IETF Logo Mail Archive

MIP6-AAA Fwk 3 (was RE: [Mip6] mip6-aaa frameworks)

Alper Yegin <alper.yegin@samsung.com> Wed, 16 February 2005 19:46 UTC

Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA10161 for <mip6-web-archive@ietf.org>; Wed, 16 Feb 2005 14:46:17 -0500 (EST)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1D1VTA-0006uH-Bj for mip6-web-archive@ietf.org; Wed, 16 Feb 2005 15:08:20 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1D1TUe-0006nS-07; Wed, 16 Feb 2005 13:01:44 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1D1RfY-00072c-GN for mip6@megatron.ietf.org; Wed, 16 Feb 2005 11:04:52 -0500
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA04880 for <mip6@ietf.org>; Wed, 16 Feb 2005 11:04:49 -0500 (EST)
Received: from mailout3.samsung.com ([203.254.224.33]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1D1S0n-0002pq-RI for mip6@ietf.org; Wed, 16 Feb 2005 11:26:51 -0500
Received: from custom-daemon.mailout3.samsung.com by mailout3.samsung.com (iPlanet Messaging Server 5.2 Patch 2 (built Jul 14 2004)) id <0IC000101HZ5F2@mailout3.samsung.com> for mip6@ietf.org; Thu, 17 Feb 2005 01:04:17 +0900 (KST)
Received: from ep_mmp2 (mailout3.samsung.com [203.254.224.33]) by mailout3.samsung.com (iPlanet Messaging Server 5.2 Patch 2 (built Jul 14 2004)) with ESMTP id <0IC0005TBHZ4TP@mailout3.samsung.com> for mip6@ietf.org; Thu, 17 Feb 2005 01:04:16 +0900 (KST)
Received: from Alperyegin ([105.253.155.5]) by mmp2.samsung.com (iPlanet Messaging Server 5.2 HotFix 1.17 (built Jun 23 2003)) with ESMTPA id <0IC0001VEHZ1BD@mmp2.samsung.com> for mip6@ietf.org; Thu, 17 Feb 2005 01:04:16 +0900 (KST)
Date: Wed, 16 Feb 2005 08:04:11 -0800
From: Alper Yegin <alper.yegin@samsung.com>
Subject: MIP6-AAA Fwk 3 (was RE: [Mip6] mip6-aaa frameworks)
In-reply-to: <011101c513c8$9a1d5e10$861167c0@adithya>
To: 'Mohan Parthasarathy' <mohanp@sbcglobal.net>, mip6@ietf.org
Message-id: <163001c51441$2955dd50$291d9069@sisa.samsung.com>
MIME-version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1441
X-Mailer: Microsoft Outlook, Build 10.0.2627
Content-type: text/plain; charset="us-ascii"
Content-transfer-encoding: 7bit
Importance: Normal
X-Priority: 3 (Normal)
X-MSMail-priority: Normal
X-Spam-Score: 0.0 (/)
X-Scan-Signature: a7d6aff76b15f3f56fcb94490e1052e4
Content-Transfer-Encoding: 7bit
X-BeenThere: mip6@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: mip6.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/mip6>, <mailto:mip6-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:mip6@ietf.org>
List-Help: <mailto:mip6-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/mip6>, <mailto:mip6-request@ietf.org?subject=subscribe>
Sender: mip6-bounces@ietf.org
Errors-To: mip6-bounces@ietf.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: c1c65599517f9ac32519d043c37c5336
Content-Transfer-Encoding: 7bit

> > Framework 3:
> > ------------
> > Piggybacking MIP6 signaling (BU) with network access AAA. In-band
with
> > the network access authentication execution, the MN delivers
> > (piggybacks) a BU to the AAA server. The AAA server may have to
relay
> > the BU to the HA (unless collocated).
> >
> > Related I-D:
> >
> > draft-le-aaa-mipv6-requirements-03
> >
> > Discussion:
> >
> > While the performance benefits are clear, limited applicability (not
> > always the network access and mobility services are bundled) and
> > complexity are concerning.
> >
> Can you elaborate on the complexity issue ?

- By the time network access AAA is executed:
  - MN must know its HA (may not be possible if the HA 
    discovery is done after the access is authorized -- e.g., 
    DHCP, DNS-based schemes)
  - MN must know its care-of address. (may not be possible if the
    CoA allocation depends on the network access authentication.
- AAA_home server must decapsulate the BU and forward it to the HA. What
is the source address in BU packets? (may be a ingress-filtering
concern).
- The BUack from the HA: is it sent back to MN directly, or forwarded to
AAA_home and piggybacked in the AAA response to MN?
- The results of mobility management and access authorization may need
to be coordinated? What happens when one succeeds and other fails?
- What is the transport for BU? EAP, or EAP lower layers, PPP+RADIUS, ?

I don't claim these are impossible to answer, but clearly each answer
would lead to additional complexity.

Alper



_______________________________________________
Mip6 mailing list
Mip6@ietf.org
https://www1.ietf.org/mailman/listinfo/mip6

v2.23.0 | Report a Bug | By Email