[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Inclusion of Filter-Id and NAS-Filter-Rule AVPs
Bernard Aboba writes...
> Perhaps the best solution is simply to say this in the document.
That may, in fact, be the best we can do.
> For example:
>
> "The NAS-Filter-Rule attribute is not intended to be used
> concurrently with any other filter rule attribute, including
> Filter-Id (11) and NAS-Traffic-Rule [Traffic] attributes.
> NAS-Filter-Rule and NAS-Traffic-Rule attributes MUST NOT appear
> in the same RADIUS packet. If a NAS-Traffic-Rule attribute is
> present, a NAS implementing this specification MUST silently
> discard NAS-Filter-Rule attributes, if present. Filter-Id and
> NAS-Filter-Rule attributes SHOULD NOT appear in the same RADIUS
> packet.
>
> Given the absence in [RFC4005] of well-defined precedence rules
> for combining Filter-Id and NAS-Filter-Rule attributes into a single
> rule set, the behavior of NASes receiving both attributes is
> undefined, and therefore a RADIUS server implementation cannot
> assume a consistent behavior."
This seems OK to me.
--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>