in vs. out

Alan DeKok aland at
Thu Oct 4 09:17:39 CEST 2007

wlan at wrote:
> It is curious, then, why the RFC isn't as definitive in the
> definition... I suppose it is intentionally left open for vendor
> interpretation.

  <sigh>  No. The RFC *is* definitive.  It just may not be overly clear,
10 years after the original text was written.  It is NOT left open for
vendor interpretation.  If it was, then Acct-Input-Octets would be
*useless*, as you could never tell what it meant.

> As such, portmaster being more specific as it relates to
> their products isn't surprising. But, is that the 'standard', a 'best
> practice', or just one vendor's (albeit, a very in-the-know vendor's)
> implementation? I do agree with the point of view (of the port), in
> theory. However, in practice, I guess the best answer is that it is
> vendor specific.. hmm.

  No.  The standard is the RFC.  The portmaster text is just additional
text from the people building RADIUS systems.

  It is NOT vendor specific.  Do NOT say it is vendor specific.

>>   Follow the standards.  Do not follow broken vendors.
> It actually isn't just that one vendor... in fact, if not mistaken, much
> of the commercial wlan gear I've worked with used the above meaning. It
> would be curious to see a list of vendors and how they implemented their
> accounting...  if we all checked the manuals of the devices we use, we
> could all help build that list in the freeradius wiki!

  Feel free to start this effort.

  There are many other vendor products that are very broken with respect
to RADIUS.  Do NOT follow any individual vendor, or even groups of
vendors.  Follow the standards.  If the standards aren't clear, ask on
the IETF RADEXT mailing list.  The people there should be able to give
conclusive answers.

  Also see my 2 documents in that working group.  They clarify many
issues and problems with the previous RADIUS RFC's.

  Alan DeKok.

More information about the Freeradius-Users mailing list