# -------- Local --------- # The first parameter in this section is Identity, which will be used to # identify this peer in the Diameter network. The Diameter protocol mandates # that the Identity used is a valid FQDN for the peer. This parameter can be # omitted, in that case the framework will attempt to use system default value # (as returned by hostname --fqdn). Identity = "hss.openair4G.eur"; # In Diameter, all peers also belong to a Realm. If the realm is not specified, # the framework uses the part of the Identity after the first dot. Realm = "openair4G.eur"; # This parameter is mandatory, even if it is possible to disable TLS for peers # connections. A valid certificate for this Diameter Identity is expected. TLS_Cred = "/usr/local/etc/oai/freeDiameter/hss.cert.pem", "/usr/local/etc/oai/freeDiameter/hss.key.pem"; TLS_CA = "/usr/local/etc/oai/freeDiameter/hss.cacert.pem"; # Disable use of TCP protocol (only listen and connect in SCTP) # Default : TCP enabled No_SCTP; # This option is ignored if freeDiameter is compiled with DISABLE_SCTP option. # Prefer TCP instead of SCTP for establishing new connections. # This setting may be overwritten per peer in peer configuration blocs. # Default : SCTP is attempted first. Prefer_TCP; # Disable use of IPv6 addresses (only IP) # Default : IPv6 enabled No_IPv6; # Overwrite the number of SCTP streams. This value should be kept low, # especially if you are using TLS over SCTP, because it consumes a lot of # resources in that case. See tickets 19 and 27 for some additional details on # this. # Limit the number of SCTP streams SCTP_streams = 3; # By default, freeDiameter acts as a Diameter Relay Agent by forwarding all # messages it cannot handle locally. This parameter disables this behavior. NoRelay; # Use RFC3588 method for TLS protection, where TLS is negociated after CER/CEA exchange is completed # on the unsecure connection. The alternative is RFC6733 mechanism, where TLS protects also the # CER/CEA exchange on a dedicated secure port. # This parameter only affects outgoing connections. # The setting can be also defined per-peer (see Peers configuration section). # Default: use RFC6733 method with separate port for TLS. #TLS_old_method; # Number of parallel threads that will handle incoming application messages. # This parameter may be deprecated later in favor of a dynamic number of threads # depending on the load. AppServThreads = 4; # Specify the addresses on which to bind the listening server. This must be # specified if the framework is unable to auto-detect these addresses, or if the # auto-detected values are incorrect. Note that the list of addresses is sent # in CER or CEA message, so one should pay attention to this parameter if some # adresses should be kept hidden. #ListenOn = "127.0.0.1"; Port = 3868; SecPort = 5868; # -------- Extensions --------- # Uncomment (and create rtd.conf) to specify routing table for this peer. #LoadExtension = "rt_default.fdx" : "rtd.conf"; # Uncomment (and create acl.conf) to allow incoming connections from other peers. LoadExtension = "acl_wl.fdx" : "/usr/local/etc/oai/freeDiameter/acl.conf"; # Uncomment to display periodic state information #LoadExtension = "dbg_monitor.fdx"; # Uncomment to enable an interactive Python interpreter session. # (see doc/dbg_interactive.py.sample for more information) #LoadExtension = "dbg_interactive.fdx"; # Load the RFC4005 dictionary objects #LoadExtension = "dict_nasreq.fdx"; LoadExtension = "dict_nas_mipv6.fdx"; LoadExtension = "dict_s6a.fdx"; # Load RFC4072 dictionary objects #LoadExtension = "dict_eap.fdx"; # Load the Diameter EAP server extension (requires diameap.conf) #LoadExtension = "app_diameap.fdx" : "diameap.conf"; # Load the Accounting Server extension (requires app_acct.conf) #LoadExtension = "app_acct.fdx" : "app_acct.conf"; # -------- Peers --------- # The framework will actively attempt to establish and maintain a connection # with the peers listed here. # For only accepting incoming connections, see the acl_wl.fx extension. #ConnectPeer = "ubuntu.localdomain" { ConnectTo = "127.0.0.1"; No_TLS; };