set when resending a request that not yet acknowledged,as an indication of a possible duplicate due to a link failure. This bit MUST be cleared when sending a request for the first time, otherwise the sender MUST set this flag.Diameter agents that receive a request with the T flag set, MUST keep the T flag set in the forwarded request. This flag MUST NOT be set if an error answer message (e.g., a protocol error) has been received for the earlier message. It can be set only in cases where no answer has been received from the server for a request and the request is sent again. This flag MUST NOT be set in answer messages.
It is set when resending a request that not yet acknowledged,as an indication of a possible duplicate due to a link failure. This bit MUST be cleared when sending a request for the first time, otherwise the sender MUST set this flag.Diameter agents that receive a request with the T flag set, MUST keep the T flag set in the forwarded request. This flag MUST NOT be set if an error answer message (e.g., a protocol error) has been received for the earlier message. It can be set only in cases where no answer has been received from the server for a request and the request is sent again. This flag MUST NOT be set in answer messages.
For instance
Re-Transmission |
Client triggers a request to server and at that instance, suppose server was down, so client does not receive the answer/acknowledgement for that message then after a certain period of time the client will trigger the same request with bit-T=1 and this is called the retransmission.
if client receive the error-Answer-message then client will not trigger the same request message with bit-T=0,because error-Answer-messgae it self the answer-message or acknowledgemet for that request.
r(eserved) - these flag bits are reserved for future use, and MUST be set to zero, and ignored by the receiver.
Command-Code
To uniquely identify the each diameter message IANA has assigned the unique command code for each Request. The answer of this Request will also have the same command code but have Bit-R=0.The Command-Code field is three octets.
For Example :Command code for User-Authorization-Request is 300, 301 for Server-Assignment-Request and 280 for Device-Watchdog-Request etc.
Application-ID
As we know that Base Diameter Protocol is the extensible protocol, so many application/interfaces are built by using the Base Diameter Protocol, Therefore to uniquely identify the each application IANA gives the Application-Id to each application.
There is also an Application-ID Avp, so in one application these two field (Application-ID Avp and Application-ID in structure) will contain the same value. Application-ID is four octets.
There is also an Application-ID Avp, so in one application these two field (Application-ID Avp and Application-ID in structure) will contain the same value. Application-ID is four octets.
For Example : Application Id for S6a/s6d interface is 16777251 and for S13 is 16777252
Hop-by-Hop Identifier
The Hop-by-Hop Identifier is an unsigned 32-bit integer field (in network byte order) and aids in matching requests and replies.The sender MUST ensure that the Hop-by-Hop identifier in a request is unique on a given connection at any given time, and MAY attempt to ensure that the number is unique across reboots. The sender of an Answer message MUST ensure that the Hop-by-Hop Identifier field contains the same value that was found in the corresponding request.
The Hop-by-Hop identifier is normally a monotonically increasing number, whose start value was randomly generated. An answer message that is received with an unknown Hop-by-Hop Identifier MUST be discarded.Use of Hop-By-Hop Identifier is explain below with figure.
End-to-End Identifier
The End-to-End Identifier is an unsigned 32-bit integer field (in network byte order) and is used to detect duplicate messages. The identifier MUST remain locally unique for a period of at least 4 minutes, even across reboots. The originator of an Answer message MUST ensure that the End-to-End Identifier field contains the same value that was found in the corresponding request.
The End-to-End Identifier MUST NOT be modified by Diameter agents of any kind. Duplicate requests SHOULD cause the same answer to be transmitted (modulo the hop-by-hop Identifier field and any routing AVPs that may be present),and MUST NOT affect any state that was set when the original request was processed. Duplicate answer messages that are to be locally consumed SHOULD be silently discarded.Use of End-To-End Identifier is explained below with Example.
The End-to-End Identifier MUST NOT be modified by Diameter agents of any kind. Duplicate requests SHOULD cause the same answer to be transmitted (modulo the hop-by-hop Identifier field and any routing AVPs that may be present),and MUST NOT affect any state that was set when the original request was processed. Duplicate answer messages that are to be locally consumed SHOULD be silently discarded.Use of End-To-End Identifier is explained below with Example.
Message Flow Explained
Hop-By-Hop Identifier =H-Id
End-To-End Identifier =E-Id
Message Flow among Diameter Agents |
Every Dia-Agent contains the map for each message it receives and forwards to other node, so that answer for any request will come then answer will be sent to proper host(that generated the request). Map shown above is just for understanding purpose.
--> Whenever Diameter agent receives a message(Req/Ans) it matches the End-To-End Identifier.
If message is Request and received End-To-End Identifier is not in the Table then it will insert the new entry in the table and treat the message as new message.
In case of Answer End-To-End Identifier shall not be inserted in TABLE if it is not present because answer shall follow the route followed by request(implies mis-routed message).
--> if End-To-End Id exists in Table then it will check for bit-T, if Bit-t=1 and R=1 that means message is retransmitted so it retransmit the message to the next host.
--> if it receives the message with t=0 and r=0 and End-To-End Id exists in Table i.e. Answer message corresponding to the Request received earlier then it will insert the Proper hop-by-hop Id as shown in figure to the Answer and forwards it and deletes the entry form the Table.
--> if it receives a message with t=0 and r=1 and End-To-End Id exists in Table then it will treat the message as duplicate message of Looped-message(i.e. Route is looped/circular) and take the appropriate action that was configured during the deployment.
Please clarify whether the "ApplicationId" in the Diameter header is always set to value 0 in CER message. I want to know how the DRA advertise its relay service to other node, is it by sending this value set to 0xffffffff in the Diameter header or by sending the "Auth-Application-Id" AVP value set to 0xffffffff and "ApplicationId" value set to value 0 in the header? Please clarify.
ReplyDeleteThank you Vinay for the clarification. Appreciate your blog.
DeleteThis comment has been removed by the author.
DeleteCan you clarify exactly what is meant by RELAY application ID means ????
DeleteHi Vijay,
DeleteThanks for highlighting this Point.
There is an exception for CER/CEA Message; The value of Application-Id in message header and Auth-Application-Id AVP or Acct-Application-Id AVP can be differ.
In above mentioned case ideally following values are expected
1)Application-Id in message header set to ZERO.
2)Auth-Application-Id/Acct-Application-Id AVP set to RELAY application id.
Thanks for your query.
Happy to help you again.
Team-Diameter
Hello.
ReplyDeleteDoes the value of 'Message Length' take into account any padding bytes that may come with the AVPs contained in 'Data'?
Thanks.
Hi Laura
DeleteThe Message Length field is three octet and indicates the length of Diameter message including the header field and the padded AVPs. Thus, the Message Length field is always a multiple of 4.
Following link shall help you.
http://diameter-protocol.blogspot.in/2013/02/blog-post.html
Thanks for your query.
Happy to help you again.
Team-Diameter
NIce blog. thanks
ReplyDeleteif End-To-End Id exists in Table then it will check for bit-T, if Bit-t=1 and R=1 that means message is retransmitted so it retransmit the message to the next host.
ReplyDeleteif I understand it correctly.. its a retransmitted Request message, so it just retransmits the request to the next HOP? or is there some level of processing involved as part of the peer table as well
Hi Karan
DeleteIt is the Re-Transmitted Request Message, to Next Hop
Thanks for your query.
Happy to help you again.
Team-Diameter
This comment has been removed by the author.
DeleteThis comment has been removed by the author.
DeleteFrom the explanation mentioned above for T field :- It seem that the field is set in case of lost of Ack message or Answer .so the sender of message could not confirm that whether the previous message is processed or not ....But the explanation given for this query is means different. it has created a confusion.Can someone plz elaborate it ..
DeleteHi Chanchal
DeleteYour following understanding is correct.
" T field :- It seem that the field is set in case of lost of Ack message or Answer .so the sender of message could not confirm that whether the previous message is processed or not "
Thanks for your query.
Happy to help you again
Team-Diameter
Hi,
ReplyDeleteI have one most basic question in my mind. As per Hop-by-Hop Identifier usage, we know that it is used to route Answer messages in Diameter Routing. Now my question is the same could have been achieved by End-2-End Identifier also as it is also a unique Id. This question was asked to me in one of the Diameter interview.
My answer for this was that, End-2-End Identifier in two diameter messages coming from 2 nodes can be same (rare occurrence) and to avoid those cases, Hop-by-Hop Id also had been used. Interviewer was not satisfied and said that your answer is partially correct.
Could you please share your thought on this?
Hi Jaiswal,
DeleteMajor work of End-To-End Identifier is to detect duplicate message. A Node uses Origin-Host avp and End-To-End Identifier to detect duplicate message.
Reasons of duplicate message could be any of the following:
1) Wrong routing caused a LOOP. A message is rotating in circle of nodes, such as A-->B--->C--->A
2) Due to Link Failure message is reached to a Node again.
3) etc.
T-Bit is used in removal of duplicate message in conjunction with Local Policy
Thanks for your query.
Happy to help you again.
Team-Diameter
Dear Diameter team,
DeleteCan you please elaborate in detail.Is the explanation given by Mr Jaiswal is complete or need more information. Also please mention meaning of reboots "MAY attempt to ensure that the number is unique across reboots".
Thanks
Hello, Diameter-team!
DeleteFor me question of Mr Jaiswal is still unclear.
Yes, we know basic usage of EtE-id, HbH-id -- but why is it not enough to have only EtE-id? Even for routing between hops. etc.?
Please, help to understand this.
Thank you
Hi,vasyl.horokhovskyi
DeleteWhat we have understood from your query that why do we require two identifiers (E2E & H2H) in DIAMETER HEADER when we can achieve the feat with one. In your case you are asking to use E2E, while in Mr. Chandra Prakash was asked that feat is achieved only by H2H.
Major Purpose of E2E for Loop detection and H2H is to uniquely identify message between two nodes.
Now take a case where NoDE-1 sends a Requset message to NODE-2 without H2H id and it sets E2E ID =FFAD and expected an ANSWER with E2E=FFAD from NODE-2, We know that Answer message MUST follow the path of Request. Now because of Mis-transmission in Network Answer is received from NODE-3 with E2E=FFAD, Now you never come to know that Answer is comming from Unexpected node.
Now you can say that NODE-1 MUST check origin host of Node sending the Answer that is right. BUT origin-host is not part of DIAMETER Header it comes in AVP (i.e Data Part), Now a node need to open AVP and need to Make string comparison which could be teadius task.
While it would be more efficient to add one more field Namely H2H with of Interger type and when H2H is not matching with H2H expected Node-1 MUST Discard answer.
We hope above explanation suffice you.
Happy to help you agin.
Team-Diameter
Hi Diameter Team,
DeleteThanks for this informative blog.
can you also explain the scenario, what if two Diameter nodes send request to Diameter agent with same End to End id?
and the Diameter agent further sends the msg from both clients with same End to End id to the server.
Kindly explain this scenario.
Thnaks
This comment has been removed by the author.
ReplyDeletehi Diameter Team,
ReplyDeleteI have a very basic question. After connection is broken, and reopened can a diameter client reuse the same session id as was in earlier messages?
thanks
Devesh
Hi Devesh,
DeleteBehavior of client is shall depend on local Polices applied depending upon the nature of application
Thanks for your query.
Happy to help you again.
Team-Diameter
hi how much data can be transferred in a AVP (user data)
ReplyDeleteAs per my knowledge ..the data length should be 2^24 - 96 (4 byte Command code + 1 byte Flags + 3 byte length + 4 byte Vender ID = 12* 8 = 96 )...Please correct me if i am wrong..
Deletehi how much data can be transferred in a AVP (user data)
ReplyDeleteHi Vaibhav,
DeleteRFC -6733 doesn't make any statement pertaining to data size. Its depend upon the type of AVP such as unsigned Int, octet string, grouped avp etc.
In practical, it depends on stack implementation.
Thanks for your query,
Happy to help you again.
Team-Diameter
"Whenever Diameter agent receives a message(Req/Ans) it matches the End-To-End Id if it found that this End-To-End Identifier is not in the Table then it will insert the new entry in the table and treat the message as new message." why does it store even in case of answer message and does not discard. I guess only in case of loop we can expect unsolicited answer message. Does it forward the message as it is without changing the "hop by hop id". when does it delete the entry from the mapping table.
ReplyDeleteHi Soumya Srinivas.
DeleteThanks for highlighting editorial issue.Our statement mention by you is ambiguous.
It should be as
Whenever Diameter agent receives a message(Req/Ans) it matches the End-To-End Id.
if message is Request and received End-To-End Identifier is not in the Table then it will insert the new entry in the table and treat the message as new message. In case of answer End-To-End Identifier shall not be inserted in TABLE if it is not present because answer shall follow the route followed by request.
We appreciate your efforts.
Thanks for your query.
Happy to help you again.
Team-Diameter
Hi,
ReplyDeleteI have one doubt related to the use of Hop-by-Hop identifier. Lets
assume if my node acts as a proxy,
----- ---------------- -------
1 --> MyNode(Proxy) --> 2
----- ---------------- -------
1)My node will change hop-by-hop id in the any request message while sending it to 2, is this correct.
2)If my node changes hop-by-hop id, then I believe my answer will come to be
my node, is that possible to bypass the answer message and send that back to
node 1 directly.
Thanks.
Can you please let us know the use for route-record in diameter
ReplyDeleteHi
DeleteRoute-Record AVP contains the DIAMETER Identity of intermediate Peer. If there are multiple intermediate nodes between server and client then there shall be multiple Route-Record AVPs shall be persent.
Use Cases::
Route-Record AVP is used majorly in following Two cases.
1) To Detect Loop:: Instead of End-To-End Identifier a Node can use Route-Record AVP to detect Loop. If a node founds that Its own identity in one of the Multiple Route-Record AVP, it denotes as LOOP situation.
2) DIAMETER PATH AUTHORIZATION :: There is a concept of path authorization, majorly used in session based applications. Where can be a demand of an application to check the path of request. Whether request followed all trusted realms(Nodes) or Not.
Thanks for your query.
Happy to help you again.
Team-Diameter
Hello, Diameter-team!
ReplyDeleteThanks for a such useful blog.
I have a question about T-bit flag: why we can't have this bit set in answer message?
If for example our answer didn't got an ACK, shouldn't we retransmit it wit T=1?
Hi vasyl.horokhovskyi
DeleteYour point is correct if there is 3-way message exchange in diameter at application level as well.
There is no feature in diameter like ACK-ANSWER, There is just Request message and it's corresponding response Answer message.
Thanks for your query.
Happy to help you again.
Team-Diameter
Hi Diameter Team,
ReplyDeleteIs there any possible , h2h & e2e both are same value
in which scenario is it possible ???
ReplyDeleteHi Naresh Kumar,
DeleteSame value for H2H and E2E is possible but very rare.
For instance you are putting TIME value as value for H2H and E2E (Hopping computation time to generate TIME value is Zero or you are intentionally putting H2H in E2E).
Now a new message that is to be initiated, it would have same value for both H2H and E2E, Until the message is reached to next Hop(peer) and not forwarded by next peer.
We hope it suffice your query.
Thanks for your query.
Happy to help you again.
Team-Diameter
Hi Team,
ReplyDeleteCurrently CCN is sending the 4010 error code on the MSCC (Multiservice Credit Control AVP) level. So EPG will not terminate the session if it receives this error on the MSCC level
In order to terminate the PDP of subscriber who has no balance, CCN needs to send the Error code 4010 in “Diameter Result code AVP”. Then EPG will terminate the session
Is this possible?
Hi Team,
ReplyDeleteCurrently CCN is sending the 4010 error code on the MSCC (Multiservice Credit Control AVP) level. So EPG will not terminate the session if it receives this error on the MSCC level
In order to terminate the PDP of subscriber who has no balance, CCN needs to send the Error code 4010 in “Diameter Result code AVP”. Then EPG will terminate the session
Is this possible?
Hi team-diameter ,grat work guyz...i need descrption of almost all avp used in ocs in your style...thanks
ReplyDeleteHi Tiwari,
ReplyDeleteWe are already working on OCS system. Soon we shall be publish it in detail.
Thanks for your Suggestion.
Happy to help you again.
Team-Diameter
Can Gx be replaced by GY if yes how? If No why?
ReplyDeletehello,
ReplyDeleteI have question about mapping various Diameter messages to IMSI or MSISDN or MEID, when the diameter messages AVPs carry these values it is easy to map it, but what happens when the value(s) is not present in the message how would Diameter server associated the Diameter message to the user in the LTE world ?
Hi Lava AI-Doski
DeleteRouting take place with the help of Routing, peer table & Elements in message Header.
IMSI/MSISDN is some time required policies on DRA (RELAY AGENTS).
if you have any specific scenario where IMSI/MSISDN not present then please share will help you for that case
Regards
Hi,
ReplyDeleteIn case of retransmission, T-bit will be set for all the command codes?
Especially,
1. T-bit will be set for transport connection requests also(CER, DPR, DWR) apart from session connections? Any limitations for T-bit?
2. How about answer messages?
Thanks!!
Thank you for posting the article, it is very useful. Where I can get the application ID numbers for varous interfaces in LTE?
ReplyDeleteHi Ranjeet
DeleteWe have not found a single document where all IDs are listed. but we can go through 3gpp.org for each application.
following link can help you.
https://diameter-protocol.blogspot.com/2012/07/diameter-interfaces-in-lte-epc.html
Thanks for your query.
Happy to help you again
Team-Diameter
Hi experts,
ReplyDeletein one integration with a DRA (oracle) our MME (client) send CER with application ID in header = 0.
Oracle team request to put Application header = s6a even in CER message.
however, in CER message it s not mandatory to pour Application id = S6a since we are in exchange capabilities.
after diamter is UP then during real traffic to HSS, the appliucation ID in header should = s6a but not in CER.
is my understanding is correct ? or Oracle team request is correct ?
MAny thhanks to you,
Rachid DHOU
Hi experts,
ReplyDeleteCan a single diameter host support multiple IP addresses in case of TCP ? So will there be multiple TCP connection with a diameter peer? Do we need a separate diameter connection for every TCP connection (ie. CER/CEA) ?
RFC says " Connections between diameter peers are established using their valid
DiameterIdentity." So for every IP address , do we need to associate a host name ?
Thanks
Jeya
Message Length
ReplyDeleteContain the length of Message Header + (Data) Avp
Hi,
I'm looking for a recommended maximum length for Diameter S6A messages, as well as, AVP 276 (Origin-Realm). In theory, since the length field is 3 octets, these lengths can be extremely large. In practice, that doesn't work because some network elements have limits on the maximum lengths of messages and AVPs. Do you have any insight on recommended message and AVP lengths?
Thanks
Hi, There is no recommended length, the max length is specified by standard which is too high to be used in any real network solution. All your solutions are first evaluated in monitored environment before becoming commercial. if any product has opted for some limit that might be due to underline back end or application limitation.
Delete