Network Access Server Requirements Next Generation (NASREQNG) NAS Model
RFC 2881

Document Type RFC - Informational (July 2000; No errata)
Last updated 2013-03-02
Stream IETF
Formats plain text pdf html bibtex
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 2881 (Informational)
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                            D. Mitton
Request for Comments: 2881                                 Nortel Networks
Category: Informational                                         M. Beadles
                                                           SmartPipes Inc.
                                                                 July 2000

     Network Access Server Requirements Next Generation (NASREQNG)
                               NAS Model

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2000).  All Rights Reserved.

Abstract

   This document describes the terminology and gives a model of typical
   Network Access Server (NAS).  The purpose of this effort is to set
   the reference space for describing and evaluating NAS service
   protocols, such as RADIUS (RFCs 2865, 2866) [1], [2] and follow-on
   efforts like AAA Working Group, and the Diameter protocol [3].  These
   are protocols for carrying user service information for
   authentication, authorization, accounting, and auditing, between a
   Network Access Server which desires to authenticate its incoming
   calls and a shared authentication server.

Table of Contents

   1. INTRODUCTION...................................................2
    1.1 Scope of this Document ......................................2
    1.2 Specific Terminology ........................................3
   2. NETWORK ACCESS SYSTEM EQUIPMENT ASSUMPTIONS....................3
   3. NAS SERVICES...................................................4
   4. AUTHENTICATION, AUTHORIZATION AND ACCOUNTING (AAA) SERVERS.....5
   5. TYPICAL NAS OPERATION SEQUENCE:................................5
    5.1 Characteristics of Systems and Sessions: ....................6
    5.2 Separation of NAS and AAA server functions ..................7
    5.3 Network Management and Administrative features ..............7
   6. AUTHENTICATION METHODS.........................................8
   7. SESSION AUTHORIZATION INFORMATION..............................8
   8. IP NETWORK INTERACTION.........................................9
   9. A NAS MODEL...................................................10

Mitton & Beadles             Informational                      [Page 1]
RFC 2881                    NASreq NAS Model                   July 2000

    9.1 A Reference Model of a NAS .................................10
    9.2 Terminology ................................................11
    9.3 Analysis ...................................................13
     9.3.1 Authentication and Security .............................13
     9.3.2 Authorization and Policy ................................14
     9.3.3 Accounting and Auditing .................................14
     9.3.4 Resource Management .....................................14
     9.3.5 Virtual Private Networks (VPN's) ........................14
     9.3.6 Service Quality .........................................15
     9.3.7 Roaming .................................................15
   10. SECURITY CONSIDERATIONS......................................15
   11. REFERENCES ..................................................16
   12. ACKNOWLEDGMENTS..............................................17
   13. AUTHORS' ADDRESSES ..........................................17
   14. APPENDIX - ACRONYMS AND GLOSSARY:............................18
   15. FULL COPYRIGHT STATEMENT.....................................20

1. Introduction

   A Network Access Server is the initial entry point to a network for
   the majority of users of network services.  It is the first device in
   the network to provide services to an end user, and acts as a gateway
   for all further services.  As such, its importance to users and
   service providers alike is paramount.  However, the concept of a
   Network Access Server has grown up over the years without being
   formally defined or analyzed [4].

1.1 Scope of this Document

   There are several tradeoffs taken in this document.  The purpose of
   this document is to describe a model for evaluating NAS service
   protocols.  It will give examples of typical NAS hardware and
   software features, but these are not to be taken as hard limitations
   of the model, but merely illustrative of the points of discussion.
   An important goal of the model is to offer a framework that allows
   further development and expansion of capabilities in NAS
   implementation.

   As with most IETF projects, the focus is on standardizing the
   protocol interaction between the components of the system.  The
   documents produced will not address the following areas:

   - AAA server back-end implementation is abstracted and not
     prescribed.  The actual organization of the data in the server, its
     internal interfaces, and capabilities are left to the
Show full document text