[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: RFC 3576bis Question: DAC and RADIUS server not co-located
Looking over the text, it still seems a bit rough. How about this?
"Regardless of whether it is co-located with a RADIUS server, the DAC is
to have access to data gleaned from the flow of RADIUS authentication or
packets (such as NAS and session identification attributes) in order to
CoA-Request or Disconnect-Request packets. However, where the DAC is not
co-located with a RADIUS server, in some circumstances it may not have
access to data
necessary to build a compliant CoA-Request or Disconnect-Request packet
(such as the information necessary to construct a State Attribute
that a RADIUS server would subsequently accept).
In these deployments, the DAC SHOULD send CoA or Disconnect-Requests to a
RADIUS server acting as a proxy, rather than
sending them directly to the NAS.
A RADIUS server receiving a CoA or Disconnect-Request from the DAC may then
update attributes (such as adding NAS or session identification attributes
appending a State Attribute), prior to forwarding the
packet. Having CoA/Disconnect-Requests forwarded by a RADIUS server may
also enable upstream RADIUS proxies to perform a Reverse Path Forwarding
(see Section 6.1)."
to unsubscribe send a message to firstname.lastname@example.org with
the word 'unsubscribe' in a single line as the message text body.