Table 18: Ip And Ipv6 Filters (Limits) - Alcatel-Lucent 7750 Reference Manual
Service router radius attributes
Hide thumbs
Also See for 7750:
- Configuration manual (788 pages) ,
- Quality of service manual (912 pages) ,
- Basic system configuration manual (576 pages)
Table of Contents
Advertisement
Table 18: IP and IPv6 Filters (limits)
Attribute ID
Attribute Name
92
NAS-Filter-Rule
242
Ascend-Data-Filter
7750 SR RADIUS Attributes Reference Guide
Type
Limits
string
max. 10 attributes per
message or max. 10 filter
entries per message
Octets
multiple attributes per
RADIUS message allowed.
min. length 22 bytes (IPv4),
46 bytes (IPv6)
max. length: 110 bytes
(IPv4), 140 bytes (IPv6)
RADIUS Attributes Reference
SR OS Format
The format of a NAS-Filter-Rule is
defined in RFC 3588, Diameter Base
Protocol, section-4.3, Derived AVP
Data Formats. A single filter rule is a
string of format <action> <direction>
<protocol> from <source> to
<destination> <options> Multiple
rules should be separated by a NUL
(0x00). A NAS-Filter-Rule attribute
may contain a partial rule, one rule, or
more than one rule. Filter rules may
be continued across attribute
boundaries.
A RADIUS message with NAS-Filter-
Rule attribute value equal to 0x00 or "
" (a space) removes all host specific
filter entries for that host.
See also
IP Filter Attribute Details on
page
90.
For example: Nas-Filter-Rule =
permit in ip from any to 10.1.1.1/32
A string of octets with fixed field
lengths (type (ipv4/ipv6), direction
(ingress/egress), src-ip, dst-ip, etc.
Each attribute represents a single filter
entry. See
IP Filter Attribute Details
on page 90
for a description of the
format.
For example:# permit in ip from any
to 10.1.1.1/32
Ascend-Data-Filter =
0x01010100000000000a0101010020
0000000000000000
Page 87
Advertisement
Table of Contents
