[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Extending RADIUS Attribute Space
I can't give you an example because its not possible to do this today using
However, EAP/TLS and EAP/PEAP, both are sending attributes that transcend
the boundary of a RADIUS packet. So its not hard to imagine the need for
As well, we have been involved in a case where someone wanted to do a packet
audit against a wireless session where a counter is reported against a range
of IP addresses. These counters and Ipaddress are stored in a container
attribute. This container attribute would span a RADIUS accounting packet.
Note: The issue was dropped for other reasons.
My point is this, so far we have a request for addressing an issue for
allowing an attribute to be larger then that which is allowed by RADIUS.
Instead of inventing a specific scheme for that I am proposing to reuse a
solution that already exists that will address that problem *plus* another
> -----Original Message-----
> From: Nelson, David [mailto:email@example.com]
> Sent: Thursday, August 21, 2003 2:57 PM
> Cc: firstname.lastname@example.org
> Subject: RE: Extending RADIUS Attribute Space
> Avi Lior writes...
> > Allowing for larger attributes and allowing for attributes to span
> > is not a big change. It is in fact something that is done today
> Do you have an example of an attribute that would need to be
> so long as to span two or more packets (UDP datagrams)?
> David B. Nelson
> Wireless & AAA Architect, Office of the CTO
> Enterasys Networks, Inc.
> 50 Minuteman Road
> Andover, MA 01810-1008
> Phone: (978) 684-1330
> E-mail: email@example.com
> to unsubscribe send a message to
> firstname.lastname@example.org with the word 'unsubscribe' in
> a single line as the message text body.
> archive: <http://psg.com/lists/radiusext/>
to unsubscribe send a message to email@example.com with
the word 'unsubscribe' in a single line as the message text body.