Iljitsch van Beijnum wrote:
On 11-okt-2007, at 22:48, Richard Pruss wrote:
That would require PANA snooping on every switch that does Option 82
insertion and DHCP snooping today.
It would also require a suite of new features on those switches to
filter at the IP layer protocol. Current switches do MAC IP matching
and security features around those two on a per port basis.
This is where the PANA proposal breaks down as it requires every
element in the network to change.
I don't think this can be a serious argument against other solutions
that DHCP, because EVERY solution requires numerous changes. The fact
that adding authentication to DHCP means a little less ISP
infrastructure needs to change can't be a reason to reject other
solutions out of hand.
I can promise you that the economic realities of the solution will most
certainly be part of what the ISP decides to deploy.
I also don't remember seeing this as a requirement in the list that
Mark posted.
One of the requirements was: "IPAuth-6 Must fit into TR-101
operational model" - while "fit into" is rather subjective, I think the
spirit here was that the solution shouldn't require major rework to that
design.
Especially because a DHCP solution would impose considerable issues on
the end-user side.
Now this is getting closer to what the DSL Forum is asking us. What kind
of issues do you envision here?
- Mark
_______________________________________________
Int-area mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/int-area
_______________________________________________
Int-area mailing list
[email protected]
https://www1.ietf.org/mailman/listinfo/int-area
