Diameter Protocol Guide for OCS Systems

Security Level:
Diameter Protocol
Issue 1.0
www.huawei.com
HUAWEI TECHNOLOGIES CO., LTD.
HUAWEI Confidential
Reference
OCP interface specification of the
Online Charging System of China

Telecom
Rfc3588
HUAWEI Confidential
Objective
After the presentation, you will understand the following:
Important concepts and message structure of the
Diameter protocol
Main processes of Diameter message interaction in the
OCS system
HUAWEI Confidential
Contents
Chapter 1 Protocol Overview
Chapter 2 Message Structure
Chapter 3 Common Command
Examples
Chapter 4 Basic Processes
Chapter 5 Code Stream Parsing
HUAWEI Confidential
Protocol Overview
The Diameter protocol is developed as an improvement or a replacement of
the Radius protocol. The purpose is to support the IP-based authentication,
authorization, and accounting (AAA) protocol.
- Authentication: The authentication network system validates the user
identity when a user uses the resources of the network system.
- Accounting: The accounting network system collects and records the
information about the resource usage. The purpose is to collect the fee for
using the resources from users or to audit data.
- Authorization: The authorization network system authorizes users to use
resources in certain ways.
The authentication, authorization, and accounting network systems work
together to record the network resource usage of specified users. The AAA
ensures the lawful rights and interests of users and the secure and reliable
running of the network systems.
The Diameter protocol processes the convergent charging of prepaid and
postpaid subscribers, that is, the convergent charging of real-time charging and
CDR charging.
HUAWEI Confidential
Protocol Overview
Compared with the Radius protocol, the Diameter protocol
has the following advantages:
Having excellent failure processing mechanism and
supporting failover and failback
Having excellent mechanism for processing packet loss
by confirming every message
Ensuring the completeness and confidentiality of data
Supporting end-to-end security, TLS, and IPSec
Having the capability of capability negotiation
HUAWEI Confidential
Protocol Overview
Diameter basic protocol and application protocol
The Diameter basic protocol provides a frame that is secure, reliable,
and easy to extend for various authentication, authorization, and
accounting services. To implement certain access or application
services, only the following information about the DCC protocol needs to
be defined:
- Application ID of the application protocol
- Network entities that are involved in communications
- Contents of the messages that are sent between functional entities
communicating with each other
- Protocol process
The Diameter Credit Control Application that is extended based on the
Diameter basic protocol defines the charging mechanism for prepaid
subscribers and uses credit control to implement the charging based on
sessions and transactions. Therefore, the requirement for charging
prepaid subscribers is met.
HUAWEI Confidential
Contents
Examples
HUAWEI Confidential
Contents
2.1 Message Head
2.2 Message Body
HUAWEI Confidential
Message
Head
Version: Set to 1.
Message Length: Set to the length of a message including the message head.
R: Set to 1 for a request message; set to 0 for a response message.
P: Whether a message can be forwarded. In the case of the command word CER, DPR or DWR,
the message cannot be forwarded.
E: Set to 0 if a message is a response message and the message shows certain error
information.
T: Whether a message is a resent message.
Command-Code: Message command word. The command word of a response message is the
same as the command word of a request message. The basic command words in the Diameter
protocol are CER\CEA(257), DWR\DWA(280), and DPR\DPA(282). The command word in the
Diameter application protocol is CCR\CCA 272 .
Application-ID: Application ID related to a message. For example, the Application-IDs defined in
the Diameter basic protocol are Diameter Common Messages(0), NASREQ(1), Mobile-IP(2),
Diameter Base Accounting(3), and Relay (0xffffffff).
Hop-by-Hop, End-to-End: See the description in the message route section in this presentation.
HUAWEI Confidential
Message
Body
AVP is used as the unit of the Diameter message body. Each AVP takes a
specific value of a message parameter.
AVP Code: Code of an AVP. For example, the value of the AVP Code field of
Original-Host AVP is 264.
V: Whether the AVP head contains the Vendor-ID field.
M: Whether an AVP is a mandatory AVP. For a special Diameter command,
certain AVPs are mandatory. For example, the Original-Host AVP and OriginalRealm AVP are mandatory for any Diameter message.
P: Whether the data of an AVP is encrypted.
AVP Length: Length of the data of an AVP. The length of the AVP data must be
an integer multiple of four. If the length is not an integer multiple of four, fill \0.
Vendor-ID: Vendor ID of the device that generates the AVP. The vendor ID
assigned by IANA for Huawei is 2011.
Data: Specific data that is recorded. The type of the data is determined by AVP
Code.
HUAWEI Confidential
Contents
Examples
HUAWEI Confidential
Contents
Examples
3.1 CER and CEA
3.2 DWR and DWA
3.3 CCR and CCA
HUAWEI Confidential
CER and CEA

Capabilities-Exchange-Request
<CER> ::= < Diameter Header: 257,
REQ >
{ Origin-Host }
{ Origin-Realm }
1* { Host-IP-Address }
{ Vendor-Id }
{ Product-Name }
[ Origin-State-Id ]
* [ Supported-Vendor-Id ]
* [ Auth-Application-Id ]
* [ Inband-Security-Id ]
* [ Acct-Application-Id ]
* [ Vendor-SpecificApplication-Id ]
[ Firmware-Revision ]
* [ AVP ]
The Capabilities-Exchange-Request (CER), indicated by the CommandCode set to 257 and the Command Flags R bit set, is sent to
exchange local capabilities. On detection of a transport failure,
this message must not be sent to an alternate peer.
HUAWEI Confidential
CER and CEA

Capabilities-Exchange-Answer
<CEA> ::= < Diameter Header: 257 >
{ Result-Code }
{ Origin-Host }
{ Origin-Realm }
1* { Host-IP-Address }
{ Vendor-Id }
{ Product-Name }
[ Origin-State-Id ]
[ Error-Message ]
* [ Failed-AVP ]
* [ Supported-Vendor-Id ]
* [ Auth-Application-Id ]
* [ Inband-Security-Id ]
* [ Acct-Application-Id ]
* [ Vendor-Specific-Application-Id ]
[ Firmware-Revision ]
* [ AVP ]
The Capabilities-Exchange-Answer (CEA), indicated by the Command-Code

set to 257 and the Command Flags R bit cleared, is sent in
response to a CER message.
HUAWEI Confidential
DWR and DWA
Device-Watchdog-Request
<DWR> ::= < Diameter Header:
280, REQ >
{ Origin-Host }
{ Origin-Realm }
[ Origin-State-Id ]
The Device-Watchdog-Request (DWR), indicated by the Command-Code set

to 280 and the Command Flags R bit set, is sent to a peer when no
traffic has been exchanged between two peers.
Upon detection of a transport failure, this message must not be sent
to an alternate peer.
A DWR message is a handshake request.
HUAWEI Confidential
DWR and DWA
Device-Watchdog-Answer
<DWA> ::= < Diameter Header: 280 >
{ Result-Code }
{ Origin-Host }
{ Origin-Realm }
[ Error-Message ]
* [ Failed-AVP ]
[ Original-State-Id ]
The Device-Watchdog-Answer (DWA), indicated by the Command-Code set

to 280 and the Command Flags R bit cleared, is sent as a response
to the Device-Watchdog-Request message.
A DWA message is a handshake response.
HUAWEI Confidential
CCR and CCA

<Credit-Control-Request> ::= < Diameter Header: 272, REQ, PXY >
<Session-Id>
{Origin-Host}
{Origin-Realm}
{Destination-Realm}
{Auth-Application-Id}
{Service-Context-Id}
{CC-Request-Type}
{CC-Request-Number}
[Destination-Host]
[User-Name]
[Origin-State-Id]
[Event-Timestamp]
*[Subscription-Id]
[Service-Identifier]
[Termination-Cause]
*[Route-Record]
[Requested-Action]
[Requested-Service-Unit]
*[Used-Service-Unit]
[Multiple-Services-Indicator]
*[Multiple-Services-Credit Control]
[CC-Correlation-Id]
[Service-Information]
The Credit-Control-Request (CCR) belongs to the application protocol with the

command code being 272 and the message identifier being R. A CCR message
takes all the information required by the CBE for charging.
HUAWEI Confidential
CCR and CCA

<Credit-Control-Answer> ::= < Diameter Header: 272, PXY >
<Session-Id>
{Result-Code}
{Origin-Host}
{Origin-Realm}
{Auth-Application-Id}
{CC-Request-Type}
{CC-Request-Number}
[User-Name]
[CC-Session-Failover]
[Origin-State-Id]
[Event-Timestamp]
[Granted-Service-Unit]
[Cost-Information]
[Final-Unit-Indication]
[Check-Balance-Result]
[Credit-Control-Failure-Handling]
[Validity-Time]
*[Trigger-Type]
[Direct-Debiting-Failure-Handling]
*[Multiple-Services-Credit-Control]
*[Route-Record]
*[Failed-AVP]
[AoC-Information]
The Credit-Control-Answer(CCA) belongs to the application protocol with the

command code being 272 and the message identifier being R. A CCA message
takes all the information required by the SCP for connecting subscribers.
HUAWEI Confidential
Contents
Examples
HUAWEI Confidential
Contents
4.1 Voice Process
4.2 Data Service Process
HUAWEI Confidential
Example of Voice Process
HUAWEI Confidential
Message Parsing of Voice Process
1. The SCP receives the IDP message. The SCP determines whether to charge in real
time and whether to send the ATI message to the HLR to obtain the location information
about the called party, such as Free Roaming to Same City and Cell Preference. The SCP
translates the short number and determines whether the call is an inter-network call or an
intra-network call.
2. The SCP sends the corresponding information and result to the CBP through
CCR{Initial,RSU(CC-time),Service-ID,IMSI,ETB,Subscription-Id,Location} for
authentication and charging.
3. According to the information sent by the SCP, the OCS performs account
authentication, rating, reverse calculation, and reservation. In addition, the OCS sends the
available duration to the SCP through CCA{Initial,RC=Success,GSU(300S)}.
4. The SCP sends the AC message to the MSC/SSP. The MSC/SSP monitors the call.
5. The SCP receives the ACR sent by MSC/SSP, and then sends
CCR{Update,USU(300S)} to the OCS for reporting the used time.
6. The OCS performs the tasks of reverse calculation and reservation based on the
reported CCR sent and sends the available duration to the SCP through
CCA{Update,RC=Success,GSU(300 seconds)}.
7. When the call ends, the SCP receives the ACR sent by the MSC/SSP, and then sends
CCR{Final,USU()} to the OCS for reporting the used time.
8. The OCS deducts the fee according to the reported CCR and returns the CCA
(Final,RC=Success) to the SCP.
HUAWEI Confidential
Example of Data Service Process
HUAWEI Confidential
Message Parsing of Data Service Process
1. The service engine sends the AuthPrice service authentication request to the
ISMP.
2. The ISMP authenticates the service.
3. The ISMP sends the CCR message (CCR = Event-Request; RA = DirectDebiting) to the OCS.
4. The OCS receives the CCR request and performs the rating and fee
deduction.
5. The OCS returns the CCA message to the ISMP.
6. The ISMP sends the AuthPriceRsp to the service engine according to the CCA
message returned by the OCS.
7. The service engine delivers the service. If the delivery is successful, the
process ends. Otherwise, the service engine delivers the AuthPirceCnfm to the
ISMP.
8. The ISMP delivers the CCR refund request (CCR = Event-Request; RA =
Refund) to the OCS.
9. The OCS receives the refund request and performs rating and refund.
10. The OCS returns the refund response message to the ISMP.
11. The ISMP sends the AuthPriceCnfm to the OCS.
HUAWEI Confidential
Contents
Examples
HUAWEI Confidential
Contents
5.1 CCR Code Stream Parsing
5.2 CCA Code Stream Parsing
HUAWEI Confidential
CCR Message Code Stream

------------------------------------------------------------------------------Byte
0 | 01 00 01 84 80 00 01 10 00 00 00 04 00 CA 97 E9
................
16 | 00 CA 97 E9 00 00 01 07 40 00 00 2E 73 6D 63 70
........@...smcp
32 | 31 3B 31 31 34 38 39 37 37 39 36 32 3B 30 30 30
1;1148977962;000
48 | 30 30 30 30 30 30 31 3B 30 30 30 30 30 30 30 30
0000001;00000000
64 | 30 31 00 00 00 00 01 08 40 00 00 0D 73 6D 63 70
01......@...smcp
80 | 31 00 00 00 00 00 01 28 40 00 00 13 77 77 77 2E
1......(@...www.
96 | 61 62 63 2E 63 6F 6D 00 00 00 01 25 40 00 00 0C
abc.com....%@...
112 | 6F 63 73 31 00 00 01 1B 40 00 00 16 77 77 77 2E
ocs1....@...www.
128 | 68 75 61 77 65 69 2E 63 6F 6D 00 00 00 00 01 02
huawei.com......
144 | 40 00 00 0C 00 00 00 04 00 00 01 CD 40 00 00 27
@...........@..'
160 | 76 65 72 73 69 6F 6E 31 2E 64 65 62 69 74 40 63
version1.debit@c
176 | 68 69 6E 61 74 65 6C 65 63 6F 6D 2E 63 6F 6D 00
hinatelecom.com.
192 | 00 00 01 A0 40 00 00 0C 00 00 00 04 00 00 01 9F
....@...........
208 | 40 00 00 0C 00 00 00 00 00 00 00 37 40 00 00 0C
@..........7@...
224 | C7 FF 65 2A 00 00 01 BB 40 00 00 28 00 00 01 C2
..e*....@..(....
240 | 40 00 00 0C 00 00 00 00 00 00 01 BC 40 00 00 13
@...........@...
256 | 30 35 33 31 32 38 35 36 30 30 30 00 00 00 01 1A
05312856000.....
272 | 40 00 00 0D 73 6D 63 70 31 00 00 00 00 00 01 B4
@...smcp1.......
288 | 40 00 00 0C 00 00 00 00 00 00 01 B5 40 00 00 34
@...........@..4
304 | 00 00 01 9D 40 00 00 2C 00 00 01 BD 40 00 00 24
....@..,....@..$
320 | 00 00 01 BF 40 00 00 10 00 00 00 00 00 00 03 E8
....@...........
336 | 00 00 01 AD 40 00 00 0C FF FF FF FF 00 00 03 69
....@..........i
352 | 80 00 00 28 00 00 28 AF 00 00 50 DC 80 00 00 1C
...(..(...P.....
368 | 00 01 3C 68 00 00 50 DD 80 00 00 10 00 01 3C 68
..<h..P.......<h
384 | 00 00 00 07
....
HUAWEI Confidential
CCR Message Head Parsing

Message head format:
0
1
2
3
01234567890123456789012345678901
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Version |
Message Length
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|R P E T r r r r|
Command-Code
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Application-ID
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Hop-by-Hop Identifier
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
End-to-End Identifier
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The result of parsing the message head is as follows:
Version
1
Message Length
388
Command flags = R P E T r r r r [80]->10000000
Request message
Command-code
272
CCR message
Application-ID
4
DCCA=DCC application
00 CA 97 E9
00 CA 97 E9
HUAWEI Confidential
CCR Message Head Parsing

Message head format:
0
1
2
3
01234567890123456789012345678901
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Version |
Message Length
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|R P E T r r r r|
Command-Code
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
Application-ID
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The result of parsing the message head is as follows :
Version
1
Message Length
388
Command flags = R P E T r r r r [80]->10000000
Request message
Command-Code
272
CCR message
Application-ID
4
DCCA=DCC application
00 CA 97 E9
00 CA 97 E9
HUAWEI Confidential
CCR Message Parsing
An AVP can be found in random search mode.

For example, if you want to find the value of the AVP subscription-id and the value
of AVP CODE is 444:
(1) Convert the value 444 in decimal format to a value in hexadecimal format. The
obtained value is 1BC.
(2) Search for 01 BC to locate the AVP, and then perform parsing according to the
AVP format. The result is as follows:
avp code
avp flag
avp length
Vendor-id
data
->'05312856000'
[00 00 01 BC]
[40]
[00 00 13]->19
null
[30 35 33 31 32 38 35 36 30 30 30]
HUAWEI Confidential
CCR Message Parsing

To parse an answer message, check the result code to see whether the request
message is processed by the OCS correctly.
The avp-code of the result code is 268(01 0C).
Search for 01 0C to locate the result code. If the result code is 2001, you can infer
that the message is sent successfully.
1xxx (Informational)
2xxx (Success)
3xxx (Protocol Errors)
4xxx (Transient Failures
5xxx (Permanent Failure)
DIAMETER_SUCCESS
2001
HUAWEI Confidential
Questions
Please provide questions here.
HUAWEI Confidential
Thank you!
www.huawei.com
HUAWEI Confidential

Diameter Protocol Guide for OCS Systems

Transféré par

Informations du document

Description originale:

Titre original

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

Diameter Protocol Guide for OCS Systems

Transféré par

Droits d'auteur :

Formats disponibles

Security Level:

HUAWEI TECHNOLOGIES CO., LTD.

Online Charging System of China

HUAWEI TECHNOLOGIES CO., LTD.

HUAWEI TECHNOLOGIES CO., LTD.

HUAWEI TECHNOLOGIES CO., LTD.

HUAWEI TECHNOLOGIES CO., LTD.

HUAWEI TECHNOLOGIES CO., LTD.

HUAWEI TECHNOLOGIES CO., LTD.

HUAWEI TECHNOLOGIES CO., LTD.

CER and CEA

CER and CEA

The Capabilities-Exchange-Answer (CEA), indicated by the Command-Code

DWR and DWA

The Device-Watchdog-Request (DWR), indicated by the Command-Code set

HUAWEI TECHNOLOGIES CO., LTD.

DWR and DWA

The Device-Watchdog-Answer (DWA), indicated by the Command-Code set

HUAWEI TECHNOLOGIES CO., LTD.

CCR and CCA

The Credit-Control-Request (CCR) belongs to the application protocol with the

CCR and CCA

The Credit-Control-Answer(CCA) belongs to the application protocol with the

HUAWEI TECHNOLOGIES CO., LTD.

HUAWEI TECHNOLOGIES CO., LTD.

Example of Voice Process

HUAWEI TECHNOLOGIES CO., LTD.

Message Parsing of Voice Process

Example of Data Service Process

HUAWEI TECHNOLOGIES CO., LTD.

Message Parsing of Data Service Process

HUAWEI TECHNOLOGIES CO., LTD.

HUAWEI TECHNOLOGIES CO., LTD.

HUAWEI TECHNOLOGIES CO., LTD.

CCR Message Code Stream

CCR Message Head Parsing

HUAWEI TECHNOLOGIES CO., LTD.

CCR Message Head Parsing

HUAWEI TECHNOLOGIES CO., LTD.

CCR Message Parsing

An AVP can be found in random search mode.

HUAWEI TECHNOLOGIES CO., LTD.

CCR Message Parsing

HUAWEI TECHNOLOGIES CO., LTD.

Please provide questions here.

HUAWEI TECHNOLOGIES CO., LTD.

HUAWEI TECHNOLOGIES CO., LTD.

Vous aimerez peut-être aussi