Alan, Thanks for the response > -----Original Message----- > From: Alan DeKok [mailto:[email protected]] > Sent: Thursday, March 15, 2012 4:57 AM > To: Jim Schaad > Cc: 'Sam Hartman'; 'Alejandro Perez Mendez'; 'Josh Howlett'; [email protected] > Subject: Re: [abfab] FYI: New Version Notification for draft-perez-radext- > radius-fragmentation-01.txt > > Jim Schaad wrote: > > Do you have any data which we could start getting some data about how > > proxies are currently used. > > I have opinions, but getting *public* data is difficult. > > > 1. How many places are there were we see transitions from Diameter to > > RADIUS or vice versa? These would be places where we already have a > > situation where messages might need to be fragmented because of the > > different sizes of packets. > > I don't see many RADIUS to Diameter gateways. > > > 2. Are you aware of any places where information needs to be > > translated as they go past proxies in the manner we are talking about > > where things cross federation boundaries and the data needs to be > > either validated or modified to fit how the federation thinks about the > data? > > Yes. Many roaming providers go through integrators. Those integrators > take care of mangling packets back & forth. This is one of the value-adds of > the integrator. They present a uniform RADIUS framework to the home > servers, by normalizing the weird things produced by each roaming / WiFi > operator.
Do these integrators end up with lots of local state for each set of packets going back and forth? Do they end up carrying state between packets? Would it be unreasonable or unnecessary for them to do the packet re-assembly and then re-send that would be required by the fragmentation draft? > > > 3. How much routing data is placed into packets today in semi-complex > > arrangements by proxies? How many of them cache the data locally for > > the return trip rather than just append data to the message? > > There is no routing data in packets. I'm not sure what your question even > means. > > RADIUS is a request/response protocol. A proxy simply ties together a > request/response on the incoming side to a request/response on the > outgoing side. It keeps track of the relationship in its internal memory. This > information doesn't go into packets. > > There *is* a Proxy-State attribute in RADIUS. But it's pretty much useless. > It can be used to detect routing loops (100 Proxy-State is bad). I know all of > the RADIUS servers I've worked with since 1997 don't do anything with it. > My mistake - I assumed that the in memory state that was being cached was being cached into the Proxy-State attribute rather than being stored on the proxy itself. This would allow for a "state-less" proxy to be created. Jim > Alan DeKok. _______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
