IETF Logo Mail Archive

Re: [Capwap] Please check my comments, thanks (draft-ietf-capwap-base-mib)

<Pasi.Eronen@nokia.com> Tue, 26 January 2010 09:50 UTC

Return-Path: <capwap-bounces+capwap-archive=lists.ietf.org@frascone.com>
X-Original-To: ietfarch-capwap-archive@core3.amsl.com
Delivered-To: ietfarch-capwap-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id AD6C63A67E3 for <ietfarch-capwap-archive@core3.amsl.com>; Tue, 26 Jan 2010 01:50:04 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.433
X-Spam-Level:
X-Spam-Status: No, score=-4.433 tagged_above=-999 required=5 tests=[AWL=-1.434, BAYES_00=-2.599, J_CHICKENPOX_52=0.6, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8-K3lFYTVyRb for <ietfarch-capwap-archive@core3.amsl.com>; Tue, 26 Jan 2010 01:50:02 -0800 (PST)
Received: from lists.tigertech.net (lists.tigertech.net [64.62.209.34]) by core3.amsl.com (Postfix) with ESMTP id 26D533A6405 for <capwap-archive@lists.ietf.org>; Tue, 26 Jan 2010 01:50:02 -0800 (PST)
Received: from zoidberg.tigertech.net (localhost [127.0.0.1]) by zoidberg.tigertech.net (Postfix) with ESMTP id DA4C1E18229 for <capwap-archive@lists.ietf.org>; Tue, 26 Jan 2010 01:50:11 -0800 (PST)
Received: from mx1.tigertech.net (mx1.tigertech.net [64.62.209.31]) by lists.tigertech.net (Postfix) with ESMTP id 7BEC0E240E1 for <capwap@lists.tigertech.net>; Tue, 26 Jan 2010 01:50:03 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by mx1.tigertech.net (Postfix) with ESMTP id 4F8D73610003 for <capwap@frascone.com>; Tue, 26 Jan 2010 01:50:03 -0800 (PST)
X-Virus-Scanned: Debian amavisd-new at hgblob.tigertech.net
Received: from mx1.tigertech.net (localhost [127.0.0.1]) by mx1.tigertech.net (Postfix) with ESMTP id A78FB3610001 for <capwap@frascone.com>; Tue, 26 Jan 2010 01:50:02 -0800 (PST)
X-TigerTech-Content-Filter: Clean
X-TigerTech-Spam-Status: Level 0 (High) (P0); Whitelisted TTSSA (pasi.eronen@nokia.com whitelisted)
Received: from mgw-mx06.nokia.com (smtp.nokia.com [192.100.122.233]) by mx1.tigertech.net (Postfix) with ESMTP for <capwap@frascone.com>; Tue, 26 Jan 2010 01:50:02 -0800 (PST)
Received: from vaebh106.NOE.Nokia.com (vaebh106.europe.nokia.com [10.160.244.32]) by mgw-mx06.nokia.com (Switch-3.3.3/Switch-3.3.3) with ESMTP id o0Q9nUqb028317; Tue, 26 Jan 2010 11:49:55 +0200
Received: from vaebh102.NOE.Nokia.com ([10.160.244.23]) by vaebh106.NOE.Nokia.com with Microsoft SMTPSVC(6.0.3790.3959); Tue, 26 Jan 2010 11:49:32 +0200
Received: from smtp.mgd.nokia.com ([65.54.30.5]) by vaebh102.NOE.Nokia.com over TLS secured channel with Microsoft SMTPSVC(6.0.3790.3959); Tue, 26 Jan 2010 11:49:21 +0200
Received: from NOK-EUMSG-01.mgdnok.nokia.com ([65.54.30.86]) by nok-am1mhub-01.mgdnok.nokia.com ([65.54.30.5]) with mapi; Tue, 26 Jan 2010 10:49:20 +0100
From: Pasi.Eronen@nokia.com
To: young@h3c.com
Date: Tue, 26 Jan 2010 10:49:19 +0100
Thread-Topic: Please check my comments,thanks (draft-ietf-capwap-base-mib)
Thread-Index: AcqcprveNuuKdJCPS0+7LqXFIzj9XQBxK5xQ
Message-ID: <808FD6E27AD4884E94820BC333B2DB775841199B38@NOK-EUMSG-01.mgdnok.nokia.com>
References: <38fcf3389d19.389d1938fcf3@huawei-3com.com>
In-Reply-To: <38fcf3389d19.389d1938fcf3@huawei-3com.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
MIME-Version: 1.0
X-OriginalArrivalTime: 26 Jan 2010 09:49:21.0119 (UTC) FILETIME=[D5A04EF0:01CA9E6C]
X-Nokia-AV: Clean
Cc: capwap-chairs@tools.ietf.org, capwap@frascone.com, yozhang@gmail.com, iesg@ietf.org, draft-ietf-capwap-base-mib@tools.ietf.org
Subject: Re: [Capwap] Please check my comments, thanks (draft-ietf-capwap-base-mib)
X-BeenThere: capwap@frascone.com
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: A list for CAPWAP technical discussions <capwap.frascone.com>
List-Post: <mailto:capwap@frascone.com>
X-Tigertech-Mailman-Hint: 636170776170
List-Subscribe: <http://lists.frascone.com/mailman/listinfo/capwap>, <mailto:capwap-request@frascone.com?subject=subscribe>
List-Unsubscribe: <http://lists.frascone.com/mailman/listinfo/capwap>, <mailto:capwap-request@frascone.com?subject=unsubscribe>
List-Archive: <http://lists.frascone.com/pipermail/capwap>
List-Help: <mailto:capwap-request@frascone.com?subject=help>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: capwap-bounces+capwap-archive=lists.ietf.org@frascone.com

shiyang 00338 wrote:

>> I'm still not sure the MIB object is useful. First of all, such
>> DTLS configuration MIB does not currently exist (and is not even
>> planned). Second, it hard-codes an assumption that all WTPs
>> connected to an AC use same type of authentication. The CAPWAP
>> protocol itself would allow some WTPs so use X.509 and others PSK,
>> so if your AC implementation supports this, it can't implement this
>> MIB object.
>> 
>> BTW, the same limitation seems to apply to
>> e.g. capwapBaseDataChannelDTLSPolicyConfig, too -- if your AC
>> supports configuring DTLS for only some WTPs (perhaps those located
>> in physically less secure environments), it cannot implement this
>> MIB object.
>> 
>> If the WG feels this MIB object is anyway useful, at the very least it
>> should point out that many ACs may not be able to implement it.

> ////////////////////
> [Richard]
> Any way, the configuration of such authentication parameter should
> not be in the scope of CAPWAP MIB (I explained it in the last
> email).  As per Pasi's comments, I agree to remove both
> capwapBaseControlChannelAuthenConfig and
> capwapBaseDataChannelDTLSPolicyConfig.

OK.

>>> [Richard]
>>> Yes, capwapBaseWtpState indicates the AC's CAPWAP FSM state for
>>> each WTP, not the WTP's FSM.  The capwapBaseWtpState is a MIB object
>>> on the AC.
> 
>> OK; please clarify the description accordingly.
>
> //////////
> [Richard]
> The description would be modified:
> capwapBaseWtpStateTable OBJECT-TYPE
>     SYNTAX      SEQUENCE OF CapwapBaseWtpStateEntry
>     MAX-ACCESS  not-accessible
>     STATUS      current
>     DESCRIPTION
>         "A table of objects that indicate the AC's CAPWAP FSM state
>          for each WTP, and helps the operator to query the WTPs'
>          current
>          configuration."
>     ::= { capwapBaseWtps 2 }
> 
> capwapBaseWtpStateEntry  OBJECT-TYPE
>     SYNTAX      CapwapBaseWtpStateEntry
>     MAX-ACCESS  not-accessible
>     STATUS      current
>     DESCRIPTION
>         "A set of objects that display the AC's CAPWAP FSM state
>          for each WTP.
>          Also, the operator could query the current configuration
>          of a WTP by using the identifier of the corresponding
>          WTP profile."
>     INDEX { capwapBaseWtpStateWtpId }
>     ::= { capwapBaseWtpStateTable 1 }
> 
> capwapBaseWtpStateEntry  OBJECT-TYPE
>     SYNTAX      CapwapBaseWtpStateEntry
>     MAX-ACCESS  not-accessible
>     STATUS      current
>     DESCRIPTION
>         "A set of objects that display the AC's CAPWAP FSM state
>          for each WTP.
>          Also, the operator could query the current configuration
>          of a WTP by using the identifier of the corresponding
>          WTP profile."
>     INDEX { capwapBaseWtpStateWtpId }
>     ::= { capwapBaseWtpStateTable 1 }
> 
>     capwapBaseWtpState  OBJECT-TYPE
>     SYNTAX      INTEGER {
>                   dtls(1),
>                   join(2),
>                   image(3),
>                   configure(4),
>                   dataCheck(5),
>                   run(6),
>                   reset(7),
>                   dtlsTeardown(8),
>                   unknown(9)
>                 }
>     MAX-ACCESS  read-only
>     STATUS      current
>     DESCRIPTION
>         "Represents the various possible the AC's CAPWAP FSM state
>          for each WTP.
>          The following enumerated values are supported:
>            dtls(1)         - DTLS negotiation states, which include
>                              DTLS setup, authorize, DTLS connect
>            join(2)         - The WTP is joining with the AC
>            image(3)        - The WTP is downloading software
>            configure(4)    - The WTP is getting configuration from
>                              the AC
>            dataCheck(5)    - The AC is waiting for the Data Channel
>                              Keep Alive Packet
>            run(6)          - The WTP enters the running state
>            reset(7)        - The AC transmits a reset request message
>                              to the WTP
>            dtlsTeardown(8) - DTLS session is tear down
>            unknown(9)      - Operator already prepared configuration
>                              for the WTP, while the WTP has not contact
>                              with the AC till now"
>     REFERENCE
>         "Section 2.3.1. of CAPWAP Protocol Specification, RFC 5415."
>     ::= { capwapBaseWtpStateEntry 5 }
> 
> The section 6 also needs change:
>    4) capwapBaseWtpStateTable
>    The WTPs status table is used to indicate the AC's CAPWAP FSM state
>    for each WTP, and helps operator to query WTPs' current
> configuration.

Looks good!

<snip>
(I see there're separate emails about the NAT-related things,
so I'm omitting those from here.)

<snip>
>>> [Richard] You are correct, it is not required to give a scope limit
>>> to the capwapBaseMacAclId. The editors misunderstood the value 255
>>> mentioned in the RFC5415.
>> 
>> OK.
>
> ////////////////
> [Richard]
> the change would be:
> capwapBaseMacAclId OBJECT-TYPE
>     SYNTAX      Unsigned32
>     MAX-ACCESS  not-accessible
>     STATUS      current
>     DESCRIPTION
>         "Represents the unique identifier of an ACL."
>     ::= { capwapBaseMacAclEntry 1 }

Looks good!

Best regards,
Pasi

_________________________________________________________________
To unsubscribe or modify your subscription options, please visit:
http://lists.frascone.com/mailman/listinfo/capwap

Archives: http://lists.frascone.com/pipermail/capwap

v2.23.0 | Report a Bug | By Email