1. Field of the Invention
The present invention relates to protocol for transmitting data packets between processing systems in a network. More particularly, this invention relates to grouping related attributes in a packet. Still more particularly, this invention relates to grouping attributes in the RADIUS protocol and using a specific attribute to identify a beginning and an ending of a group of attributes.
2. The Prior Art
There are many protocols in use today for transmitting data between processing units connected in a network. A protocol is a system or method for arranging data in packets for transmission between processing units. For purposes of this discussion, processing units are a processor and/or microprocessor connected to memory and executing instructions to provide applications that manipulate data. The protocol used determines how data is arranged in a packet to allow a processing unit receiving the data to read the data from the packet.
One protocol for transmitting data is RADIUS. RADIUS is a protocol for transmitting accounting, authentication, authorization, and configuration data between processing systems in a network. Thus, RADIUS is used by processing systems to allocate resources and establish connections to facilitate communication of processing units across the network.
A particular example of the use of Radius to allocate resources in a network is establishing a Virtual Private Network (VPN). In order to establish a VPN between processing systems, the processing systems transmit packets including attributes. An attribute provides authorization information for user and resources that a user has access to over the network. Sometimes a packet may include multiple attributes that relate to a VPN tunnel. These attributes are related as the attributes are for establishing the same VPN tunnel.
Other times, the packet may include alternative groups of attributes for using alternative resources of the network to establish the VPN tunnel. Currently, each attribute in a group must include a tag that identifies the attribute as part of a group. Currently, tags are mainly used to identify RADIUS Request For Comments (RFC) space tunnel attributes. However, this solution is inadequate when the attributes in the packet include both RADIUS RFC 2868 standard space attributes and Vendor Specific Attributes (VSAs). Therefore, those skilled in the art realize a need for a manner in which to insert and identify groups and/or sub-groups with a group of attributes in a packet that includes one or more groups of attributes.