RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 8045, "RADIUS Extensions for IP Port Configuration and Reporting", January 2017

Source of RFC: radext (sec)
See Also: RFC 8045 w/ inline errata

Errata ID: 5009
Status: Verified
Type: Technical
Publication Format(s) : TEXT

Reported By: Andrew Feren
Date Reported: 2017-05-02
Verifier Name: Benoit Claise
Date Verified: 2017-07-27

Section 7.1 says:

   o  sourceTransportPortsLimit:

      *  Name: sourceTransportPortsLimit

      *  Element ID: 458

      *  Description: This Information Element contains the maximum
         number of IP source transport ports that can be used by an end
         user when sending IP packets; each user is associated with one
         or more (source) IPv4 or IPv6 addresses.  This Information
         Element is particularly useful in address-sharing deployments
         that adhere to REQ-4 of [RFC6888].  Limiting the number of
         ports assigned to each user ensures fairness among users and
         mitigates the denial-of-service attack that a user could launch
         against other users through the address-sharing device in order
         to grab more ports.

      *  Data type: unsigned16

      *  Data type semantics: totalCounter

It should say:

   o  sourceTransportPortsLimit:

      *  Name: sourceTransportPortsLimit

      *  Element ID: 458

      *  Description: This Information Element contains the maximum
         number of IP source transport ports that can be used by an end
         user when sending IP packets; each user is associated with one
         or more (source) IPv4 or IPv6 addresses.  This Information
         Element is particularly useful in address-sharing deployments
         that adhere to REQ-4 of [RFC6888].  Limiting the number of
         ports assigned to each user ensures fairness among users and
         mitigates the denial-of-service attack that a user could launch
         against other users through the address-sharing device in order
         to grab more ports.

      *  Data type: unsigned16

      *  Data type semantics: quantity

Notes:

Only change is

* Data type semantics: totalCounter
to
* Data type semantics: quantity

The description is pretty clear that this IE is a maximum value and not a counter.

Report New Errata



Advanced Search