Re: [radext] [internet-drafts@ietf.org] New Version Notification for draft-hartman-radext-bigger-packets-00.txt
Alejandro Perez Mendez <alex@um.es> Tue, 22 October 2013 07:57 UTC
Return-Path: <alex@um.es>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CE64911E814C for <radext@ietfa.amsl.com>; Tue, 22 Oct 2013 00:57:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.598
X-Spam-Level:
X-Spam-Status: No, score=-6.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0Oie9UML-XWE for <radext@ietfa.amsl.com>; Tue, 22 Oct 2013 00:57:02 -0700 (PDT)
Received: from xenon14.um.es (xenon14.um.es [155.54.212.168]) by ietfa.amsl.com (Postfix) with ESMTP id 2892C11E817C for <radext@ietf.org>; Tue, 22 Oct 2013 00:56:40 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by xenon14.um.es (Postfix) with ESMTP id 8A88E5D511 for <radext@ietf.org>; Tue, 22 Oct 2013 09:56:33 +0200 (CEST)
X-Virus-Scanned: by antispam in UMU at xenon14.um.es
Received: from xenon14.um.es ([127.0.0.1]) by localhost (xenon14.um.es [127.0.0.1]) (amavisd-new, port 10024) with LMTP id gGL38rr4POdR for <radext@ietf.org>; Tue, 22 Oct 2013 09:56:33 +0200 (CEST)
Received: from [192.168.10.2] (84.124.131.72.dyn.user.ono.com [84.124.131.72]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) (Authenticated sender: alex) by xenon14.um.es (Postfix) with ESMTPSA id 0FD775D4F8 for <radext@ietf.org>; Tue, 22 Oct 2013 09:56:31 +0200 (CEST)
Message-ID: <52662FAE.3040900@um.es>
Date: Tue, 22 Oct 2013 09:56:30 +0200
From: Alejandro Perez Mendez <alex@um.es>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.0
MIME-Version: 1.0
To: radext@ietf.org
References: <tslsivuv1kq.fsf@mit.edu>
In-Reply-To: <tslsivuv1kq.fsf@mit.edu>
Content-Type: multipart/alternative; boundary="------------050005080509090207020903"
Subject: Re: [radext] [internet-drafts@ietf.org] New Version Notification for draft-hartman-radext-bigger-packets-00.txt
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/radext>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Oct 2013 07:57:06 -0000
> I've written a draft that proposes expanding the maximum packet size for
> RFC 6613-based transports including RFC 6614.
> This draft is intentionally designed to be minimal: no capability
> negotiation as an example.
> A few details such as the registration of code points are left out, but
> I believe the draft is complete enough to evaluate the technical
> approach.
>
> My draft is intentionally simpler than Peter's approach (or the part of
> it that deals with this)
> I don't think the complexity of his approach is needed for solving the
> part of the problem I would like to see solved.
>
> I believe this draft compliments draft-ietf-radext-radius-fragmentation
> and would like to see my draft and that draft go forward.
>
> Comments welocme.
>
Sam,
thank you for this contribution, I think it is a better choice for
situations where keeping the infrastructure untouched is not a MUST.
I have one comment. In the text, you state that:
Clients will not typically be able to adjust and resend requests when
this error is received.
Having that expectation in mind, and wondering what the actual impact of
just dropping the entire session is, wouldn't it be more simple to just
send an Access-Reject code with the new attribute indicating the reason
(eg. packet over 3500 octets), instead of defining a new code? The
client would be able to re-start the session using smaller packets,
RADIUS fragmentation or just desisting from it.
Of course, this would require to start over with the current session.
But since you don't really expect clients to dynamically re-adjust
packet size, that there might be a negotiation capability, and that
there would probably exists a federation agreement... what is the real
impact of just dropping the session?
Regards,
Alejandro
>
>
> _______________________________________________
> radext mailing list
> radext@ietf.org
> https://www.ietf.org/mailman/listinfo/radext
- [radext] [internet-drafts@ietf.org] New Version N… Sam Hartman
- Re: [radext] [internet-drafts@ietf.org] New Versi… Alan DeKok
- Re: [radext] [internet-drafts@ietf.org] New Versi… Peter Deacon
- Re: [radext] [internet-drafts@ietf.org] New Versi… Alejandro Perez Mendez
- Re: [radext] [internet-drafts@ietf.org] New Versi… Satyanarayana Danda (sdanda)
- Re: [radext] [internet-drafts@ietf.org] New Versi… Sam Hartman
- Re: [radext] [internet-drafts@ietf.org] New Versi… Alan DeKok
- Re: [radext] [internet-drafts@ietf.org] New Versi… Sam Hartman
- Re: [radext] [internet-drafts@ietf.org] New Versi… Alan DeKok