The following sections define different functional extensions and list relevant RADIUS attributes.
Basic Provisioning of Authentication Extensions
To comply with RFC 4679, DSL Forum Vendor-Specific RADIUS Attributes, the software includes the following attributes in the authentication-request message:
agent-circuit-id (as defined by DSL forum)
agent-remote-id (as defined by DSL forum)
The following attributes can also be included if configured and provided by downstream equipment:
actual-data-rate-upstream
actual-data-rate-downstream
minimum-data-rate-upstream
minimum-data-rate-downstream
access-loop-encapsulation
When the node is configured to insert (or replace) Option 82, the above mentioned attributes do have the content after this operation has been performed by the software.
In addition, the following standard RADIUS attributes are included in authentication request messages (subject to configuration):
NAS-identifier — string containing system-name
NAS-port-id
NAS-port-type — Values: 32 (null encap), 33 (dot1q), 34 (qinq), 15 (DHCP hosts), specified value (0 — 255)
MAC-address (Nokia VSA 27)
dhcp-vendor-class-id (Nokia VSA 36)
calling-station-id
These are only be included in the access-request if they have been configured.
To provide the possibility to push new policies for currently active subscribers, the routers support commands to force re-authentication of the specified subscriber-host. After issuing such a command, the router sends a DHCP FORCERENEW packet, which causes the subscriber to renew its lease (provided it supports force-renew). The DHCP request and ACK are then authenticated and processed by the routers as they would be during a normal DHCP renew.