Network Working Group S. De Cnodder
Request for Comments: 4672 Alcatel
Category: Informational N. Jonnala
M. Chiba
Cisco Systems, Inc.
September 2006
RADIUS Dynamic Authorization Client MIB
Status of This Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2006).
Abstract
This memo defines a portion of the Management Information Base (MIB)
for use with network management protocols in the Internet community.
In particular, it describes the Remote Authentication Dial-In User
Service (RADIUS) (RFC2865) Dynamic Authorization Client (DAC)
functions that support the dynamic authorization extensions as
defined in RFC 3576.
Table of Contents
1. Introduction ....................................................2
1.1. Requirements Notation ......................................2
1.2. Terminology ................................................2
2. The Internet-Standard Management Framework ......................3
3. Overview ........................................................3
4. RADIUS Dynamic Authorization Client MIB Definitions .............3
5. Security Considerations ........................................19
6. IANA Considerations ............................................20
7. Acknowledgements ...............................................20
8. References .....................................................21
8.1. Normative References ......................................21
8.2. Informative References ....................................21
De Cnodder, et al. Informational [Page 1]RFC 4672 RADIUS Dynamic Authorization Client MIB September 20061. Introduction
This memo defines a portion of the Management Information Base (MIB)
for use with network management protocols in the Internet community.
In particular, it describes the Remote Authentication Dial-In User
Service (RADIUS) [RFC2865] Dynamic Authorization Client (DAC)
functions that support the dynamic authorization extensions as
defined in RFC 3576.
It is becoming increasingly important to support Dynamic
Authorization extensions on the network access server (NAS) devices
to handle the Disconnect and Change-of-Authorization (CoA) messages,
as described in [RFC3576]. As a result, the effective management of
RADIUS Dynamic Authorization entities is of considerable importance.
This RADIUS Dynamic Authorization Client MIB complements the managed
objects used for managing RADIUS authentication and accounting
servers, as described in [RFC4669] and [RFC4671], respectively.
1.1. Requirements Notation
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
1.2. Terminology
Dynamic Authorization Server (DAS)
The component that resides on the NAS that processes the Disconnect
and Change-of-Authorization (CoA) Request packets [RFC3576] sent by
the Dynamic Authorization Client.
Dynamic Authorization Client (DAC)
The component that sends Disconnect and CoA-Request packets to the
Dynamic Authorization Server. Although this component often resides
on the RADIUS server, it is also possible for this component to be
located on a separate host, such as a Rating Engine.
Dynamic Authorization Server Port
The UDP port on which the Dynamic Authorization Server listens for
the Disconnect and CoA requests sent by the Dynamic Authorization
Client.
De Cnodder, et al. Informational [Page 2]RFC 4672 RADIUS Dynamic Authorization Client MIB September 20062. The Internet-Standard Management Framework
For a detailed overview of the documents that describe the current
Internet-Standard Management Framework, please refer to section 7 of
[RFC3410].
Managed objects are accessed via a virtual information store, termed
the Management Information Base or MIB. MIB objects are generally
accessed through the Simple Network Management Protocol (SNMP).
datatracker.ietf.org