Support of Fragmentation of RADIUS Packets, April 2015
- File formats:
- A. Perez-Mendez, Ed.
- radext (sec)
Discuss this RFC: Send questions or comments to the mailing list firstname.lastname@example.org
The Remote Authentication Dial-In User Service (RADIUS) protocol is limited to a total packet size of 4096 bytes. Provisions exist for fragmenting large amounts of authentication data across multiple packets, via Access-Challenge packets. No similar provisions exist for fragmenting large amounts of authorization data. This document specifies how existing RADIUS mechanisms can be leveraged to provide that functionality. These mechanisms are largely compatible with existing implementations, and they are designed to be invisible to proxies and "fail-safe" to legacy RADIUS Clients and Servers.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.