RE: Issue: Attribute concatenation/splitting

[<Pasi.Eronen@nokia.com>]

Bernard Aboba wrote:
> 
> >I guess this means that a single long rule can be split into multiple
> >NAS-Filter-Rule attributes?
> 
> Yes.
> 
> >And a single NAS-Filter-Rule attribute could contain pieces 
> >of multiple rules?
> 
> Yes.
> 
> BTW, do the same issues also apply to the NAS-Filter-Rule AVP 
> defined in RFC 4005?

As far as I can tell, no: in RFC 4005, a single AVP always contains
one complete rule (long rules are not split into multiple AVPs, and
one AVP never contains multiple rules).

> >If so, I'd recommend separating the individual rules somehow.
> 
> Question: Does introducing a separator into NAS-Filter-Rule
> attribute complicate the translation to and from NAS-Filter-Rule
> AVP?
> 
> For example, can we have multiple filter rules in a NAS-Filter-Rule 
> AVP, and if so, how do we tell when one rule ends and another begins?

Hmm... the translation is going to be messy no matter what, unless
we remove the splitting/concatenation from the RADIUS attribute.
This would make it impossible to translate rules that are longer
than 253 characters... but perhaps this is not a big problem? 

Rules that long are probably extremely rare, and there are already
situations that cannot be translated (if the total length of rules
and other attributes exceeds 4096 bytes).

Best regards,
Pasi

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>