Hi, > To be clear, this fragmentation issue is a problem for RADIUS, but not > RADSEC, correct? I'd assume that TCP MSS negotiation combined with > Packetization Layer Path MTU discovery should make fragmentation of TCP > segments relatively unlikely. That is correct, a reliable transport makes this problem go away, or at least makes life a lot easier in that respect. Still, even though I'm quite enthusiastic about RadSec, I can still imagine people using just plain RADIUS who suffer from that problem. > BTW, how does IPsec solve the fragmentation problem for RADIUS? Couldn't > it make it worse? As I don't use RADIUS-over-IPSec myself, I asked one of our national eduroam operators for his practical experiences in that respect. I'll keep you posted. Greetings, Stefan Winter -- Stefan WINTER Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche Ingenieur Forschung & Entwicklung 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg E-Mail: stefan.winter@restena.lu Tel.: +352 424409-1 http://www.restena.lu Fax: +352 422473
Attachment:
signature.asc
Description: This is a digitally signed message part.