Browse Prior Art Database

Network Access Server Requirements Next Generation (NASREQNG) NAS Model (RFC2881)

IP.com Disclosure Number: IPCOM000003481D
Original Publication Date: 2000-Jul-01
Included in the Prior Art Database: 2000-Sep-13
Document File: 17 page(s) / 42K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

D. Mitton: AUTHOR [+2]

Abstract

This document describes the terminology and gives a model of typical Network Access Server (NAS). The purpose of this effort is to set the reference space for describing and evaluating NAS service protocols, such as RADIUS (RFCs 2865, 2866) [1], [2] and follow-on efforts like AAA Working Group, and the Diameter protocol [3]. These are protocols for carrying user service information for authentication, authorization, accounting, and auditing, between a Network Access Server which desires to authenticate its incoming calls and a shared authentication server.

This text was extracted from a ASCII Text document.
This is the abbreviated version, containing approximately 7% of the total text.

Network Working Group D. Mitton

Request for Comments: 2881 Nortel Networks

Category: Informational M. Beadles

SmartPipes Inc.

July 2000

Network Access Server Requirements Next Generation (NASREQNG)

NAS Model

Status of this Memo

This memo provides information for the Internet community. It does

not specify an Internet standard of any kind. Distribution of this

memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (2000). All Rights Reserved.

Abstract

This document describes the terminology and gives a model of typical

Network Access Server (NAS). The purpose of this effort is to set

the reference space for describing and evaluating NAS service

protocols, such as RADIUS (RFCs 2865, 2866) [1], [2] and follow-on

efforts like AAA Working Group, and the Diameter protocol [3]. These

are protocols for carrying user service information for

authentication, authorization, accounting, and auditing, between a

Network Access Server which desires to authenticate its incoming

calls and a shared authentication server.

Table of Contents

1. INTRODUCTION...................................................2

1.1 Scope of this Document ......................................2

1.2 Specific Terminology ........................................3

2. NETWORK ACCESS SYSTEM EQUIPMENT ASSUMPTIONS....................3

3. NAS SERVICES...................................................4

4. AUTHENTICATION, AUTHORIZATION AND ACCOUNTING (AAA) SERVERS.....5

5. TYPICAL NAS OPERATION SEQUENCE:................................5

5.1 Characteristics of Systems and Sessions: ....................6

5.2 Separation of NAS and AAA server functions ..................7

5.3 Network Management and Administrative features ..............7

6. AUTHENTICATION METHODS.........................................8

7. SESSION AUTHORIZATION INFORMATION..............................8

8. IP NETWORK INTERACTION.........................................9

9. A NAS MODEL...................................................10

9.1 A Reference Model of a NAS .................................10

9.2 Terminology ................................................11

9.3 Analysis ...................................................13

9.3.1 Authentication and Security .............................13

9.3.2 Authorization and Policy ................................14

9.3.3 Accounting and Auditing .................................14

9.3.4 Resource Management .....................................14

9.3.5 Virtual Private Networks (VPN's) ........................14

9.3.6 Service Quality .........................................15

9.3.7 Roaming ...........................