80 likes | 173 Views
PANA Implementation in Open Diameter. Victor Fajardo. General Information. Programming Language: C++ License: LGPL (Lesser GNU Public License) Supported OS: Linux, Windows XP Source code location: http://www.sourceforge.net/projects/diameter
E N D
PANA Implementation in Open Diameter Victor Fajardo
General Information • Programming Language: C++ • License: LGPL (Lesser GNU Public License) • Supported OS: Linux, Windows XP • Source code location: http://www.sourceforge.net/projects/diameter • “libpana” directory in the source tree provides PANA API • Diameter and EAP implementations are also available
Functional Architecture • Defines PANA API • Independent of EAP implementation • PANA API is designed to work with any EAP implementation including Open Diameter EAP API • Abstracted transport model • provides OS independency • Multi-threading model to gain better performance • Dictionary-based message parser • Parser dictionary provides flexibility in accommodating changing message formats • XML is used as the dictionary format • Re-using Diameter message parser since Diameter and PANA message formats are similar
Application Interface • Core object instances • XML configuration loader • Memory manager and message buffer pool • Fast search trees for use as session database (PAA) • Thread pool manager • Auxiliary objects (timers, generators etc) • Session based PaC and PAA objects • Event handlers for message processing and notifications • Derives from extensible state machine objects which implements common PANA states (termination, re-authentication etc) • Management of attributes (id’s, SA, MSK … etc)
Transport Model • Raw access to interfaces. IP Stack bypass. • Has to provide IP and link-layer header inspection • Handling of unspecified IP address • Underlying transport implementation is complex
Future Plan • PANA API • NAP and ISP separate authentication support • EP API support • Support separate EP from PAA • Presence of PaC indications (to support PANA authentication initiated by PAA) • Bootstrapping other protocols • IP-sec (draft-ietf-pana-ipsec) • DHCP authentication (draft-tschofenig-pana-bootstrap-rfc3118)