RADIUS attribute from rfc7268
WLAN-RF-Band
The WLAN-RF-Band Attribute contains information on the radio
frequency (RF) band used by the Access Point for transmission and
reception of information to and from the mobile device. Zero or
one WLAN-RF-Band Attribute MAY be included within an Access-
Request or Accounting-Request packet.
A summary of the WLAN-RF-Band Attribute format is shown below.
The fields are transmitted from left to right.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | Value
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Value |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
190
Length
6
Value
The Value field is four octets, containing a 32-bit unsigned
integer. The three most significant octets MUST be set to zero by
the sender and are ignored by the receiver; the least significant
octet contains the RF Band field, whose values are defined by the
IEEE 802.11 Band ID field (Table 8-53a of )
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Reserved | RF Band |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+3. Table of AttributesThe following table provides a guide to which attributes may be found
in which kinds of packets and in what quantity.
Access- Access- Access- Access-
Request Accept Reject Challenge # Attribute
0 0+ 0 0 174 Allowed-Called-Station-Id
0-1 0-1 0 0 102 EAP-Key-Name
0-1 0+ 0 0 175 EAP-Peer-Id
0-1 0+ 0 0 176 EAP-Server-Id
0-1 0 0 0 177 Mobility-Domain-Id
0-1 0-1 0 0 178 Preauth-Timeout
0-1 0 0 0 179 Network-Id-Name
0+ 0+ 0+ 0+ 180 EAPoL-Announcement
0-1 0 0 0 181 WLAN-HESSID
0-1 0 0 0 182 WLAN-Venue-Info
0+ 0 0 0 183 WLAN-Venue-Language
0+ 0 0 0 184 WLAN-Venue-Name
0 0 0-1 0 185 WLAN-Reason-Code
0-1 0 0 0 186 WLAN-Pairwise-Cipher
0-1 0 0 0 187 WLAN-Group-Cipher
0-1 0 0 0 188 WLAN-AKM-Suite
0-1 0 0 0 189 WLAN-Group-Mgmt-Cipher
0-1 0 0 0 190 WLAN-RF-Band
CoA- Dis- Acct-
Req Req Req # Attribute
0+ 0 0+ 174 Allowed-Called-Station-Id
0-1 0 0 102 EAP-Key-Name
0 0 0+ 175 EAP-Peer-Id
0 0 0+ 176 EAP-Server-Id
0 0 0-1 177 Mobility-Domain-Id
0-1 0 0 178 Preauth-Timeout
0 0 0-1 179 Network-Id-Name
0+ 0+ 0+ 180 EAPoL-Announcement
0 0 0-1 181 WLAN-HESSID
0 0 0-1 182 WLAN-Venue-Info
0 0 0+ 183 WLAN-Venue-Language
0 0 0+ 184 WLAN-Venue-Name
0 0-1 0-1 185 WLAN-Reason-Code
0 0 0-1 186 WLAN-Pairwise-Cipher
0 0 0-1 187 WLAN-Group-Cipher
0 0 0-1 188 WLAN-AKM-Suite
0 0 0-1 189 WLAN-Group-Mgmt-Cipher
0 0 0-1 190 WLAN-RF-BandThe following table defines the above table entries.
0 This attribute MUST NOT be present in packet.
0+ Zero or more instances of this attribute MAY be present in the
packet.
0-1 Zero or one instance of this attribute MAY be present in the
packet.4. IANA ConsiderationsThis document uses the RADIUS namespace; see
<>. Per this
specification, RADIUS attribute types have been assigned for the
following attributes:
Attribute Type
========= ====
Allowed-Called-Station-Id 174
EAP-Peer-Id 175
EAP-Server-Id 176
Mobility-Domain-Id 177
Preauth-Timeout 178
Network-Id-Name 179
EAPoL-Announcement 180
WLAN-HESSID 181
WLAN-Venue-Info 182
WLAN-Venue-Language 183
WLAN-Venue-Name 184
WLAN-Reason-Code 185
WLAN-Pairwise-Cipher 186
WLAN-Group-Cipher 187
WLAN-AKM-Suite 188
WLAN-Group-Mgmt-Cipher 189
WLAN-RF-Band 190
Since this specification relies entirely on values assigned by IEEE
802, no registries are established for maintenance by the IANA.5. Security ConsiderationsSince this document describes the use of RADIUS for purposes of
authentication, authorization, and accounting in IEEE 802 networks,
it is vulnerable to all of the threats that are present in other
RADIUS applications. For a discussion of these threats, see
, , , , , and .
In particular, when RADIUS traffic is sent in the clear, the
attributes defined in this document can be obtained by an attackersnooping the exchange between the RADIUS client and server. As a
result, RADIUS confidentiality is desirable; for a review of RADIUS
security and crypto-agility requirements, see .
While it is possible for a RADIUS server to make decisions on whether
to accept or reject an Access-Request based on the values of the
WLAN-Pairwise-Cipher, WLAN-Group-Cipher, WLAN-AKM-Suite, WLAN-Group-
Mgmt-Cipher, and WLAN-RF-Band Attributes, the value of doing this is
limited. In general, an Access-Reject should not be necessary,
except where Access Points and Stations are misconfigured so as to
enable connections to be made with unacceptable values. Rather than
rejecting access on an ongoing basis, users would be better served by
fixing the misconfiguration.
Where access does need to be rejected, the user should be provided
with an indication of why the problem has occurred, or else they are
likely to become frustrated. For example, if the values of the WLAN-
Pairwise-Cipher, WLAN-Group-Cipher, WLAN-AKM-Suite, or WLAN-Group-
Mgmt-Cipher Attributes included in the Access-Request are not
acceptable to the RADIUS server, then a WLAN-Reason-Code Attribute
with a value of 29 (Requested service rejected because of service
provider ciphersuite or AKM requirement) SHOULD be returned in the
Access-Reject. Similarly, if the value of the WLAN-RF-Band Attribute
included in the Access-Request is not acceptable to the RADIUS
server, then a WLAN-Reason-Code Attribute with a value of 11
(Disassociated because the information in the Supported Channels
element is unacceptable) SHOULD be returned in the Access-Reject.6. References