1-7
No. Attribute No. Attribute
42 Acct-Input-Octets 89 (unassigned)
43 Acct-Output-Octets 90 Tunnel-Client-Auth-id
44 Acct-Session-Id 91 Tunnel-Server-Auth-id
The attribute types listed in Table 1-2 are defined by RFC 2865, RFC 2866, RFC 2867, and RFC 2868.
Extended RADIUS Attributes
The RADIUS protocol features excellent extensibility. Attribute 26 (Vender-Specific) defined by RFC
2865 allows a vender to define extended attributes to implement functions that the standard RADIUS
protocol does not provide.
A vendor can encapsulate multiple type-length-value (TLV) sub-attributes in RADIUS packets for
extension in applications. As shown in Figure 1-5
, a sub-attribute that can be encapsulated in Attribute
26 consists of the following four parts:
z Vendor-ID (four bytes): Indicates the ID of the vendor. Its most significant byte is 0 and the other
three bytes contain a code complying with RFC 1700. The vendor ID of H3C is 2011.
z Vendor-Type: Indicates the type of the sub-attribute.
z Vendor-Length: Indicates the length of the sub-attribute.
z Vendor-Data: Indicates the contents of the sub-attribute.
Figure 1-5 Segment of a RADIUS packet containing an extended attribute
Protocols and Standards
The protocols and standards related to AAA and RADIUS include:
z RFC 2865: Remote Authentication Dial In User Service (RADIUS)
z RFC 2866: RADIUS Accounting
z RFC 2867: RADIUS Accounting Modifications for Tunnel Protocol Support
z RFC 2868: RADIUS Attributes for Tunnel Protocol Support
z RFC 2869: RADIUS Extensions
To Next Page
Loading...
