 |
Note: If only the User-Name attribute is included in the CoA-Request, the router uses the first match for the username. |
The AAA Service Framework uses CoA messages to dynamically modify active subscriber sessions. For example, RADIUS attributes in CoA messages might instruct the framework to create, modify, or terminate a subscriber service.
Dynamic request support enables the router to receive and process unsolicited CoA messages from external RADIUS servers. RADIUS-initiated CoA messages use the following codes in request and response messages:
To complete the change of authorization for a user, the CoA-Request must contain the two RADIUS attributes shown in the following list to uniquely identify subscribers. The request must also include the appropriate VSA shown in the following list to perform the required operation. The AAA Service Framework handles the actual request.
|
Note: If only the User-Name attribute is included in the CoA-Request, the router uses the first match for the username. |
The RADIUS server and the AAA Service Framework on the router exchange messages using UDP. The CoA-Request message sent by the RADIUS server has the same format as the Disconnect-Request packet that is sent for a disconnect operation.
The response is either a CoA-ACK or a CoA-NAK message:
|
Note: The AAA Service Framework processes one dynamic request at a time per subscriber. If the framework receives a second dynamic request (either another CoA or a Disconnect-Request) while processing a previous requrest for the same subscriber, the framework responds with a CoA-NAK message. |