Service-Type: Outbound vs. Outbound-User

Dusty Doris freeradius at mail.doris.cc
Sat Jul 9 18:31:17 CEST 2005


>   The names are IRRELEVANT.  The dictionaries matter only to the
> RADIUS server and it's configuration files.  I could rename all of the
> attributes & valuess to random words from the dictionary, and it would
> make *no* difference to the clients.
>

To expand on what Alan was saying, for the purpose of the list archive.

If you read further into the RFC it talks about how radius attributes are
formed.  They have 3 fieds, the type, length, and value.  The type is one
octect, in the case of Service-Type, it would be 6.  The length is one
octet and indicates the length of the Attribute.

Finally, is the value field.  In this field we would have what defines the
value to be Outbound or Outbound-User.  In the RFC, it will tell you that
Outbound has a value of 5.  If you look at the freeradius dictionary, it
shows that Outbound-User is set to 5.

If you looked at an actual radius packet with ethereal you would see the
value being transferred in the packet is an integer of 5.  The dictionary
file merely maps that value to a name.  This is so you can put something
like this in the users file.

DEFAULT
	Service-Type = Outbound-User

Think of it like DNS, mapping to a user-friendly name.

Otherwise, you'd have to do this.

DEFAULT
	6 = 5

You could easily change that dictionary file to say whatever you want.
Say you changed it from:
VALUE           Service-Type            Outbound-User           5
to:
VALUE           Service-Type            Outbound-Monkey         5

Then in the users file, you could have this rule.

DEFAULT
	Service-Type = Outbound-Monkey

That would still make sense to your Cisco gear, because it would come
across the line as a Type of 6 and a Value of 5.

Hope that is helpful.




More information about the Freeradius-Users mailing list