Extended Attributes RADEXT - IETF 79 Alan DeKok FreeRADIUS Avi Lior Bridgewater.

Slides:

Advertisements

Similar presentations

IP Addressing Introductory material.

Advertisements

IETF draft-jeyatharan-mext-flow-tftemp-reference-01 Mohana Jeyatharan panasonic.com Chan-Wah Ng 1 IETF.

Overview of draft-ietf-sidr-roa-format-01.txt Matt Lepinski BBN Technologies.

L3VPN WG2012-Jul-301 MVPN/BGP Support for Customers That Use mLDP RFCs 6513/6514: support Multicast VPN Service for customers that use PIM provide extensive.

KMIP Vendor Extension Management KMIP supports ‘extensions’ but provides no mechanism for coordination of values between clients and servers or between.

Oct 21, 2004CS573: Network Protocols and Standards1 IP: Addressing, ARP, Routing Network Protocols and Standards Autumn

Format for the Session Initiation Protocol (SIP) Common Log Format (CLF) draft-ietf-sipclf-format-01 (G. Salgueiro, V. Gurbani, and A. B. Roach) Presenter:

Chapter 21 IP Addressing “If we all did the things we are capable of doing, we would literally astound ourselves” - Thomas Alva Edison,

CS 6401 Efficient Addressing Outline Addressing Subnetting Supernetting.

1 TCOM 509 – Internet Protocols (TCP/IP) Lecture 02_b Instructor: Dr. Li-Chuan Chen Date: 09/08/2003 Based in part upon slides of Prof. J. Kurose (U Mass),

IP Addressing. Dotted Decimal Notation IP addresses are written in a so-called dotted decimal notation Each byte is identified by a decimal number in.

1 Internet Addresses (You should read Chapter 4 in Forouzan) IP Address is 32 Bits Long Conceptually the address is the pair ( NETID, HOSTID ) Addresses.

LECTURE # 20 IP ADDRESSING 1. Binary 2  All digital electronics use a binary method for communication.  Binary can be expressed using only two values:

INTRODUCTION TO IP ADDRESS Ravi Chandra Gurung. IP ADDRESSES.

RADIUS Accounting Extensions on Traffic Statistics draft-yeh-radext-ext-traffic-statistics-01 + IETF 82 – Radext Nov. 14 th, 2011 Leaf Y. Yeh Huawei Technologies.

Dean Cheng Jouni Korhonen Mehamed Boucadair

IETF SFC: Service Chain Header draft-zhang-sfc-sch-01

Draft-ietf-ospf-segment-routing-extensions-01 draft-psenak-ospf-segment-routing-ospfv3-extension- 02 IETF 88, November 3-8, 2013 P. Psenak, S.Previdi,

Efficient Addressing Outline Addressing Subnetting Supernetting CS 640.

Handling MPLS-TP OAM Packets Targeted at Internal MIPs draft-farrel-mpls-tp-mip-mep-map-04 H. Endo, A. Farrel, Y. Koike, M. Paul, R. Winter.

Dean Cheng Jouni Korhonen Mehamed Boucadair

1 RADIUS Mobile IPv6 Support draft-ietf-mip6-radius-01.txt Kuntal Chowdhury Avi Lior Hannes Tschofenig.

Simplified Extension of LSP Space for IS-IS draft-ietf-isis-wg-extlsp-00.txt Les Ginsberg Stefano Previdi Mike Shand.

March 2006IETF 65, Dallas1 Diameter NASreq (RFC 4005) and RADIUS Compatibility David Mitton RSA Security Inc. draft-mitton-diameter-radius-vsas-01.txt.

V6OPS WG – IETF #85 IPv6 for 3GPP Cellular Hosts draft-korhonen-v6ops-rfc3316bis-00 Jouni Korhonen, Jari Arkko, Teemu Savolainen, Suresh Krishnan.

4/26/2017 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: Response to WG request regarding TC ERM requested.

RADEXT WG RADIUS Attribute Guidelines Greg Weber March 21 st, 2006 IETF-65, Dallas v1 draft-weber-radius-attr-guidelines-02.txt draft-wolff-radext-ext-attribute-00.txt.

BESS WG2015-Mar-251 PMSI Tunnel Attribute Flags: IANA Considerations RFC6514 defines PMSI Tunnel Attribute (PTA) Carried in I/S-PMSI and Leaf A-D routes.

Dean Cheng 81 st IETF Quebec City RADIUS Extensions for CGN Configurations draft-cheng-behave-cgn-cfg-radius-ext

Design Guidelines Thursday July 26, 2007 Bernard Aboba IETF 69 Chicago, IL.

IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: Data Type Encoding Date Submitted: April 27, 2007 Presented at.

OSPFv3 Auto-Config IETF 83, Paris Jari Arkko, Ericsson Acee Lindem, Ericsson.

RADEXT WG RADIUS Attribute Guidelines Greg Weber IETF-63, Paris.

RADEXT WG draft-ietf-radext-ieee802ext-09 Bernard Aboba November 4, 2013 IETF 88 Please join the Jabber room:

1 PWE3 Control Word PWE3 IETF-60 August 2004 Stewart Bryant Danny McPherson.

Extended Attributes RADEXT - IETF 81 Alan DeKok FreeRADIUS Avi Lior Bridgewater.

Extended Attributes RADEXT - Interim Alan DeKok FreeRADIUS.

Residence Time Measurement draft-mirsky-mpls-residence-time-04 Greg Mirsky John Drake

Objective 1.Understand Network 2.Understand IP Addressing (IPv4 and IPv6) 3.Understand Subnetting 4.Examples 5.IP addressing and Vlan’s in TIFR 6.TIFR.

Draft-psenak-ospf-segment-routing-ospf-extension-03 draft-psenak-ospf-segment-routing-ospfv3-extension-00 IETF 88, November 3-8, 2013 P. Psenak, S.Previdi,

8 Byte BGP Communities Finding a practical way forward.

IP Addressing Introductory material.

IP: Addressing, ARP, Routing

Advertising Generic Information in IS-IS

BGP Flexible Communities

November 2010 doc.: IEEE e Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: LB60 comment.

RADEXT WG RADIUS Attribute Guidelines

August 2004 at IETF-60 Thoughts on RADIUS Data Model Issues and Some Possible New Approaches -- Including Diameter Compatibility.

Chapter-5 TCP/IP Suite.

LMP Behavior Negotiation

Introduction to IPv6.

ISIS Route Tag sub-TLV draft-ietf-isis-admin-tags-02.txt

RADEXT WG RADIUS Attribute Guidelines draft-weber-radius-attr-guidelines-01.txt Greg Weber November 8th, 2005 v1 IETF-64, Vancouver.

IP Addressing Introductory material.

IP Addressing Introductory material.

Chapter 26 IPv6 Addressing

Link State on Data Center Fabrics

draft-ietf-ospf-lls-interface-id-01

Robert Moskowitz, Verizon

Robert Moskowitz, Verizon

IP Addressing Introductory material

Robert Moskowitz, Verizon

Planning the Addressing Structure

draft-rodrigueznatal-lisp-vendor-lcaf-00 IETF 99 - Prague

5/6/2019 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: Response to WG request regarding TC ERM requested.

5/12/2019 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: Response to WG request regarding TC ERM requested.

Paul Bottorff 802.1Qbg Maintenance Items Paul Bottorff 6/1/2019 EVB.

Extended BFD draft-mirmin-bfd-extended

TRILL Header Extension Improvements

draft-ietf-ospf-te-link-attr-reuse-04

Presentation transcript:

Extended Attributes RADEXT - IETF 79 Alan DeKok FreeRADIUS Avi Lior Bridgewater

RADEXT - IETF 79 Requirements More RADIUS Attribute Types 256 is too limited Standard support for “long” attributes > 253 octets Better grouping RFC 2868 tags are inadequate

RADEXT - IETF 79 Un-Requirements Systems which were discussed and rejected too complex too limited which can’t be applied to existing RFCs

RADEXT - IETF 79 Current Attributes Type 1 octet Length 1 octet Value … octets

RADEXT - IETF 79 Extended Attributes Type 1 octet Length 1 octet Ext-Type 1 octet Value … octets

RADEXT - IETF 79 That’s pretty much it. “Steal” one octet of “value” for extended types Allocate 4 attributes of this format 241, 242, 243, 244 Solves the “need more attributes” problem Allows for ~1K new attributes

RADEXT - IETF 79 Naming We need to name the new attributes types. Use OID style “dotted number” 241.{1-255} “This-Is-A-New-attr” Versus 1 “User-Name” Naming applies only for the IANA registry

RADEXT - IETF 79 Grouping Better grouping by defining a TLV data type Already in WiMAX, 3GPP2, and other SDOs / vendors.

RADEXT - IETF 79 TLV Data Type TLV-Type 1 octet TLV-Length 1 octet Value … octets

RADEXT - IETF 79 TLV in Ext-Attribute Type 1 octet Length 1 octet = 9 Ext-Type 1 octet TLV-Type 1 octet TLV-Length 1 octet = 6 Value … 4 octets

RADEXT - IETF 79 TLVs in Ext-Attribute Type 1 octet Length 1 octet = 29 Ext-Type 1 octet TLV-Type 1 octet TLV-Length 1 octet = 6 Value … 4 octets TLV-Type’ 1 octet TLV-Length’ 1 octet = 20 Value’ … 18 octets

RADEXT - IETF 79 TLV Properties Can carry any existing or future data type Including TLVs. Multiple TLVs can be carried in one Ext-Attr Nested or concatenated Nesting is limited only by TLV-Length field 253 / 3 =~ 80 Practicalities show a depth of 5 is sufficient

RADEXT - IETF 79 TLV Naming Leverage the same “dotted number” notation! RADIUS Attr 241, of type “ext-attr” Extended Attr 1, data type “tlv” TLV 2, data type “integer” Allows for ~250 fields in a struct Extends type space past 1K attributes

RADEXT - IETF 79 “Long” Attributes Leverage the Ext-Type format Allocate 2 attributes of this type 245, 246 Add another field: “flags” Standard way to say “more than 253 octets of data”

RADEXT - IETF 79 Long Ext Attributes Type 1 octet Length 1 octet Ext-Type 1 octet Flags 1 octet Value … octets

RADEXT - IETF 79 Flags 1 bit of “C” for Continuation Same meaning as existing ext-attrs / WiMAX 7 bits of “reserved” We have no idea what to do with these It’s likely that these will never be used

RADEXT - IETF 79 Additional notes 24{1-6}.26 are VSAs Allows for many more VSAs 24{1-6}.{ } are reserved No “experimental” or “implementation- specific” They have not been useful Detailed instructions for IANA are included

RADEXT - IETF 79 Motivation RADEXT discussions have been long We need a solution soon (i.e. within 2-3 years) All other solutions are more complex Attribute audit shows the needs to be simple

Attribute Audit CountData Type 2257 integer 1762 text 273 IPv4 Address 235 string 96 other data types 35 IPv6 Address 18 date 4 Interface Id 3 IPv6 Prefix 4683 Total Public dictionaries ~100 vendors 55% or more are “short” (<20 bytes) ~20 “long” attrs (253+ octets) a “simple” solution seems to be best

RADEXT - IETF 79 Implementations In FreeRADIUS “stable” branch Implements TLVs, basic type No support for “long attrs” IEA Software Full support

RADEXT - IETF 79 To Do Define a “VSA” data type To be used by the 6 new “VSA” attributes Easier than repeating attribute definitions More “guideline” recommendations Hopefully simple More examples More clarifications

RADEXT - IETF 79 Summary > 1K of new attribute space With TLVs, potentially many 1000’s Grouping via TLVs Proven to work in SDO VSAs Standard way to have “long” attrs No more “ad hoc method”

RADEXT - IETF 79 Questions?