Re: Issue 226: RFC 3576bis and Renumbering

[Alan DeKok <aland@nitros9.org>]

Glen Zorn (gwz) wrote:
> Making Acct-Session-Id a MUST would ensure Diameter compatibility. 
> User-Name probably needs to be at least a MAY for the same reason.  
>  
> There are just a few problems with this idea (in the absence of RADIUS
> accounting).

  The suggestion was to require Acct-Session-Id in Access-Request, which
would make it useful independent of accounting.

> So, basically, what you are saying seems to be that 
> 
> 1.	
> 	deploying RADIUS accounting is mandatory AND

  No.

> 2.	
> 	an undefined but incestuous relationship between separate RADIUS
> and RADIUS Accounting servers is also mandatory OR

  No.

> 3.	
> 	the RADIUS and RADIUS Accounting servers must be one and the
> same

  No.

  What I'm saying is that the NAS knows what a session is: the user is
connected to it.  The NAS has the information that ties authentication
packets to accounting packets:  the Acct-Session-Id.  The NAS does not
currently share this information with the authentication server.  It
SHOULD make this information available to the authentication server.

  Once the Acct-Session-Id is available to the authentication server, it
can be used to tie authentication sessions to accounting sessions in a
better way than what is done right now.  It can also be used as a key to
control parameters related to the session... like CoA.

  Alan DeKok.

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>