PANA Implementation in Open Diameter Victor Fajardo
General Information Programming Language: C++ License: LGPL (Lesser GNU Public License) Supported OS: Linux, Windows XP Source code location: –“libpana” directory in the source tree provides PANA API –Diameter and EAP implementations are also available
Functional Architecture Defines PANA API Independent of EAP implementation –PANA API is designed to work with any EAP implementation including Open Diameter EAP API Abstracted transport model –provides OS independency Multi-threading model to gain better performance Dictionary-based message parser –Parser dictionary provides flexibility in accommodating changing message formats –XML is used as the dictionary format –Re-using Diameter message parser since Diameter and PANA message formats are similar
Application Interface Core object instances –XML configuration loader –Memory manager and message buffer pool –Fast search trees for use as session database (PAA) –Thread pool manager –Auxiliary objects (timers, generators etc) Session based PaC and PAA objects –Event handlers for message processing and notifications –Derives from extensible state machine objects which implements common PANA states (termination, re-authentication etc) –Management of attributes (id’s, SA, MSK … etc)
Transport Model Raw access to interfaces. IP Stack bypass. Has to provide IP and link-layer header inspection Handling of unspecified IP address Underlying transport implementation is complex
PaC Architecture
PAA Architecture
Future Plan PANA API –NAP and ISP separate authentication support EP API support –Support separate EP from PAA –Presence of PaC indications (to support PANA authentication initiated by PAA) Bootstrapping other protocols –IP-sec (draft-ietf-pana-ipsec) –DHCP authentication (draft-tschofenig-pana- bootstrap-rfc3118)