THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.
Ask Your Question

Revision history  [back]

Revision 2
grahamb's avatar
23.8k
grahamb
updated 2019-10-25 09:25:36 +0000

how do I add a compound vendor specific attribute to a radius dictionary

Hi, I'm trying to add the starent VSA #216 - SN1-NAT-Bind-Record and am having problems trying to sort out how to do so

I've narrowed it down to the dictionary.starent.vsa1 and have tried a number of permutations including

ATTRIBUTE   SN1-NAT-Bind-Record             216 tlv
ATTRIBUTE   NAT-IP-Address                  216.1   integer
ATTRIBUTE   NAT-Port-Block-Start            216.2   short
ATTRIBUTE   NAT-Port-Block-End              216.3   short
ATTRIBUTE   Alloc-Flag                      216.4   byte

VALUE Alloc-Flag                        De-Allocated            0
VALUE Alloc-Flag                        Allocated               1

ATTRIBUTE   Correlation-Id                  216.5   string
ATTRIBUTE   Loading-Factor                  216.6   byte
ATTRIBUTE   Binding-Timer                   216.7   integer

and

ATTRIBUTE SN1-NAT-Bind-Record 216 tlv 
BEGIN-TLV SN1-NAT-Bind-Record
    SUBTYPE SN1-NAT-Bind-Record NAT-IP-Address 216.1 ipaddr
    SUBTYPE SN1-NAT-Bind-Record  NAT-Port-Block-Start 2 short
    SUBTYPE SN1-NAT-Bind-Record  NAT-Port-Block-End 3 short
    SUBTYPE SN1-NAT-Bind-Record  NAT-Port-Chunk-Alloc 4 byte
    SUBTYPE SN1-NAT-Bind-Record  Correlation-Id 5 string
    SUBTYPE SN1-NAT-Bind-Record  Loading-Factor 6 byte
    SUBTYPE SN1-NAT-Bind-Record  Binding-Timer-Value 7 integer
END-TLV SN1-NAT-Bind-Record

And other permutations that don't work.

From the Cisco Docs

SN1-NAT-Bind-Record
This attribute contains the NAT Binding Record.
Type 26
Vendor ID 8164
VSA Type 216
Syntax Compound.

Contains the following sub-attribute(s).

NAT IP address
Syntax IPv4 Address
Length 4
Type 1

NAT-Port-Block-Start   Start port of the port chunk
Syntax Unsigned Integer
Length 2
Type 2


NAT-Port-Block-End   End port of the port chunk.
Syntax Unsigned Integer
Length 2
Type 3


Alloc-Flag   Port chunk status. Accepted Values are 0(De-Allocated) and 1(Allocated).
Syntax Unsigned Integer
Length 1
Type 4


Correlation-Id   Correlation ID.
Syntax String
Length 1-253
Type 5


Loading-Factor  Indicates maximum number of users per NAT IP address.
Syntax Unsigned Integer
Length 2
Type 6


Binding-Timer   Port chunk hold timer.
Syntax Unsigned Integer
Length 4
Type 7

Has anyone managed to get this VSA decoded in wireshark?

Revision 1
adrian's avatar
1
adrian
asked 2019-10-24 22:52:19 +0000

how do I add a compound vendor specific attribute to a radius dictionary

Hi, I'm trying to add the starent VSA #216 - SN1-NAT-Bind-Record and am having problems trying to sort out how to do so

I've narrowed it down to the dictionary.starent.vsa1 and have tried a number of permutations including

ATTRIBUTE   SN1-NAT-Bind-Record             216 tlv
ATTRIBUTE   NAT-IP-Address                  216.1   integer
ATTRIBUTE   NAT-Port-Block-Start            216.2   short
ATTRIBUTE   NAT-Port-Block-End              216.3   short
ATTRIBUTE   Alloc-Flag                      216.4   byte

byte
 
VALUE Alloc-Flag                        De-Allocated            0
VALUE Alloc-Flag                        Allocated               1

1
 
ATTRIBUTE   Correlation-Id                  216.5   string
ATTRIBUTE   Loading-Factor                  216.6   byte
ATTRIBUTE   Binding-Timer                   216.7   integer
integer

and

ATTRIBUTE SN1-NAT-Bind-Record 216 tlv 
BEGIN-TLV SN1-NAT-Bind-Record
    SUBTYPE SN1-NAT-Bind-Record NAT-IP-Address 216.1 ipaddr
    SUBTYPE SN1-NAT-Bind-Record  NAT-Port-Block-Start 2 short
    SUBTYPE SN1-NAT-Bind-Record  NAT-Port-Block-End 3 short
    SUBTYPE SN1-NAT-Bind-Record  NAT-Port-Chunk-Alloc 4 byte
    SUBTYPE SN1-NAT-Bind-Record  Correlation-Id 5 string
    SUBTYPE SN1-NAT-Bind-Record  Loading-Factor 6 byte
    SUBTYPE SN1-NAT-Bind-Record  Binding-Timer-Value 7 integer
END-TLV SN1-NAT-Bind-Record
SN1-NAT-Bind-Record

And other permutations that don't work.

From the Cisco Docs

Docs
SN1-NAT-Bind-Record
This attribute contains the NAT Binding Record.
Type 26
Vendor ID 8164
VSA Type 216
Syntax Compound.
Compound.

Contains the following sub-attribute(s).

NAT IP address
Syntax IPv4 Address
Length 4
Type 1

1
 
NAT-Port-Block-Start   Start port of the port chunk
Syntax Unsigned Integer
Length 2
Type 2


2
 
NAT-Port-Block-End   End port of the port chunk.
Syntax Unsigned Integer
Length 2
Type 3


3
 
Alloc-Flag   Port chunk status. Accepted Values are 0(De-Allocated) and 1(Allocated).
Syntax Unsigned Integer
Length 1
Type 4


4
 
Correlation-Id   Correlation ID.
Syntax String
Length 1-253
Type 5


5
 
Loading-Factor  Indicates maximum number of users per NAT IP address.
Syntax Unsigned Integer
Length 2
Type 6


6
 
Binding-Timer   Port chunk hold timer.
Syntax Unsigned Integer
Length 4
Type 7
7

Has anyone managed to get this VSA decoded in wireshark?