RFC Errata
Found 1 record.
Status: Verified (1)
RFC 8045, "RADIUS Extensions for IP Port Configuration and Reporting", January 2017
Source of RFC: radext (sec)
Errata ID: 5009
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Andrew Feren
Date Reported: 2017-05-02
Verifier Name: Benoit Claise
Date Verified: 2017-07-27
Section 7.1 says:
o sourceTransportPortsLimit:
* Name: sourceTransportPortsLimit
* Element ID: 458
* Description: This Information Element contains the maximum
number of IP source transport ports that can be used by an end
user when sending IP packets; each user is associated with one
or more (source) IPv4 or IPv6 addresses. This Information
Element is particularly useful in address-sharing deployments
that adhere to REQ-4 of [RFC6888]. Limiting the number of
ports assigned to each user ensures fairness among users and
mitigates the denial-of-service attack that a user could launch
against other users through the address-sharing device in order
to grab more ports.
* Data type: unsigned16
* Data type semantics: totalCounter
It should say:
o sourceTransportPortsLimit:
* Name: sourceTransportPortsLimit
* Element ID: 458
* Description: This Information Element contains the maximum
number of IP source transport ports that can be used by an end
user when sending IP packets; each user is associated with one
or more (source) IPv4 or IPv6 addresses. This Information
Element is particularly useful in address-sharing deployments
that adhere to REQ-4 of [RFC6888]. Limiting the number of
ports assigned to each user ensures fairness among users and
mitigates the denial-of-service attack that a user could launch
against other users through the address-sharing device in order
to grab more ports.
* Data type: unsigned16
* Data type semantics: quantity
Notes:
Only change is
* Data type semantics: totalCounter
to
* Data type semantics: quantity
The description is pretty clear that this IE is a maximum value and not a counter.