Re: RFC 2865

[Emile van Bergen <openradius-radextwg@e-advies.nl>]

Hi,

On Tue, Sep 20, 2005 at 04:53:32PM +0200, ext-Rajendra.Persaud@nokia.com wrote:

> Hi all,
> 
> I have one question regarding RFC 2865. Maybe someone can help:
> 
> RFC 2865 section 5.22 (Framed-Route attribute) states:
> ---
> For IP routes, it SHOULD contain a destination prefix in dotted
> quad form optionally followed by a slash and a decimal length
> specifier stating how many high order bits of the prefix to use.
> That is followed by a space, a gateway address in dotted quad
> form, a space, and one or more metrics separated by spaces.  For
> example, "192.168.1.0/24 192.168.1.1 1 2 -1 3 400". The length
> specifier may be omitted, in which case it defaults to 8 bits for
> class A prefixes, 16 bits for class B prefixes, and 24 bits for
> class C prefixes.  For example, "192.168.1.0 192.168.1.1 1".
> 
> Whenever the gateway address is specified as "0.0.0.0" the IP
> Address of the user SHOULD be used as the gateway address.
> ---
> 
> It seems as if the Framed-Route attribute is used to create a routing
> table entry at the *NAS*. Is that correct?

Tat is correct. RADIUS responses are interpreted by the RADIUS client
(the NAS). Some RADIUS attributes (eg. EAP-Message) may be passed on by
the NAS to the user as part of an authentication protocol.

> However, I wonder why the NAS (cf. second part of above citation) would
> configure the IP address of the user as gateway? Is there any scenario
> for that?

If you want to route a netblock to the user, you want to use the IP
address of the user as the gateway address.

It's especially useful in dial-on-demand WAN backup scenarios.

Kind regards,


Emile.

-- 
E-Advies - Emile van Bergen           emile@e-advies.nl      
tel. +31 (0)78 6136282           http://www.e-advies.nl    

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>