One document matched: draft-yeh-radext-dual-stack-access-02.xml
<?xml version="1.0" encoding="US-ASCII"?>
<!-- This template is for creating an Internet Draft using xml2rfc, which is available here: http://xml.resource.org. -->
<!DOCTYPE rfc SYSTEM "rfc2629.dtd" [
<!ENTITY RFC2119 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2119.xml">
<!ENTITY RFC2865 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2865.xml">
<!ENTITY RFC2866 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2866.xml">
<!ENTITY RFC2869 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.2869.xml">
<!ENTITY RFC3162 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.3162.xml">
<!ENTITY RFC4241 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4241.xml">
<!ENTITY RFC4818 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.4818.xml">
<!ENTITY RFC5226 SYSTEM "http://xml.resource.org/public/rfc/bibxml/reference.RFC.5226.xml">
]>
<?xml-stylesheet type='text/xsl' href='rfc2629.xslt'?>
<!-- used by XSLT processors -->
<!-- For a complete list and description of processing instructions (PIs), please see ttp://xml.resource.org/authoring/README.html. -->
<?rfc strict="yes"?>
<!-- give errors regarding ID-nits and DTD validation -->
<!-- control the table of contents (ToC) -->
<?rfc toc="yes"?>
<!-- generate a ToC -->
<?rfc tocdepth="4"?>
<!-- the number of levels of subsections in ToC. default: 3 -->
<!-- control references -->
<?rfc symrefs="yes"?>
<!-- use symbolic references tags, i.e, [RFC2119] instead of [1] -->
<?rfc sortrefs="yes" ?>
<!-- sort the reference entries alphabetically -->
<!-- control vertical white space (using these PIs as follows is recommended by the RFC Editor) -->
<?rfc compact="yes" ?>
<!-- do not start each main section on a new page -->
<?rfc subcompact="no" ?>
<!-- keep one blank line between list items -->
<!-- end of list of popular I-D processing instructions -->
<rfc category="std" docName="draft-yeh-radext-dual-stack-access-02" ipr="trust200902">
<!-- category values: std, bcp, info, exp, and historic ipr values: trust200902, noModificationTrust200902, noDerivativesTrust200902, or pre5378Trust200902 you can add the attributes updates="NNNN" and obsoletes="NNNN" they will automatically be output with "(if approved)" -->
<!-- ***** FRONT MATTER ***** -->
<front>
<!-- The abbreviated title is used in the page header - it is only necessary if the full title is longer than 39 characters -->
<title abbrev="RADIUS Dual Stack">
RADIUS Attributes for Dual Stack Access</title>
<author fullname="Leaf Y. Yeh" initials="L." role="editor" surname="Yeh">
<organization>Huawei Technologies</organization>
<address>
<postal>
<street>Area F, Huawei Park, Bantian,</street>
<city>Longgang District</city>
<region>Shenzhen</region>
<code>518129</code>
<country>P.R.China</country>
</postal>
<phone>+86-755-28971871</phone>
<email>leaf.y.yeh@huawei.com</email>
</address>
</author>
<author fullname="Tina Tsou" initials="T." surname="Tsou">
<organization>Huawei Technologies</organization>
<address>
<email>tena@huawei.com</email>
</address>
</author>
<date year="2011" />
<!-- Meta-data Declarations -->
<area>Ops&Mgmt</area>
<workgroup>Radext Working Group</workgroup>
<keyword>RADIUS Attributes</keyword>
<keyword>Dual Stack</keyword>
<keyword>User Type</keyword>
<abstract>
<t>This document specifies the RADIUS attributes for IPv4 and IPv6 dual stack access, which are intended to be used in the AAA processes for the transfer of user's configuration from AAA server to NAS and traffic statistics reporting from NAS to AAA server. The new attributes cover a specified user type for NAS to allocate the proper resource and employ the right mechanism for the users; and a batch of IPv4 and IPv6 traffic statistics for the differentiated accounting policies on the AAA server.</t>
</abstract>
</front>
<!-- ***** MIDDLE MATTER ***** -->
<middle>
<section anchor="s1" title="Introduction">
<t>IP sessions got from PPPoE can be either dual-stack IPv4/IPv6 session, IPv6-only, or the legacy IPv4-only session. Alternatively, IP session can also be obtained from IPoE. The user in the IP session could be a host or a customer router (RG-Residential Gateway, CE-Customer Edge Router or CPE-Customer Premise Equipment). In the IPv6 relevant part of the session, the customer router usually employ DHCPv6-PD to get the delegated prefix for the customer network, while its WAN (NAS-facing) interface could be either numbered or unnumbered (Section 2.3, <xref target="BBF TR-177"/>). The WAN interface of the numbered customer router can either employ SLAAC to get the prefix for the interface or employ DHCPv6 to get the 128bits IPv6 address for interface, which acts as the same as the user of IPv6 host.</t>
<t>There are at least the following types of users that the NAS and the AAA server is serveed for:</t>
<figure><artwork>
IPv4-only - Host
IPv6-only - Host(Numbered by SLAAC)
IPv6-only - Host(Numbered by DHCPv6)
IPv6-only - Customer Router(Unnumbered)
IPv6-only - Customer Router(Numbered by SLAAC)
IPv6-only - Customer Router(Numbered by DHCPv6)
Dual stack - IPv4 Host + IPv6 Host(Numbered by SLAAC)
Dual stack - IPv4 Host + IPv6 Host(Numbered by DHCPv6)
Dual stack - IPv4 Host + IPv6 Customer Router(Unnumbered)
Dual stack - IPv4 Host + IPv6 Customer Router(Numbered by SLAAC)
Dual stack - IPv4 Host + IPv6 Customer Router(Numbered by DHCPv6)
</artwork></figure>
<t>The different type of users need the NAS (Network Access Server, PE-Provider Edge Router or BNG-Broadband Network Gateway) employ different mechanism and allocate different resource for the associated processes. The addresses assigned and the prefixes delegated to the customer hosts or routers can not only get from the AAA server through attributes in the Access-Accept packets, but also can get dynamically from the local address pool or prefix pool on the NAS. That means a new attribute is required here for the right indication of the configuration and proper reporting between the AAA server and the NAS, which acts as a RADIUS client.</t>
<t>IP sessions got either from PPPoE or from IPoE can support dual-stack users. It is desired to support either common or separate queues on NAS for the IPv4 or IPv6 traffic from the users, while the QoS policies for the IPv4 or IPv6 traffic can be differentiated. Meanwhile, the NAS is required to support octets counters and packets counters for the combined or the separated IPv4 or IPv6 traffic (section 9.4, <xref target="BBF TR-187"/>). After the traffic statistics is reported to the accounting server through RADIUS, the accounting policies for the IPv4 or IPv6 traffic can be differentiated. Per the section 9.4 of BBF TR-187, the attributes of Acct-Input-Octets, Acct-Output-Octets, Acct-Input-Packets, Acct-Output-Packets are recommended to use for the combination traffic. A batch of new RADIUS accounting attributes is required here to report the separated IPv4 or IPv6 traffic statistics to the Accounting Server.</t>
</section>
<section anchor="s2" title="Terminology and Language">
<t>This document describes some new RADIUS attributes and the associated usage on NAS and AAA server. This document should be read in conjunction with the relevant RADIUS specifications, including <xref target="RFC2865"/>, <xref target="RFC2866"/>, <xref target="RFC2869"/>, <xref target="RFC3162"/> and <xref target="RFC4818"/> for a complete mechanism. Definitions for terms and acronyms not specifically defined in this document are defined in RFC2865, RFC2866, RFC2869, RFC3162 and RFC4818.</t>
<t>The keywords MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD, SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL, when they appear in this document, are to be interpreted as described in BCP 14, <xref target="RFC2119"/>.</t>
</section>
<section anchor="s3" title="Deployment Scenarios">
<figure anchor="f1" title="Deployment Scenario for various types of the users">
<artwork>
+----------+ +----------+ +----------+
| Host / | PPPoE | | RADIUS | AAA |
| Customer | ------------ | NAS | ------------ | Server |
| Router | IPoE | | | |
+----------+ +----------+ +----------+
Dual-Stack Local Address Pool
IPv6-only Local Prefix Pool
</artwork>
</figure>
<figure anchor="f2" title="Deployment Scenario for dual-stack users">
<artwork>
+----------+ +----------+ +----------+
| Host / | PPPoE | | RADIUS | AAA |
| Customer | ------------ | NAS | ------------ | Server |
| Router | IPoE | | | |
+----------+ +----------+ +----------+
Dual-Stack Separated queues and counter
for IPv4 and IPv6 traffic
</artwork>
</figure>
</section>
<section anchor="s4" title="Attributes">
<t>The fields shown in the diagrams below are transmitted from left to right.</t>
<section anchor="s4.1" title="User-Type">
<t>Description
<list style="empty">
<t>The attribute indicates the type of the user requested in the Access-Request packet or authorized in the Access-Accept packet.</t>
<t>The format of the User-Type is:</t>
</list></t>
<figure><artwork>
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Value |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value (cont.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork></figure>
<t>Type
<list style="empty">
<t>TTBA1 (by IANA)</t>
</list></t>
<t>Length
<list style="empty">
<t>6</t>
</list></t>
<t>Value
<list style="empty">
<t>The Value field is 4 octets.</t>
<t>When PPPoE is used for the access method, the type of user get the following 'Value':</t>
</list></t>
<figure><artwork>
1 IPv4-only Host
2 IPv6-only Host(Numbered by SLAAC)
3 IPv6-only Host(Numbered by DHCPv6)
4 IPv6-only Customer Router(Unnumbered)
5 IPv6-only Customer Router(Numbered by SLAAC)
6 IPv6-only Customer Router(Numbered by DHCPv6)
7 Dual stack - IPv4 Host + IPv6 Host(Numbered by SLAAC)
8 Dual stack - IPv4 Host + IPv6 Host(Numbered by DHCPv6)
9 Dual stack - IPv4 Host + IPv6 Customer Router(Unnumbered)
10 Dual stack - IPv4 Host + IPv6 Customer Router(Numbered by SLAAC)
11 Dual stack - IPv4 Host + IPv6 Customer Router(Numbered by DHCPv6)
</artwork></figure>
<t>When IPoE is used for the access method, the type of user gets the following 'Value':</t>
<figure><artwork>
17 IPv4-only Host
18 IPv6-only Host(Numbered by SLAAC)
19 IPv6-only Host(Numbered by DHCPv6)
20 IPv6-only Customer Router(Unnumbered)
21 IPv6-only Customer Router(Numbered by SLAAC)
22 IPv6-only Customer Router(Numbered by DHCPv6)
23 Dual stack - IPv4 Host + IPv6 Host(Numbered by SLAAC)
24 Dual stack - IPv4 Host + IPv6 Host(Numbered by DHCPv6)
25 Dual stack - IPv4 Host + IPv6 Customer Router(Unnumbered)
26 Dual stack - IPv4 Host + IPv6 Customer Router(Numbered by SLAAC)
27 Dual stack - IPv4 Host + IPv6 Customer Router(Numbered by DHCPv6)
</artwork></figure>
<t>For the user type of IPv4-only Host, NAS needs to report Framed-IP-Address in the accounting-request packets for the assigned IPv4 address; For the user type of IPv6-only Host(Numbered by SLAAC), NAS needs to report Framed-IPv6-Prefix in the accounting-request packets for the assigned IPv6 prefix; For the user type of IPv6-only Host(Numbered by DHCPv6), NAS needs to report Framed-IPv6-address in the accounting-request packets for the assigned IPv6 address; For the user type of IPv6-only Customer Router(Unnumbered), NAS needs to report Delegated-IPv6-Prefix in the accounting-request packets for the assigned IPv6 prefix; For the user type of IPv6-only Customer Router(Numbered by SLAAC), NAS needs to report Framed-IPv6-Prefix and Delegated-IPv6-Prefix in the accounting-request packets for the assigned IPv6 prefixes against the WAN interface and the customer
network of the customer router; For the user type of IPv6-only Customer Router(Numbered by DHCPv6), NAS needs to report Framed-IPv6-address and Delegated-IPv6-Prefix in the accounting-request packets for the assigned IPv6 address of the WAN interface of the customer router and the assigned IPv6 prefix of the customer network; For the user type of Dual-Stack including IPv4 Host and IPv6 Host(Numbered by SLAAC), NAS needs to report Framed-IP-Address and Framed-IPv6-Prefix in the accounting-request packets; For the user type of Dual-Stack including IPv4 Host and IPv6 Host(Numbered by DHCPv6), NAS needs to report Framed-IP-Address and Framed-IPv6-address in the accounting-request packets; For the user type of Dual-Stack including IPv4 Host and IPv6 Customer Router(Unnumbered), NAS needs to report Framed-IP-Address and Delegated-IPv6-Prefix in the accounting-request packets; For the user type of Dual-Stack including IPv4 Host and IPv6 Customer Router(Numbered by SLAAC), NAS needs to report Framed-IP-Address, Framed-IPv6-Prefix and Delegated-IPv6-Prefix in the accounting-request packets; For the user type of Dual-Stack including IPv4 Host and IPv6 Customer Router(Numbered by DHCPv6), NAS needs to report Framed-IP-Address, Framed-IPv6-address and Delegated-IPv6-Prefix in the accounting-request packets.</t>
</section>
<section anchor="s4.2" title="Traffic Statistics Attributes">
<t>Description
<list style="empty">
<t>The traffic statistics attributes, including Acct-Input-IPv4-Octets, Acct-Output-IPv4-Octets, Acct-Input-IPv4-Packets, Acct-Output-IPv4-Packets, Acct-Input-IPv4-Gigawords and Acct-Output-IPv4-Gigawords, Acct-Input-IPv6-Octets, Acct-Output-IPv6-Octets, Acct-Input-IPv6-Packets, Acct-Output-IPv6-Packets, Acct-Input-IPv6-Gigawords and Acct-Output-IPv6-Gigawords, indicate how many octets or packets of IPv4 or IPv6 received from the user or sent to the user from the starting of this service provided, and can be present in Accounting-Request records while the Acct-Status-Type is set to Interim-Update or Stop.</t>
<t>A summary of the Traffic Statistics attributes format is shown below.</t>
</list></t>
<figure><artwork>
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Value |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Value (cont.) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
</artwork></figure>
<t>Type
<list style="empty">
<t>TTBAn (by IANA)</t>
<t>For the attribute of Acct-Input-IPv4-Octets, NAS report how many Octets of IPv4 traffic received from the user in the accounting-request packets from the starting of the service authorized. For the attribute of Acct-Output-IPv4-Octets, NAS report how many Octets of IPv4 traffic sent to the user in the accounting-request packets from the starting of the service authorized. For the attribute of Acct-Input-IPv4-Packets, NAS report how many packets of IPv4 traffic received from the user in the accounting-request packets from the starting of the service authorized. For the attribute of Acct-Output-IPv4-Packets, NAS report how many packets of IPv4 traffic sent to the user in the accounting-request packets from the starting of the service authorized. For the attribute of Acct-Input-IPv4-Gigawords, NAS report how many Gigawords of IPv4 traffic received from the user in the accounting-request packets from the starting of the service authorized. For the attribute of Acct-Output-IPv4-Gigawords, NAS report how many Gigawords of IPv4 traffic sent to the user in the accounting-request packets from the starting of the service authorized. For the attribute of Acct-Input-IPv6-Octets, NAS report how many Octets of IPv6 traffic received from the user in the accounting-request packets from the starting of the service authorized. For the attribute of Acct-Output-IPv6-Octets, NAS report how many Octets of IPv6 traffic sent to the user in the accounting-request packets from the starting of the service authorized. For the attribute of Acct-Input-IPv6-Packets, NAS report how many packets of IPv6 traffic received from the user in the accounting-request packets from the starting of the service authorized. For the attribute of Acct-Output-IPv6-Packets, NAS report how many packets of IPv6 traffic sent to the user in the accounting-request packets from the starting of the service authorized. For the attribute of Acct-Input-IPv6-Gigawords, NAS report how many Gigawords of IPv6 traffic received from the user in the accounting-request packets from the starting of the service authorized. For the attribute of Acct-Output-IPv6-Gigawords, NAS report how many Gigawords of IPv6 traffic sent to the user in the accounting-request packets from the starting of the service authorized.</t>
</list></t>
<t>Length
<list style="empty">
<t>6</t>
</list></t>
<t>Value
<list style="empty">
<t>The Value field is 4 octets.</t>
</list></t>
</section>
</section>
<section anchor="s5" title="Table of Attributes">
<t>The following table provides a guide to which attributes may be found in which kinds of packets, and in what quantity.</t>
<figure><artwork>
Req- Acc- Rej- Chall Accounting # Attribute
uest ept ect -enge Request
0-1 0-1 0 0 0-1 TBA1 User-Type
0 0 0 0 0-1 TBA2 Acct-Input-IPv4-Octets
0 0 0 0 0-1 TBA3 Acct-Output-IPv4-Octets
0 0 0 0 0-1 TBA4 Acct-Input-IPv4-Packets
0 0 0 0 0-1 TBA5 Acct-Output-IPv4-Packets
0 0 0 0 0-1 TBA6 Acct-Input-IPv4-Gigawords
0 0 0 0 0-1 TBA7 Acct-Output-IPv4-Gigawords
0 0 0 0 0-1 TBA8 Acct-Input-IPv6-Octets
0 0 0 0 0-1 TBA9 Acct-Output-IPv6-Octets
0 0 0 0 0-1 TBA10 Acct-Input-IPv6-Packets
0 0 0 0 0-1 TBA11 Acct-Output-IPv6-Packets
0 0 0 0 0-1 TBA12 Acct-Input-IPv6-Gigawords
0 0 0 0 0-1 TBA13 Acct-Output-IPv6-Gigawords
</artwork></figure>
<t>The meaning of the above table entries is as follows:</t>
<figure><artwork>
0 This attribute MUST NOT be present.
0+ Zero or more instances of this attribute MAY be present.
0-1 Zero or one instance of this attribute MAY be present.
1 Exactly one instance of this attribute MUST be present.
1+ One or more of these attributes MUST be present.
</artwork></figure>
</section>
<section anchor="s6" title="Security Considerations">
<t>Security issues related RADIUS are described in section 8 of RFC2865 and section 5 of RFC3162.</t>
</section>
<section anchor="s7" title="IANA Considerations">
<t>IANA is requested to assign 13 new Attribute Types code in the "Radius Types" registry (http://www.iana.org/assignments/radius-types for the following attributes:</t>
<figure><artwork>
o User-Type
o Acct-Input-IPv4-Octets
o Acct-Output-IPv4-Octets
o Acct-Input-IPv4-Packets
o Acct-Output-IPv4-Packets
o Acct-Input-IPv4-Gigawords
o Acct-Output-IPv4-Gigawords
o Acct-Input-IPv6-Octets
o Acct-Output-IPv6-Octets
o Acct-Input-IPv6-Packets
o Acct-Output-IPv6-Packets
o Acct-Input-IPv6-Gigawords
o Acct-Output-IPv6-Gigawords
</artwork></figure>
<t>IANA should allocate these codes from the standard RADIUS Attributes space using the "IETF Review" policy <xref target="RFC5226"/>.</t>
</section>
<section anchor="s8" title="Acknowledgements">
<t>TBD</t>
</section>
</middle>
<!-- ***** BACK MATTER ***** -->
<back>
<references title="Normative References">
&RFC2119;
&RFC2865;
&RFC2866;
&RFC2869;
&RFC3162;
&RFC4241;
&RFC4818;
&RFC5226;
</references>
<references title="Informative References">
<reference anchor='BBF TR-177'>
<front>
<title>IPv6 in the context of TR-101, Issue 1</title>
<author initials='' surname='Broadband Forum' fullname='' />
<date year='2010' month='November' />
</front>
</reference>
<reference anchor='BBF TR-187'>
<front>
<title>IPv6 for PPP Broadband Access, Issue 1</title>
<author initials='' surname='Broadband Forum' fullname='' />
<date year='2010' month='May' />
</front>
</reference>
<reference anchor='ietf-radext-ipv6-access-03'>
<front>
<title>RADIUS attributes for IPv6 Access Networks</title>
<author initials='B.' surname='Lourdelet' fullname='Benoit Lourdelet' />
<author initials='W.' surname='Dec' fullname='Wojciech Dec' />
<author initials='B.' surname='Sarikaya' fullname='Behcet Sarikaya' />
<author initials='G.' surname='Zorn' fullname='Glen Zorn' />
<author initials='D.' surname='Miles' fullname='David Miles' />
<date year='2011' month='January' />
</front>
</reference>
<reference anchor='draft-hu-v6ops-radius-issues-ipv6-00'>
<front>
<title>RADIUS issues in IPv6 deployments</title>
<author initials='J.' surname='Hu' fullname='Jie Hu' />
<author initials='L.' surname='Yan' fullname='Lu Yan' />
<author initials='Q.' surname='Wang' fullname='Qian Wang' />
<author initials='J.' surname='Qin' fullname='Jacni Qin' />
<date year='2011' month='February' />
</front>
</reference>
<reference anchor='draft-maglione-radext-ipv6-acct-extensions-01'>
<front>
<title>RADIUS Accounting Extensions for IPv6</title>
<author initials='R.' surname='Maglione' fullname='Roberta Maglione' />
<author initials='S.' surname='Krishnan' fullname='Suresh Krishnan' />
<author initials='A.' surname='Kavanagh' fullname='Alan Kavanagh' />
<author initials='B.' surname='Varga' fullname='Balazs Varga' />
<author initials='J.' surname='Kaippallimalil' fullname='John Kaippallimalil' />
<date year='2011' month='January' />
</front>
</reference>
</references>
</back>
</rfc>
| PAFTECH AB 2003-2026 | 2026-04-24 04:20:44 |