[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Review of draft-ietf-radext-vlan-02.txt
From a standards perspective, there are no such thing as MAC-address
based VLANs. One could create the concept of a virtual port that is
identified by source MAC address, and then you apply the per-port
configuration to this construct. There is some consideration of this in
802.1AE and the next version of 802.1X.
Paul
> -----Original Message-----
> From: owner-radiusext@ops.ietf.org
> [mailto:owner-radiusext@ops.ietf.org] On Behalf Of Bernard Aboba
> Sent: Monday, April 17, 2006 2:19 PM
> To: dnelson@enterasys.com; radiusext@ops.ietf.org
> Subject: RE: Review of draft-ietf-radext-vlan-02.txt
>
> >Given that RADIUS is sometimes used in environments in which the one
> >user per port rule does not hold, should we place some text in the
> >draft that gives guidance what to do in thee cases? Or should we
> >assume that the reader of this document is sufficiently well
> versed in
> >the 802 documents that to realize that multi-user per port
> applications
> >are outside the scope of the VLAN and Priority draft?
>
> It might be worthwhile to introduce some text to describe the
> assumptions and what happens if they are violated.
>
> I'm also curious as to whether there was consideration of
> support for MAC-addressed based VLANs. In that model
> (supported by recent switches) it
> is possible for multiple hosts to share a port. One
> question that comes to
> mind is whether it is possible to manage such a deployment
> with these attributes or not.
>
>
>
> --
> to unsubscribe send a message to
> radiusext-request@ops.ietf.org with the word 'unsubscribe' in
> a single line as the message text body.
> archive: <http://psg.com/lists/radiusext/>
>
--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>