Re: Issue 226: RFC 3576bis and Renumbering

[Alan DeKok <aland@nitros9.org>]

Bernard Aboba wrote:
> The problem described in this issue is that a CoA-Request packet cannot
> be used for renumbering.  This is because RFC 3576 defines the
> Framed-IP-Address, Framed-IPv6-Prefix and Framed-Interface-Id attributes
> as session identification attributes.

  Looking at issues & fixes, I'm not sure why we didn't require all
NASes to generate a unique session ID in the Access-Request packet.
Once that's done, the session can be identified by that ID, rather than
by an ad-hoc collection of network identifiers that are protocol-specific.

> I'd like to put forward a potential approach to address this concern,
> which is to introduce two new attributes, User-IPv4-Address and
> User-IPv6-Address, in order to identify a session by IP address.  This
> would allow the Framed-IP-Address, Framed-IPv6-Prefix,
> Framed-Interface-Id and Delegated-IPv6-Address attributes to be included
> for the purpose of renumbering.

  If the NAS is sending Acct-Session-Id, why not just use that to
identify the session?  If the NAS isn't sending it (or isn't sending
accounting packets at all), then the proposal above already suggests
changing the NAS behavior.  Why not just require sending Acct-Session-Id
in all Access-Requests?

  If that is unacceptable, then your proposal seems reasonable.  But I'm
wary of adding duplicate attributes for niche solutions.

  Alan DeKok.


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>