Hi Jamie,
On Mar 10, 7:26pm, Jamie Hill wrote:
> Subject: (RADIATOR) Max TNT and radiator
> I notice that Ascend recommends using rad-id-space = distinct for
> performance reasons, but warns that your radius server must be able to
> support it. Below is the documentation Ascend has on the option; Does
> anyone know if radiator has support for this?
Yes radiator keeps track of different identifier sequences for different types
of request, so distinct is supported.
>
> Rad-ID-Space
> ------------
> Description: Specifies whether the MAX TNT uses a single sequence space
> for the RADIUS ID number. RADIUS uses an ID value to aid in
> Request-Response matching. By default, the MAX TNT uses a single sequence
> space for the RADIUS ID number in all RADIUS messages, which limits the
> number of IDs available for assignment to 256. A combined total of 256
> authentication and accounting packets are sent before the ID sequence
> rolls over. However, by setting Rad-ID-Space=Distinct, you can configure
> distinct ID sequence spaces for RADIUS accounting and authentication
> packets.
>
> Usage: Specify one of the following values:
> -Unified (the default) specifies that the MAX TNT uses a single sequence
> space for the RADIUS ID number.
> -Distinct specifies that RADIUS authentication and accounting packets do
> not share the same ID sequence space. The MAX TNT can send a total of
> 256 authentication packets before the authentication ID sequence rolls
> over, and 256 accounting packets before the accounting ID sequence rolls
> over. Three sequence spaces are allocated: one for the Unified sequence
> space, one for the authentication ID sequence, and one for the
> accounting ID sequence.
>
> Dependencies: When you configure the MAX TNT to use distinct ID sequence
> spaces, the RADIUS server must perform additional checks for duplicate
> detection. The server should check the RADIUS ID value as well as the
> service type and destination UDP port in each packet. The service type can
> be determined by sorting all values of the code field into two classesAuth
> and Acctand then comparing the received code value to the sorted list in
> order to determine which class it belongs to. The destination UDP port can
> be the same for both services when a single RADIUS server performs them.
>
> Thanks,
>
> --Jamie
>
>
> ===
> Archive at http://www.starport.net/~radiator/
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
>-- End of excerpt from Jamie Hill
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, etc etc on Unix, Win95/8,
2000, NT, MacOS X
===
Archive at http://www.starport.net/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
