Embed Size (px)
Citation preview
PANA Implementation in Open Diameter
Victor Fajardo
General Information
• Programming Language: C++• License: LGPL (Lesser GNU Public License)• Supported OS: Linux, Windows XP• Source code location:
http://www.sourceforge.net/projects/diameter– “libpana” directory in the source tree provides PANA
API – Diameter and EAP implementations are also available
Functional Architecture
• Defines PANA API• Independent of EAP implementation
– PANA API is designed to work with any EAP implementation including Open Diameter EAP API
• Abstracted transport model– provides OS independency
• Multi-threading model to gain better performance• Dictionary-based message parser
– Parser dictionary provides flexibility in accommodating changing message formats
– XML is used as the dictionary format– Re-using Diameter message parser since Diameter and PANA
message formats are similar
Application Interface
• Core object instances– XML configuration loader– Memory manager and message buffer pool– Fast search trees for use as session database (PAA)– Thread pool manager– Auxiliary objects (timers, generators etc)
• Session based PaC and PAA objects– Event handlers for message processing and notifications– Derives from extensible state machine objects which implements
common PANA states (termination, re-authentication etc)– Management of attributes (id’s, SA, MSK … etc)
Transport Model
• Raw access to interfaces. IP Stack bypass.
• Has to provide IP and link-layer header inspection
• Handling of unspecified IP address
• Underlying transport implementation is complex
PaC Architecture
PAA Architecture
Future Plan
• PANA API– NAP and ISP separate authentication support
• EP API support– Support separate EP from PAA– Presence of PaC indications (to support PANA
authentication initiated by PAA)
• Bootstrapping other protocols– IP-sec (draft-ietf-pana-ipsec)– DHCP authentication (draft-tschofenig-pana-
bootstrap-rfc3118)
