[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on draft-adrangi-radius-extension-for-pwlan-00.txt

To: "Adrangi, Farid" <farid.adrangi@intel.com>
Subject: Re: Comments on draft-adrangi-radius-extension-for-pwlan-00.txt
From: Jari Arkko <jari.arkko@piuha.net>
Date: Tue, 16 Dec 2003 11:21:08 +0200
Cc: radiusext@ops.ietf.org
In-reply-to: <96D13222E704DC4D868F0009F0EE53E10AC242@orsmsx410.jf.intel.com>
Organization: None
References: <96D13222E704DC4D868F0009F0EE53E10AC242@orsmsx410.jf.intel.com>
Reply-to: jari.arkko@piuha.net
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20031007

Adrangi, Farid wrote:

1) Presumably, lack of indication about the address type from the
home network would be taken as either type being acceptable? If
yes, public+private option may not be necessary.
[FA] The lack of indication about the address type from the home network would most likely be taken as private address assignment (i.e., the default option).


I think it would be taken as the default option (but I'm not
sure that would be private address assignment in all cases).

2) If you were to *enforce* the selection from the home network,
then public+private option would not work.
[FA] Why wouldn't work? Sorry, I think I am missing your point here. The home network specifies the preferred address type only if it sees the Advertisement in the access-request indicating that the access network can either assign public or private address to a given WLAN client that is trying to connect. [FA]


I guess part of my confusion comes from the fact that I don't know
if IP Address Type Options = Public and Private in an Access-Accept
means

   (1) The home server does not care
   (2) The home server wants both types of addresses to be assigned.

Option 1 sounds logical to me.

3) I get a bit worried that lack of enforcement is going to
cause problems. Is it a general approach for AAA attributes
from the home server to be hints?


[FA] I would not consider this as a hint, rather a explicit request.
Because, this enforcement attribute is in response to the advertisement
in the access-request. Please note that the enforcement attribute should
not be sent if the advertisement attribute is not present. [FA]


It does indeed help if you only send the enforcement attribute
after seeing an advertisement in access-request. Then we at least
know the NAS supports this function, and we know what address types
are available. Also, you wrote earlier:

The other is how the Access Network is going to enforce the specified address type option (private or public address) when the client does a DHCP request - which IMO, this is outside the scope of the document and perhaps we should be more explicit about it.


So I guess what you mean is that you *will* enforce the address type.
The only missing things are how the NAS will tell the DHCP server about
this, and whether the client and the DHCP server need some protocol
enhancements to get this done. And you consider these issues to be
out of scope for this draft, which sounds reasonable.

Is my understanding correct?

--Jari


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

References:
- RE: Comments on draft-adrangi-radius-extension-for-pwlan-00.txt
  - From: "Adrangi, Farid" <farid.adrangi@intel.com>

Prev by Date: RE: Comments on draft-adrangi-radius-extension-for-pwlan-00.txt
Next by Date: RE: Comments on draft-adrangi-radius-issues-in-pwlan-roaming-00.t xt
Previous by thread: RE: Comments on draft-adrangi-radius-extension-for-pwlan-00.txt
Next by thread: RE: Comments on draft-adrangi-radius-extension-for-pwlan-00.txt
Index(es):
- Date
- Thread