1. Field of the Disclosure
The disclosure relates generally to data communications, and in particular, to a 32-bit vendor specific attribute extension to the RADIUS RFC.
2. The Prior Art
RADIUS (Remote Authentication Dial In User Service) is a standards-based protocol for AAA (Authentication, Authorization, and Accounting) and enables systems to securely determine the identity and privileges of a user and track that user's activities. As is known by those skilled in the art, RADIUS exchanges attributes between clients and servers in a Type, Length, Value (TLV) format.
FIG. 1 is a diagram of a prior art RADIUS packet 100. The packet 100 typically includes a Type field of 8 bits; a Length field of 8 bits for specifying the total length of the attribute; a Vendor-ID field of 32 bits; a Vendor-Type field of 8 bits; a second length field of 8 bits for specifying the length of the inner value; and an inner value field of 1 or more bytes.
The RADIUS protocol allows for extensions via the Vendor Specific attribute. This attribute is designated for Vendor Specific Extensions and is known as the Vendor Specific Attribute (VSA) and has a fixed outer type of 26. As is known by those of ordinary skill in the art, the RFC is an IETF document describing a standard protocol, for RADIUS it is #RFC2865. The RFC suggests that this attribute should accommodate a maximum of 255 possible Vendor-Types.
At the time of design of the protocol, 255 possible Vendor-Types was considered to be an adequate space and it was further thought that most of the attributes that are commonly needed by all Vendors would be introduced in the standard space (from 1–255 excluding Vendor Specific Type 26).
However, as the number of protocols utilized by Network Access Servers (NAS) has grown, the need for more extensions has also increased. As is known by those skilled in the art, extensions may be triggered by VSAs stored in the user profile of a given NAS. This widespread growth of the number of protocols supported by a NAS has led to the Vendor space being completely utilized.