Presentation is loading. Please wait.

Presentation is loading. Please wait.

Extended Attributes RADEXT - Interim Alan DeKok FreeRADIUS.

Published byBelinda Wells Modified over 8 years ago

Similar presentations

Presentation on theme: "Extended Attributes RADEXT - Interim Alan DeKok FreeRADIUS."— Presentation transcript:

1 Extended Attributes RADEXT - Interim Alan DeKok FreeRADIUS

2 RADEXT - Interim Requirements More RADIUS Attribute Types 256 is too limited Standard support for “long” attributes > 253 octets Better grouping RFC 2868 tags are inadequate

3 RADEXT - Interim Un-Requirements Systems which were discussed and rejected too complex too limited which can’t be applied to existing RFCs

4 RADEXT - Interim Current Attributes Type 1 octet Length 1 octet Value … 1..253 octets

5 RADEXT - Interim Extended Attributes Type 1 octet Length 1 octet Ext-Type 1 octet Value … 1..252 octets

6 RADEXT - Interim That’s pretty much it. “Steal” one octet of “value” for extended types Allocate 4 attributes of this format 241, 242, 243, 244 Solves the “need more attributes” problem Allows for ~1K new attributes

7 RADEXT - Interim Naming We need to name the new attributes types. Use SNMP / IP Address style “dotted number” 241.{1-255} 241.1 “This-Is-A-New-attr” Versus 1 “User-Name” Naming applies only for the IANA registry

8 RADEXT - Interim Grouping Better grouping by defining a TLV data type Already in WiMAX, 3GPP2, and other SDOs / vendors.

9 RADEXT - Interim TLV Data Type TLV-Type 1 octet TLV-Length 1 octet Value … 1..253 octets

10 RADEXT - Interim TLV in Ext-Attribute Type 1 octet Length 1 octet = 9 Ext-Type 1 octet TLV-Type 1 octet TLV-Length 1 octet Value … 4 octets

11 RADEXT - Interim TLVs in Ext-Attribute Type 1 octet Length 1 octet = 29 Ext-Type 1 octet TLV-Type 1 octet TLV-Length 1 octet Value … 4 octets TLV-Type’ 1 octet TLV-Length’ 1 octet Value’ … 18 octets

12 RADEXT - Interim TLV Properties Can carry any existing or future data type Including TLVs. Multiple TLVs can be on in one Ext-Attr Nested or concatenated Nesting is limited only by TLV-Length field 253 / 3 =~ 80 Practicalities show a depth of 5 is sufficient

13 RADEXT - Interim TLV Naming Leverage the same “dotted number” notation! 241.1.2 RADIUS Attr 241, of type “ext-attr” Extended Attr 1, data type “tlv” TLV 2, data type “integer” Allows for ~250 fields in a struct Extends type space past 1K attributes

14 RADEXT - Interim “Long” Attributes Leverage the Ext-Type format Allocate 2 attributes of this type 245, 246 Add another field: “flags” Standard way to say “more than 253 octets of data”

15 RADEXT - Interim Long Ext Attributes Type 1 octet Length 1 octet Ext-Type 1 octet Flags 1 octet Value … 1..251 octets

16 RADEXT - Interim Flags 1 bit of “M” for More (or continuation) Same meaning as existing ext-attrs / WiMAX 7 bits of “reserved” We have no idea what to do with these It’s likely that these will never be used

17 RADEXT - Interim Additional notes 24{1-6}.26 are VSAs Allows for many more VSAs 24{1-6}.{241-255} are reserved No “experimental” or “implementation- specific” They have not been useful Detail instructions for IANA are included

18 RADEXT - Interim Motivation RADEXT discussions have been long We need a solution soon (i.e. within 2-3 years) All other solutions are more complex Attribute audit shows the needs to be simple

19 Attribute Audit CountData Type 2257 integer 1762 text 273 IPv4 Address 235 string 96 other data types 35 IPv6 Address 18 date 4 Interface Id 3 IPv6 Prefix 4683 Total Public dictionaries ~100 vendors 55% or more are “short” (<20 bytes) ~20 “long” attributes

20 RADEXT - Interim Summary > 1K of new attribute space With TLVs, potentially 10’s of 1000’s Grouping via TLVs Proven to work in SDO VSAs Standard way to have “long” attrs No more “ad hoc method”

21 RADEXT - Interim Implementations In FreeRADIUS “stable” branch http://git.freeradius.org Implements TLVs, basic type No support for “long attrs”

22 RADEXT - Interim Questions?

Download ppt "Extended Attributes RADEXT - Interim Alan DeKok FreeRADIUS."

Similar presentations

IP Addressing Introductory material.

IP Addressing Introductory material.
Classifying Network Addressing

Classifying Network Addressing
Chapter 19 Network Layer: Logical Addressing Stephen Kim.

Chapter 19 Network Layer: Logical Addressing Stephen Kim.
IETF draft-jeyatharan-mext-flow-tftemp-reference-01 Mohana Jeyatharan panasonic.com Chan-Wah Ng 1 IETF.

IETF draft-jeyatharan-mext-flow-tftemp-reference-01 Mohana Jeyatharan panasonic.com Chan-Wah Ng 1 IETF.
Overview of draft-ietf-sidr-roa-format-01.txt Matt Lepinski BBN Technologies.

Overview of draft-ietf-sidr-roa-format-01.txt Matt Lepinski BBN Technologies.
L3VPN WG2012-Jul-301 MVPN/BGP Support for Customers That Use mLDP RFCs 6513/6514: support Multicast VPN Service for customers that use PIM provide extensive.

L3VPN WG2012-Jul-301 MVPN/BGP Support for Customers That Use mLDP RFCs 6513/6514: support Multicast VPN Service for customers that use PIM provide extensive.
KMIP Vendor Extension Management KMIP supports ‘extensions’ but provides no mechanism for coordination of values between clients and servers or between.

KMIP Vendor Extension Management KMIP supports ‘extensions’ but provides no mechanism for coordination of values between clients and servers or between.
Network Layer: IPv6 IS250 Spring 2010

Network Layer: IPv6 IS250 Spring 2010
Oct 21, 2004CS573: Network Protocols and Standards1 IP: Addressing, ARP, Routing Network Protocols and Standards Autumn 2004-2005.

Oct 21, 2004CS573: Network Protocols and Standards1 IP: Addressing, ARP, Routing Network Protocols and Standards Autumn
Subnetting Warren Toomey GCIT. Introduction Each device on the Internet needs an IP address to identify its connection to the Internet –PCs have one connection,

Subnetting Warren Toomey GCIT. Introduction Each device on the Internet needs an IP address to identify its connection to the Internet –PCs have one connection,
Format for the Session Initiation Protocol (SIP) Common Log Format (CLF) draft-ietf-sipclf-format-01 (G. Salgueiro, V. Gurbani, and A. B. Roach) Presenter:

Format for the Session Initiation Protocol (SIP) Common Log Format (CLF) draft-ietf-sipclf-format-01 (G. Salgueiro, V. Gurbani, and A. B. Roach) Presenter:
Chapter 21 IP Addressing “If we all did the things we are capable of doing, we would literally astound ourselves” - Thomas Alva Edison, 1847-1931.

Chapter 21 IP Addressing “If we all did the things we are capable of doing, we would literally astound ourselves” - Thomas Alva Edison,
CS 6401 Efficient Addressing Outline Addressing Subnetting Supernetting.

CS 6401 Efficient Addressing Outline Addressing Subnetting Supernetting.
1 TCOM 509 – Internet Protocols (TCP/IP) Lecture 02_b Instructor: Dr. Li-Chuan Chen Date: 09/08/2003 Based in part upon slides of Prof. J. Kurose (U Mass),

1 TCOM 509 – Internet Protocols (TCP/IP) Lecture 02_b Instructor: Dr. Li-Chuan Chen Date: 09/08/2003 Based in part upon slides of Prof. J. Kurose (U Mass),
IP Addressing. Dotted Decimal Notation IP addresses are written in a so-called dotted decimal notation Each byte is identified by a decimal number in.

IP Addressing. Dotted Decimal Notation IP addresses are written in a so-called dotted decimal notation Each byte is identified by a decimal number in.
1 Internet Addresses (You should read Chapter 4 in Forouzan) IP Address is 32 Bits Long Conceptually the address is the pair ( NETID, HOSTID ) Addresses.

1 Internet Addresses (You should read Chapter 4 in Forouzan) IP Address is 32 Bits Long Conceptually the address is the pair ( NETID, HOSTID ) Addresses.
LECTURE # 20 IP ADDRESSING 1. Binary 2  All digital electronics use a binary method for communication.  Binary can be expressed using only two values:

LECTURE # 20 IP ADDRESSING 1. Binary 2  All digital electronics use a binary method for communication.  Binary can be expressed using only two values:
RADIUS Accounting Extensions on Traffic Statistics draft-yeh-radext-ext-traffic-statistics-01 + IETF 82 – Radext Nov. 14 th, 2011 Leaf Y. Yeh Huawei Technologies.

RADIUS Accounting Extensions on Traffic Statistics draft-yeh-radext-ext-traffic-statistics-01 + IETF 82 – Radext Nov. 14 th, 2011 Leaf Y. Yeh Huawei Technologies.
Dean Cheng Jouni Korhonen Mehamed Boucadair

Dean Cheng Jouni Korhonen Mehamed Boucadair
Draft-ietf-ospf-segment-routing-extensions-01 draft-psenak-ospf-segment-routing-ospfv3-extension- 02 IETF 88, November 3-8, 2013 P. Psenak, S.Previdi,

Draft-ietf-ospf-segment-routing-extensions-01 draft-psenak-ospf-segment-routing-ospfv3-extension- 02 IETF 88, November 3-8, 2013 P. Psenak, S.Previdi,

Similar presentations

Ads by Google