Capability exchange is a procedure where two diameter peer exchange their identity and their capabilities i.e. protocol version number, supported applications, security mechanism etc. Message used between peers for this purpose is CER/CEA Messages (Capability-Exchange-Request/Capability-Exchange-Answer).
Capabilities Exchange Summary
CER/CEA messages are used
Message exchange advertises:
Supported applications
Peer Identity
Security schemes – Indicates the use of TLS
SCTP host addresses if used
CER/CEA may or may not be protected
Exchange Procedure (RFC 3588 at a glance)
1) A receiver of a Capabilities-Exchange-Req (CER) message that does not have any applications in common with the sender MUST return a Capabilities-Exchange-Answer (CEA) with the Result-Code AVP set to DIAMETER_NO_COMMON_APPLICATION, and SHOULD disconnect the transport layer connection.
2) Receiver of a Capabilities-Exchange-Req (CER) message that does not have any security mechanisms in common with the sender MUST return a Capabilities-Exchange-Answer (CEA) with the Result-Code AVP set to DIAMETER_NO_COMMON_SECURITY, and SHOULD disconnect the transport layer connection.
3) If CER is received from any unknown peer then receiver should discard the message, or send the CEA with the Result-Code Avp set to DIAMETER_UNKNOWN_PEER. (If the local implementation policy permits to receive CER from unknown hosts,a successful CEA MAY be returned, and the life time of the peer entry in PEER-Table is equal to the lifetime of the transport connection. If in any case transport connection fails then all the pending transactions destined to the unknown peer can be discarded._)
Note: The CER and CEA messages MUST NOT be proxied, redirected or relayed. Since CER/CEA messages can not be proxied, but still it is possible that proxy will receive a CER message and proxy does not have any peer to handle the application requested in CER, in this case proxy set the E bit in CEA and set the Result-Code Avp to DIAMETER_UNABLE_TO_DELIVER, sends back to CER generator peer.
Message Format
<CER> ::= < Diameter Header: 257, REQ >
{ Origin-Host }
{ Origin-Realm }
1* { Host-IP-Address }
{ Vendor-Id }
{ Product-Name }
[ Origin-State-Id ]
* [ Supported-Vendor-Id ]
* [ Auth-Application-Id ]
* [ Inband-Security-Id ]
* [ Acct-Application-Id ]
* [ Vendor-Specific-Application-Id ]
[ Firmware-Revision ]
* [ AVP ]
<CEA> ::= < Diameter Header: 257 >
{ Result-Code }
{ Origin-Host }
{ Origin-Realm }
1* { Host-IP-Address }
{ Vendor-Id }
{ Product-Name }
[ Origin-State-Id ]
[ Error-Message ]
* [ Failed-AVP ]
* [ Supported-Vendor-Id ]
* [ Auth-Application-Id ]
* [ Inband-Security-Id ]
* [ Acct-Application-Id ]
* [ Vendor-Specific-Application-Id ]
[ Firmware-Revision ]
* [ AVP ]