Re: [radext] RADIUS Extension, Getting Started
Oleg Pekar <oleg.pekar.2017@gmail.com> Tue, 07 July 2020 13:35 UTC
Return-Path: <oleg.pekar.2017@gmail.com>
X-Original-To: radext@ietfa.amsl.com
Delivered-To: radext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE9C13A0CA3; Tue, 7 Jul 2020 06:35:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.848
X-Spam-Level:
X-Spam-Status: No, score=-1.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qVqE-MemChOc; Tue, 7 Jul 2020 06:35:43 -0700 (PDT)
Received: from mail-ot1-x32f.google.com (mail-ot1-x32f.google.com [IPv6:2607:f8b0:4864:20::32f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 496323A0C7F; Tue, 7 Jul 2020 06:35:43 -0700 (PDT)
Received: by mail-ot1-x32f.google.com with SMTP id 5so32288472oty.11; Tue, 07 Jul 2020 06:35:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=wkTAxW3THElWTdhNppRGk5mqpoRtmBik7EYp9YdSSL0=; b=UTlevLTkW6i1Cg9KusGiR9DpEqAkbZNvxXQAF5Gu5SI3TDK+mMbUmS3hRkj6BzdUe/ iHdPD+DeSl/z0PVoSiVWC9FqfNEXKTOE/xjrrV/cbIRMHRvtSy9+kJD0D/Oo7nwlI52A oh2rb+uulcHM/rt8rebIxhnstd3RMXv8zNW2E1avIta6apxw+BP9Mr8Uj3WlvmehCxf+ FXWeURYPgqx9bKpSlUjxF4Y4oJy6x4PQwigH70a9CYnlr93tt8WmwOdUAHEo6em3KxJV zo0ftFM0WetPJNXpOsGJ1Jl1/75sZDkGvxbJHz2DdztEoldYdLaMPywmVmOSIs8BizmN B9FA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=wkTAxW3THElWTdhNppRGk5mqpoRtmBik7EYp9YdSSL0=; b=NxLnTbBRJoYnxrzpxkfOr5t1cjiRRVONNqlFXsRVfR+mr13LiyoTj8Rw/VP1t/PXrA ZAuAYrHAzPQizcn6rlzRv8rTOtz9Px11OJI8XJXht/899jkxfLgKFELl5zsuWHZj9X1k memHNGgE/Bbp1tbI3RFvzHG7M9goCTYd2oNjZhkQFS8l9K8JQBertEzTAOvD+tGD9ksf VNsqGpEpFGeNrUfVBOMsnINij/lFohgj02dt/o0cGN03NtitK/O+xvvbicBOrq8RSMBL aihDrBGxuHptjXCsP141crbT7jMfS2y+RQkG4tNIshQtQwuY/U79JKCfDhSnLMlfQa5I A2Ww==
X-Gm-Message-State: AOAM531U59R/jHy28hUoXpCQgsKDm6x3Iln40TDlwTdcJcIFjIdRIASb oDP4Ob5QjAC6MADlCo36Tn+/U0GEg/edLH4mpxU=
X-Google-Smtp-Source: ABdhPJxhnafwqS0dieQNNKBvEMuqoyC6qCtO1xDhfmBF7aKKIe8DzVem1vTDAB4VfBk9s6qunx8IezvQ9HzOEMcXZdc=
X-Received: by 2002:a05:6830:204d:: with SMTP id f13mr17278351otp.341.1594128942363; Tue, 07 Jul 2020 06:35:42 -0700 (PDT)
MIME-Version: 1.0
References: <BN7PR08MB44514D8E033B685D8BA64F83909A0@BN7PR08MB4451.namprd08.prod.outlook.com> <2064d9a1a5d54aa1899664f1f55d59aa@cert.org> <MN2PR11MB4366092A6A09FCA16421216BB5980@MN2PR11MB4366.namprd11.prod.outlook.com> <BN7PR08MB44513A5EF09B09171A852C1B90980@BN7PR08MB4451.namprd08.prod.outlook.com> <20200621024216.GF11992@kduck.mit.edu> <MN2PR11MB4366AD732CED678128212133B5970@MN2PR11MB4366.namprd11.prod.outlook.com> <CAHw9_i+a=Wi0brygvrweDO5883+teDR9Femi7aEMbF1MQURAtg@mail.gmail.com> <BN7PR08MB4451E5A877FC5DCDBACB42FC90920@BN7PR08MB4451.namprd08.prod.outlook.com> <BN7PR08MB4451E395E39AF0326A6819F7906F0@BN7PR08MB4451.namprd08.prod.outlook.com> <CE88D9AF-F9DC-485C-B47C-20DCB55F0181@cisco.com> <87adbd01-a100-7192-5b0d-fdc180ac2f5d@restena.lu> <MN2PR08MB62233158A0D7A7EA1B35AE9690690@MN2PR08MB6223.namprd08.prod.outlook.com>
In-Reply-To: <MN2PR08MB62233158A0D7A7EA1B35AE9690690@MN2PR08MB6223.namprd08.prod.outlook.com>
From: Oleg Pekar <oleg.pekar.2017@gmail.com>
Date: Tue, 07 Jul 2020 16:35:30 +0300
Message-ID: <CABXxEz9DTH5LWWRRbuKHRsefpxu41-HAUzk2UusMdQ3zo+qsuQ@mail.gmail.com>
To: "Massameno, Dan" <dan.massameno@yale.edu>
Cc: "opsawg@ietf.org" <opsawg@ietf.org>, Roman Danyliw <rdd@cert.org>, "radext@ietf.org" <radext@ietf.org>, "Rob Wilton (rwilton)" <rwilton@cisco.com>, Stefan Winter <stefan.winter@restena.lu>, "Joe Clarke (jclarke)" <jclarke@cisco.com>, OpsAWG-Chairs <opsawg-chairs@ietf.org>, Benjamin Kaduk <kaduk@mit.edu>, "warren@kumari.net" <warren@kumari.net>, "radext-chairs@ietf.org" <radext-chairs@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/radext/kb71q1LYrQGrIbRaq-sfXu0xTc4>
X-Mailman-Approved-At: Thu, 09 Jul 2020 01:46:32 -0700
Subject: Re: [radext] RADIUS Extension, Getting Started
X-BeenThere: radext@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: RADIUS EXTensions working group discussion list <radext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/radext>, <mailto:radext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/radext/>
List-Post: <mailto:radext@ietf.org>
List-Help: <mailto:radext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/radext>, <mailto:radext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jul 2020 13:35:46 -0000
Hi Dan, So the draft describes how a NAS connected to a specific RADIUS server can obtain from that server information about other RADIUS servers on the deployment, together with their priorities. Usually the RADIUS traffic distribution is configured and conducted by a Load Balancer network component (e.g. F5 Load Balancer). The mechanism described in this draft allows RADIUS servers on the deployment to balance traffic between them dynamically according to their load or other characteristics. However it requires implementation on both sides - on NAS and RADIUS server. Is my understanding correct? Thanks Oleg On Tue, Jul 7, 2020 at 12:13 PM Massameno, Dan <dan.massameno@yale.edu> wrote: > > Dear Ops and Management Area WG, > > There have been a number of great suggestions on where to post this document (Thanks Stefan!). I'm now emailing opsawg@ietf.org and cc'ing radext@ietf.org. > > The draft is posted here... https://tools.ietf.org/html/draft-massameno-radius-lb-00 > > Do I need an official IETF sponsor? Would it help to try and get a vendor interested in implementing the protocol? Cisco is our primary vendor at Yale University. I was wondering if there is anyone on either of these working groups that communicates with Cisco people on a regular basis? > > Thank you for your help. > > --Dan > > -----Original Message----- > From: Stefan Winter <stefan.winter@restena.lu> > Sent: Friday, July 3, 2020 01:52 > To: Joe Clarke (jclarke) <jclarke@cisco.com>; Massameno, Dan <dan.massameno@yale.edu> > Cc: warren@kumari.net; Benjamin Kaduk <kaduk@mit.edu>; Roman Danyliw <rdd@cert.org>; Rob Wilton (rwilton) <rwilton@cisco.com>; OpsAWG-Chairs <opsawg-chairs@ietf.org>; radext-chairs@ietf.org > Subject: Re: RADIUS Extension, Getting Started > > Hello Joe, > > > thanks for reaching out. RADEXT is dormant since a number of years already. I'm afraid if you were to send the document that way, you would get little to no review. > > > I think the best way forward is to take this to OPSAWG and send a mail to radext about the draft just in case. > > > Greetings, > > > Stefan Winter > > > Am 30.06.20 um 17:21 schrieb Joe Clarke (jclarke): > > Thanks, Dan. I’m also copying the radext-chairs to get their perspective on this. > > > > Joe > > > >> On Jun 30, 2020, at 11:03, Massameno, Dan <dan.massameno@yale.edu> wrote: > >> > >> Warren, > >> > >> I have the RADIUS extension draft now posted: > >> https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Ftoo > >> ls.ietf.org%2Fhtml%2Fdraft-massameno-radius-lb-00&data=02%7C01%7C > >> dan.massameno%40yale.edu%7Cc0b3c01a3a9d44d004c308d81f152ef2%7Cdd8cbeb > >> b21394df8b4114e3e87abeb5c%7C0%7C0%7C637293523139392341&sdata=7dOp > >> ZmU5Xsj2tusf2Fiukqv1oxd2b8uL4Po%2BI04hw%2BE%3D&reserved=0 > >> > >> Abstract > >> > >> This document describes a method for a Network Access Server (NAS) to > >> dynamically discover all available RADIUS servers. It defines a new > >> message type within the STATUS-SERVER message, which is requested by > >> the NAS and provided by the RADIUS server. The NAS is then able to > >> load balance its RADIUS messages across multiple RADIUS servers based > >> on priority and weight supplied by the initial server. > >> > >> Base on the draft do you have a better idea on if this should be posed into RADEXT or OPSAWG? I must admit I am not familiar with either of these groups. > >> > >> Thank you for your help. > >> > >> --Dan > >> > >> -----Original Message----- > >> From: Massameno, Dan > >> Sent: Thursday, June 25, 2020 10:56 > >> To: Rob Wilton (rwilton) <rwilton@cisco.com> > >> Cc: Benjamin Kaduk <kaduk@mit.edu>; Roman Danyliw <rdd@cert.org>; > >> OpsAWG-Chairs <opsawg-chairs@ietf.org>; Warren Kumari > >> <warren@kumari.net> > >> Subject: RE: RADIUS Extension, Getting Started > >> > >> Rob, > >> Thank you and the extended team for all your help. I have uploaded draft-massameno-radius-lb to the I-D Submission system. Also attached is the PDF version. > >> > >> I'm very much interested in seeing how the process goes from here. Please let me know how I may be of assistance. > >> > >> --Dan > >> > >> -----Original Message----- > >> From: Warren Kumari <warren@kumari.net> > >> Sent: Monday, June 22, 2020 18:00 > >> To: Rob Wilton (rwilton) <rwilton@cisco.com> > >> Cc: Benjamin Kaduk <kaduk@mit.edu>; Massameno, Dan > >> <dan.massameno@yale.edu>; Roman Danyliw <rdd@cert.org>; OpsAWG-Chairs > >> <opsawg-chairs@ietf.org> > >> Subject: Re: RADIUS Extension, Getting Started > >> > >> On Mon, Jun 22, 2020 at 1:06 PM Rob Wilton (rwilton) <rwilton@cisco.com> wrote: > >>> Hi Ben, > >>> > >>> Good catch re Radext, copying Warren. Warren, the question is whether RADEXT is still active and taking new work, or whether it should go to OPSAWG instead? I have a slight concern whether we will get enough interest for this work in OPSAWG ... > >> Without knowing a bunch more about the draft I don't really think that this is a question that I can usefully weigh in on. > >> > >> If it is an extension to RADIUS/is heavily RADIUS focused, then RADEXT is probably the right place -- but, it could always be aimed at RADEXT (put -radext- in the draft name), but we can try and stir up some interest in OPSAWG. If it turns out that it is RADIUS related, and RADEXT doesn't want to pick it up and run with it, perhaps that's a strong signal that RADEXT should be closed...? > >> > >> W > >> > >>> Regards, > >>> Rob > >>> > >>> > >>>> -----Original Message----- > >>>> From: Benjamin Kaduk <kaduk@mit.edu> > >>>> Sent: 21 June 2020 03:42 > >>>> To: Massameno, Dan <dan.massameno@yale.edu> > >>>> Cc: Rob Wilton (rwilton) <rwilton@cisco.com>; Roman Danyliw > >>>> <rdd@cert.org>; OpsAWG-Chairs <opsawg-chairs@ietf.org> > >>>> Subject: Re: RADIUS Extension, Getting Started > >>>> > >>>> On Fri, Jun 19, 2020 at 12:58:12PM +0000, Massameno, Dan wrote: > >>>>> Rob, > >>>>> This sounds great. With the links provided by Roman I am > >>>>> reviewing the > >>>> literature to make sure my draft has everything it needs to start > >>>> the process. I found references to xml2rfc and kramdown, which I > >>>> also want to run it through. > >>>>> Thank you for your help. I would be happy to have someone take a > >>>>> look > >>>> before it's posted. As soon as I have it formatted correctly I'll > >>>> send it over. Is there someone in particular I should send it to? > >>>> > >>>> I would recommend uploading the internet-draft to the IETF > >>>> datatracker at > >>>> https://nam05.safelinks.protection.outlook.com/?url=https%3A%2F%2Fd > >>>> a > >>>> tatracker.ietf.org%2Fsubmit%2F&data=02%7C01%7Cdan.massameno%40y > >>>> a > >>>> le.edu%7C112cacc6da6a40e6560708d816f7c0b9%7Cdd8cbebb21394df8b4114e3 > >>>> e > >>>> 87abeb5c%7C0%7C0%7C637284600637313249&sdata=EkkSwHAB%2BAV3XQDz%2FsYJMsBLiKymz6n4BROVWGbg7Yg%3D&reserved=0 and then sending a link to that document to both opsawg-chairs@ietf.org and radext-chairs@ietf.org. It's also okay to skip the first part and send the document itself to those addresses. > >>>> > >>>> The radext (RADIUS Extensions) working group is not very active at > >>>> the moment, which is why I agree with the others' recommendations > >>>> to ask the OPSAWG working group chairs' advice as well. > >>>> > >>>> Hope this helps, > >>>> > >>>> Ben > >> > >> > >> -- > >> I don't think the execution is relevant when it was obviously a bad idea in the first place. > >> This is like putting rabid weasels in your pants, and later expressing regret at having chosen those particular rabid weasels and that pair of pants. > >> ---maf > _______________________________________________ > radext mailing list > radext@ietf.org > https://www.ietf.org/mailman/listinfo/radext
- Re: [radext] RADIUS Extension, Getting Started Massameno, Dan
- Re: [radext] RADIUS Extension, Getting Started Oleg Pekar
- Re: [radext] RADIUS Extension, Getting Started Massameno, Dan
- Re: [radext] [OPSAWG] RADIUS Extension, Getting S… Massameno, Dan
- Re: [radext] [OPSAWG] RADIUS Extension, Getting S… Alan DeKok
- Re: [radext] [OPSAWG] RADIUS Extension, Getting S… Massameno, Dan
- Re: [radext] RADIUS Extension, Getting Started Massameno, Dan