*** xref:sbuff.adoc[String buffers] (`sbuff` s)
*** xref:sbuff-parsing.adoc[Parsing with string buffers]
*** xref:sbuff-ng.adoc[Sbuff issues]
+** xref:rfc_attributedefs.adoc[RFCs and Attributes]
+*** xref:rfc_compliance.adoc[RFC Compliance]
+*** xref:rfc_attributelist.adoc[Attribute Definitions]
** xref:guidelines.adoc[Documentation Guidelines]
// Copyright (C) 2025 Network RADIUS SAS. Licenced under CC-by-NC 4.0.
--- /dev/null
+= RFCs and Attributes
+
+The RFCs have several issues and ambiguities. The proposed standard, https://datatracker.ietf.org/doc/html/rfc5080[RFC 5080] *Common Remote Authentication Dial In User Service (RADIUS) Implementation Issues and Suggested Fixes*, resolves some of these discrepencies. When creating new RADIUS standards, follow the guidelines in the https://datatracker.ietf.org/doc/html/rfc6158[RFC 6158] *RADIUS Design Guidelines* document. To review a list of all the standard RADIUS attributes, navigate to the xref:rfc_attributelist.adoc[Attribute Definitions] section below.
+
+However, these documents do not cover all the known issues with RADIUS. The RFCs are unclear in some areas, and some things are not explicitly allowed or forbidden. Developers should not assume something is allowed just because it is not prohibited. After 20 years of RADIUS deployments, new behaviours could conflict with current practices. We recommend that you follow the RFC specifications closely for the best results.
+
+The https://www.freeradius.org/rfc/issues.html[open issues] page lists the problems we know about and our suggested solutions.
+
+.RFCs
+
+include::partial$rfc_radius.adoc[]
+
+
+.Related Documents (old RFCs, information, etc)
+
+include::partial$rfc_related.adoc[]
+
+== More Information
+
+https://www.inkbridgenetworks.com/blog/blog-10/the-freeradius-auth-type-attribute-103[The FreeRADIUS Auth-Type attribute]
+
+https://www.inkbridgenetworks.com/blog/blog-10/radius-standards-compliance-from-rfc-to-wifi-alliance-135[RADIUS standards compliance: from RFC to WiFI Alliance]
+
+
--- /dev/null
+= Attribute Definitions
+
+In FreeRADIUS v4, following the RFC definitions is critical. The modular codespace allows RADIUS to function as a plug-in protocol, like DHCP or DNS. Standardization enables devices from different manufacturers to communicate using shared protocols and frameworks. RFC-compliant systems show clear behaviours to prevent security issues in authentication or authorisation.
+
+If non-standard attribute numbers or types are used, a NAS might ignore some authorisation instructions. FreeRADIUS v4 depends on the strict data types defined in https://datatracker.ietf.org/doc/html/rfc8044[RFC 8044] ensure that attributes are parsed the correct data type and interpreted accurately. This prevents "garbled" data or session crashes when dealing with complex attributes. Standard Logic: Many core modules depend on certain RFC attributes and formats. For example, State (RFC 5080) helps link many requests into one session. Re-defining these flows can lead to failed authentications or replay attacks.
+
+RADIUS has a finite range (0–255) available for standard attributes. Defining a custom attribute with a number already used by an RFC can cause a collision. The server might apply the wrong policy to a packet. This can lead to unauthorised access or accounting errors. FreeRADIUS v4 supports Extended Attributes (IDs > 255). Ignoring RFC formats can break the server's ability to manage longer or fragmented attributes.
+
+Use Internal Attributes (defined with the DEFINE keyword) for local logic. These attributes are never sent over the network, eliminating interoperability issues.
+
+== Attribute RFCs and Definitions
+
+The following tables list the relevant attributes used in RADIUS development. Each attribute includes a brief explanation and a direct link to its definition. All RADIUS attribute information is available this documentation.
+
+== A
+include::partial$a_attributelist.adoc[]
+== C
+include::partial$c_attributelist.adoc[]
+== D
+include::partial$d_attributelist.adoc[]
+== E
+include::partial$e_attributelist.adoc[]
+== F
+include::partial$f_attributelist.adoc[]
+== I
+include::partial$i_attributelist.adoc[]
+== K
+include::partial$k_attributelist.adoc[]
+== L
+include::partial$l_attributelist.adoc[]
+== M
+include::partial$m_attributelist.adoc[]
+== N
+include::partial$n_attributelist.adoc[]
+== P
+include::partial$p_attributelist.adoc[]
+== R
+include::partial$r_attributelist.adoc[]
+== S
+include::partial$s_attributelist.adoc[]
+== T
+include::partial$t_attributelist.adoc[]
+== U
+include::partial$u_attributelist.adoc[]
+== V
+include::partial$v_attributelist.adoc[]
+
+
+
+
+
= RFC Compliance
-== RADIUS Related
+RADIUS (Remote Authentication Dial-In User Service) RFC compliance is critical for ensuring that network access control systems are secure, interoperable, and scalable in 2026. Adhering to these IETF standards provides a common language for diverse networking hardware and software to communicate reliably.
+The importance of RADIUS RFC compliance centers on four key areas:
-* RFC 2865 Remote Authentication Dial In User Service (RADIUS) (obsoletes RFC 2138 and RFC 2058)
-* RFC 2866 RADIUS Accounting (obsoletes RFC 2139 and RFC 2059)
-* RFC 2867 RADIUS Accounting Modifications for Tunnel Protocol Support (Updates RFC 2866)
-* RFC 2868 RADIUS Attributes for Tunnel Protocol Support (Updates RFC 2865)
-* RFC 2869 RADIUS Extensions
-* RFC 2548 Microsoft Vendor-Specific RADIUS Attributes
+== Interoperability in Multi-Vendor Environments
-== Authentication Related
+* De Facto Standard: RADIUS is the industry standard for centralizing Authentication, Authorization, and Accounting (AAA). Compliance ensures that a RADIUS server can communicate with network access servers (NAS) like Wi-Fi access points, VPN gateways, and switches from different manufacturers (e.g., Cisco, Aruba, Fortinet).
-* RFC 1994 PPP Challenge Handshake Authentication Protocol (CHAP)
-* RFC 2284 PPP Extensible Authentication Protocol (EAP)
-* RFC 2716 PPP EAP TLS Authentication Protocol
-* RFC 2759 Microsoft PPP CHAP Extensions, Version 2
-* RFC 3748 Extensible Authentication Protocol (EAP)
+* Consistent Behavior: RFCs provide documented, predictable behavior, reducing unexpected issues when integrating new equipment into an existing infrastructure.
-== SNMP Related
+* Standardized Attributes: Standards like https://datatracker.ietf.org/doc/html/rfc2865[RFC 2865] and https://datatracker.ietf.org/doc/html/rfc2868[RFC 2868] define how user attributes (e.g., VLAN assignments, tunnel protocols) are formatted, ensuring they are correctly interpreted across the network.
-* RFC 1227 SNMP MUX Protocol and MIB
-* RFC 2619 RADIUS Authentication Server MIB
-* RFC 2621 RADIUS Accounting Server MIB
+== Security and Vulnerability Mitigation
-== DRAFT Compliance
+* Addressing Cryptographic Weaknesses: Legacy RADIUS (RFC 2865) relies on MD5 hashing, which is now considered insecure. Recent critical vulnerabilities like BlastRADIUS (identified in 2024) exploit these MD5 weaknesses to forge authentication responses.
-* EAP Tunneled TLS Authentication Protocol Version 1 (EAP-TTLSv1)(http://tools.ietf.org/wg/eap/draft-funk-eap-ttls-v1-01.txt)
-* RADIUS accounting for SIP servers (http://www.freeradius.org/rfc/draft-schulzrinne-sipping-radius-accounting-00.txt)
+* Protocol Evolution: Modern compliance often requires moving toward newer standards like RadSec (RADIUS over TLS, RFC 6614), which replaces unencrypted UDP transport with encrypted TLS. This protects sensitive data, such as usernames and location information, from eavesdropping and tampering.
-== Partial RFC Compliance
+* Mandatory Integrity Checks: Updated standards mandate features like the Message-Authenticator attribute to prevent packet forgery attacks that were previously optional.
-* RFC 4590 RADIUS Extension for Digest Authentication (Obsoletes draft-sterman-aaa-sip)
-** This RFC is going to be re-issued soon due to mistakes in the text. FreeRADIUS patch currently available at http://bugs.freeradius.org/show_bug.cgi?id=391
+== Scalability and Reliability
-== RADIUS RFCs Currently Unimplemented
+* Centralised Management: Compliance allows organizations to manage millions of users from a single point, making it suitable for large ISPs and global enterprises.
-* RFC 2882 Network Access Servers Requirements: Extended RADIUS Practices
-* RFC 3576 Dynamic Authorization Extensions to Remote Authentication Dial In User Service (RADIUS)
+* Backward Compatibility: RFC-compliant systems are designed to evolve while maintaining connections with older infrastructure, allowing for gradual network upgrades without total system overhauls.
-== RADIUS RFC and Drafts Archive
+The following is a comprehensive set of tables that list all the RADIUS and related RFCs that are required reading. Depending on the section or feature that you are delveloping, will determine which documents you need to review.
-RADIUS related RFC's and Drafts are archived at:
-* http://www.freeradius.org/rfc/
+.RADIUS Related
+[options=header,cols="20,~",autowidth]
+|====
-== See Also
+|RFC |Description
-* Vendor-Specific Attributes
+|https://datatracker.ietf.org/doc/html/rfc2865[RFC 2865] |Remote Authentication Dial In User Service (RADIUS) (Obsoletes https://datatracker.ietf.org/doc/html/rfc2138[RFC 2138] and https://datatracker.ietf.org/doc/html/rfc2058[RFC 2058]).
+
+|https://datatracker.ietf.org/doc/html/rfc2866[RFC 2866] |RADIUS Accounting
+(Obsoletes https://datatracker.ietf.org/doc/html/rfc2139[RFC 2139] and https://datatracker.ietf.org/doc/html/rfc2059[RFC 2059]).
+
+|https://datatracker.ietf.org/doc/html/rfc2867[RFC 2867] |RADIUS Accounting Modifications for Tunnel Protocol Support (Updates https://datatracker.ietf.org/doc/html/rfc2866[RFC 2866]).
+
+|https://datatracker.ietf.org/doc/html/rfc2868[RFC 2868] |RADIUS Attributes for Tunnel Protocol Support (Updates https://datatracker.ietf.org/doc/html/rfc2865[RFC 2865]).
+
+|https://datatracker.ietf.org/doc/html/rfc2869[RFC 2869] |RADIUS Extensions
+
+|https://datatracker.ietf.org/doc/html/rfc3576[RFC 3576] |Dynamic Authorization Extensions to Remote Authentication Dial In User Service (RADIUS)
+
+|https://datatracker.ietf.org/doc/html/rfc3580[RFC 3580] |IEEE 802.1X Remote Authentication Dial In User Service (RADIUS) Usage Guidelines
+
+|https://datatracker.ietf.org/doc/html/rfc4072[RFC 4072] |Diameter Extensible Authentication Protocol (EAP) Application
+
+|https://datatracker.ietf.org/doc/html/rfc4372[RFC 4372] |Chargeable User Identity
+
+|https://datatracker.ietf.org/doc/html/rfc4603[RFC 4603] |Additional Values for the NAS-Port-Type Attribute
+
+|https://datatracker.ietf.org/doc/html/rfc4675[RFC 4675] |RADIUS Attributes for Virtual LAN and Priority Support
+
+|https://datatracker.ietf.org/doc/html/rfc4849[RFC 4849] |RADIUS Filter Rule Attribute.
+
+|https://datatracker.ietf.org/doc/html/rfc5090[RFC 5090] |RADIUS Extension for Digest Authentication.
+
+|https://datatracker.ietf.org/doc/html/rfc5176[RFC 5176] |Dynamic Authorization Extensions to Remote Authentication Dial In User Service (RADIUS).
+
+|https://datatracker.ietf.org/doc/html/rfc5580[RFC 5580] |Carrying Location Objects in RADIUS and Diameter.
+
+|https://datatracker.ietf.org/doc/html/rfc5607[RFC 5607] |Remote Authentication Dial-In User Service (RADIUS) Authorization for Network Access Server (NAS) Management.
+
+|https://datatracker.ietf.org/doc/html/rfc6929[RFC 6929] |Remote Authentication Dial In User Service (RADIUS) Protocol Extensions
+|====
+
+.Authentication
+[options=header, cols="20,~", autowidth]
+|====
+|RFC |Description
+
+|https://datatracker.ietf.org/doc/html/rfc1994[RFC 1994]
+|PPP Challenge Handshake Authentication Protocol (CHAP).
+
+|https://datatracker.ietf.org/doc/html/rfc2285[RFC 2284]
+|PPP Extensible Authentication Protocol (EAP)
+
+|https://datatracker.ietf.org/doc/html/rfc2716[RFC 2716]
+|PPP EAP TLS Authentication Protocol.
+
+|https://datatracker.ietf.org/doc/html/rfc2759[RFC 2759]
+|Microsoft PPP CHAP Extensions, Version 2.
+
+|https://datatracker.ietf.org/doc/html/rfc3748[RFC 3748]
+|Extensible Authentication Protocol (EAP).
+|====
+
+.Dynamic Host Control Protocol (DHCP)
+[options=header, cols="20,~",autowidth]
+|====
+
+|RFC |Description
+
+|https://datatracker.ietf.org/doc/html/rfc2131[RFC 2131] |Dynamic Host Configuration Protocol
+
+|https://datatracker.ietf.org/doc/html/rfc2241[RFC 2241] |DHCP Options for Novell Directory Services
+
+|https://datatracker.ietf.org/doc/html/rfc2242[RFC 2242] |NetWare/IP Domain Name and Information
+
+|https://datatracker.ietf.org/doc/html/rfc2485[RFC 2485] |DHCP Option for The Open Group's User Authentication Protocol
+
+|https://datatracker.ietf.org/doc/html/rfc2563[RFC 2563] |DHCP Option to Disable Stateless Auto-Configuration in IPv4 Clients
+
+|https://datatracker.ietf.org/doc/html/rfc2610[RFC 2610] |DHCP Options for Service Location Protocol
+
+|https://datatracker.ietf.org/doc/html/rfc2937[RFC 2937] |The Name Service Search Option for DHCP
+
+|https://datatracker.ietf.org/doc/html/rfc3004[RFC 3004] |The User Class Option for DHCP
+|https://datatracker.ietf.org/doc/html/rfc3011[RFC 3011] |The IPv4 Subnet Selection Option for DHCP
+
+|https://datatracker.ietf.org/doc/html/rfc3046[RFC 3046] |DHCP Relay Agent Information Option
+
+|https://datatracker.ietf.org/doc/html/rfc3118[RFC 3118] |Authentication for DHCP Messages
+
+|https://datatracker.ietf.org/doc/html/rfc3361[RFC 3361] |Dynamic Host Configuration Protocol (DHCP-for-IPv4) Option for Session Initiation Protocol (SIP) Servers
+
+|https://datatracker.ietf.org/doc/html/rfc3397[RFC 3397] |Dynamic Host Configuration Protocol (DHCP) Domain Search Option
+
+|https://datatracker.ietf.org/doc/html/rfc3442[RFC 3442]
+|The Classless Static Route Option for Dynamic Host Configuration Protocol (DHCP) version.
+
+|https://datatracker.ietf.org/doc/html/rfc3495[RFC 3495]
+|Dynamic Host Configuration Protocol (DHCP) Option for CableLabs Client Configuration.
+
+|https://datatracker.ietf.org/doc/html/rfc3679[RFC 3679]
+|Unused Dynamic Host Configuration Protocol (DHCP) Option Codes.
+
+
+|https://datatracker.ietf.org/doc/html/rfc4174[RFC 4174] |The IPv4 Dynamic Host Configuration Protocol (DHCP) Option for the Internet Storage Name Service
+
+|https://datatracker.ietf.org/doc/html/rfc4280[RFC 4280] |Dynamic Host Configuration Protocol (DHCP) Options for Broadcast and Multicast Control Servers
+
+|https://datatracker.ietf.org/doc/html/rfc4388[RFC 4388] |Dynamic Host Configuration Protocol (DHCP) Leasequery
+
+|https://datatracker.ietf.org/doc/html/rfc4578[RFC 4578] |Dynamic Host Configuration Protocol (DHCP) Options for the Intel Preboot eXecution Environment (PXE)
+
+|https://datatracker.ietf.org/doc/html/rfc4702[RFC 4702] |The Dynamic Host Configuration Protocol (DHCP) Client Fully Qualified Domain Name (FQDN) Option
+
+|https://datatracker.ietf.org/doc/html/rfc4776[RFC 4776] |Dynamic Host Configuration Protocol (DHCPv4 and DHCPv6) Option for Civic Addresses Configuration Information
+
+|https://datatracker.ietf.org/doc/html/rfc4833[RFC 4833] |Timezone Options for DHCP
+
+|https://datatracker.ietf.org/doc/html/rfc5071[RFC 5071] |Dynamic Host Configuration Protocol Options Used by PXELINUX
+
+|https://datatracker.ietf.org/doc/html/rfc5192[RFC 5192] |DHCP Options for Protocol for Carrying Authentication for Network Access (PANA) Authentication Agents
+
+|https://datatracker.ietf.org/doc/html/rfc5223[RFC 5223] |Discovering Location-to-Service Translation (LoST) Servers Using the Dynamic Host Configuration Protocol (DHCP)
+
+|https://datatracker.ietf.org/doc/html/rfc5417[RFC 5417] |Control And Provisioning of Wireless Access Points (CAPWAP) Access Controller DHCP Option
+
+|https://datatracker.ietf.org/doc/html/rfc5678[RFC 5678] |Dynamic Host Configuration Protocol (DHCPv4 and DHCPv6) Options for IEEE 802.21 Mobility Services (MoS) Discovery
+
+|https://datatracker.ietf.org/doc/html/rfc5859[RFC 5859] |TFTP Server Address Option for DHCPv4
+
+|https://datatracker.ietf.org/doc/html/rfc5969[RFC 5969] |IPv6 Rapid Deployment on IPv4 Infrastructures (6rd) -- Protocol Specification
+
+|https://datatracker.ietf.org/doc/html/rfc5986[RFC 5986] |Discovering the Local Location Information Server (LIS)
+
+|https://datatracker.ietf.org/doc/html/rfc6011[RFC 6011] |Session Initiation Protocol (SIP) User Agent Configuration
+
+|https://datatracker.ietf.org/doc/html/rfc6153[RFC 6153] |DHCPv4 and DHCPv6 Options for Access Network Discovery and Selection Function (ANDSF) Discover
+
+|https://datatracker.ietf.org/doc/html/rfc6225[RFC 6225] |Dynamic Host Configuration Protocol Options for Coordinate-Based Location Configuration Information
+
+|https://datatracker.ietf.org/doc/html/rfc6656[RFC 6656] |Description of Cisco Systems' Subnet Allocation Option for DHCPv4
+
+|https://datatracker.ietf.org/doc/html/rfc6926[RFC 6926]
+|DHCPv4 Bulk Leasequery.
+
+|https://datatracker.ietf.org/doc/html/rfc7291[RFC 7291] |DHCP Options for the Port Control Protocol (PCP).
+
+|https://datatracker.ietf.org/doc/html/rfc7710[RFC 7710] |Captive-Portal Identification Using DHCP or Router Advertisements (RAs).
+
+|https://datatracker.ietf.org/doc/html/rfc7839[RFC 7839] |Access-Network-Identifier Option in DHCP.
+
+|https://datatracker.ietf.org/doc/html/rfc8115[RFC 8115] |DHCPv6 Option for IPv4-Embedded Multicast and Unicast IPv6 Prefixes
+
+|https://datatracker.ietf.org/doc/html/rfc8156[RFC 8156] |DHCPv6 Failover Protocol
+
+|https://datatracker.ietf.org/doc/html/rfc8357[RFC 8357] |Generalized UDP Source Port for DHCP Relay
+
+|https://datatracker.ietf.org/doc/html/rfc8559[RFC 8559] |Dynamic Authorization Proxying in the Remote Authentication Dial-In User Service (RADIUS) Protocol
+
+|https://datatracker.ietf.org/doc/html/rfc8658[RFC 8658] |RADIUS Attributes for Softwire Mechanisms Based on Address plus Port (A+P)
+
+|https://datatracker.ietf.org/doc/html/rfc9445[RFC 9445] |RADIUS Extensions for DHCP-Configured Services
+
+|====
+
+.Dynamic Name Service (DNS)
+[options=header, cols="20,~",autowidth]
+|====
+
+|RFC |Description
+
+|https://datatracker.ietf.org/doc/html/rfc6731[RFC 6731] |Improved Recursive DNS Server Selection for Multi-Interfaced Nodes.
+
+|https://datatracker.ietf.org/doc/html/rfc3646[RFC 3646] |DNS Configuration options for Dynamic Host Configuration Protocol for IPv6 (DHCPv6).
+|====
+
+
+.Internet Protocol (IPv4-IPv6)
+[options=header, cols="20,~",autowidth]
+|====
+
+|RFC |Description
+
+|https://datatracker.ietf.org/doc/html/rfc3162[RFC 3162] |RADIUS and IPv6.
+
+|https://datatracker.ietf.org/doc/html/rfc4818[RFC 4818] |RADIUS Delegated-IPv6-Prefix Attribute.
+
+|https://datatracker.ietf.org/doc/html/rfc5447[RFC 5447] |Diameter Mobile IPv6: Support for Network Access Server to Diameter Server Interaction.
+
+|https://datatracker.ietf.org/doc/html/rfc6911[RFC 6911] |RADIUS Attributes for IPv6 Access Networks.
+
+|https://datatracker.ietf.org/doc/html/rfc7600[RFC 7600] |IPv4 Residual Deployment via IPv6 - A Stateless Solution (4rd).
+|====
+
+.SNMP Related
+[options=header, cols="20,~",autowidth]
+|====
+
+|RFC |Description
+
+|https://datatracker.ietf.org/doc/html/rfc1227[RFC 1227] |SNMP MUX Protocol and MIB.
+
+|https://datatracker.ietf.org/doc/html/rfc2169[RFC 2619] |RADIUS Authentication Server MIB.
+
+|https://datatracker.ietf.org/doc/html/rfc2621[RFC 2621] |RADIUS Accounting Server MIB.
+
+|====
+
+.Vendor-Specific Attributes
+[options=header, cols="20,~",autowidth]
+|====
+| RFC |Description
+
+|https://datatracker.ietf.org/doc/html/rfc2548[RFC 2548]
+|Microsoft Vendor-Specific RADIUS Attributes.
+
+|https://datatracker.ietf.org/doc/html/rfc4679[RFC 4679] |DSL Forum Vendor-Specific RADIUS Attributes
+
+|https://datatracker.ietf.org/doc/html/rfc5904[RFC 5904] |RADIUS Attributes for IEEE 802.16 Privacy Key Management Version 1 (PKMv1) Protocol Support
+
+|https://datatracker.ietf.org/doc/html/rfc6519[RFC 6519] |RADIUS Extensions for Dual-Stack Lite
+
+|https://datatracker.ietf.org/doc/html/rfc6572[RFC 6572] |RADIUS Support for Proxy Mobile IPv6
+
+|https://datatracker.ietf.org/doc/html/rfc6677[RFC 6677] |Channel-Binding Support for Extensible Authentication Protocol (EAP) Methods
+
+
+|https://datatracker.ietf.org/doc/html/rfc7055[RFC 7055] |A GSS-API Mechanism or the Extensible Authentication Protocol
+
+|https://datatracker.ietf.org/doc/html/rfc7155[RFC 7155] |Diameter Network Access Server Application
+
+|https://datatracker.ietf.org/doc/html/rfc7268[RFC 7268] |RADIUS Attributes for IEEE 802 Networks
+
+|https://datatracker.ietf.org/doc/html/rfc7499[RFC 7499] |Support of Fragmentation of RADIUS Packets
+
+|https://datatracker.ietf.org/doc/html/rfc7930[RFC 7930] |Larger Packets for RADIUS over TCP
+
+|https://datatracker.ietf.org/doc/html/rfc8045[RFC 8045] |RADIUS Extensions for IP Port Configuration and Reporting
+
+|https://datatracker.ietf.org/doc/html/rfc3925[RFC 3925]
+|Vendor-Identifying Vendor Options for Dynamic Host Configuration Protocol version 4 (DHCPv4).
+
+|https://datatracker.ietf.org/doc/html/rfc4039[RFC 4039] |Rapid Commit Option for the Dynamic Host Configuration Protocol version 4 (DHCPv4).
+
+|https://datatracker.ietf.org/doc/html/rfc8357[RFC 8357] |Generalized UDP Source Port for DHCP Relay.
+
+|https://datatracker.ietf.org/doc/html/rfc8910[RFC 8910] |Captive-Portal Identification in DHCP and Router Advertisements (RAs).
+
+|https://datatracker.ietf.org/doc/html/rfc8925[RFC 8925] |IPv6-Only Preferred Option for DHCPv4.
+
+|https://datatracker.ietf.org/doc/html/rfc1034[RFC 1034] |Domain names - concepts and facilities.
+
+|https://datatracker.ietf.org/doc/html/rfc3315[RFC 3315] |Dynamic Host Configuration Protocol for IPv6 (DHCPv6).
+
+|https://datatracker.ietf.org/doc/html/rfc3319[RFC 3319] |Dynamic Host Configuration Protocol (DHCPv6) Options for Session Initiation Protocol (SIP) Servers.
+
+|https://datatracker.ietf.org/doc/html/rfc3633[RFC 3633] |IPv6 Prefix Options for Dynamic Host Configuration Protocol (DHCP) version 6
+
+|https://datatracker.ietf.org/doc/html/rfc3898[RFC 3898] |Network Information Service (NIS) Configuration Options for Dynamic Host Configuration Protocol for IPv6 (DHCPv6).
+
+|https://datatracker.ietf.org/doc/html/rfc4075[RFC 4075] |Simple Network Time Protocol (SNTP) Configuration Option for DHCPv6.
+
+|https://datatracker.ietf.org/doc/html/rfc4242[RFC 4242] |Information Refresh Time Option for Dynamic Host Configuration Protocol for IPv6 (DHCPv6).
+
+|https://datatracker.ietf.org/doc/html/rfc4280[RFC 4280] |Dynamic Host Configuration Protocol (DHCP) Options for Broadcast and Multicast Control Servers.
+
+|https://datatracker.ietf.org/doc/html/rfc4580[RFC 4580] |Dynamic Host Configuration Protocol for IPv6 (DHCPv6) Relay Agent Subscriber-ID Option.
+
+|https://datatracker.ietf.org/doc/html/rfc4649[RFC 4649] |Dynamic Host Configuration Protocol for IPv6 (DHCPv6) Relay Agent Remote-ID Option.
+
+|https://datatracker.ietf.org/doc/html/rfc4704[RFC 4704] |The Dynamic Host Configuration Protocol for IPv6 (DHCPv6) Client Fully Qualified Domain Name (FQDN) Option.
+
+|https://datatracker.ietf.org/doc/html/rfc4776[RFC 4776] |Dynamic Host Configuration Protocol (DHCPv4 and DHCPv6) Option for Civic Addresses Configuration Information.
+
+|https://datatracker.ietf.org/doc/html/rfc4833[RFC 4833] |Timezone Options for DHCP.
+
+|https://datatracker.ietf.org/doc/html/rfc4994[RFC 4994] |DHCPv6 Relay Agent Echo Request Option.
+
+|https://datatracker.ietf.org/doc/html/rfc5007[RFC 5007] |DHCPv6 Leasequery.
+
+|https://datatracker.ietf.org/doc/html/rfc5192[RFC 5192] |DHCP Options for Protocol for Carrying Authentication for Network Access (PANA) Authentication Agents.
+
+|https://datatracker.ietf.org/doc/html/rfc5223[RFC 5223] |Discovering Location-to-Service Translation (LoST) Servers Using the Dynamic Host Configuration Protocol (DHCP).
+
+|https://datatracker.ietf.org/doc/html/rfc5417[RFC 5417] |Control And Provisioning of Wireless Access Points (CAPWAP) Access Controller DHCP Option.
+
+|https://datatracker.ietf.org/doc/html/rfc5460[RFC 5460] |DHCPv6 Bulk Leasequery.
+
+|https://datatracker.ietf.org/doc/html/rfc5678[RFC 5678] |Dynamic Host Configuration Protocol (DHCPv4 and DHCPv6) Options for IEEE 802.21 Mobility Services (MoS) Discovery.
+
+|https://datatracker.ietf.org/doc/html/rfc5908[RFC 5908] |Network Time Protocol (NTP) Server Option for DHCPv6.
+
+|https://datatracker.ietf.org/doc/html/rfc5970[RFC 5970] |DHCPv6 Options for Network Boot.
+|https://datatracker.ietf.org/doc/html/rfc5986[RFC 5986] |Discovering the Local Location Information Server (LIS).
+
+|https://datatracker.ietf.org/doc/html/rfc6011[RFC 6011] |Session Initiation Protocol (SIP) User Agent Configuration.
+
+|https://datatracker.ietf.org/doc/html/rfc6153[RFC 6153] |DHCPv4 and DHCPv6 Options for Access Network Discovery and Selection Function (ANDSF) Discovery.
+
+|https://datatracker.ietf.org/doc/html/rfc6225[RFC 6225] |Dynamic Host Configuration Protocol Options for Coordinate-Based Location Configuration Information.
+
+|https://datatracker.ietf.org/doc/html/rfc6334[RFC 6334] |Dynamic Host Configuration Protocol for IPv6 (DHCPv6) Option for Dual-Stack Lite.
+
+|https://datatracker.ietf.org/doc/html/rfc6355[RFC 6355] |Definition of the UUID-Based DHCPv6 Unique Identifier (DUID-UUID).
+
+|https://datatracker.ietf.org/doc/html/rfc6422[RFC 6422] |Relay-Supplied DHCP Options.
+
+|https://datatracker.ietf.org/doc/html/rfc6440[RFC 6440] |The EAP Re-authentication Protocol (ERP) Local Domain Name DHCPv6 Option.
+
+|https://datatracker.ietf.org/doc/html/rfc6603[RFC 6603] |Prefix Exclude Option for DHCPv6-based Prefix Delegation.
+
+|https://datatracker.ietf.org/doc/html/rfc6607[RFC 6607] |Virtual Subnet Selection Options for DHCPv4 and DHCPv6.
+
+| https://datatracker.ietf.org/doc/html/rfc6610[RFC 6610] |DHCP Options for Home Information Discovery in Mobile IPv6 (MIPv6).
+
+|https://datatracker.ietf.org/doc/html/rfc6731[RFC 6731] |Improved Recursive DNS Server Selection for Multi-Interfaced Nodes.
+
+|https://datatracker.ietf.org/doc/html/rfc6784[RFC 6784] |Kerberos Options for DHCPv6.
+
+|https://datatracker.ietf.org/doc/html/rfc6939[RFC 6939] |Client Link-Layer Address Option in DHCPv6.
+
+|https://datatracker.ietf.org/doc/html/rfc6977[RFC 6977] |Triggering DHCPv6 Reconfiguration from Relay Agents.
+
+|https://datatracker.ietf.org/doc/html/rfc7037[RFC 7037] |RADIUS Option for the DHCPv6 Relay Agent.
+
+|https://datatracker.ietf.org/doc/html/rfc7078[RFC 7078] |Distributing Address Selection Policy Using DHCPv6.
+
+|https://datatracker.ietf.org/doc/html/rfc7083[RFC 7083] |Modification to Default Values of SOL_MAX_RT and INF_MAX_RT.
+
+|https://datatracker.ietf.org/doc/html/rfc7291[RFC 7291] |DHCP Options for the Port Control Protocol (PCP).
+
+|https://datatracker.ietf.org/doc/html/rfc7341[RFC 7341] |DHCPv4-over-DHCPv6 (DHCP 4o6) Transport.
+
+|https://datatracker.ietf.org/doc/html/rfc7598[RFC 7598] |DHCPv6 Options for Configuration of Softwire Address and Port-Mapped Clients.
+
+|https://datatracker.ietf.org/doc/html/rfc7653[RFC 7653] |DHCPv6 Active Leasequery.
+
+|https://datatracker.ietf.org/doc/html/rfc7710[RFC 7710] |Captive-Portal Identification Using DHCP or Router Advertisements (RAs).
+
+|https://datatracker.ietf.org/doc/html/rfc7774[RFC 7774] |Multicast Protocol for Low-Power and Lossy Networks (MPL) Parameter Configuration Option for DHCPv6.
+
+|https://datatracker.ietf.org/doc/html/rfc7839[RFC 7839] |Access-Network-Identifier Option in DHCP.
+
+|https://datatracker.ietf.org/doc/html/rfc8026[RFC 8026] |Unified IPv4-in-IPv6 Softwire Customer Premises Equipment (CPE): A DHCPv6-Based Prioritization Mechanism.
+
+|====
+
+
+.RADIUS RFCs Informational
+[options=header, cols="20,~",autowidth]
+|====
+
+|RFC |Description
+
+|https://datatracker.ietf.org/doc/html/rfc2882[RFC 2882] |Network Access Servers Requirements: Extended RADIUS Practices
+|https://datatracker.ietf.org/doc/html/rfc3576[RFC 3576] |Dynamic Authorization Extensions to Remote Authentication Dial In User Service (RADIUS)
+|====
+
+.DRAFT Compliance
+[options=header, cols="20,~",autowidth]
+|====
+|Document|Description
+
+|http://tools.ietf.org/wg/eap/draft-funk-eap-ttls-v1-01.txt[draft-funk-eap-ttls]
+|EAP Tunneled TLS Authentication Protocol Version 1 (EAP-TTLSv1).
+
+|http://www.freeradius.org/rfc/draft-schulzrinne-sipping-radius-accounting-00.txt[draft-schulzrinne-sipping-radius-accounting]
+|RADIUS accounting for SIP servers.
+|====
// Copyright (C) 2025 Network RADIUS SAS. Licenced under CC-by-NC 4.0.
// This documentation was developed by Network RADIUS SAS.
--- /dev/null
+[options= cols="30,~", autowidth]
+|====
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.15[ARAP-Challenge-Response]
+|Contains the response to the dial-in client's challenge.
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.5[ARAP-Features]
+|Holds the password information that the NAS sent to the user (via feature flags).
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.4[ARAP-Password]
+|Contains the dial-in user's response to the NAS challenge.
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.7[ARAP-Security]
+|Identifies the ARAP Security Module to be used in an Access-Challenge packet.
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.8[ARAP-Security-Data]
+|Contains the security module challenge or response in Access type packets.
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.6[ARAP-Zone-Access]
+|Indicates how the ARAP zone list for the user is to be used.
+
+|https://datatracker.ietf.org/doc/html/rfc5904#section-3.7[AUTH-Key]
+|RADIUS attributes providing support for 802.16 Privacy Key Management (v1).
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-4.2[Access-Accept]
+|Access-Accept packets that contain specific configuration information to start delivery of service to the user.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-4.4[Access-Challenge]
+|Access-Challenge packets sent by RADIUS in response to a user's Access-Request message.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-4.3[Access-Reject]
+| Access-Reject packets are sent when an attribute verification fails.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-4.1[Access-Request]
+| Access-Request packets that contain select information to determine the user's level of access and services.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-4.1[Accounting-Request]
+|Accounting-Request packets contain information used by accounting operations for a service or resource granted to a user.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-4.2[Accounting-Response]
+|Accounting-Response packets are acknowledgments indication that the Accounting-Request has been processed.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.6[Acct-Authentic]
+|Indicates how the user was authenticated.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.2[Acct-Delay-Time]
+|The delay between two accounting events and shows client's time taken to send a specific record.
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.1[Acct-Input-Gigawords]|
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.3[Acct-Input-Octets]
+|The number of octets that have been received from the port after the service started.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.8[Acct-Input-Packets]
+|The number of packets received on the ingress port.
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.16[Acct-Interim-Interval]
+|The time (in seconds) between each interim update for the specific session and only appears in the Access-Accept message.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.12[Acct-Link-Count]
+|Gives the count of links used in a select multilink session when the accounting record is generated.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.11[Acct-Multi-Session-Id]
+|A unique Accounting ID to make it easy to link together multiple related sessions in a log file.
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.2[Acct-Output-Gigawords]
+|Indicates how many times the Acct-Output-Octets counter has wrapped while delivering this service.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.4[Acct-Output-Octets]
+|The number of octets sent to the port while delivering this service.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.9[Acct-Output-Packets]
+|The number of packets sent on the egress port.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.5[Acct-Session-Id]
+|An ID assigned to a session and tracked by this ID via log files. Exmple stop and start events are mapped to this ID.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.7[Acct-Session-Time]
+|Indicates how long the user has been granted access.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.1[Acct-Status-Type]
+|Indicates the state of the user service, for example: start or stop events.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.10[Acct-Terminate-Cause]
+|Gives the reasons why a connection ended.
+
+|https://datatracker.ietf.org/doc/html/rfc2867#section-4.1[Acct-Tunnel-Connection]
+|Gives details of the the tunnel connection such as port, ip address etc.
+
+|https://datatracker.ietf.org/doc/html/rfc2867#section-4.2[Acct-Tunnel-Packets-Lost]
+|Tracks the number of accounting packets lost during a session.
+|====
--- /dev/null
+[options=cols="15,~"]
+|====
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.15[ARAP-Challenge-Response] |Contains the response to the dial-in
+client's challenge.
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.5[ARAP-Features] |Holds password information that the NAS sent to the user (via feature flags).
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.4[ARAP-Password] |Contains the dial-in user's response to the NAS challenge.
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.7[ARAP-Security] |Identifies the ARAP Security Module to be used in an Access-Challenge packet.
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.8[ARAP-Security-Data] |Contains the security module challenge or response in Access type packets.
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.6[ARAP-Zone-Access] |Indicates how the ARAP zone list for the user is to be used.
+
+|https://datatracker.ietf.org/doc/html/rfc5904#section-3.7[AUTH-Key] |RADIUS attributes providing support for 802.16 Privacy Key Management (v1).
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-4.2[Access-Accept] |Access-Accept packets that contain specific configuration information to start delivery of service to the user.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-4.4[Access-Challenge] |Access-Challenge packets sent by RADIUS in response to a user's Access-Request message.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-4.3[Access-Reject] |Access-Reject packets are sent when an attribute verification fails.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-4.1[Access-Request] |Access-Request packets that contain select information to determine the user's level of access and services.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-4.1[Accounting-Request] |Accounting-Request packets contain information used by accounting operations for a service or resource granted to a user.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-4.2[Accounting-Response] |Accounting-Response packets are acknowledgments indication that the Accounting-Request has been processed.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.6[Acct-Authentic] |Indicates how the user was authenticated.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.2[Acct-Delay-Time] | The delay between two accounting events and shows client's time taken to send a specific record.
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.1[Acct-Input-Gigawords] |Indicates how many times the Acct-Input-Octets
+counter has wrapped during service provided.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.3[Acct-Input-Octets] |The number of octets that have been received from the port after the service started.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.8[Acct-Input-Packets] |The number of packets received on the ingress port.
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.16[Acct-Interim-Interval] |The time (in seconds) between each interim update for the specific session and only appears in the Access-Accept message.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.12[Acct-Link-Count] |Gives the count of links used in a select multilink session when the accounting record is generated.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.11[Acct-Multi-Session-Id] |A unique Accounting ID to make it easy to link together multiple related sessions in a log file.
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.2[Acct-Output-Gigawords] |Indicates how many times the Acct-Output-Octets
+counter has wrapped while delivering this service.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.4[Acct-Output-Octets] |The number of octets sent to the port while delivering this service.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.9[Acct-Output-Packets] |The number of packets sent on the egress port.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.5[Acct-Session-Id] | An ID assigned to a session and tracked by this ID via log files. Exmple stop and start events are mapped to this ID.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.7[Acct-Session-Time] |Indicates how long the user has been granted access.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.1[Acct-Status-Type] |Indicates the state of the user service, for example: start or stop events.
+
+|https://datatracker.ietf.org/doc/html/rfc2866#section-5.10[Acct-Terminate-Cause] |Gives the reasons why a connection ended.
+
+|https://datatracker.ietf.org/doc/html/rfc2867#section-4.1[Acct-Tunnel-Connection] |Gives details of the the tunnel connection such as port, ip address etc.
+
+|https://datatracker.ietf.org/doc/html/rfc2867#section-4.2[Acct-Tunnel-Packets-Lost] |Tracks the number of accounting packets lost during a session.
+
+|====
--- /dev/null
+[options=cols="15,~", autowidth]
+|====
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.40[CHAP-Challenge] |Contains the CHAP Challenge sent by the NAS to a PPP Challenge-Handshake Authentication Protocol (CHAP) user.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.3[CHAP-Password] |Contains the response value provided by a PPP Challenge-Handshake Authentication Protocol (CHAP) user in response to the challenge.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.20[Callback-Id] |Indicates the name of a place to be called, to be interpreted by the NAS.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.19[Callback-Number] |Indicates a dialing string to be used for callback.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.30[Called-Station-Id] |The phone number that the user called, using Dialed Number Identification (DNIS).
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.31[Calling-Station-Id] |The phone number that the call came from, using Automatic Number Identification (ANI).
+
+|https://datatracker.ietf.org/doc/html/rfc5176#section-2.2[Change-of-Authorization] |Contains information for dynamically changing session authorizations.
+
+|https://datatracker.ietf.org/doc/html/rfc6672#section-4.19[Chargeable-User-Identity] |CUI, is a unique handle used correlate and process authentication/accounting operations for a specific user.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.25[Class] |This Attribute is available to be sent by the server to the client
+in an Access-Accept packet.
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.12[Configuration-Token] |Indicates the type of user profile to be applied during authentication requests.
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.11[Connect-Info] |Indicates the nature of the user's connection.
+
+|====
+
+
--- /dev/null
+[options=cols="15,~", autowidth]
+|====
+
+|https://datatracker.ietf.org/doc/html/rfc6911#section-3.2[DNS-Server-IPv6-Address] |Contains the IPv6 address of a
+DNS server.
+
+|https://datatracker.ietf.org/doc/html/rfc6519#section-3[DS-Lite] |Provides IPv4 and IPv6 connectivity to users that are addressed only with an IPv6 prefix.
+
+|https://datatracker.ietf.org/doc/html/rfc6519#section-4.1[DS-Lite-Tunnel-Name] |Specifies the Fully Qualified Domain Name (FQDN) of the Address Family Transition Router (AFTR) that the client connects to.
+
+|https://datatracker.ietf.org/doc/html/rfc4818#section-1[Delegated-IPv6-Prefix] |Contains the IPv6 prefix that's assigned to the user for network operations.
+
+|https://datatracker.ietf.org/doc/html/rfc6911#section-3.2[Delegated-IPv6-Prefix-Pool] |Contains the name of an assigned pool used for prefix delegation.
+
+|https://datatracker.ietf.org/doc/html/rfc5090#section-3.16[Digest-AKA-Auts] |Contains the auts parameter that's used in theDigest AKA calculation.
+
+|https://datatracker.ietf.org/doc/html/rfc5090#section-3.9[Digest-Algorithm] |Holds the algorithm parameter that defines the HTTP Digest calculation.
+
+|https://datatracker.ietf.org/doc/html/rfc5090#section-3.15[Digest-Auth-Param] |Used for future extensions and also maps to the auth-param parameter [RFC2617].
+
+|https://datatracker.ietf.org/doc/html/rfc5090#section-3.11[Digest-CNonce] |Contains the client nonce parameter that's used in HTTP Digest calculations.
+
+|https://datatracker.ietf.org/doc/html/rfc5090#section-3.17[Digest-Domain] |Contains a URI that helps define the protection space for HTTP type protocols.
+
+|https://datatracker.ietf.org/doc/html/rfc5090#section-3.10[Digest-Entity-Body-Hash] |Contains a HASH value of an HTTP type message body that used in digest calculation.
+
+|https://datatracker.ietf.org/doc/html/rfc5090#section-3.19[Digest-HA1] |Enables the generation of an Authentication-Info header.
+
+|https://datatracker.ietf.org/doc/html/rfc5090#section-3.14[Digest-Method] |Contains the opaque parameter that is passed to the HTTP-style client.
+
+|https://datatracker.ietf.org/doc/html/rfc5090#section-3.5[Digest-Nextnonce] |Holds a nonce to be used in the HTTP Digest calculation.
+
+|https://datatracker.ietf.org/doc/html/rfc5090#section-3.3[Digest-Nonce] |holds a nonce to be used in the HTTP Digest calculation.
+
+|https://datatracker.ietf.org/doc/html/rfc5090#section-3.12[Digest-Nonce-Count] |Contains the nonce count parameter that is used to detect replay attacks.
+
+|https://datatracker.ietf.org/doc/html/rfc5090#section-3.14[Digest-Opaque] | Contains the opaque parameter that is passed to the HTTP-style client.
+
+|https://datatracker.ietf.org/doc/html/rfc5090#section-3.8[Digest-Qop] |Contins the `Quality of Protection` parameter that impacts the HTTP Digest calculation.
+
+|https://datatracker.ietf.org/doc/html/rfc5090#section-3.2[Digest-Realm] |Defines a protection space of the RADIUS server.
+
+|https://datatracker.ietf.org/doc/html/rfc5090#section-3.1[Digest-Response] |If present in an Access-Request message, a RADIUS server will process theAccess-Request as a request for Digest Authentication.
+
+|https://datatracker.ietf.org/doc/html/rfc5090#section-3.4[Digest-Response-Auth] |Enables the RADIUS server to prove possession of the password.
+
+|https://datatracker.ietf.org/doc/html/rfc5090#section-3.18[Digest-Stale] |An attribute value (T/F) that's sent by a RADIUS server to notify
+client whether it has accepted a nonce.
+
+|https://datatracker.ietf.org/doc/html/rfc5090#section-3.7[Digest-URI]. |Contains the contents of the digest-uri directive or the URI of the HTTP-style request.
+
+|https://datatracker.ietf.org/doc/html/rfc5090#section-3.13[Digest-Username] |Holds the user name used in the HTTP Digestcalculation.
+
+|====
--- /dev/null
+[options=cols="15,~", autowidth]
+|====
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.13[EAP-Message] |This attribute encapsulates EAP packets allowing the NAS to authenticate dial-in users via EAP.
+
+|https://datatracker.ietf.org/doc/html/rfc5176#section-3.5[Error-Cause] |Holds information about why the Authorization Server cannot process Disconnect-Request or CoA-Request packets.
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.3[Event-Timestamp] |This attribute is used Accounting-Request packets to record the time of an event.
+
+|https://datatracker.ietf.org/doc/html/rfc6929#section-3.1[Extended-Type-1] |Encapsulates "Extended Type" attributes format, in the RADIUS Attribute Type space of 241.{1-255}.
+
+|https://datatracker.ietf.org/doc/html/rfc6929#section-3.2[Extended-Type-2]|Encapsulates "Extended Type" attributes format, in the RADIUS Attribute Type space of 242.{1-255}.
+
+|https://datatracker.ietf.org/doc/html/rfc6929#section-3.3[Extended-Type-3] |Encapsulates "Extended Type" attributes format, in the RADIUS Attribute Type space of 243.{1-255}.
+
+|https://datatracker.ietf.org/doc/html/rfc6929#section-3.4[Extended-Type-4] |Encapsulates "Extended Type" attributes format, in the RADIUS Attribute Type space of 244.{1-255}.
+
+|https://datatracker.ietf.org/doc/html/rfc6929#section-4.1[Extended-Vendor-Specific-1] |Defines a RADIUS Type Code of 241.26 ("evs" data type).
+
+|https://datatracker.ietf.org/doc/html/rfc6929#section-4.2[Extended-Vendor-Specific-2] |Defines a RADIUS Type Code of 242.26 ("evs" data type).
+
+|https://datatracker.ietf.org/doc/html/rfc6929#section-4.3[Extended-Vendor-Specific-3] |Defines a RADIUS Type Code of 243.26 ("evs" data type).
+
+|https://datatracker.ietf.org/doc/html/rfc6929#section-4.4[Extended-Vendor-Specific-4] |Defines a RADIUS Type Code of 244.26 ("evs" data type).
+
+|https://datatracker.ietf.org/doc/html/rfc6929#section-4.5[Extended-Vendor-Specific-5] |Defines a RADIUS Type Code of 245.26 ("evs" data type).
+
+|https://datatracker.ietf.org/doc/html/rfc6929#section-4.6[Extended-Vendor-Specific-6] |Defines a RADIUS Type Code of 246.26 ("evs" data type).
+
+|====
+
+
+
+
+
+
--- /dev/null
+[options=cols="15,~", autowidth]
+|====
+
+|https://datatracker.ietf.org/doc/html/rfc3580#section-3.9[Filter-ID] |Indicates the name of the filter list to be applied to the Supplicant's session.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.11[Filter-Id] |Indicates the name of the filter list for the specific user.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.37[Framed-AppleTalk-Link] |The AppleTalk Network number to be used for the serial link to the user.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.38[Framed-AppleTalk-Network]
+|The AppleTalk Network number which the NAS should probe to allocate an AppleTalk node for the user.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.39[Framed-AppleTalk-Zone] |Defines the AppleTalk Default Zone to be used for this user.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.13[Framed-Compression] |Indicates a compression protocol to be used for the link.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.8[Framed-IP-Address] |Indicates the address to be configured for the user.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.9[Framed-IP-Netmask] |Indicates the IP netmask to be configured for the user when the user is a router to a network.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.23[Framed-IPX-Network] |Indicates the IPX Network number to be configured for the user.
+
+|https://datatracker.ietf.org/doc/html/rfc6911#section-3.1[Framed-IPv6-Address] |Indicates an IPv6 address that's assigned to the NAS-facing interface of the RG/host.
+
+|https://datatracker.ietf.org/doc/html/rfc3162#section-2.6[Framed-IPv6-Pool] |Contains the name of an assigned pool that's used to assign an IPv6 prefix for the user.
+
+|https://datatracker.ietf.org/doc/html/rfc3162#section-2.3[Framed-IPv6-Prefix] |Indicates an IPv6 prefix (and corresponding route) to be configured for the user.
+
+|https://datatracker.ietf.org/doc/html/rfc3162#section-2.5[Framed-IPv6-Route] |Provides routing information to be configured for the user on the NAS.
+
+|https://datatracker.ietf.org/doc/html/rfc3162#section-3.2[Framed-Interface-Id] |Indicates the IPv6 interface identifier to be configured for the user.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.12[Framed-MTU] |Indicates the Maximum Transmission Unit to be configured for the user.
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.18[Framed-Pool] |Contains the name of an assigned address pool used to assign an address for the user.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.7[Framed-Protocol] |Indicates the framing to be used for framed access.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.22[Framed-Route] |Provides routing information to be configured for the user on the NAS.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.10[Framed-Routing] |Indicates the routing method for the user, when theuser is a router to a network.
+
+|====
+
+
+
+
+
+
+
+
+
+
+
--- /dev/null
+[options=cols="15,~", autowidth]
+|====
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.28[Idle-Timeout] |Sets the maximum number of consecutive seconds of idle connection allowed to the user before termination of the session.
+
+|====
--- /dev/null
+[options=cols="15,~", autowidth]
+|====
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-2.6[Keep-Alives] |The process of sending test RADIUS requests to see if a server is alive.
+
+|====
+
+
+
--- /dev/null
+[options=cols="15,~",autowidth]
+|====
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.14[Login-IP-Host] |Indicates the system with which to connect the user, when the Login-Service Attribute is included
+
+|https://datatracker.ietf.org/doc/html/rfc3162#section-2.4[Login-IPv6-Host] |Indicates the system with which to connect the user, when the Login-Service Attribute is included.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.36[Login-LAT-Group] |Contains a string identifying the LAT group codes which this user is authorized to use.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.35[Login-LAT-Node] |Indicates the Node with which the user is to be automatically connected by LAT.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.43[Login-LAT-Port] |Indicates the Port with which the user is to be connected by LAT.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.34[Login-LAT-Service] |Indicates the system with which the user is to be connected by LAT.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.15[Login-Service] |Indicates the service to use to connect the user to the login host.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.16[Login-TCP-Port] |indicates the TCP port with which the user is to be connected.
+
+|https://datatracker.ietf.org/doc/html/rfc6929#section-3.5[Long-Extended-Type-1] |Encapsulates attributes of the "Long Extended Type" format, in the RADIUS Attribute Type space of 245.{1-255}.
+
+|https://datatracker.ietf.org/doc/html/rfc6929#section-3.6[Long-Extended-Type-2] |Encapsulates attributes of the "Long Extended Type"format, in the RADIUS Attribute Type space of 246.{1-255}.
+
+|====
+
+
+
+
+
+
--- /dev/null
+[options=cols="15,~", autowidth]
+|====
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.6.4[MS-ARAP-Challenge] |This attribute is only present in an Access-Request packet containing a Framed-Protocol Attribute with the value 3 (ARAP).
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.6.3[MS-ARAP-Password-Change-Reason] |Indicates the reason for a server-initiated password change.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.7.4[MS-Acct-Auth-Type] |Represents the method used to authenticate the dial-up user.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.7.5[MS-Acct-EAP-Type] |Represents the Extensible Authentication Protocol (EAP) [15] type used to authenticate the dial-up user.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.5.1[MS-BAP-Usage] |Determines if the use of BAP is allowed, disallowed or required on new multilink calls.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.1.6[MS-CHAP-CPW-1] |Allows the user to change their password if it has expired.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.1.7[MS-CHAP-CPW-2] |Allows the user to change their password if it has expired.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.1.2[MS-CHAP-Challenge] |Contains the challenge sent by a NAS to a MS-CHAP user.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.1.4[MS-CHAP-Domain] |Indicates the Windows NT domain in which the user was authenticated.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.1.5[MS-CHAP-Error] |Contains error data related to the preceding MS-CHAP exchange.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.1.8[MS-CHAP-LM-Enc-PW] |Contains the new Windows NT password encrypted with the old LAN Manager password hash.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.6.4[MS-CHAP-MPPE-Keys] |Present in an Access-Request packet containing a Framed-Protocol Attribute with the value 3 (ARAP).
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.2[MS-CHAP-NT-Enc-PW] |Contains the new Windows NT password encrypted with the old Windows NT password hash.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.1.3[MS-CHAP-Response] |Contains the response value provided by a PPP MS-CHAP user in response to the challenge.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.3.4[MS-CHAP2-CPW] |Allows the user to change their password if it has expired.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.3.2[MS-CHAP2-Response] |Contains the response value provided by an MS-CHAP-V2 peer in response to the challenge.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.3.3[MS-CHAP2-Success] |Contains the response value provided by an MS-CHAP-V2 peer in response to the challenge.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.7.3[MS-Filter] |
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.5.3[MS-Link-Drop-Time-Limit] |Indicates the length of time (in seconds) that a link must be underutilized before it is dropped.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.5.2[MS-Link-Utilization-Threshold] |Represents the percentage of available bandwidth utilization below which the link must fall before the link is
+eligible for termination.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.4.4[MS-MPPE-Encryption-Policy] |Used to indicate if encryption is on or off.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.4.5[MS-MPPE-Encryption-Types] |Defines what type of encryptions are available.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.4.3[MS-MPPE-Recv-Key] |Contains a session key to use for encrypting packets received by the NAS from the remote host.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.6.2[MS-MPPE-Send-Key] |Contains a session key to use for encrypting packets sent by the NAS to the remote host.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.6.2[MS-New-ARAP-Password] |Contains the new ARAP password during a password change operation.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.6.1[MS-Old-ARAP-Password] |Contains the old ARAP password during a password change operation.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.6.4[MS-Primary-DNS-Server] |The primary Domain Name Server's (DNS) IP address.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.7.6[MS-Primary-NBNS-Server] |The primary Net Bios Name Server's (NBNS) IP address.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.7.1[MS-RAS-Vendor] | The manufacturer name of the RAIDIUS client machine.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.7.2[MS-RAS-Version] | The software version of the RADIUS client machine.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.7.7[MS-Secondary-DNS-Server] |The IP address of the secondary DNS server to be used by the PPP peer. This attribute can be included in Access-Accept or Accounting-Request packets.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-2.7.8[MS-Secondary-NBNS-Server] |The IP address of the secondary Net Bios Name Server(NBNS) server to be used by the PPP peer.
+
+|https://datatracker.ietf.org/doc/html/rfc5607#section-6.3[Management-Policy-Id] |The name of the management access policy for the specific user.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-6.4[Management-Privilege-Level] |The assigned privilege level for management access for the authenticated user.
+
+|https://datatracker.ietf.org/doc/html/rfc2548#section-6.2[Management-Transport-Protection] |The minimum level of protection required for transport within an access session.
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.14[Message-Authenticator] |Used to sign Access-Requests to prevent spoofing Access-Requests using CHAP, ARAP or EAP authentication.
+
+|https://datatracker.ietf.org/doc/html/rfc6572#section-4.2[Mobile-Node-Identifier] |Contains the mobile node identifier (MN-Identifier) to identify the device on the network.
+
+|====
--- /dev/null
+[options=cols="15,~", autowidth]
+|====
+
+|https://datatracker.ietf.org/doc/html/rfc4849#section-2[NAS-Filter-Rule] |The filter rules to be applied for the select user.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.4[NAS-IP-Address] |The NAS's IP Address that is requesting authentication of the user.
+
+|https://datatracker.ietf.org/doc/html/rfc3162#section-3.1[NAS-IPv6-Address] |The NAS's IPv6 Address that is requesting authentication of the user.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.32[NAS-Identifier] |A string used to identify the NAS originating the Access-Request packet.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.5[NAS-Port] |The NAS's physical port number that is authenticating the user.
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.17[NAS-Port-Id] |The name (text string) used to reference the NAS's port that is authenticating the user.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.41[NAS-Port-Type] |The type of the physical port of the NAS that is authenticating the user.
+
+|====
--- /dev/null
+[options=cols="15,~", autowidth]
+|====
+
+|https://datatracker.ietf.org/doc/html/rfc5904#section-3.7[PKM-AUTH-Key]|Contains a PKM authorisation key.
+
+|https://datatracker.ietf.org/doc/html/rfc5904#section-3.2[PKM-CA-Cert] |A string value containing the X.509 certificate used to sign the SS certificate.
+
+|https://datatracker.ietf.org/doc/html/rfc5904#section-3.3[PKM-Config-Settings] |Contains string values that map to relevant TLVs used in the PKM configuration.
+
+|https://datatracker.ietf.org/doc/html/rfc5904#section-3.4[PKM-Cryptosuite-List] |Contains a list of cryptosuite attributes that may be used to create security attributes.
+
+|https://datatracker.ietf.org/doc/html/rfc5904#section-3.6[PKM-SA-Descriptor] |Specifies the characteristics of a PKM security association.
+
+|https://datatracker.ietf.org/doc/html/rfc5904#section-3.5[PKM-SAID] |Contains a PKM Security Association Identifier.
+
+|https://datatracker.ietf.org/doc/html/rfc5904#section-3.1[PKM-SS-Cert] |Contains a an X.509 certificate (public key).
+
+|https://datatracker.ietf.org/doc/html/rfc2869#section-5.9[Password-Retry] |The number of authentication attempts a user may be allowed before being disconnected.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.42[Port-Limit] |Sets the maximum number of ports to be provided to the user by the NAS.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.33[Proxy-State] |This state attribute is sent by a proxy server to another server when forwarding an Access-Request.
+
+|====
--- /dev/null
+[options=cols="15,~", autowidth]
+|====
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.18[Reply-Message] |A text message that may be shown to the user.
+
+|https://datatracker.ietf.org/doc/html/rfc6911#section-3.3[Route-IPv6-Information] |Defines the prefix and route for the user on the NAS.
+
+|====
--- /dev/null
+[options=header,cols="20,~",autowidth]
+|====
+
+|RFC |Description
+
+|https://datatracker.ietf.org/doc/rfc2548/[RFC 2548] |Microsoft Vendor-specific RADIUS Attributes (attributes)
+
+|https://datatracker.ietf.org/doc/rfc809/[RFC 2809] |Implementation of L2TP Compulsory Tunneling via RADIUS (information )
+
+|https://datatracker.ietf.org/doc/rfc2865/[RFC 2865] |Remote Authentication Dial In User Service (RADIUS) (attributes)
+
+|https://datatracker.ietf.org/doc/rfc2866/[RFC 2866] |RADIUS Accounting (attributes)
+
+|https://datatracker.ietf.org/doc/rfc2867/[RFC 2867] |RADIUS Accounting Modifications for Tunnel Protocol Support (attributes)
+
+|https://datatracker.ietf.org/doc/rfc2868/[RFC 2868] |RADIUS Attributes for Tunnel Protocol Support (attributes)
+
+|https://datatracker.ietf.org/doc/rfc2869/[RFC 2869] |RADIUS Extensions (attributes)
+
+|https://datatracker.ietf.org/doc/rfc2882/[RFC 2882] |Network Access Servers Requirements: Extended RADIUS Practices (information)
+
+|https://datatracker.ietf.org/doc/rfc3162/[RFC 3162] |RADIUS and IPv6 (attributes)
+
+|https://datatracker.ietf.org/doc/rfc3576[RFC 3576] |Dynamic Authorization Extensions to Remote Authentication Dial In User Service (RADIUS) (attributes)
+
+|https://datatracker.ietf.org/doc/rfc3579/[RFC 3579] |RADIUS (Remote Authentication Dial In User Service) Support For Extensible Authentication Protocol (EAP) (attributes)
+
+|https://datatracker.ietf.org/doc/rfc3580/[RFC 3580] |IEEE 802.1X Remote Authentication Dial In User Service (RADIUS) Usage Guidelines (attributes)
+
+|https://datatracker.ietf.org/doc/rfc4675/[RFC 4675] |RADIUS Attributes for Virtual LAN and Priority Support (information)
+
+|https://datatracker.ietf.org/doc/rfc4679/[RFC 4679] |DSL Forum Vendor-Specific RADIUS Attributes (attributes)
+
+|https://datatracker.ietf.org/doc/rfc4590/[RFC 4590] |RADIUS Extension for Digest Authentication (attributes)
+
+|https://datatracker.ietf.org/doc/rfc4818/[RFC 4818] |RADIUS Delegated-IPv6-Prefix Attribute (attributes)
+
+|https://datatracker.ietf.org/doc/rfc4849/[RFC 4849] |RADIUS Filter Rule Attribute (attributes)
+
+|https://datatracker.ietf.org/doc/rfc5080/[RFC 5080] |Common Remote Authentication Dial In User Service (RADIUS) Implementation Issues and Suggested Fixes (information)
+
+|https://datatracker.ietf.org/doc/rfc5997/[RFC 5997] |Use of Status-Server Packets in the Remote Authentication Dial In User Service (RADIUS) Protocol (information)
+
+|====
+
+
+
+
+
+
+
+
--- /dev/null
+[options=header,cols="20,~",autowidth]
+|====
+
+|RFC |Description
+
+|https://datatracker.ietf.org/doc/rfc1157/[RFC 1157] |A Simple Network Management Protocol (SNMP)
+
+|https://datatracker.ietf.org/doc/rfc1227/[RFC 1227] |SNMP MUX Protocol and MIB
+
+|https://datatracker.ietf.org/doc/rfc1448/[RFC 1448] |Protocol Operations for version 2 of the Simple Network Management Protocol (SNMPv2)
+
+|https://datatracker.ietf.org/doc/rfc1901/[RFC 1901] |Introduction to Community-based SNMPv2
+
+|https://datatracker.ietf.org/doc/rfc1905/[RFC 1905] |Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)
+
+|https://datatracker.ietf.org/doc/rfc2058/[RFC 2058] |Remote Authentication Dial In User Service (RADIUS)
+
+|https://datatracker.ietf.org/doc/rfc2059/[RFC 2059] |RADIUS Accounting
+
+|https://datatracker.ietf.org/doc/rfc2138/[RFC 2138] |Remote Authentication Dial In User Service (RADIUS)
+
+|https://datatracker.ietf.org/doc/rfc2139/[RFC 2139] |RADIUS Accounting
+
+|https://datatracker.ietf.org/doc/rfc2243/[RFC 2243] |OTP Extended Responses
+
+|https://datatracker.ietf.org/doc/rfc2289/[RFC 2289] |A One-Time Password System
+
+|https://datatracker.ietf.org/doc/rfc2433/[RFC 2433] |Microsoft PPP CHAP Extensions
+
+|https://datatracker.ietf.org/doc/rfc2607/[RFC 2607] |Proxy Chaining and Policy Implementation in Roaming
+
+|https://datatracker.ietf.org/doc/rfc2618/[RFC 2618] |RADIUS Authentication Client MIB
+
+|https://datatracker.ietf.org/doc/rfc2619/[RFC 2619] |RADIUS Authentication Server MIB
+
+|https://datatracker.ietf.org/doc/rfc2620/[RFC 2620] |RADIUS Accounting Client MIB
+
+|https://datatracker.ietf.org/doc/rfc2621/[RFC 2621] |RADIUS Accounting Server MIB
+
+|https://datatracker.ietf.org/doc/rfc2716/[RFC 2716] |PPP EAP TLS Authentication Protocol
+
+|https://datatracker.ietf.org/doc/rfc2759/[RFC 2759] |Microsoft PPP CHAP Extensions, Version 2
+
+|https://datatracker.ietf.org/doc/rfc2924/[RFC 2924] |Accounting Attributes and Record Formats
+
+|https://datatracker.ietf.org/doc/rfc3575/[RFC 3575] |IANA Considerations for RADIUS (Remote Authentication Dial In User Service)
+
+|https://datatracker.ietf.org/doc/rfc3748/[RFC 3748] |Extensible Authentication Protocol (EAP)
+
+|====
+
--- /dev/null
+[options=cols="15,~", autowidth]
+|====
+
+|https://datatracker.ietf.org/doc/html/rfc4590#section-3.20[SIP-AOR] |This attribute, identifies the URI, and is used for the authorisation of SIP messages.
+
+|https://datatracker.ietf.org/doc/html/rfc6572#section-4.3[Service-Selection] |The name of the service or the external network with which the mobility service for the particular MN.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.6[Service-Type] |The the type of service the user has requested, or the type of service to be provided.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.27[Session-Timeout] |The maximum number of seconds of service provided to the user before a session terminates.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.24[State] |An attribute that's sent by the server to the client in an Access-Challenge or by client to the server in the new Access-Request.
+
+|https://datatracker.ietf.org/doc/html/rfc6911#section-3.5[Stateful-IPv6-Address-Pool] |The assigned pool used to select an IPv6 address for the user on the NAS.
+
+|====
--- /dev/null
+[options=cols="15,~", autowidth]
+|====
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.29[Termination-Action] |This Attribute indicates what action the NAS should take when the specified service is completed.
+
+|https://datatracker.ietf.org/doc/html/rfc2868#section-3.7[Tunnel-Assignment-ID] |This Attribute is used to indicate to the tunnel initiator the particular tunnel to which a session is to be assigned.
+
+|https://datatracker.ietf.org/doc/html/rfc2868#section-3.9[Tunnel-Client-Auth-ID] |This Attribute specifies the name used by the tunnel initiator during the authentication phase of tunnel establishment.
+
+|https://datatracker.ietf.org/doc/html/rfc2868#section-3.3[Tunnel-Client-Endpoint] |This Attribute contains the address of the initiator end of the tunnel.
+
+|https://datatracker.ietf.org/doc/html/rfc2867#section-3.6[Tunnel-Link-Reject] |This value marks the rejection of the establishment of a new link in an existing tunnel.
+
+|https://datatracker.ietf.org/doc/html/rfc2867#section-3.4[Tunnel-Link-Start] |This value marks the creation of a tunnel link.
+
+|https://datatracker.ietf.org/doc/html/rfc2867#section-3.5[Tunnel-Link-Stop] |This value marks the destruction of a tunnel link.
+
+|https://datatracker.ietf.org/doc/html/rfc2868#section-3.2[Tunnel-Medium-Type] |Attribute indicates which transport medium to use when creating a tunnel for those protocols (such as L2TP) that can operate over multiple transports.
+
+|https://datatracker.ietf.org/doc/html/rfc2868#section-3.5[Tunnel-Password] | Contains a password to be used to authenticate to a remote server.
+
+|https://datatracker.ietf.org/doc/html/rfc2868#section-3.8[Tunnel-Preference] |An attribute to indicate the relative preference assigned to each tunnel.
+
+|https://datatracker.ietf.org/doc/html/rfc2868#section-3.6[Tunnel-Private-Group-ID] |This Attribute indicates the group ID for a particular tunneled session.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-3.20[Tunnel-Reject] | This attribute, identifies the URI, and is used for the authorisation of SIP messages.
+
+|https://datatracker.ietf.org/doc/html/rfc2868#section-3.10[Tunnel-Server-Auth-ID] | This Attribute specifies the name used by the tunnel terminator during the authentication phase of tunnel establishment.
+
+|https://datatracker.ietf.org/doc/html/rfc2868#section-3.4[Tunnel-Server-Endpoint] |This Attribute indicates the address of the server end of the tunnel.
+
+|https://datatracker.ietf.org/doc/html/rfc2867#section-3.1[Tunnel-Start] |This value MAY be used to mark the establishment of a tunnel with another node.
+
+|https://datatracker.ietf.org/doc/html/rfc2867#section-3.2[Tunnel-Stop] |This value MAY be used to mark the destruction of a tunnel to or from another node.
+
+|https://datatracker.ietf.org/doc/html/rfc2868#section-3.1[Tunnel-Type] |This Attribute indicates the tunneling protocol(s) to be used a tunnel (either as a tunnel initiator or terminator).
+
+|====
--- /dev/null
+[options=cols="15,~", autowidth]
+|====
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.1[User-Name] |This Attribute indicates the name of the user to be authenticated.
+
+|https://datatracker.ietf.org/doc/html/rfc2865#section-5.2[User-Password] |This Attribute indicates the password of the user to be authenticated, or the user's input following an Access-Challenge.
+
+|====
+
+
--- /dev/null
+[options=cols="15,~", autowidth]
+|====
+
+|https://datatracker.ietf.org/doc/html/rfc6929#section-2.6[Vendor-Id] |This attribute assigns the identify to the vendor.
+
+|https://datatracker.ietf.org/doc/html/rfc6929#section-4[Vendor-Specific] |This attribute extends defines the characteristics of the specific vendor.
+
+|====
projects / thirdparty / freeradius-server.git / commitdiff
