1-4
z The Packet body field differs with the Type field.
Note that EAPoL-Start, EAPoL-Logoff, and EAPoL-Key packets are only transmitted between the
supplicant system and the authenticator system. EAP-packets are encapsulated by RADIUS protocol to
allow them successfully reach the authentication servers. Network management-related information
(such as alarming information) is encapsulated in EAPoL-Encapsulated-ASF-Alert packets, which are
terminated by authenticator systems.
The format of an EAP packet
For an EAPoL packet with the value of the Type field being EAP-packet, its Packet body field is an EAP
packet, whose format is illustrated in
Figure 1-4.
Figure 1-4 The format of an EAP packet
015
Code
Data
Length
7
Identifier
2
4
N
In an EAP packet:
z The Code field indicates the EAP packet type, which can be Request, Response, Success, or
Failure.
z The Identifier field is used to match a Response packet with the corresponding Request packet.
z The Length field indicates the size of an EAP packet, which includes the Code, Identifier, Length,
and Data fields.
z The Data field carries the EAP packet, whose format differs with the Code field.
A Success or Failure packet does not contain the Data field, so the Length field of it is 4.
Figure 1-5 shows the format of the Data field of a Request packet or a Response packet.
Figure 1-5 The format of the Data field of a Request packet or a Response packet
z The Type field indicates the EAP authentication type. A value of 1 indicates Identity and that the
packet is used to query the identity of the peer. A value of 4 represents MD5-Challenge (similar to
PPP CHAP) and indicates that the packet includes query information.
z The Type Date field differs with types of Request and Response packets.
Newly added fields for EAP authentication
Two fields, EAP-message and Message-authenticator, are added to a RADIUS protocol packet for EAP
authentication. (Refer to the Introduction to RADIUS protocol section in the AAA Operation Manual for
information about the format of a RADIUS protocol packet.)
The EAP-message field, whose format is shown in
Figure 1-6, is used to encapsulate EAP packets. The
maximum size of the string field is 253 bytes. EAP packets with their size larger than 253 bytes are
To Next Page
Loading...
Need help?
General