2.10.1 Diameter Local Node Configuration Elements
The following table describes the fields on the Local Nodes View, Insert, and Edit pages. Data Input Notes apply only to the Insert and Edit pages, the View page is read-only.
Table 2-15 Local Node Configuration Elements
| Field (* indicates required field) | Description | Data Input Notes |
|---|---|---|
| * Local Node Name | Unique name of the Local Node. |
Format: string, case-sensitive; alphanumeric and underscore (_); cannot start with a digit and must contain at least one alpha Range: 1 to 32 characters Default: none |
| * Realm | Realm of the Local Node; defines the administrative domain with which the user maintains an account relationship. |
Format: string consisting of a list of labels separated by dots. A label can contain letters, digits, dash (-), and underscore (_). A label must begin with a letter, digit, or underscore, and must end with a letter or digit. Underscore can be used only as the first character. Range: Realm up to 255 characters; label up to 63 characters Default: none |
| * FQDN | Unique Fully Qualified Domain Name; specifies exact location in the tree hierarchy of the DNS. |
Format: a case-insensitive string consisting of a list of labels separated by dots. A label must contain letters, digits, dash (-), and underscore (_). A label must begin with a letter or underscore, and must end with a letter or digit. Underscore can be used only as the first character. Range: FQDN up to 255 characters, label up to 63 characters Default: none |
| SCTP Listen Port |
SCTP listen port number for the Local Node. This SCTP listen port must not be the same as a local initiator port of a connection. Initiator port ranges are divided into user-assigned and DCL (Diameter Transport Layer)-assigned sub-ranges. Note: DCL-assigned sub-ranges are configured through OAM and apply only to connections. DCL is the software layer of the stack that manages Diameter transport connections. |
Format: numeric Range: 1024 to 49151 Default: 3868 |
| TCP Listen Port |
TCP listen port number for the Local Node. This TCP Listen Port must not be the same as a local initiator port for any connection. Initiator port ranges are divided into user-assigned and DCL (Diameter Transport Layer) -assigned sub-ranges. Note: DCL-assigned sub-ranges is implemented through OAM, and is restricted to connections only. DCL is the software layer of the stack which implements diameter transport connections. |
Format: numeric Range: 1024 to 49151 Default: 3868 |
| DTLS/SCTP Listen Port |
The DTLS/SCTP listen port number for the Local Node. Datagram Transport Layer Security allows datagram based applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. The DTLS protocol is based on the stream-oriented Transport Layer Security (TLS) protocol. |
Format: numeric Range: 1024 to 49151 Default: 5658 |
| TLS/TCP Listen Port |
The TLS/TCP listen port number for the Local Node. TLS (Transport Layer Security) is an application layer security protocol that runs over TCP transport. |
Format: numeric Range: 1024 to 49151 Default: 5658 |
| RADIUS UDP Server Ports | UDP port numbers used by Radius clients when sending Radius messages to the DSR. If no UDP port is specified here, this local node does not receive requests from Radius clients. |
Format: numeric Range: 1024 to 49151 Default: none |
| Enable RADIUS UDP Client Ports | When checked, this local node can send Radius request messages to a Radius server using one of the UDP ports specified in the Radius client UDP port range. |
Format: checkbox Range: none Default: unchecked |
| RADIUS Client UDP Port Range Start |
The lowest UDP port number that can be used to send Radius request messages to a remote Radius server. Note: If this local node does not share any IP address with any other local node, this local node can use the default client port range start of 2000. However, if this local node shares any IP addresses with one or more local nodes, it can only use the default port range start of 2000 if none of the other local nodes (that share an IP with this local node) overlaps the port range specified for this local node. |
Format: numeric Range: 1024 to 49151 Default: 2000 Note: Do not use port 5220 as it is already in use by another process. |
| RADIUS Client UDP Port Range End |
The highest UDP port number that can be used to send Radius request messages to a remote Radius server. Note: If this local node does not share any IP address with any other local node, this local node can use the default client port range end of 2499. However, if this local node shares any IP addresses with one or more local nodes, this local node can only use the default port range end of 2499 if none of the other local nodes that share an IP with this local node overlaps the port range specified for this Local Node. |
Format: numeric Range: 1024 to 49151 Default: 2499 Note: Do not use port 5220 as it is already in use by another process. |
| Verification Mode: |
The Certificate Verification Mode for the local node. If TLS/TCP or DTLS/SCTP Port is configured, this field sets the Verification Mode supported by the local node. Available certificate types for configuration. |
Format: List Range:
Default: Verify None |
| Certificate Type |
Available certificate types for configuration. Note: Currently, available for TLS only. Note: This field is required if TLS/TCP or DTLS/SCTP Ports are being used. |
Format: List Range: none Default: none |
| Certificate Name |
A list of available X509 TLS security certificates. Note: This field is required if TLS/TCP or DTLS/SCTP Ports are being used. |
Format: List Range: none Default: none |
| * Connection Configuration Set | Connection Configuration set for the local node. |
Format: List Range: configured Connection Configuration Sets, Default Connection Configuration Set. |
| * CEX Configuration Set |
CEX Configuration Set associated with the local node. The entries in the CEX Configuration Set field create links to the page, which shows only the selected entry. The CEX Configuration Set field for the local node is used if the CEX Configuration Set is not associated with the connection. |
Format: List Range: configured CEX Configuration Sets, Default CEX Configuration Set. |
| * IP Addresses |
IP address, or addresses, available for establishing Diameter transport Connections to the local node. User must assign at least one IP Address, and can assign up to 128 IP addresses, to a local node. Up to 32 IP addresses can be IPFE Target Set Addresses. If fewer, than four XSI interfaces are configured and SCTP transport is selected, then the number of IP Addresses selected must be the same as the number of XSI interfaces. On the Local Nodes GUI pages, each IP address has
appended to it:
For the IPFE to differentiate between responder and initiator connections, it checks the destination port of the incoming packet. The IPFE processes the packet according to rules associated with the port range into which the destination port falls. To ensure unambiguous destination ports, diameter routing assigns non-overlapping port ranges. |
Format: Lists Range: 1 to128 entries Default: none |
| Dess Feature | When checked, DESS Feature is enabled. |
Format: checkbox Range: none Default: unchecked |
| CA Certificate | Upload the file in .pem format to use in certificate verification. |
Format: .pem file extension |
| Public Certificate | Upload the file in .pem format containing the client private key. |
Format: .pem file extension |
| Private Key | Upload the file in .pem format containing the public certificate. |
Format: .pem file extension |
| Dess Algorithm | The Dess Algorithm used for this Local Node in DESS Feature. |
Format: List Range:
Default: RSA_SHA_256 |