[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Issue 38 - Ordering of filter attributes

To: "Avi Lior" <avi@bridgewatersystems.com>, <radiusext@ops.ietf.org>
Subject: RE: Issue 38 - Ordering of filter attributes
From: "Sanchez, Mauricio (PNB Roseville)" <mauricio.sanchez@hp.com>
Date: Mon, 31 Jan 2005 16:00:38 -0800


Avi writes...

> 
> There are two issues that need to be addressed.
> 
> One is that one NAS-Filter-Rule maybe too large to fit a 
> single RADIUS attribute; and A session may require several of 
> these NAS attributes.
> 
> Ordering is a given in RADIUS (as already described in the mail)
> 
> Therefore receipient of the Access-Accept must be able to 
> reconstruct a single NAS-Filter-Rule that extends over two or 
> more attributes.  And then you need to build the list of 
> NAS-Filter-Rules.
> 
> Note that there is no specific hint to help detect a 
> Filter-Rule that spans over more then one attribute.  For 
> example a key word at the end that indicates that the rule is 
> extended over the next attribute.  
> 

How often do you forsee generating a single NAS-Filter-Rule that would
blow out a single RADIUS attribute?  Even so, why couldn't you spread
out the rule over multiple attributes with the same net effect?  If
anything, I do see an issue in running out of space for multiple rules
(i.e. multiple NAS-Filter-Rule attributes) within a single
Access-Accept.  

MS

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Follow-Ups:
- RE: Issue 38 - Ordering of filter attributes
  - From: Bernard Aboba <aboba@internaut.com>

Prev by Date: re: Issue 37: Merging of Filter Attributes
Next by Date: RE: Issue 38 - Ordering of filter attributes
Previous by thread: RE: Issue 38 - Ordering of filter attributes
Next by thread: RE: Issue 38 - Ordering of filter attributes
Index(es):
- Date
- Thread