RADIUS ATTRIBUTES REFERENCE GUIDE
RELEASE 14.0.R4
RADIUS Attributes Reference
Issue: 01 3HE 10793 AAAB TQZZA 01 269
3. Maximum 32 hosts can be targeted in a single CoA or Disconnect Message. When more than 32
hosts are identified, the CoA and Disconnect Message is rejected with [101] Error-Cause attribute
value 501 (Administratively Prohibited).
4. If multiple hosts share the same IP on a single SAP (such as in a L2 aware NAT scenario), then
only a single host is identified. To make the selection of the host deterministic, the MAC address
of one of the hosts can be included with the [26-6527-27] Alc-Client-Hardware-Addr to target that
single host.
5. If multiple hosts share the same IP in the specified service, then the CoA will be rejected (NAK).
Typically only a single (set of) attribute(s) is used to target a host or a number of
hosts: “NAS-Port-Id + IP” or “Acct-Session-Id” or “Alc-Subsc-ID-Str”. In case that
both “NAS-Port-Id + IP” and “Acct-Session-Id” attributes are specified to identify
subscriber hosts, only the host identified by “NAS-Port-Id + IP” will be targeted. If the
identified host is not part of the hosts that would be identified by the “Acct-Session-
Id” attribute, then the CoA will be NAK’d with [101] Error-Cause attribute value 503
Session Context Not Found.
Example:
Change of Authorization(43) id 224 len 81 from 192.168.1.1:32772 vrid 1
SESSION ID [44] 22 24ADFF0000003D5107AB80 # priority 2
NAS PORT ID [87] 12 lag-1:10.300 # priority 1
FRAMED IP ADDRESS [8] 4 172.1.2.251 # priority 1
VSA [26] 15 Alcatel(6527)
SLA PROF STR [13] 13 sla-profile-1
The CoA targets the host identified with the combination of [87] NAS-Port-Id and [8]
Framed-IP-Address (prio 1) only if the host is also identified by [44] Acct-Session-Id
(prio 2), else the CoA is NAK’d.
Following attributes are accepted only if the CoA is targeted to a single host as
shown in Table 86:
• [26-6527-14] Alc-Force-Renew
• [26-6527-15] Alc-Create-Host
• [26-6527-98] Alc-Force-Nak
• [26-6527-130] Alc-AA-Transit-IP
To Next Page
Loading...
