RE: [Pana] and network selection
Alper Yegin <alper.yegin@samsung.com> Tue, 09 November 2004 16:24 UTC
Received: from megatron.ietf.org (megatron.ietf.org [132.151.6.71]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA15994 for <pana-archive@lists.ietf.org>; Tue, 9 Nov 2004 11:24:52 -0500 (EST)
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CRYmH-0007pL-MQ; Tue, 09 Nov 2004 11:23:29 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CRYWJ-00029Z-2v for pana@megatron.ietf.org; Tue, 09 Nov 2004 11:06:59 -0500
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA13602 for <pana@ietf.org>; Tue, 9 Nov 2004 11:06:56 -0500 (EST)
Received: from mailout2.samsung.com ([203.254.224.25]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CRYX1-0007Su-VM for pana@ietf.org; Tue, 09 Nov 2004 11:07:47 -0500
Received: from custom-daemon.mailout2.samsung.com by mailout2.samsung.com (iPlanet Messaging Server 5.2 HotFix 1.17 (built Jun 23 2003)) id <0I6X0030162NZK@mailout2.samsung.com> for pana@ietf.org; Wed, 10 Nov 2004 01:06:23 +0900 (KST)
Received: from ep_mmp2 (mailout2.samsung.com [203.254.224.25]) by mailout2.samsung.com (iPlanet Messaging Server 5.2 HotFix 1.17 (built Jun 23 2003)) with ESMTP id <0I6X000HA62MB4@mailout2.samsung.com> for pana@ietf.org; Wed, 10 Nov 2004 01:06:22 +0900 (KST)
Received: from Alperyegin ([105.253.155.66]) by mmp2.samsung.com (iPlanet Messaging Server 5.2 HotFix 1.17 (built Jun 23 2003)) with ESMTPA id <0I6X00HM462JHJ@mmp2.samsung.com> for pana@ietf.org; Wed, 10 Nov 2004 01:06:22 +0900 (KST)
Date: Tue, 09 Nov 2004 08:06:17 -0800
From: Alper Yegin <alper.yegin@samsung.com>
Subject: RE: [Pana] and network selection
To: jari.arkko@piuha.net
Message-id: <003b01c4c676$0d2c63b0$7a868182@sisa.samsung.com>
MIME-version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1441
X-Mailer: Microsoft Outlook, Build 10.0.2627
Content-type: text/plain; charset="us-ascii"
Content-transfer-encoding: 7bit
Importance: Normal
X-Priority: 3 (Normal)
X-MSMail-priority: Normal
X-Spam-Score: 0.0 (/)
X-Scan-Signature: f66b12316365a3fe519e75911daf28a8
Content-Transfer-Encoding: 7bit
Cc: pana@ietf.org, 'Yoshihiro Ohba' <yohba@tai.toshiba.com>, 'Avi Lior' <avi@bridgewatersystems.com>
X-BeenThere: pana@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Protocol for carrying Authentication for Network Access <pana.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/pana>, <mailto:pana-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:pana@ietf.org>
List-Help: <mailto:pana-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/pana>, <mailto:pana-request@ietf.org?subject=subscribe>
Sender: pana-bounces@ietf.org
Errors-To: pana-bounces@ietf.org
Content-Transfer-Encoding: 7bit
Jari, > Yes. Two things remain, however: > > (1) Does someone have an answer as to how all this can be > accomplished in the current AAA protocols while > still allowing the local access provider to have > a proxy AND roaming? I'm not quite sure how the > destination realm value is set in the case of > Diameter EAP, for instance. I think Yoshi has responded to that issue. > > (2) We need to consider this in light of Avi's question, > which was what additional value the PANA ISP selection > provides over things that already exist in EAP. I > personally do not believe you absolutely need to > have additional value, but of course it would be > useful if you could demonstrate, for instance, that > your "L2" network selection scheme is better than > what exists in 802.1X. I think ND&S belongs to layers below EAP (EAP lower-layer, or even below that). Doing that in EAP can only be workaround in case lower-layers don't already handle that. Maybe not all EAP lower-layers can handle that, but since we are designing PANA from scratch, we could. So, imho we are doing the "right thing" ;-) So, imo, the right question is not why we need this functionality in PANA when we can do it with EAP, but the other way around. I hope someone can answer that too. Meanwhile, let me discuss what happens when you do ND&S in EAP. I presume you are referring to "draft-adrangi-eap-network-discovery-05". My comments are based on that. EAP is for "authentication". I think the authentication end-points should be chosen before the authentication is engaged. If not, then we end up having to require changes to EAP behavior, as the I-D suggests. On the peer, authenticator, and the authentication server. The ISP ND&S issue can be solved within client-NAS. There shouldn't be a need to involve the AS, but the I-D suggests that. And I didn't understand which AS fails the client ID when the NAI is not supported... Performance is another issue. ND&S is best done before EAP is engaged. The proposed scheme in the worst case involves an extra round trip to a AS to do ND&S. The scheme suggests adding information after the NUL in id request. "workaround" is the nicest word that comes to my mind to characterize such a solution. And, of course it may conflicts with other people's "workarounds" ;-) And the MTU limitation... Overall, I can see this scheme being needed when the lower-layers don't help at all. When using PANA, ISP selection can be handled by PANA-specific mechanism. Going back to 802.1X... Is there a ND&S facility in 1X? Or, are you referring to the EAP-scheme I discussed above? > > Speaking of multicast packets, how does a PANA client > know that it needs to initiate a PANA exchange? It either knows the PAA in advance, or dynamically discovers (solicited and unsolicited PANA-Start) it. > What > if you added a new PANA multicast message that told > the client about this and carries the ISP/ASP info > within it? Hmm... We don't have that. But the cost of ISP/ASP discovery is one mcast sent by the PaC in the worst case. So, I'm not sure if the benefit overweighs the cost of adding one more message/mechanism to the spec... Comments? Alper > > --Jari _______________________________________________ Pana mailing list Pana@ietf.org https://www1.ietf.org/mailman/listinfo/pana
- [Pana] and network selection Avi Lior
- Re: [Pana] and network selection Yoshihiro Ohba
- RE: [Pana] and network selection Avi Lior
- Re: [Pana] and network selection Yoshihiro Ohba
- Re: [Pana] and network selection Jari Arkko
- Re: [Pana] and network selection Yoshihiro Ohba
- Re: [Pana] and network selection Jari Arkko
- RE: [Pana] and network selection Avi Lior
- Re: [Pana] and network selection Jari Arkko
- RE: [Pana] and network selection Alper Yegin
- RE: [Pana] and network selection Alper Yegin
- Re: [Pana] and network selection Jari Arkko
- RE: [Pana] and network selection Avi Lior
- RE: [Pana] and network selection Avi Lior
- Re: [Pana] and network selection Yoshihiro Ohba
- Re: [Pana] and network selection Yoshihiro Ohba
- RE: [Pana] and network selection Alper Yegin
- RE: [Pana] and network selection Avi Lior
- RE: [Pana] and network selection Mohan Parthasarathy
- Re: [Pana] and network selection Jari Arkko
- Re: [Pana] and network selection Jari Arkko
- Re: [Pana] and network selection Yoshihiro Ohba
- Re: [Pana] and network selection Jari Arkko
- Re: [Pana] and network selection Yoshihiro Ohba
- RE: [Pana] and network selection Alper Yegin
- RE: [Pana] and network selection Alper Yegin