[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

New RADIUS Redirection Draft



FYI: would appreciate comments on this work.

A New Internet-Draft is available from the on-line Internet-Drafts
directories.

Title : Remote Authentication Dial In User Service (RADIUS) Redirection
Author(s) : A. Lior
Filename : draft-lior-radius-redirection-00.txt
Pages : 27
Date : 2004-2-9

In certain scenarios there needs to be a method to force the users
traffic to a specific location. This document describes several
methods that are available to be used with Remote Authentication Dial
In User Service (RADIUS) Protocol and defines three new RADIUS
attributes: NAS-Filter-Rule, Redirect-Id and Redirect-Rule.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-lior-radius-redirection-00.txt

This work has been motivated by PWLAN.

This draft introduces 3 new attributes and was written such that it
compliments Diameter.
NAS-Filter-Rule was introduced to make Filter-Id more roaming friendly (See
commentary in NASREQ)
Redirect-Id attribute is to be used like Filter-Id in those cases where
there is a 'tight' relationship with the roaming partners. Like Filter-Id,
Redirect-Id is not roaming friendly and hence we introduced Redirect-Rule.

Redirect-Rule is based on IPFW syntax slightly modified to implement
redirection. Again this approach is entirely consistant with Diameter's
approach for IPFilterRule.

However, IPFW does not support redirection. It does support (in some cases)
Forwarding but forwarding is not the same as Redirection.

Redirection has also been addressed by Diameter-Credit-Control Application.
However, in credit control redirection is done as a subset of the method
proposed here.

============================================
STATEMENT of Compliance to Proposed Charter 
============================================
The draft is 100% compatible with the RADIUS EXT Proposed Charter

Item 1: All work MUST be backward compatible with exiting RADIUS RFCs.
This draft is 100% backwards compatible with existing RADIUS RFCs.

Item 2: No new RADIUS transports
No new transports were introdcued.

Item 3: No changes will be considered to the RADIUS attribute format.
No changes were made to any RADIUS attribute format. The new attriutes are
of type STRING.

Item 4: No new RADIUS data types will be defined.
No new RADIUS data type was introduced.

Item 5: The RADIUS maximum packet size (4K) will not be increaded.
Packet size remains less the 4K.

Item 6: No RADIUS attribute "sub-types" will be defined.
No new attribute called "sub-types" was defined or introduced. All
attributes are based on existing RADIUS types.

Item 7: No new RADIUS secuirty mechanism will be defined.
No new security mechanisms was introduced.

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>