[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Issue: Attribute concatenation/splitting

To: Pasi.Eronen@nokia.com, bernard_aboba@hotmail.com, radiusext@ops.ietf.org
Subject: RE: Issue: Attribute concatenation/splitting
From: Rajith R <rajithr@huawei.com>
Date: Mon, 03 Jul 2006 15:31:34 +0530
In-reply-to: <B356D8F434D20B40A8CEDAEC305A1F2402D9BCBA@esebe105.NOE.Nokia.com>
Organization: huawei
Reply-to: rajithr@huawei.com

AFAIK, splitting & concatenation are necessitated by the 255 byte limit
for RADIUS attributes. So it would be better to split at 253 byte (for
the attribute payload) boundary rather than LF or some other attribute
specific delimiter, 
I think this would have the advantage of
* same & simple logic for concatenation/splitting of any suitable RADIUS
attribute of length > 255
* packing efficiency in the message, though not a principal concern

************************************************************************
****
This e-mail and attachments contain confidential information from
HUAWEI, which is intended only for the person or entity whose address is
listed above. Any use of the information contained herein in any way
(including, but not limited to, total or partial disclosure,
reproduction, or dissemination) by persons other than the intended
recipient's) is prohibited. If you receive this e-mail in error, please
notify the sender by phone or email immediately and delete it!

-----Original Message-----
From: owner-radiusext@ops.ietf.org [mailto:owner-radiusext@ops.ietf.org]
On Behalf Of Pasi.Eronen@nokia.com
Sent: Monday, July 03, 2006 3:09 PM
To: bernard_aboba@hotmail.com; radiusext@ops.ietf.org
Subject: RE: Issue: Attribute concatenation/splitting

Bernard Aboba wrote:
> 
> >I guess this means that a single long rule can be split into multiple
> >NAS-Filter-Rule attributes?
> 
> Yes.
> 
> >And a single NAS-Filter-Rule attribute could contain pieces 
> >of multiple rules?
> 
> Yes.
> 
> BTW, do the same issues also apply to the NAS-Filter-Rule AVP 
> defined in RFC 4005?

As far as I can tell, no: in RFC 4005, a single AVP always contains
one complete rule (long rules are not split into multiple AVPs, and
one AVP never contains multiple rules).

> >If so, I'd recommend separating the individual rules somehow.
> 
> Question: Does introducing a separator into NAS-Filter-Rule
> attribute complicate the translation to and from NAS-Filter-Rule
> AVP?
> 
> For example, can we have multiple filter rules in a NAS-Filter-Rule 
> AVP, and if so, how do we tell when one rule ends and another begins?

Hmm... the translation is going to be messy no matter what, unless
we remove the splitting/concatenation from the RADIUS attribute.
This would make it impossible to translate rules that are longer
than 253 characters... but perhaps this is not a big problem? 

Rules that long are probably extremely rare, and there are already
situations that cannot be translated (if the total length of rules
and other attributes exceeds 4096 bytes).

Best regards,
Pasi

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Follow-Ups:
- RE: Issue: Attribute concatenation/splitting
  - From: <Pasi.Eronen@nokia.com>

References:
- RE: Issue: Attribute concatenation/splitting
  - From: <Pasi.Eronen@nokia.com>

Prev by Date: RE: Issue: Attribute concatenation/splitting
Next by Date: RE: Issue: Attribute concatenation/splitting
Previous by thread: RE: Issue: Attribute concatenation/splitting
Next by thread: RE: Issue: Attribute concatenation/splitting
Index(es):
- Date
- Thread