Class (25)

25

Class

String

RFC 2865

All

1-253

If the RADIUS server sends a RADIUS Access-Accept packet carrying the Class attribute to the NAS, subsequent RADIUS Accounting-Request packets sent from the NAS to the RADIUS server must carry the Class attribute with the same value. A RADIUS Access-Accept packet can carry zero to eight class attributes.

Note:

The Class attribute is used in two application scenarios. In addition to the standard scenario described by RFC 2865, the Class attribute can be delivered with QoS parameters contained. The details are as follows:

1. If the radius-server class-as-car command is run in the RADIUS server group view, the Class attribute is parsed as CAR parameters:

For a standard RADIUS server, the Class attribute can carry CAR parameters after the radius-server class-as-car command is run. If the Class attribute carries CAR parameters, the length of the Class attribute is at least 32 bits, and the string can consist of only digits ranging from 0 to 9. The first 32 bits are divided into four octets (from left to right), which are used to indicate the upstream PIR, upstream CIR, downstream PIR, and downstream CIR, expressed in bit/s. For other types of RADIUS servers, the Class attribute cannot carry CAR parameters.

Irrespective of whether the Class attribute is used to carry CAR parameters, the Class attribute is eventually transmitted back to the RADIUS server. When the Class attribute carries CAR parameters, the NAS detects whether the first 32 bytes are characters, and discards the subsequent bytes. Only one Class attribute takes effect. If multiple Class attributes are contained in a packet, the CAR parameters of the last valid Class attribute are used.

2. The Class attribute can also be used to send descriptions for user access VLANs or PVCs. If the link-account resolve command is run on a BAS interface, the command takes effect only for common Layer 2 users who are not authenticated but charged by a RADIUS server.

3. PADM packets sent by PPPoE users carry the Class attribute delivered by the RADIUS server. The maximum length of the Class attribute is 63 bytes. If the length exceeds 63 bytes, the excess part is truncated.

The rules for delivering the Class attribute in a CoA message are as follows:

1. If the radius-server class-as-car [enable-pir] command is not run in the view of the RADIUS server group to which the authorization server belongs, the Class attribute can be modified using a CoA message. The Class attribute delivered in a CoA message replaces the existing Class information of a user.
2. If the radius-server class-as-car [enable-pir] command is run in the view of the RADIUS server group to which the authorization server belongs, the Class attribute delivered in a CoA message fails to take effect.
3. After the value-added-service edsg modify-synchronous class command is run, the Class attribute can be delivered together with EDSG service attributes in a CoA message. If this command is not run, the Class attribute is ignored if it is delivered in a CoA message used to activate or deactivate the EDSG service.
4. The Class attribute can be delivered in a CoA message used to deactivate the EDSG service. Accounting Stop packets of the deactivated service carry the old Class attribute.
5. The Class attribute can be delivered in a CoA message used to activate the EDSG service. Accounting Start packets of the activated service carry the new Class attribute.
6. The Class attribute can be delivered in a CoA message used to replace the EDSG service. Accounting Stop packets of the replaced service carry the old Class attribute. Accounting Start packets of the new service carry the new Class attribute.
7. If the radius-server coa-request hw-policy-name daa coexist-with-user command is configured, the Class attribute can be delivered in a CoA message used to activate the DAA service. If this command is not configured, the Class attribute delivered in a CoA message used to activate the DAA service is ignored.
8. The Class attribute cannot be delivered in a CoA message used to activate the BOD service. If the Class attribute is delivered in a CoA message used to activate the BOD service, the Class attribute in the CoA message is ignored.
9. After the Class attribute is changed using a CoA message, all accounting packets carry the newly delivered Class attribute, including accounting packets of the user, accounting packets of EDSG services, and accounting packets of DAA services.