Re: Question on Status-Server document and CoA port

[Alan DeKok <aland@deployingradius.com>]

Greg Weber wrote:
> I would suggest to remove this text unless you want to pursue it
> on the Experimental track.

  Fine by me.

>  At least, I would think any watchdog
> traffic should be on the same port/addr path as the signaling traffic
> that it's trying to protect, in order to avoid firewall changes in the POP.

  What does that mean?  CoA packets *are* signaling traffic.  If normal
CoA packets can get from the RADIUS server to the NAS, then this (ab)use
of Status-Server should work, too.

> You are trying to see if the NAS can initiate authentication/accounting,
> right, not if the DAS is operating?

  No.  The idea was to (1) signal to the NAS that the RADIUS server was
alive, and (2) see if the NAS (or dynamic authorization server) was
operating.

>  It just seems like you are trying
> to recreate the Status-Client behavior by using Status-Server on the
> CoA port.

  Quite possibly.

  Alan DeKok.

--
to unsubscribe send a message to radiusext-request@ops.ietf.org with
the word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/radiusext/>