 The importance of diameter protocol is such that it has to be implemented in a very thorough manner for that Diameter communication is realized through the participation of peers and intermediate agents We are going to look at different types of communications and how diameter protocol realizes this through the exchange of messages Let's look at the types of Connections which are used in communication in diameter. The first one is the Transport layer connection that can be considered between two peers, which is the client and the server However, we need to consider that these connections are providing the transport layer connectivity only And we are actually interested in logical connectivity at the application layer Now this logical connectivity between the client and the server is actually what implements diameter messages The diameter messages are used between client and server to exchange important information from the perspective of AAA The most important concept in diameter message is the logical relationship implemented through the session ID So the diameter identity is used as the session ID to identify a unique diameter node It is typically realized through a URL in the form of a fully qualified domain name It is represented as a 64 bit value of which we have 32 bit higher order bits And 32 bit lower order bits each with with its own implementation and interpretation Then there is an option field also which is implemented to provide additional information For instance, if these diameter nodes, client and server have their own mag IDs Which are going to be considered for the AAA services and the time stamping information Let's look at some examples of diameter IDs. We can see that Fully qualified domain name as xs1.example.com If it does not have any options, then it would simply have the URL or the FQDN And the 32 bit higher order and lower order information Once it has the Options, then it can have additional URL or additional fully qualified domain name in case the Primary ID of the diameter client and server is not working in that case an alternate ID is provided Then we have the transport security implemented and not implemented You can see that here we have different options. The first one at the top in the no security is When the protocol just being used as TCP at the transport layer and at the application layer It is diameter. Other details are straightforward to understand. Let's look at the example of diameter URI where the transport is implementing security. In that case the famous TLS transport layer security Is provided on top of TCP and DTLS is provided on top of sctp So we see that different examples of diameter IDs can be configured depending upon the requirement In that particular client server interaction There's a very interesting concept of the redirect host application value pair This redirection is actually used when the client and server want to communicate with each other But the intermediate agents through which this can be provided Alter or these change for that we have to consider certain values which need to be changed or modified in case some redirection takes place between the path of client and server communication. So at the transport layer we could have all these protocols and within the particular diameter protocol variants we could have diameter as such We could have radius and the oldest AAA service could also be provided by TACS CS plus So it means that redirect host Application value pair is actually the one which is used to map the level of translation between the client and the server. Let's get back to the sub types of the session and connection IDs within the session IDs we have the authorization sessions we have the accounting sessions now both these authorization and accounting sessions are used for authorization is used to provide authorization, authentication and accounting is used to keep the accounting as one of the most important pillars of diameter in AAA. Both of these can be provisioned through stateless configuration and stateful configuration. In stateful configuration the logs are maintained to keep record of the of multiple diameter messages which are exchanged. The connections can be as we've already discussed these can be based purely on TCP or SETP or DTLS in case it is using SETP or UDP. Once the client and server establish a connection with each other they have to exchange some important information. The procedure to carry out the connection between client and server is realized through something known as capabilities exchange request message. This actually is based on an understanding that both the diameter client and server are configured on the same network configurations and service parameters. And then in reply to this request the capabilities exchange answer is generated. If the answer is affirmative it means the result code is positive in that case the diameter connection is established. Once it is established then subsequent other application specific messaging can be exchanged between the client and server with regards to AAA. In order to make sure that the client and server connection is managed effectively and it is also terminated once not needed there are certain additional messages which are provided for instance we have the device watchdog request when there is not much activity going on between the client and server in that case the peers actually require to exchange device watchdog request message which could be initiated from either side to make sure that the other side has not terminated the connection ungracefully. So in response to this device watchdog request an answer is generated to make sure that both these devices are in active session. Likewise when a certain session has to be terminated at the application layer it is going to be based on the disconnect peer request and in response to it the disconnect peer answer is going to make sure that the connection is finally terminated gracefully at the application layer. Once it is terminated the application layer then the transport layer tcp close functionality is also activated.