[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: DISCUSS: draft-ietf-radext-fixes

To: "Glen Zorn (gwz)" <gwz@cisco.com>
Subject: Re: DISCUSS: draft-ietf-radext-fixes
From: Alan DeKok <aland@nitros9.org>
Date: Mon, 02 Jul 2007 23:15:25 +0200
Cc: "David B. Nelson" <dnelson@elbrysnetworks.com>, radiusext@ops.ietf.org, iesg@ietf.org, draft-ietf-radext-fixes@tools.ietf.org, radext-chairs@tools.ietf.org, Lars Eggert <lars.eggert@nokia.com>, Alan DeKok <aland@nitros9.org>
In-reply-to: <4C0FAAC489C8B74F96BEAD85EAEB262504414FD6@xmb-sjc-215.amer.cisco.com>
References: <E1I5KOT-00048s-Pp@ietf.org> <4688FB88.6040400@nitros9.org> <4C0FAAC489C8B74F96BEAD85EAEB262504414EE8@xmb-sjc-215.amer.cisco.com> <008701c7bccc$0859ed90$5d1216ac@xpsuperdvd2> <4C0FAAC489C8B74F96BEAD85EAEB262504414F2A@xmb-sjc-215.amer.cisco.com> <008f01c7bcd1$adee70a0$5d1216ac@xpsuperdvd2> <4C0FAAC489C8B74F96BEAD85EAEB262504414FD6@xmb-sjc-215.amer.cisco.com>
User-agent: Thunderbird 1.5.0.12 (X11/20070604)

Glen Zorn (gwz) wrote:
>> Not enforcing the monotonic requirement means that servers would need
>> to keep a cache of recently used Identifiers for each NAS IP/UDP. 

  Yes.  This is what RADIUS servers do.  The text in Section 2.2.2 of
the "fixes" document was added after a previous discussion on the RADEXT
list.  The consensus at that time was that mandating a cache was useful,
and reflected existing practices.

> Only if we assume that a) there is no capabilities exchange between
> clients & servers or b) that RADIUS servers have virtually no
> intelligence.  If a server noticed that every single identifier coming
> from a given client was 1 greater than the last over an hour or so,
> couldn't it reasonably assume that the client was behaving in the
> recommended fashion & process that client's requests in the more
> efficient manner?

  As opposed to caching packets keyed by (source IP, source port, Id)
for no more than 30 seconds?

  You're proposing keeping long-lived state to track Identifiers as a
way to avoid keeping short-lived state to track Identifiers.  It's an
novell idea, but I don't see the benefit.

  Alan DeKok.

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>

Follow-Ups:
- RE: DISCUSS: draft-ietf-radext-fixes
  - From: "Glen Zorn $gwz$" <gwz@cisco.com>

References:
- Re: DISCUSS: draft-ietf-radext-fixes
  - From: Alan DeKok <aland@nitros9.org>
- RE: DISCUSS: draft-ietf-radext-fixes
  - From: "Glen Zorn $gwz$" <gwz@cisco.com>
- RE: DISCUSS: draft-ietf-radext-fixes
  - From: "David B. Nelson" <dnelson@elbrysnetworks.com>
- RE: DISCUSS: draft-ietf-radext-fixes
  - From: "Glen Zorn $gwz$" <gwz@cisco.com>
- RE: DISCUSS: draft-ietf-radext-fixes
  - From: "David B. Nelson" <dnelson@elbrysnetworks.com>
- RE: DISCUSS: draft-ietf-radext-fixes
  - From: "Glen Zorn $gwz$" <gwz@cisco.com>

Prev by Date: Re: DISCUSS: draft-ietf-radext-fixes
Next by Date: Re: DISCUSS: draft-ietf-radext-fixes
Previous by thread: RE: DISCUSS: draft-ietf-radext-fixes
Next by thread: RE: DISCUSS: draft-ietf-radext-fixes
Index(es):
- Date
- Thread