[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: DISCUSS: draft-ietf-radext-filter
- To: "Nelson, David" <dnelson@enterasys.com>
- Subject: RE: DISCUSS: draft-ietf-radext-filter
- From: "Glen Zorn \(gwz\)" <gwz@cisco.com>
- Date: Wed, 10 Jan 2007 14:10:44 -0800
- Authentication-results: sj-dkim-6; header.From=gwz@cisco.com; dkim=pass (sig from cisco.com/sjdkim6002 verified; );
- Cc: <radiusext@ops.ietf.org>
- Dkim-signature: v=0.5; a=rsa-sha256; q=dns/txt; l=2534; t=1168467049; x=1169331049; c=relaxed/simple; s=sjdkim6002; h=Content-Type:From:Subject:Content-Transfer-Encoding:MIME-Version; d=cisco.com; i=gwz@cisco.com; z=From:=20=22Glen=20Zorn=20\(gwz\)=22=20<gwz@cisco.com> |Subject:=20RE=3A=20DISCUSS=3A=20draft-ietf-radext-filter |Sender:=20; bh=PUqDJqyZPzFypJ5ffuJ+Vi6NV51j47v2JIheeZ0uB6E=; b=Jr95K8meA/50fJJk7xc4NwRoI4B7DYu66wtH7axdwgEWAq2E/imIG4F2X5lb2XuQmO9+2iNx tOWhHQGZbeMpxpL6Ne4QbcOjWMIbQy69tUowfW6Y31647UQq+WoDm94p;
- In-reply-to: <3CFB564E055A594B82C4FE89D21565605A4A42@MABOSEVS2.ets.enterasys.com>
Nelson, David <> supposedly scribbled on Wednesday, January 10, 2007
1:37 PM:
> As the PROTO Document Shepherd on this draft, it's my job to
> facilitate IESG issue resolution. Please take a moment to review the
> DISCUSS issue resolution described here. If you think this is OK,
> please reply to the list.
Looks fine to me.
> If you think there is a better resolution
> please provide alternate text.
>
> Thanks!
>
> Dave Nelson
>
>> Here is a proposed resolution to the IESG DISCUSS comment provided
>> below:
>>
>> In Section 4, change:
>>
>> " Note that a translated Diameter message can be larger than the
>> maximum RADIUS packet size (4096). Where a Diameter/RADIUS
>> gateway receives a Diameter message containing a NAS-Filter-Rule
>> AVP that is too large to fit into a RADIUS packet, the
>> Diameter/RADIUS gateway will respond to the originating Diameter
>> peer with the DIAMETER_INVALID_AVP_LENGTH error (5014), and with
>> a Failed-AVP AVP containing the NAS-Filter-Rule AVP. Since
>> repairing the error will probably require re-working the filter
>> rules, the originating peer should treat the combination of a
>> DIAMETER_INVALID_AVP_LENGTH error and a Failed-AVP AVP containing
>> a NAS-Filter-Rule AVP as a terminal error."
>>
>> To:
>>
>> " Note that a translated Diameter message can be larger than the
>> maximum RADIUS packet size (4096). Where a Diameter/RADIUS
>> gateway receives a Diameter message containing a NAS-Filter-Rule
>> AVP that is too large to fit into a RADIUS packet, the
>> Diameter/RADIUS gateway will respond to the originating Diameter
>> peer with a Result-Code AVP with the value
>> DIAMETER_RADIUS_AVP_UNTRANSLATABLE (TBD), and with a Failed-AVP
>> AVP containing the NAS-Filter-Rule AVP. Since repairing the
>> error will probably require re-working the filter rules, the
>> originating peer should treat the combination of a Result-Code
>> AVP with value DIAMETER_RADIUS_AVP_UNTRANSLATABLE
>> and a Failed-AVP AVP containing a NAS-Filter-Rule AVP as a
>> terminal error."
>>
>> In Section 5, add the following paragraph:
>>
>> "This document also utilizes the Diameter [RFC3588] namespace.
>> Allocation of a Diameter Result-Code AVP value for
>> theDIAMETER_RADIUS_AVP_UNTRANSLATABLE error is requested. Since
>> this is a permanent failure, an allocation should be provided in the
>> 5xxx range. "
--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>