Nicolas Williams writes:
> > With Ethernet + VLAN, each VLAN is modeled as a separate link -- so
> > there's still no discovery (you'd just "connect" on the appropriate link)
> > With only one link to use, filtering and prioritization make little sense.
> > As an aside, VLAN's aren't really "discovered" (at least, I'm not aware of
> > an easy way to do it).
>
> I was positing a future in which they might be discoverable and might
> optionally require authentication ("[c]onsider a putative ...").
I think making VLANs discoverable is a reasonable thing to pursue via
something like LLDP.
However, the authentication bit doesn't mesh well with the current 802
standards. In the 802 world, the only authentication is "port,"
meaning that there's a single instance per physical link, not one per
VLAN. If there are VLAN authorizations that derive from a given set
of credentials, then those are applied based on that single session.
I suppose someone could create a per-VLAN authentication mechanism in
the future, but I somewhat doubt that however useful it might be, it
would ever make it into an 802 standard. (Just my guess, though.)
For other protocols, though, per-vlan-like-thing authentication seems
possible.
In any event, as long as we're talking about WiFi, separate
authentication sessions necessarily implies separate "ports."
--
James Carlson, KISS Network <[EMAIL PROTECTED]>
Sun Microsystems / 1 Network Drive 71.232W Vox +1 781 442 2084
MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677
_______________________________________________
networking-discuss mailing list
[email protected]
