[要約] RFC 4673は、RADIUSダイナミック認証サーバMIBに関する標準仕様です。このRFCの目的は、RADIUSサーバのダイナミック認証に関連する情報を管理するためのMIBオブジェクトを定義することです。

Network Working Group                                      S. De Cnodder
Request for Comments: 4673                                       Alcatel
Category: Informational                                       N. Jonnala
                                                                M. Chiba
                                                     Cisco Systems, Inc.
                                                          September 2006

RADIUS Dynamic Authorization Server MIB

RADIUS Dynamic Authorization Server MIB

Status of This Memo

本文書の位置付け

This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited.

このメモは、インターネットコミュニティに情報を提供します。いかなる種類のインターネット標準を指定しません。このメモの配布は無制限です。

Copyright Notice

著作権表示

Copyright (C) The Internet Society (2006).

Copyright(c)The Internet Society(2006)。

Abstract

概要

This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes the Remote Authentication Dial-In User Service (RADIUS) (RFC 2865) Dynamic Authorization Server (DAS) functions that support the dynamic authorization extensions as defined in RFC 3576.

このメモは、インターネットコミュニティのネットワーク管理プロトコルで使用するための管理情報ベース(MIB)の一部を定義します。特に、RFC 3576で定義されている動的承認拡張機能をサポートする動的認証サーバー(DAS)関数のリモート認証ダイヤルインユーザーサービス(RADIUS)(RFC 2865)機能について説明します。

Table of Contents

目次 

   1. Introduction ....................................................2
      1.1. Requirements Notation ......................................2
      1.2. Terminology ................................................2
   2. The Internet-Standard Management Framework ......................2
   3. Overview ........................................................3
   4. RADIUS Dynamic Authorization Server MIB Definitions .............5
   5. Security Considerations ........................................20
   6. IANA Considerations ............................................21
   7. Acknowledgements ...............................................21
   8. References .....................................................21
      8.1. Normative References ......................................21
      8.2. Informative References ....................................22
1. Introduction
1. はじめに

This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. It is becoming increasingly important to support Dynamic Authorization extensions on the network access server (NAS) devices to handle the Disconnect and Change-of-Authorization (CoA) messages as described in [RFC3576]. As a result, the effective management of RADIUS Dynamic Authorization entities is of considerable importance. This RADIUS Dynamic Authorization Server (DAS) MIB complements the managed objects used for managing RADIUS authentication and accounting clients as described in [RFC4668] and [RFC4670], respectively.

このメモは、インターネットコミュニティのネットワーク管理プロトコルで使用するための管理情報ベース(MIB)の一部を定義します。[RFC3576]に記載されているように、切断と承認の変更(COA)メッセージを処理するために、ネットワークアクセスサーバー(NAS)デバイスの動的な認証拡張機能をサポートすることがますます重要になっています。その結果、半径の動的認証エンティティの効果的な管理はかなり重要です。このRADIUS Dynamic Authorization Server(DAS)MIBは、それぞれ[RFC4668]および[RFC4670]で説明されているように、RADIUS認証と会計クライアントの管理に使用される管理オブジェクトを補完します。

1.1. Requirements Notation
1.1. 要件表記

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].

「必須」、「そうしない」、「必須」、「shall」、「shall "、" ingle "、" should "、" not "、" becommended "、" bay "、および「optional」は、[RFC2119]に記載されているように解釈される。

1.2. Terminology
1.2. 用語

Dynamic Authorization Server (DAS)

動的認証サーバー(DAS)

The component that resides on the NAS that processes the Disconnect and Change-of-Authorization (CoA) Request packets [RFC3576] sent by the Dynamic Authorization Client.

Dynamic Authorizationクライアントによって送信された切断と承認の変更(COA)要求パケット[RFC3576]を処理するNASに存在するコンポーネント。

Dynamic Authorization Client (DAC)

ダイナミック認証クライアント(DAC)

The component that sends Disconnect and CoA-Request packets to the Dynamic Authorization Server. Although this component often resides on the RADIUS server, it is also possible for it to be located on a separate host, such as a Rating Engine.

切断パケットとCoA-Requestパケットを動的認証サーバーに送信するコンポーネント。このコンポーネントはしばしばRADIUSサーバーに存在しますが、評価エンジンなどの別のホストに配置することも可能です。

Dynamic Authorization Server Port

動的認証サーバーポート

The UDP port on which the Dynamic Authorization Server listens for the Disconnect and CoA requests sent by the Dynamic Authorization Client.

Dynamic Authorizationクライアントから送信された切断およびCOAリクエストの動的認証サーバーが耳を傾けるUDPポート。

2. The Internet-Standard Management Framework
2. インターネット標準の管理フレームワーク

For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of [RFC3410].

現在のインターネット標準管理フレームワークを説明するドキュメントの詳細な概要については、[RFC3410]のセクション7を参照してください。

Managed objects are accessed via a virtual information store, termed the Management Information Base, or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579], and STD 58, RFC 2580 [RFC2580].

管理されたオブジェクトは、管理情報ベース、またはMIBと呼ばれる仮想情報ストアを介してアクセスされます。MIBオブジェクトは通常、単純なネットワーク管理プロトコル(SNMP)からアクセスされます。MIBのオブジェクトは、管理情報の構造(SMI)で定義されたメカニズムを使用して定義されます。このメモは、STD 58、RFC 2578 [RFC2578]、STD 58、RFC 2579 [RFC2579]、およびSTD 58、RFC 2580 [RFC2580]に記載されているSMIV2に準拠したMIBモジュールを指定します。

3. Overview
3. 概要

"Dynamic Authorization Extensions to RADIUS" [RFC3576] defines the operation of Disconnect-Request, Disconnect-ACK, Disconnect-NAK, CoA-Request, CoA-ACK, and CoA-NAK packets. Typically, NAS devices implement the DAS function, and thus would be expected to implement the RADIUS Dynamic Authorization Server MIB, whereas DACs implement the client function and thus would be expected to implement the RADIUS Dynamic Authorization Client MIB.

「Dynamic Authorization Extensions to RADIUS」[RFC3576]は、切断、切断、切断、COA-Request、COA-ACK、およびCOA-NAKパケットの操作を定義します。通常、NASデバイスはDAS関数を実装するため、DACSがクライアント機能を実装するのに対し、RADIUS動的認証サーバーMIBを実装するため、RADIUS動的認証クライアントMIBを実装することが期待されます。

However, it is possible for a RADIUS Dynamic Authorization entity to perform both client and server functions. For example, a RADIUS proxy may act as a DAS to one or more DACs while simultaneously acting as a DAC to one or more DASs. In such situations, it is expected that RADIUS entities combining client and server functionality will support both the client and server MIBs.

ただし、RADIUSの動的認証エンティティがクライアント機能とサーバー機能の両方を実行することが可能です。たとえば、RADIUSプロキシは、1つ以上のDACのDASとして機能し、同時にDACとして1つ以上のDASSとして機能します。このような状況では、クライアントとサーバーの機能を組み合わせたRADIUSエンティティがクライアントとサーバーMIBの両方をサポートすることが期待されています。

This memo describes the MIB for Dynamic Authorization Servers and relates to the following documents as follows:

このメモは、動的認証サーバーのMIBについて説明し、次のドキュメントに関連しています。

[RFC4668] describes the MIB for a RADIUS Auth Client MIB.

[RFC4668]は、半径認証クライアントMIBのMIBを説明しています。

[RFC4669] describes the MIB for a RADIUS Auth Server MIB.

[RFC4669]は、RADIUS AUTH SERVER MIBのMIBを説明しています。

[RFC4670] describes the MIB for a RADIUS Acct Client MIB.

[RFC4670]は、半径ACCTクライアントMIBのMIBを説明しています。

[RFC4671] describes the MIB for a RADIUS Acct Server MIB.

[RFC4671]は、半径ACCTサーバーMIBのMIBを説明しています。

[RFC4672] describes the MIB for a RADIUS Dynamic Auth Client.

[RFC4672]は、半径動的認証クライアントのMIBを説明しています。

A NAS typically implements the MIBs for a RADIUS Authentication Client, a RADIUS accounting client, and a RADIUS Dynamic Authorization Server. However, any one MIB can be implemented without implementing any of the other MIBs; i.e., the MIBs have no dependencies on each other. A typical case would be for a device to implement the MIBs RADIUS authentication server, RADIUS accounting server, and RADIUS Dynamic Authorization Client. A RADIUS proxy might implement any, all, or a subset of the MIBs listed above and the MIB as defined in this document.

NASは通常、RADIUS認証クライアント、RADIUSアカウンティングクライアント、およびRADIUS動的認証サーバーのMIBSを実装します。ただし、他のMIBを実装せずに1つのMIBを実装できます。つまり、MIBSには互いに依存関係がありません。典型的なケースは、デバイスがMIBS RADIUS認証サーバー、RADIUSアカウンティングサーバー、RADIUS動的認証クライアントを実装することです。RADIUSプロキシは、上記のMIBSのサブセット、およびこのドキュメントで定義されているMIBのサブセットを実装する場合があります。 

              +---------------+                      +---------------+
    User 1----|               |  Disconnect-Request  |               |
              |    Dynamic    |     CoA-Request      |    Dynamic    |
    User 2----| Authorization |<---------------------| Authorization |
              |    Server     |--------------------->|    Client     |
    User 3----|     (DAS)     |    Disconnect-Ack    |     (DAC)     |
              |               |    Disconnect-NAK    |               |
              +---------------+    CoA-Ack/CoA-NAK   +---------------+

Figure 1. Mapping of clients and servers

図1.クライアントとサーバーのマッピング

This MIB module for the Dynamic Authorization Server contains the following:

動的認証サーバーのこのMIBモジュールには、以下が含まれています。

1. Three scalar objects.

1. 3つのスカラーオブジェクト。

2. One Dynamic Authorization Client Table. This table contains one row for each DAC with which the DAS shares a secret.

2. 1つの動的認証クライアントテーブル。このテーブルには、DASが秘密を共有する各DACの1つの行が含まれています。

4. RADIUS Dynamic Authorization Server MIB Definitions
4. RADIUS Dynamic Authorization Server MIB定義 
RADIUS-DYNAUTH-SERVER-MIB DEFINITIONS ::= BEGIN
        
IMPORTS
       MODULE-IDENTITY, OBJECT-TYPE,
       Counter32, Integer32, mib-2,
       TimeTicks         FROM SNMPv2-SMI             -- [RFC2578]
       SnmpAdminString   FROM SNMP-FRAMEWORK-MIB     -- [RFC3411]
       InetAddressType,
       InetAddress       FROM INET-ADDRESS-MIB       -- [RFC4001]
       MODULE-COMPLIANCE,
       OBJECT-GROUP  FROM SNMPv2-CONF;               -- [RFC2580]

radiusDynAuthServerMIB MODULE-IDENTITY LAST-UPDATED "200608290000Z" -- 29 August 2006 ORGANIZATION "IETF RADEXT Working Group" CONTACT-INFO " Stefaan De Cnodder Alcatel Francis Wellesplein 1 B-2018 Antwerp Belgium

Radiusdynauthservermibモジュールのアイデンティティ最終処分「200608290000Z " - 2006年8月29日組織「IETF Radextワーキンググループ」ワーキンググループ" Contact-info "Stefaan de Cnodder Francis Wellesplein 1 B-2018 Antwerp Belgium 

                Phone: +32 3 240 85 15
                EMail: stefaan.de_cnodder@alcatel.be

Nagi Reddy Jonnala Cisco Systems, Inc. Divyasree Chambers, B Wing, O'Shaugnessy Road, Bangalore-560027, India.

Nagi Reddy Jonnala Cisco Systems、Inc。Divyasree Chambers、B Wing、O'Shaugnessy Road、Bangalore-560027、インド。 

                Phone: +91 94487 60828
                EMail: njonnala@cisco.com

Murtaza Chiba Cisco Systems, Inc. 170 West Tasman Dr. San Jose CA, 95134

Murtaza Chiba Cisco Systems、Inc。170 West Tasman Dr. San Jose CA、95134

Phone: +1 408 525 7198 EMail: mchiba@cisco.com " DESCRIPTION "The MIB module for entities implementing the server side of the Dynamic Authorization Extensions to the Remote Authentication Dial-In User Service (RADIUS) protocol. Copyright (C) The Internet Society (2006).

電話:1 408 525 7198メール:mchiba@cisco.com "説明"ダイナミック認証拡張機能のサーバー側をリモート認証ダイヤルインユーザーサービス(RADIUS)プロトコルに実装するエンティティのMIBモジュール。Copyright(c)The Internet Society(2006)。

Initial version as published in RFC 4673; for full legal notices see the RFC itself."

RFC 4673で公開されている初期バージョン。完全な法的通知については、RFC自体を参照してください。」 

       REVISION "200608290000Z" -- 29 August 2006
       DESCRIPTION "Initial version as published in RFC 4673."
       ::= { mib-2 146 }
        
radiusDynAuthServerMIBObjects OBJECT IDENTIFIER ::=
                                      { radiusDynAuthServerMIB 1 }
        
radiusDynAuthServerScalars    OBJECT IDENTIFIER ::=
                               { radiusDynAuthServerMIBObjects 1 }
        
radiusDynAuthServerDisconInvalidClientAddresses OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of Disconnect-Request packets received from
             unknown addresses.  This counter may experience a
             discontinuity when the DAS module (re)starts, as
             indicated by the value of
             radiusDynAuthServerCounterDiscontinuity."
      ::= { radiusDynAuthServerScalars 1 }
        
radiusDynAuthServerCoAInvalidClientAddresses OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of CoA-Request packets received from unknown
             addresses.  This counter may experience a discontinuity
             when the DAS module (re)starts, as indicated by the
             value of radiusDynAuthServerCounterDiscontinuity."
      ::= { radiusDynAuthServerScalars 2 }
        
radiusDynAuthServerIdentifier OBJECT-TYPE
      SYNTAX SnmpAdminString
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
             "The NAS-Identifier of the RADIUS Dynamic Authorization
              Server.  This is not necessarily the same as sysName in
              MIB II."
      REFERENCE
             "RFC 2865, Section 5.32, NAS-Identifier."
      ::= { radiusDynAuthServerScalars 3 }
        
radiusDynAuthClientTable OBJECT-TYPE
      SYNTAX SEQUENCE OF RadiusDynAuthClientEntry
      MAX-ACCESS not-accessible
      STATUS     current
      DESCRIPTION
            "The (conceptual) table listing the RADIUS Dynamic
             Authorization Clients with which the server shares a
             secret."
      ::= { radiusDynAuthServerMIBObjects 2 }
        
radiusDynAuthClientEntry OBJECT-TYPE
       SYNTAX     RadiusDynAuthClientEntry
       MAX-ACCESS not-accessible
       STATUS     current
       DESCRIPTION
             "An entry (conceptual row) representing one Dynamic
              Authorization Client with which the server shares a
              secret."
       INDEX      { radiusDynAuthClientIndex }
       ::= { radiusDynAuthClientTable 1 }
        
RadiusDynAuthClientEntry ::= SEQUENCE {
       radiusDynAuthClientIndex                     Integer32,
       radiusDynAuthClientAddressType               InetAddressType,
       radiusDynAuthClientAddress                   InetAddress,
       radiusDynAuthServDisconRequests              Counter32,
       radiusDynAuthServDisconAuthOnlyRequests      Counter32,
       radiusDynAuthServDupDisconRequests           Counter32,
       radiusDynAuthServDisconAcks                  Counter32,
       radiusDynAuthServDisconNaks                  Counter32,
       radiusDynAuthServDisconNakAuthOnlyRequests   Counter32,
       radiusDynAuthServDisconNakSessNoContext      Counter32,
       radiusDynAuthServDisconUserSessRemoved       Counter32,
       radiusDynAuthServMalformedDisconRequests     Counter32,
       radiusDynAuthServDisconBadAuthenticators     Counter32,
       radiusDynAuthServDisconPacketsDropped        Counter32,
       radiusDynAuthServCoARequests                 Counter32,
       radiusDynAuthServCoAAuthOnlyRequests         Counter32,
       radiusDynAuthServDupCoARequests              Counter32,
       radiusDynAuthServCoAAcks                     Counter32,
       radiusDynAuthServCoANaks                     Counter32,
       radiusDynAuthServCoANakAuthOnlyRequests      Counter32,
       radiusDynAuthServCoANakSessNoContext         Counter32,
       radiusDynAuthServCoAUserSessChanged          Counter32,
       radiusDynAuthServMalformedCoARequests        Counter32,
       radiusDynAuthServCoABadAuthenticators        Counter32,
       radiusDynAuthServCoAPacketsDropped           Counter32,
       radiusDynAuthServUnknownTypes                Counter32,
       radiusDynAuthServerCounterDiscontinuity      TimeTicks
}
        
radiusDynAuthClientIndex OBJECT-TYPE
       SYNTAX     Integer32 (1..2147483647)
       MAX-ACCESS not-accessible
       STATUS     current
       DESCRIPTION
             "A number uniquely identifying each RADIUS Dynamic
              Authorization Client with which this Dynamic
              Authorization Server communicates.  This number is
              allocated by the agent implementing this MIB module
              and is unique in this context."
       ::= { radiusDynAuthClientEntry 1 }
        
radiusDynAuthClientAddressType OBJECT-TYPE
       SYNTAX     InetAddressType
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
             "The type of IP address of the RADIUS Dynamic
              Authorization Client referred to in this table entry."
       ::= { radiusDynAuthClientEntry 2 }
        
radiusDynAuthClientAddress OBJECT-TYPE
       SYNTAX     InetAddress
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
             "The IP address value of the RADIUS Dynamic
              Authorization Client referred to in this table entry,
              using the version neutral IP address format.  The type
              of this address is determined by the value of
              the radiusDynAuthClientAddressType object."
       ::= { radiusDynAuthClientEntry 3 }
        
radiusDynAuthServDisconRequests OBJECT-TYPE
       SYNTAX     Counter32
       UNITS      "requests"
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
             "The number of RADIUS Disconnect-Requests received
              from this Dynamic Authorization Client.  This also
              includes the RADIUS Disconnect-Requests that have a
              Service-Type attribute with value 'Authorize Only'.
              This counter may experience a discontinuity when the
              DAS module (re)starts as indicated by the value of
              radiusDynAuthServerCounterDiscontinuity."
       REFERENCE
             "RFC 3576, Section 2.1, Disconnect Messages (DM)."
       ::= { radiusDynAuthClientEntry 4 }
        
radiusDynAuthServDisconAuthOnlyRequests OBJECT-TYPE
       SYNTAX     Counter32
       UNITS      "requests"
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
             "The number of RADIUS Disconnect-Requests that include
              a Service-Type attribute with value 'Authorize Only'
              received from this Dynamic Authorization Client.  This
              counter may experience a discontinuity when the DAS
              module (re)starts, as indicated by the value of
              radiusDynAuthServerCounterDiscontinuity."
       REFERENCE
             "RFC 3576, Section 2.1, Disconnect Messages (DM)."
       ::= { radiusDynAuthClientEntry 5 }
        
radiusDynAuthServDupDisconRequests OBJECT-TYPE
       SYNTAX     Counter32
       UNITS      "requests"
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
             "The number of duplicate RADIUS Disconnect-Request
              packets received from this Dynamic Authorization
              Client.  This counter may experience a discontinuity
              when the DAS module (re)starts, as indicated by the
              value of radiusDynAuthServerCounterDiscontinuity."
       REFERENCE
             "RFC 3576, Section 2.1, Disconnect Messages (DM)."
       ::= { radiusDynAuthClientEntry 6 }

radiusDynAuthServDisconAcks OBJECT-TYPE SYNTAX Counter32 UNITS "replies" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS Disconnect-ACK packets sent to this Dynamic Authorization Client. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity."

Radiusdynauthservdisconacksオブジェクトタイプの構文Counter32ユニット "Replies" max-access read-only status current current current "この動的な承認クライアントに送信された半径切断パケットの数。radiusdynauthservercounterdiscontinuityの値によって示されるように。」 

       REFERENCE
             "RFC 3576, Section 2.1, Disconnect Messages (DM)."
       ::= { radiusDynAuthClientEntry 7 }
        
radiusDynAuthServDisconNaks OBJECT-TYPE
       SYNTAX     Counter32
       UNITS      "replies"
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
             "The number of RADIUS Disconnect-NAK packets
              sent to this Dynamic Authorization Client.  This
              includes the RADIUS Disconnect-NAK packets sent
              with a Service-Type attribute with value 'Authorize
              Only' and the RADIUS Disconnect-NAK packets sent
              because no session context was found.  This counter
              may experience a discontinuity when the DAS module
              (re)starts, as indicated by the value of
              radiusDynAuthServerCounterDiscontinuity."
       REFERENCE
             "RFC 3576, Section 2.1, Disconnect Messages (DM)."
       ::= { radiusDynAuthClientEntry 8 }
        
radiusDynAuthServDisconNakAuthOnlyRequests OBJECT-TYPE
       SYNTAX     Counter32
       UNITS      "replies"
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
             "The number of RADIUS Disconnect-NAK packets that
              include a Service-Type attribute with value
              'Authorize Only' sent to this Dynamic Authorization
              Client.  This counter may experience a discontinuity
              when the DAS module (re)starts, as indicated by the
              value of radiusDynAuthServerCounterDiscontinuity."
       REFERENCE
             "RFC 3576, Section 2.1, Disconnect Messages (DM)."
       ::= { radiusDynAuthClientEntry 9 }
        
radiusDynAuthServDisconNakSessNoContext OBJECT-TYPE
       SYNTAX     Counter32
       UNITS      "replies"
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
             "The number of RADIUS Disconnect-NAK packets
              sent to this Dynamic Authorization Client
              because no session context was found.  This counter may
              experience a discontinuity when the DAS module
              (re)starts, as indicated by the value of
              radiusDynAuthServerCounterDiscontinuity."
       REFERENCE
             "RFC 3576, Section 2.1, Disconnect Messages (DM)."
       ::= { radiusDynAuthClientEntry 10 }
        
radiusDynAuthServDisconUserSessRemoved OBJECT-TYPE
       SYNTAX     Counter32
       UNITS      "sessions"
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
             "The number of user sessions removed for the
              Disconnect-Requests received from this
              Dynamic Authorization Client.  Depending on site-
              specific policies, a single Disconnect request
              can remove multiple user sessions.  In cases where
              this Dynamic Authorization Server has no
              knowledge of the number of user sessions that
              are affected by a single request, each such
              Disconnect-Request will count as a single
              affected user session only.  This counter may experience
              a discontinuity when the DAS module (re)starts, as
              indicated by the value of
              radiusDynAuthServerCounterDiscontinuity."
       REFERENCE
             "RFC 3576, Section 2.1, Disconnect Messages (DM)."
       ::= { radiusDynAuthClientEntry 11 }
        
radiusDynAuthServMalformedDisconRequests OBJECT-TYPE
       SYNTAX     Counter32
       UNITS      "requests"
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
             "The number of malformed RADIUS Disconnect-Request
              packets received from this Dynamic Authorization
              Client.  Bad authenticators and unknown types are not
              included as malformed Disconnect-Requests.  This counter
              may experience a discontinuity when the DAS module
              (re)starts, as indicated by the value of
              radiusDynAuthServerCounterDiscontinuity."
       REFERENCE
             "RFC 3576, Section 2.1, Disconnect Messages (DM), and
              Section 2.3, Packet Format."
       ::= { radiusDynAuthClientEntry 12 }
        
radiusDynAuthServDisconBadAuthenticators OBJECT-TYPE
       SYNTAX     Counter32
       UNITS      "requests"
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
             "The number of RADIUS Disconnect-Request packets
              that contained an invalid Authenticator field
              received from this Dynamic Authorization Client.  This
              counter may experience a discontinuity when the DAS
              module (re)starts, as indicated by the value of
              radiusDynAuthServerCounterDiscontinuity."
       REFERENCE
             "RFC 3576, Section 2.1, Disconnect Messages (DM), and
              Section 2.3, Packet Format."
       ::= { radiusDynAuthClientEntry 13 }
        
radiusDynAuthServDisconPacketsDropped OBJECT-TYPE
       SYNTAX     Counter32
       UNITS      "requests"
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
             "The number of incoming Disconnect-Requests
              from this Dynamic Authorization Client silently
              discarded by the server application for some reason
              other than malformed, bad authenticators, or unknown
              types.  This counter may experience a discontinuity
              when the DAS module (re)starts, as indicated by the
              value of radiusDynAuthServerCounterDiscontinuity."
       REFERENCE
             "RFC 3576, Section 2.1, Disconnect Messages (DM), and
              Section 2.3, Packet Format."
       ::= { radiusDynAuthClientEntry 14 }

radiusDynAuthServCoARequests OBJECT-TYPE SYNTAX Counter32 UNITS "requests" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS CoA-requests received from this Dynamic Authorization Client. This also includes the CoA requests that have a Service-Type attribute with value 'Authorize Only'. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity."

RADIUSIUSNAUTHSERVCOAREQUESTSオブジェクトタイプの構文カウンター32ユニット「リクエスト「MAX-ACCESS読み取り専用ステータス現在の説明」「この動的な認証クライアントから受け取ったRADIUS COA-Requestsの数。これには、価値のあるサービスタイプの属性を持つCOA要求も含まれます」承認のみを認めます。このカウンターは、Radiusdynauthservercounterdisonituityの値によって示されるように、DASモジュール(RE)が開始されると不連続性が発生する場合があります。」 

       REFERENCE
             "RFC 3576, Section 2.2, Change-of-Authorization
              Messages (CoA)."
       ::= { radiusDynAuthClientEntry 15 }
        
radiusDynAuthServCoAAuthOnlyRequests OBJECT-TYPE
       SYNTAX     Counter32
       UNITS      "requests"
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
             "The number of RADIUS CoA-requests that include a
              Service-Type attribute with value 'Authorize Only'
              received from this Dynamic Authorization Client.  This
              counter may experience a discontinuity when the DAS
              module (re)starts, as indicated by the value of
              radiusDynAuthServerCounterDiscontinuity."
       REFERENCE
             "RFC 3576, Section 2.2, Change-of-Authorization
              Messages (CoA)."
       ::= { radiusDynAuthClientEntry 16 }
        
radiusDynAuthServDupCoARequests OBJECT-TYPE
       SYNTAX     Counter32
       UNITS      "requests"
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
             "The number of duplicate RADIUS CoA-Request packets
              received from this Dynamic Authorization Client.  This
              counter may experience a discontinuity when the DAS
              module (re)starts, as indicated by the value of
              radiusDynAuthServerCounterDiscontinuity."
       REFERENCE
             "RFC 3576, Section 2.2, Change-of-Authorization
              Messages (CoA)."
       ::= { radiusDynAuthClientEntry 17 }
        
radiusDynAuthServCoAAcks  OBJECT-TYPE
       SYNTAX     Counter32
       UNITS      "replies"
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
             "The number of RADIUS CoA-ACK packets sent to this
              Dynamic Authorization Client.  This counter may
              experience a discontinuity when the DAS module
              (re)starts, as indicated by the value of
              radiusDynAuthServerCounterDiscontinuity."
       REFERENCE
             "RFC 3576, Section 2.2, Change-of-Authorization
              Messages (CoA)."
       ::= { radiusDynAuthClientEntry 18 }
        
radiusDynAuthServCoANaks OBJECT-TYPE
       SYNTAX     Counter32
       UNITS      "replies"
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
             "The number of RADIUS CoA-NAK packets sent to
              this Dynamic Authorization Client.  This includes
              the RADIUS CoA-NAK packets sent with a Service-Type
              attribute with value 'Authorize Only' and the RADIUS
              CoA-NAK packets sent because no session context was
              found.  This counter may experience a discontinuity
              when the DAS module (re)starts, as indicated by the
              value of radiusDynAuthServerCounterDiscontinuity."
       REFERENCE
             "RFC 3576, Section 2.2, Change-of-Authorization
              Messages (CoA)."
       ::= { radiusDynAuthClientEntry 19 }
        
radiusDynAuthServCoANakAuthOnlyRequests OBJECT-TYPE
       SYNTAX     Counter32
       UNITS      "replies"
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
             "The number of RADIUS CoA-NAK packets that include a
              Service-Type attribute with value 'Authorize Only'
              sent to this Dynamic Authorization Client.  This counter
              may experience a discontinuity when the DAS module
              (re)starts, as indicated by the value of
              radiusDynAuthServerCounterDiscontinuity."
       REFERENCE
             "RFC 3576, Section 2.2, Change-of-Authorization
              Messages (CoA)."
       ::= { radiusDynAuthClientEntry 20 }
        
radiusDynAuthServCoANakSessNoContext OBJECT-TYPE
       SYNTAX     Counter32
       UNITS      "replies"
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
             "The number of RADIUS CoA-NAK packets sent to this
              Dynamic Authorization Client because no session context
              was found.  This counter may experience a discontinuity
              when the DAS module (re)starts, as indicated by the
              value of radiusDynAuthServerCounterDiscontinuity."
       REFERENCE
             "RFC 3576, Section 2.2, Change-of-Authorization
              Messages (CoA)."
       ::= { radiusDynAuthClientEntry 21 }
        
radiusDynAuthServCoAUserSessChanged OBJECT-TYPE
       SYNTAX     Counter32
       UNITS      "sessions"
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
             "The number of user sessions authorization
              changed for the CoA-Requests received from this
              Dynamic Authorization Client.  Depending on site-
              specific policies, a single CoA request can change
              multiple user sessions' authorization.  In cases where
              this Dynamic Authorization Server has no knowledge of
              the number of user sessions that are affected by a
              single request, each such CoA-Request will
              count as a single affected user session only.  This
              counter may experience a discontinuity when the DAS
              module (re)starts, as indicated by the value of
              radiusDynAuthServerCounterDiscontinuity."
       REFERENCE
             "RFC 3576, Section 2.2, Change-of-Authorization
              Messages (CoA)."
       ::= { radiusDynAuthClientEntry 22 }

radiusDynAuthServMalformedCoARequests OBJECT-TYPE SYNTAX Counter32 UNITS "requests" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of malformed RADIUS CoA-Request packets received from this Dynamic Authorization Client. Bad authenticators and unknown types are not included as malformed CoA-Requests. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity." REFERENCE

radiusdynauthservmalformedcoarequestsオブジェクトタイプの構文Counter32ユニット "Max-Access読み取り専用ステータス現在の説明"この動的な認証クライアントから受け取った奇形の半径CoA-Requestパケットの数。悪い認証器と未知のタイプは、不正なCoa-Requestsに含まれていません。このカウンターは、radiusnauthservercountiondiscontinuityの値によって示されるように、DASモジュールが開始されると、不連続性が発生する場合があります。」参照 

             "RFC 3576, Section 2.2, Change-of-Authorization
              Messages (CoA), and Section 2.3, Packet Format."
       ::= { radiusDynAuthClientEntry  23 }
        
radiusDynAuthServCoABadAuthenticators OBJECT-TYPE
       SYNTAX     Counter32
       UNITS      "requests"
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
             "The number of RADIUS CoA-Request packets that
              contained an invalid Authenticator field received
              from this Dynamic Authorization Client.  This counter
              may experience a discontinuity when the DAS module
              (re)starts, as indicated by the value of
                radiusDynAuthServerCounterDiscontinuity."
       REFERENCE
             "RFC 3576, Section 2.2, Change-of-Authorization
              Messages (CoA), and Section 2.3, Packet Format."
       ::= { radiusDynAuthClientEntry 24 }
        
radiusDynAuthServCoAPacketsDropped OBJECT-TYPE
       SYNTAX     Counter32
       UNITS      "requests"
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
             "The number of incoming CoA packets from this
              Dynamic Authorization Client silently discarded
              by the server application for some reason other than
              malformed, bad authenticators, or unknown types.  This
              counter may experience a discontinuity when the DAS
              module (re)starts, as indicated by the value of
              radiusDynAuthServerCounterDiscontinuity."
       REFERENCE
             "RFC 3576, Section 2.2, Change-of-Authorization
              Messages (CoA), and Section 2.3, Packet Format."
       ::= { radiusDynAuthClientEntry 25 }
        
radiusDynAuthServUnknownTypes OBJECT-TYPE
       SYNTAX     Counter32
       UNITS      "requests"
       MAX-ACCESS read-only
       STATUS     current
       DESCRIPTION
             "The number of incoming packets of unknown types that
              were received on the Dynamic Authorization port.  This
              counter may experience a discontinuity when the DAS
              module (re)starts, as indicated by the value of
              radiusDynAuthServerCounterDiscontinuity."
       REFERENCE
             "RFC 3576, Section 2.3, Packet Format."
       ::= { radiusDynAuthClientEntry 26 }
        
radiusDynAuthServerCounterDiscontinuity OBJECT-TYPE
       SYNTAX TimeTicks
       UNITS  "hundredths of a second"
       MAX-ACCESS read-only
       STATUS current
       DESCRIPTION
             "The time (in hundredths of a second) since the
              last counter discontinuity.  A discontinuity may
              be the result of a reinitialization of the DAS
              module within the managed entity."
       ::= { radiusDynAuthClientEntry 27 }

-- conformance information

- 適合情報 

radiusDynAuthServerMIBConformance
       OBJECT IDENTIFIER ::= { radiusDynAuthServerMIB 2 }
radiusDynAuthServerMIBCompliances
       OBJECT IDENTIFIER ::= { radiusDynAuthServerMIBConformance 1 }
radiusDynAuthServerMIBGroups
       OBJECT IDENTIFIER ::= { radiusDynAuthServerMIBConformance 2 }

-- compliance statements

- コンプライアンスステートメント

radiusAuthServerMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for entities implementing the RADIUS Dynamic Authorization Server. Implementation of this module is for entities that support IPv4 and/or IPv6." MODULE -- this module MANDATORY-GROUPS { radiusDynAuthServerMIBGroup } 

       OBJECT             radiusDynAuthClientAddressType
       SYNTAX             InetAddressType { ipv4(1), ipv6(2) }
       DESCRIPTION
           "An implementation is only required to support IPv4 and
            globally unique IPv6 addresses."
        
       OBJECT             radiusDynAuthClientAddress
       SYNTAX             InetAddress (SIZE(4|16))
              DESCRIPTION
           "An implementation is only required to support IPv4 and
            globally unique IPv6 addresses."

GROUP radiusDynAuthServerAuthOnlyGroup DESCRIPTION "Only required for Dynamic Authorization Clients that are supporting Service-Type attributes with value 'Authorize-Only'."

グループRadiusdynauthserverauthnlygroupの説明「Value「Authorizeのみ」を持つサービスタイプの属性をサポートしている動的認証クライアントにのみ必要です。」

GROUP radiusDynAuthServerNoSessGroup DESCRIPTION "This group is not required if the Dynamic Authorization Server cannot easily determine whether a session exists (e.g., in case of a RADIUS proxy)."

グループRADIUSIUSNAUTHSERVERNOSESSGROUPの説明「動的認証サーバーがセッションが存在するかどうかを簡単に判断できない場合(たとえば、RADIUSプロキシの場合)、このグループは必要ありません。」 

       ::= { radiusDynAuthServerMIBCompliances 1 }

-- units of conformance

- 適合ユニット 

radiusDynAuthServerMIBGroup OBJECT-GROUP
       OBJECTS { radiusDynAuthServerDisconInvalidClientAddresses,
                 radiusDynAuthServerCoAInvalidClientAddresses,
                 radiusDynAuthServerIdentifier,
                 radiusDynAuthClientAddressType,
                 radiusDynAuthClientAddress,
                 radiusDynAuthServDisconRequests,
                 radiusDynAuthServDupDisconRequests,
                 radiusDynAuthServDisconAcks,
                 radiusDynAuthServDisconNaks,
                 radiusDynAuthServDisconUserSessRemoved,
                 radiusDynAuthServMalformedDisconRequests,
                 radiusDynAuthServDisconBadAuthenticators,
                 radiusDynAuthServDisconPacketsDropped,
                 radiusDynAuthServCoARequests,
                 radiusDynAuthServDupCoARequests,
                 radiusDynAuthServCoAAcks,
                 radiusDynAuthServCoANaks,
                 radiusDynAuthServCoAUserSessChanged,
                 radiusDynAuthServMalformedCoARequests,
                 radiusDynAuthServCoABadAuthenticators,
                 radiusDynAuthServCoAPacketsDropped,
                 radiusDynAuthServUnknownTypes,
                 radiusDynAuthServerCounterDiscontinuity
               }
       STATUS  current
       DESCRIPTION
             "The collection of objects providing management of
              a RADIUS Dynamic Authorization Server."
       ::= { radiusDynAuthServerMIBGroups 1 }
        
radiusDynAuthServerAuthOnlyGroup OBJECT-GROUP
       OBJECTS { radiusDynAuthServDisconAuthOnlyRequests,
                 radiusDynAuthServDisconNakAuthOnlyRequests,
                 radiusDynAuthServCoAAuthOnlyRequests,
                 radiusDynAuthServCoANakAuthOnlyRequests
               }
       STATUS  current
       DESCRIPTION
             "The collection of objects supporting the RADIUS
              messages including Service-Type attribute with
              value 'Authorize Only'."
       ::= { radiusDynAuthServerMIBGroups 2 }
        
radiusDynAuthServerNoSessGroup OBJECT-GROUP
       OBJECTS { radiusDynAuthServDisconNakSessNoContext,
                 radiusDynAuthServCoANakSessNoContext
               }
       STATUS  current
       DESCRIPTION
             "The collection of objects supporting the RADIUS
              messages that are referring to non-existing sessions."
       ::= { radiusDynAuthServerMIBGroups 3 }

END5. Security Considerations

終了5。セキュリティ上の考慮事項

There are no management objects defined in this MIB module that have a MAX-ACCESS clause of read-write and/or read-create. So, if this MIB module is implemented correctly, then there is no risk that an intruder can alter or create any management objects of this MIB module via direct SNMP SET operations.

このMIBモジュールには、読み取りワイトおよび/またはread-Createの最大アクセス句を持つ管理オブジェクトはありません。したがって、このMIBモジュールが正しく実装されている場合、侵入者が直接SNMPセット操作を介してこのMIBモジュールの管理オブジェクトを変更または作成できるリスクはありません。

Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. These are the tables and objects and their sensitivity/vulnerability:

このMIBモジュールの読み取り可能なオブジェクトのいくつか(つまり、アクセスできないこと以外に最大アクセスを備えたオブジェクト)は、一部のネットワーク環境で敏感または脆弱と見なされる場合があります。したがって、これらのオブジェクトへのアクセスを取得および/または通知することさえ制御し、SNMPを介してネットワーク上に送信するときにこれらのオブジェクトの値を暗号化することも重要です。これらはテーブルとオブジェクトであり、その感度/脆弱性です。

radiusDynAuthClientAddress and radiusDynAuthClientAddressType

radiusdynauthclientAddressおよびradiusnynauthclientddresstype

These can be used to determine the address of the DAC with which the DAS is communicating. This information could be useful in mounting an attack on the DAC.

これらは、DASが通信しているDACのアドレスを決定するために使用できます。この情報は、DACへの攻撃の取り付けに役立つ可能性があります。

radiusDynAuthServerIdentifier

radiusdynauthserveridentifier

This can be used to determine the Identifier of the DAS. This information could be useful in impersonating the DAS.

これは、DASの識別子を決定するために使用できます。この情報は、DASになりすましに役立つ可能性があります。

SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPsec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module.

SNMPV3以前のSNMPバージョンには、適切なセキュリティは含まれていませんでした。ネットワーク自体が(たとえばIPSECを使用して)安全である場合でも、それでもセキュアネットワークで誰がアクセスして取得/セット(読み取り/変更/作成/削除/削除)を制御することはできません。MIBモジュール。

It is RECOMMENDED that implementers consider the security features as provided by the SNMPv3 framework (see [RFC3410], section 8), including full support for the SNMPv3 cryptographic mechanisms (for authentication and privacy).

実装者は、SNMPV3暗号化メカニズム(認証とプライバシー用)の完全なサポートを含む、SNMPV3フレームワーク([RFC3410]、セクション8を参照)で提供されるセキュリティ機能を考慮することをお勧めします。

Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them.

さらに、SNMPV3より前のSNMPバージョンの展開は推奨されません。代わりに、SNMPV3を展開し、暗号化セキュリティを有効にすることをお勧めします。その場合、このMIBモジュールのインスタンスへのアクセスを提供するSNMPエンティティが、実際に取得または設定する正当な権利を持つプリンシパル(ユーザー)にのみオブジェクトにアクセスできるように適切に構成されていることを保証するのは、顧客/オペレーターの責任です(変更を変更します(変更)/作成/削除)それら。

6. IANA Considerations
6. IANAの考慮事項

The IANA has assigned OID number 146 under mib-2.

IANAは、MIB-2の下でOID番号146を割り当てました。

7. Acknowledgements
7. 謝辞

The authors would like to acknowledge the following people for their comments on this document: Bernard Aboba, Alan DeKok, David Nelson, Anjaneyulu Pata, Dan Romascanu, Juergen Schoenwaelder, Greg Weber, Bert Wijnen, and Glen Zorn.

著者は、この文書に関するコメントについて、以下の人々を認めたいと考えています:バーナード・アボバ、アラン・デコク、デビッド・ネルソン、アンジャニュール・パタ、ダン・ロマスカヌ、ジュエルゲン・シェーンワールダー、グレッグ・ウェーバー、バート・ウィーネン、グレン・ゾーン。

8. References
8. 参考文献
8.1. Normative References
8.1. 引用文献

[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.

[RFC2119] Bradner、S。、「要件レベルを示すためにRFCで使用するためのキーワード」、BCP 14、RFC 2119、1997年3月。

[RFC2578] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.

[RFC2578] McCloghrie、K.、Perkins、D。、およびJ. Schoenwaelder、「管理情報の構造バージョン2(SMIV2)」、STD 58、RFC 2578、1999年4月。

[RFC2579] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999.

[RFC2579] McCloghrie、K.、Perkins、D。、およびJ. Schoenwaelder、「SMIV2のテキストコンベンション」、STD 58、RFC 2579、1999年4月。

[RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999.

[RFC2580] McCloghrie、K.、Perkins、D。、およびJ. Schoenwaelder、「SMIV2の適合ステートメント」、STD 58、RFC 2580、1999年4月。

[RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks", STD 62, RFC 3411, December 2002.

[RFC3411] Harrington、D.、Presuhn、R。、およびB. Wijnen、「単純なネットワーク管理プロトコル(SNMP)管理フレームワークを説明するためのアーキテクチャ」、STD 62、RFC 3411、2002年12月。

[RFC3576] Chiba, M., Dommety, G., Eklund, M., Mitton, D., and B. Aboba, "Dynamic Authorization Extensions to Remote Authentication Dial In User Service (RADIUS)", RFC 3576, July 2003.

[RFC3576] Chiba、M.、Dommety、G.、Eklund、M.、Mitton、D.、およびB. Aboba、「リモート認証のダイヤルインユーザーサービス(RADIUS)への動的認証拡張」、RFC 3576、2003年7月。

[RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. Schoenwaelder, "Textual Conventions for Internet Network Addresses", RFC 4001, February 2005.

[RFC4001] Daniele、M.、Haberman、B.、Routhier、S。、およびJ. Schoenwaelder、「インターネットネットワークアドレスのテキストコンベンション」、RFC 4001、2005年2月。

8.2. Informative References
8.2. 参考引用

[RFC2865] Rigney, C., Willens, S., Rubens, A., and W. Simpson, "Remote Authentication Dial In User Service (RADIUS)", RFC 2865, June 2000.

[RFC2865] Rigney、C.、Willens、S.、Rubens、A。、およびW. Simpson、「リモート認証ダイヤルインユーザーサービス(RADIUS)」、RFC 2865、2000年6月。

[RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet-Standard Management Framework", RFC 3410, December 2002.

[RFC3410] Case、J.、Mundy、R.、Partain、D。、およびB. Stewart、「インターネット標準管理フレームワークの紹介と適用声明」、RFC 3410、2002年12月。

[RFC4668] Nelson, D., "RADIUS Authentication Client MIB for IPv6", RFC 4668, August 2006.

[RFC4668]ネルソン、D。、「RADIUS認証クライアントMIB for IPv6」、RFC 4668、2006年8月。

[RFC4669] Nelson, D., "RADIUS Authentication Server MIB for IPv6", RFC 4669, August 2006.

[RFC4669]ネルソン、D。、「IPv6のRADIUS認証サーバーMIB」、RFC 4669、2006年8月。

[RFC4670] Nelson, D., "RADIUS Accounting Client MIB for IPv6", RFC 4670, August 2006.

[RFC4670]ネルソン、D。、「IPv6のRADIUSアカウンティングクライアントMIB」、RFC 4670、2006年8月。

[RFC4671] Nelson, D., "RADIUS Accounting Server MIB for IPv6", RFC 4671, August 2006.

[RFC4671]ネルソン、D。、「IPv6のRadiusアカウンティングサーバーMIB」、RFC 4671、2006年8月。

[RFC4672] De Cnodder, S., Jonnala, N., and M. Chiba, "RADIUS Dynamic Authorization Client MIB", RFC 4672, September 2006.

[RFC4672] de Cnodder、S.、Jonnala、N。、およびM. Chiba、「Radius Dynamic Authorization Client MIB」、RFC 4672、2006年9月。

Authors' Addresses

著者のアドレス

Stefaan De Cnodder Alcatel Francis Wellesplein 1 B-2018 Antwerp Belgium

ステファン・デ・コノッダー・アルカテル・フランシス・ウェルズプレイン1 B-2018アントワープ・ベルギー 

   Phone: +32 3 240 85 15
   EMail: stefaan.de_cnodder@alcatel.be

Nagi Reddy Jonnala Cisco Systems, Inc. Divyasree Chambers, B Wing, O'Shaugnessy Road Bangalore-560027, India

Nagi Reddy Jonnala Cisco Systems、Inc。Divyasree Chambers、B Wing、O'Shaugnessy Road Bangalore-560027、インド 

   Phone: +91 94487 60828
   EMail: njonnala@cisco.com

Murtaza Chiba Cisco Systems, Inc. 170 West Tasman Dr. San Jose CA, 95134

Murtaza Chiba Cisco Systems、Inc。170 West Tasman Dr. San Jose CA、95134 

   Phone: +1 408 525 7198
   EMail: mchiba@cisco.com

Full Copyright Statement

完全な著作権声明

Copyright (C) The Internet Society (2006).

Copyright(c)The Internet Society(2006)。

This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.

この文書は、BCP 78に含まれる権利、ライセンス、および制限の対象となり、そこに記載されている場合を除き、著者はすべての権利を保持しています。

This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

このドキュメントとここに含まれる情報は、「現状のまま」に基づいて提供されています。また、貢献者、彼/彼女が代表する組織(もしあれば)が後援する組織、インターネット協会とインターネット工学タスクフォースは、すべての保証、明示的または明示的、またはすべての保証を否認します。本書の情報の使用が、商品性または特定の目的に対する適合性の権利または黙示的な保証を侵害しないという保証を含むがこれらに限定されないことを含む。

Intellectual Property

知的財産

The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.

IETFは、知的財産権またはその他の権利の有効性または範囲に関して、この文書に記載されている技術の実装または使用、またはそのような権利に基づくライセンスがどの程度であるかについての使用に関連すると主張する可能性があるという立場はありません。利用可能になります。また、そのような権利を特定するために独立した努力をしたことも表明していません。RFCドキュメントの権利に関する手順に関する情報は、BCP 78およびBCP 79に記載されています。

Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.

IETF事務局に行われたIPR開示のコピーと、利用可能にするライセンスの保証、またはこの仕様の実装者またはユーザーによるそのような独自の権利の使用のための一般的なライセンスまたは許可を取得しようとする試みの結果を取得できます。http://www.ietf.org/iprのIETFオンラインIPRリポジトリから。

The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.

IETFは、関心のある当事者に、著作権、特許、または特許出願、またはこの基準を実装するために必要な技術をカバーする可能性のあるその他の独自の権利を注意深く招待するよう招待しています。ietf-ipr@ietf.orgのIETFへの情報をお問い合わせください。

Acknowledgement

謝辞

Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA).

RFCエディター機能の資金は、IETF管理サポートアクティビティ(IASA)によって提供されます。