RADIUS Dynamic Authorization Client MIB
RFC 4672
Document Type RFC - Informational (September 2006; Errata)
Last updated 2020-01-21
Replaces draft-decnodder-radext-dynauth-client-mib
Stream IETF
Formats plain text html pdf htmlized with errata bibtex
Reviews
SECDIR Early Review
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 4672 (Informational)
Consensus Boilerplate Unknown
Telechat date
Responsible AD Dan Romascanu
Send notices to david.kessens@nokia.com', bernard_aboba@hotmail.com, aboba@internaut.com, dnelson@enterasys.com
Email authors Email WG IPR References Referenced by Nits 
Network Working Group                                      S. De Cnodder
Request for Comments: 4672                                       Alcatel
Category: Informational                                       N. Jonnala
                                                                M. Chiba
                                                     Cisco Systems, Inc.
                                                          September 2006

                RADIUS Dynamic Authorization Client MIB

Status of This Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2006).

Abstract

   This memo defines a portion of the Management Information Base (MIB)
   for use with network management protocols in the Internet community.
   In particular, it describes the Remote Authentication Dial-In User
   Service (RADIUS) (RFC2865) Dynamic Authorization Client (DAC)
   functions that support the dynamic authorization extensions as
   defined in RFC 3576.

Table of Contents

   1. Introduction ....................................................2
      1.1. Requirements Notation ......................................2
      1.2. Terminology ................................................2
   2. The Internet-Standard Management Framework ......................3
   3. Overview ........................................................3
   4. RADIUS Dynamic Authorization Client MIB Definitions .............3
   5. Security Considerations ........................................19
   6. IANA Considerations ............................................20
   7. Acknowledgements ...............................................20
   8. References .....................................................21
      8.1. Normative References ......................................21
      8.2. Informative References ....................................21

De Cnodder, et al.           Informational                      [Page 1]
RFC 4672        RADIUS Dynamic Authorization Client MIB   September 2006

1.  Introduction

   This memo defines a portion of the Management Information Base (MIB)
   for use with network management protocols in the Internet community.
   In particular, it describes the Remote Authentication Dial-In User
   Service (RADIUS) [RFC2865] Dynamic Authorization Client (DAC)
   functions that support the dynamic authorization extensions as
   defined in RFC 3576.

   It is becoming increasingly important to support Dynamic
   Authorization extensions on the network access server (NAS) devices
   to handle the Disconnect and Change-of-Authorization (CoA) messages,
   as described in [RFC3576].  As a result, the effective management of
   RADIUS Dynamic Authorization entities is of considerable importance.
   This RADIUS Dynamic Authorization Client MIB complements the managed
   objects used for managing RADIUS authentication and accounting
   servers, as described in [RFC4669] and [RFC4671], respectively.

1.1.  Requirements Notation

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

1.2.  Terminology

   Dynamic Authorization Server (DAS)

   The component that resides on the NAS that processes the Disconnect
   and Change-of-Authorization (CoA) Request packets [RFC3576] sent by
   the Dynamic Authorization Client.

   Dynamic Authorization Client (DAC)

   The component that sends Disconnect and CoA-Request packets to the
   Dynamic Authorization Server.  Although this component often resides
   on the RADIUS server, it is also possible for this component to be
   located on a separate host, such as a Rating Engine.

   Dynamic Authorization Server Port

   The UDP port on which the Dynamic Authorization Server listens for
   the Disconnect and CoA requests sent by the Dynamic Authorization
   Client.

De Cnodder, et al.           Informational                      [Page 2]
RFC 4672        RADIUS Dynamic Authorization Client MIB   September 2006

2.  The Internet-Standard Management Framework

   For a detailed overview of the documents that describe the current
   Internet-Standard Management Framework, please refer to section 7 of
   [RFC3410].

   Managed objects are accessed via a virtual information store, termed
   the Management Information Base or MIB.  MIB objects are generally
   accessed through the Simple Network Management Protocol (SNMP).
   Objects in the MIB are defined using the mechanisms defined in the
   Structure of Management Information (SMI).  This memo specifies a MIB
   module that is compliant to the SMIv2, which is described in STD 58,
   RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579], and STD 58, RFC 2580
   [RFC2580].

3.  Overview

   "Dynamic Authorization Extensions to RADIUS" [RFC3576] defines the
Show full document text
RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools