On Wed, Oct 24, 2007 at 05:13:30PM -0400, Ralph Droms wrote: > > But I'm speculating wildly here without explicit text to discuss. It > might not even be necessary to use temporary address assignment if > address assignment can take place prior to authentication, with > denial of access and/or revocation if authentication fails.
Yes, that is also possible. A service address can be assigned for unauthenticated clients, but with a shorter lifetime (e.g., 60-sec) than that for authenticated ones. After successful authentication, the lifetime can be extended by DHCP renew. Yoshihiro Ohba > > - Ralph > > On Oct 24, 2007, at Oct 24, 2007,4:24 PM, Bill Welch wrote: > > >Alper, > > > >It's just a matter of resource management and managing state on the > >BRAS/BNG. > > > >With PPPoE you have the following steps: > >Authentication > >Resource assignment (Address, QoS, filters) > > > >With PANA you have the following: > >Temp resource assignment (Address, QoS, filters) > >Authentication > >Removal of temp resources (Address, QoS, filters) > >Service resource assignment (Address, QoS, filters) > > > > > >The Addresses, Qos and filters will not be the same for temp resource > >assignment and Service resource assignment. > > > >Every login is four step process vs. a two step process and you > >have to > >manage some type of token or identifier between the authentication and > >service resource assignment. > > > >Best regards, > >Bill Welch > > > > > > > >-----Original Message----- > >From: Alper Yegin [mailto:[EMAIL PROTECTED] > >Sent: Tuesday, October 23, 2007 9:08 PM > >To: [EMAIL PROTECTED]; Bill Welch > >Cc: 'Internet Area' > >Subject: RE: [Int-area] DCHP-based authentication for DSL? > > > > > >I think we need to understand this a bit better, as now we are talking > >about > >implementation optimizations. > > > >>The fact that the BRAS/IP Edge equipment in this case do not have > >>to "distribute" a full subscriber IP state in the BRAS until the > >>subscriber is okay, is a big advantage to the subscriber bring up > >rate. > > > >How is the situation different if you were using PANA? > > > >>Having a solution that assigns a temporary address or uses a link > >local > >>address complicates the implementation and does not mirror the > >existing > >>PPPoE solution. > > > >Can you please expand on the complication part? Please note that > >the IP > >address configured prior to subscriber authentication is not the > >"service IP > >address". > > > >Also, even with DHCPv6, the client is already configured with a > >link-local > >IPv6 address prior to sending the very first DHCPv6 message. > > > >Alper > > > > > > > > > > > >_______________________________________________ > >Int-area mailing list > >[email protected] > >https://www1.ietf.org/mailman/listinfo/int-area > > > _______________________________________________ > Int-area mailing list > [email protected] > https://www1.ietf.org/mailman/listinfo/int-area > _______________________________________________ Int-area mailing list [email protected] https://www1.ietf.org/mailman/listinfo/int-area
