draft-ietf-radext-vlan-04.txt   draft-ietf-radext-vlan-05.txt 
Network Working Group Paul Congdon Network Working Group Paul Congdon
INTERNET-DRAFT Mauricio Sanchez INTERNET-DRAFT Mauricio Sanchez
Category: Proposed Standard Hewlett-Packard Company Category: Proposed Standard Hewlett-Packard Company
<draft-ietf-radext-vlan-04.txt> Bernard Aboba <draft-ietf-radext-vlan-05.txt> Bernard Aboba
29 April 2006 Microsoft Corporation 1 May 2006 Microsoft Corporation
RADIUS Attributes for Virtual LAN and Priority Support RADIUS Attributes for Virtual LAN and Priority Support
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 2, line 17 skipping to change at page 2, line 17
1. Introduction .......................................... 3 1. Introduction .......................................... 3
1.1 Terminology ..................................... 3 1.1 Terminology ..................................... 3
1.2 Requirements Language ........................... 3 1.2 Requirements Language ........................... 3
1.3 Attribute Interpretation ........................ 3 1.3 Attribute Interpretation ........................ 3
2. Attributes ............................................ 4 2. Attributes ............................................ 4
2.1 Egress-VLANID ................................... 4 2.1 Egress-VLANID ................................... 4
2.2 Ingress-Filters ................................. 5 2.2 Ingress-Filters ................................. 5
2.3 Egress-VLAN-Name ................................ 6 2.3 Egress-VLAN-Name ................................ 6
2.4 User-Priority-Table ............................. 7 2.4 User-Priority-Table ............................. 7
3. Table of Attributes ................................... 9 3. Table of Attributes ................................... 9
4. Diameter Considerations ............................... 9 4. Diameter Considerations ............................... 10
5. IANA Considerations ................................... 9 5. IANA Considerations ................................... 10
6. Security Considerations ............................... 10 6. Security Considerations ............................... 10
7. References ............................................ 10 7. References ............................................ 11
7.1 Normative References ............................ 10 7.1 Normative References ............................ 11
7.2 Informative References .......................... 11 7.2 Informative References .......................... 11
ACKNOWLEDGMENTS .............................................. 12 ACKNOWLEDGMENTS .............................................. 12
AUTHORS' ADDRESSES ........................................... 12 AUTHORS' ADDRESSES ........................................... 12
Intellectual Property Statement............................... 13 Intellectual Property Statement............................... 13
Disclaimer of Validity........................................ 13 Disclaimer of Validity........................................ 13
Full Copyright Statement ..................................... 13 Full Copyright Statement ..................................... 13
1. Introduction 1. Introduction
This document describes Virtual LAN (VLAN) and re-prioritization This document describes Virtual LAN (VLAN) and re-prioritization
skipping to change at page 6, line 40 skipping to change at page 6, line 40
Description Description
Clause 12.10.2.1.3 (a) in [IEEE-8021.Q] describes the Clause 12.10.2.1.3 (a) in [IEEE-8021.Q] describes the
administratively assigned VLAN Name associated with a VLAN-ID administratively assigned VLAN Name associated with a VLAN-ID
defined within an IEEE 802.1Q bridge. The Egress-VLAN-Name defined within an IEEE 802.1Q bridge. The Egress-VLAN-Name
attribute represents an allowed VLAN for this port. It is similar attribute represents an allowed VLAN for this port. It is similar
to the Egress-VLANID attribute, except that the VLAN-ID itself is to the Egress-VLANID attribute, except that the VLAN-ID itself is
not specified or known; rather the VLAN name is used to identify not specified or known; rather the VLAN name is used to identify
the VLAN within the system. the VLAN within the system.
The tunnel attributes described in [RFC3580] and the Egress-VLAN-
Name attribute both can be used to configure the egress VLAN for
untagged packets. These attributes can be used concurrently and
MAY appear in the same RADIUS packet. When they do appear
concurrently, the list of allowed VLANs is the concatenation of
the Egress-VLAN-Name and the Tunnel-Private-Group-ID (81)
attributes. The Egress-VLAN-Name attribute does not alter the
ingress VLAN for untagged traffic on a port (also known as the
PVID). The tunnel attributes from [RFC3580] should be relied upon
instead to set the PVID.
The Egress-VLAN-Name attribute contains two parts; the first part The Egress-VLAN-Name attribute contains two parts; the first part
indicates if frames on the VLAN for this port are to be indicates if frames on the VLAN for this port are to be
represented in tagged or untagged format, the second part is the represented in tagged or untagged format, the second part is the
VLAN name. VLAN name.
Multiple Egress-VLAN-Name attributes MAY be included within an Multiple Egress-VLAN-Name attributes MAY be included within an
Access-Request, Access-Accept, CoA-Request or Accounting-Request Access-Request, Access-Accept, CoA-Request or Accounting-Request
packet; this attribute MUST NOT be sent within an Access- packet; this attribute MUST NOT be sent within an Access-
Challenge, Access-Reject, Disconnect-Request, Disconnect-ACK, Challenge, Access-Reject, Disconnect-Request, Disconnect-ACK,
Disconnect-NAK, CoA-ACK or CoA-NAK. Each attribute adds the named Disconnect-NAK, CoA-ACK or CoA-NAK. Each attribute adds the named
skipping to change at page 11, line 50 skipping to change at page 12, line 16
"Dynamic Authorization Extensions to Remote Authentication "Dynamic Authorization Extensions to Remote Authentication
Dial In User Service (RADIUS)", RFC 3576, July 2003. Dial In User Service (RADIUS)", RFC 3576, July 2003.
[RFC3579] Aboba, B. and P. Calhoun, "RADIUS Support for Extensible [RFC3579] Aboba, B. and P. Calhoun, "RADIUS Support for Extensible
Authentication Protocol (EAP)", RFC 3579, September 2003. Authentication Protocol (EAP)", RFC 3579, September 2003.
[RFC3580] Congdon, P., Aboba, B., Smith, A., Zorn, G., Roese, J., "IEEE [RFC3580] Congdon, P., Aboba, B., Smith, A., Zorn, G., Roese, J., "IEEE
802.1X Remote Authentication Dial In User Service (RADIUS) 802.1X Remote Authentication Dial In User Service (RADIUS)
Usage Guidelines", RFC3580, September 2003. Usage Guidelines", RFC3580, September 2003.
[RFC3748] Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J. and H.
Levkowetz, "Extensible Authentication Protocol (EAP)", RFC
3748, June 2004.
[RFC4005] Calhoun, P., Zorn, G., Spence, D. and D. Mitton, "Diameter [RFC4005] Calhoun, P., Zorn, G., Spence, D. and D. Mitton, "Diameter
Network Access Server Application", RFC 4005, August 2005. Network Access Server Application", RFC 4005, August 2005.
[RFC4072] Eronen, P., Hiller, T., and G. Zorn, "Diameter Extensible [RFC4072] Eronen, P., Hiller, T., and G. Zorn, "Diameter Extensible
Authentication Protocol (EAP) Application", RFC 4072, August Authentication Protocol (EAP) Application", RFC 4072, August
2005. 2005.
Acknowledgments Acknowledgments
The authors would like to acknowledge Joseph Salowey of Cisco, David The authors would like to acknowledge Joseph Salowey of Cisco, David
 End of changes. 5 change blocks. 
10 lines changed or deleted 17 lines changed or added

This html diff was produced by rfcdiff 1.29, available from http://www.levkowetz.com/ietf/tools/rfcdiff/