[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Issue 226: RFC 3576bis and Renumbering
Glen Zorn said: So, basically, what you are
saying seems to be that
-
deploying RADIUS accounting is mandatory
AND
-
an undefined but incestuous relationship between separate RADIUS
and RADIUS Accounting servers is also mandatory OR
-
the RADIUS and RADIUS Accounting servers must be one and the
same
None of those seem like very good ideas to me.
This makes sense to me.
It is possible for a "Dynamic Authorization Client" to send a CoA-Request or Disconnect-Request identifying the NAS and session based purely on information present in the Access-Request. In such a situation, it would seem that a User-Name attribute, NAS-Port/NAS-Port-Id and a NAS identification attribute (e.g. NAS-IP-Address, NAS-IPv6-Address, NAS-Identifier) should be sufficient to identify the session. If the session was never
started, or the user is no longer there, a
CoA/Disconnect-NAK will be sent along with an Error-Cause attribute.
It is also possible for a "Dynamic Authorization Client" to send a CoA-Request or Disconnect-Request based on an Accounting-Request. In this case, the Acct-Session-Id attribute would be used to identify the session.
The question is this: under what circumstances would other attributes (Called/Calling-Station-Id, NAS-Port-Type, Framed-IP-Address/Framed-IPv6-Prefix/Framed-Identifer, etc.) ever be needed in order to identify a session? It seems that Called/Calling-Station-Id would only be needed if NAS-Port/NAS-Port-Id were not present (e.g. where the same user was logged on to multiple ports).