On Mar 23, 2010, at 1:58 PM, Alper Yegin wrote: > - Still you need the DHCP relay to send packets (for transporting EAP > retransmissions, initiating EAP re-authentication),
I agree that this is still needed, but why is it a problem? > - Proxy vs. relay confusions continues, The relay does the extra function of caching the client's authentication status , triggering EAP, and relaying EAP packets, sure. That's the point of this protocol. Why is this a problem, when it was not a problem for DHCPLEASEQUERY? Relays that implement DHCPLEASEQUERY reach over into non-DHCP protocols just as this proposal does. > - You need to run EAP authentication twice (unless you want to have close > coordination between the DHCPv4 and DHCPv6 implementations -- gating one by > the other, until the latter completes EAP authentication). The combination of client identifier, which is the same for RFC4361-compliant v4 clients and all v6 clients, and circuit ID, which is also the same, since it uniquely identifies a particular link, form an identifier which is specific to the node running the v4 and v6 clients. So this does in fact resolve the dual stack issue. This is _why_ we did RFC4361--so that we could tell that a DHCPv4 client and a DHCPv6 client were configuring the same node. Anyway, why are we still arguing about this? From what I could tell at the end of the meeting, unless some new proponent comes forward on this, it's a dead issue. It looks like there's some interest in stepping back ten paces and coming up with a requirements document (which obviously would not be DHCP specific). Do you object to that? _______________________________________________ Int-area mailing list Int-area@ietf.org https://www.ietf.org/mailman/listinfo/int-area