[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Issue 226: RFC 3576bis and Renumbering

To: <radiusext@ops.ietf.org>
Subject: RE: Issue 226: RFC 3576bis and Renumbering
From: Bernard Aboba <bernard_aboba@hotmail.com>
Date: Mon, 4 Jun 2007 10:50:16 -0700

> [Avi2]  Yes.  I think that this is the best apporoach. Perhaps an example or two would make it clear.  If the NAS receives a session ID that identifies the User Session only such as NAI, and if the user had multiple sessions such as IP sessions, then ALL the sessions associated with that user are affected.

[BA] OK.  I've filed a separate issue on this. 

> [BA] Where the NAS is a pure L2 device (e.g. IEEE 802 switch, 802.11 AP), it has no awareness of L3,  and so does not track the IP addresses of clients.
> [Avi2] Then receiving an IP address makes no sense to the NAS either as a session identifier or as a new IP address.

[BA] Right. 

> [Avi2]  Just for the record.  I am not aware of any application where we want to change the IP address using RADIUS.  Infact, in most cases we never want to change the IP address since that breaks IP Session Continuity.  Why would anyone want to change the IP address?  But lets say that we do want to support such a feature. Who knows what the future will bring.

[BA] This issue originally came up in a 16ng WG presentation, describing use of Framed-IPv6-Prefix/Delegated-IPv6-Prefix for address management in WiMAX.  My assumption is that Delegated-IPv6-Prefix would never be used for session identification so that there is no issue with attempting to change the delegated prefixes in a CoA-Request. 

> 1. Allow Framed-IP-Address/Framed-IPv6-Prefix/Framed-Identifier attributes in Disconnect-Request & CoA-Request packets, only for identification.   Changing the address would require a Service-Type=Authorize Only.  This was what we had in -05.
> [Avi2] This is inefficient.  If you were to have a reason to change an IP address mid session that you should be able to do so with either approach.  As I said above, I cant think of any reason to change an IP address.  So I could live with this.

[BA] I agree that selection by IP address is likely to be much more common than changing an IP address.  

> 4. Allow Framed-IP-Address/Framed-IPv6-Prefix/Framed-Identifier address attributes in Disconnect-Request & CoA-Request packets only for identification.  Invent new attributes for address change.
> [Avi2] Yes.  I think this option is the most appealing to me.
> [Avi2] I think 4 is the right choice.  And we can use that model for any other session identifier that can also  be changed dynamically.

[BA] OK.  

> [Avi2] Yes I agree.  I think we better be explicit about VSAs.

[BA] A separate issue has been opened for this. 


--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Prev by Date: RE: Issue 226: RFC 3576bis and Renumbering
Next by Date: Extensibility of draft-ietf-radext-filter-rules
Previous by thread: RE: Issue 226: RFC 3576bis and Renumbering
Next by thread: RFC 4590 IETF Last Call Comments
Index(es):
- Date
- Thread