|
Draft
http://info.internet.isi.edu:80/in-drafts/files/draft-grant-tacacs-02.txt
TACACS+ is a protocol providing access control for routers,
network access servers and other networked computing devices via one or more
centralized servers. TACACS+ provides separate authentication, authorization and
accounting services.
(Compliant with IETF draft-grant-tacacs-00.txt 10-1996.)
The format of the header is shown in the following
illustration:
|
4
|
8
|
16
|
24
|
32 bits
|
|
Major
|
Minor
|
Packet type
|
Sequence no.
|
Flags
|
|
Session ID (4 bytes)
|
|
Length (4 bytes)
|
|
TACACS+ header structure
|
Major version
The major TACACS+ version number.
Minor version
The minor TACACS+ version number. This is intended to allow revisions to the
TACACS+ protocol while maintaining backwards compatibility.
Packet type
Possible values are:
TAC_PLUS_AUTHEN:= 0x01 (Authentication).
TAC_PLUS_AUTHOR:= 0x02 (Authorization).
TAC_PLUS_ACCT:= 0x03 (Accounting).
Sequence number
The sequence number of the current packet for the current session. The first
TACACS+ packet in a session must have the sequence number 1 and each subsequent
packet will increment the sequence number by one. Thus clients only send packets
containing odd sequence numbers, and TACACS+ daemons only send packets
containing even sequence numbers.
Flags
This field contains various flags in the form of bitmaps. The flag values
signify whether the packet is encrypted.
Session ID
The ID for this TACACS+ session.
Length
The total length of the TACACS+ packet body (not including the header).
|
