Ric, > If you point me to the IPv6 deployment architecture from the DSLForum > I can send you a draft on how to do the authentication in it. Putting > EAP into DHCP v6 is no big trick, the real trick is what does the rest > of the IPv6 architecture look like. > > There are a ton of questions like: > > a) Do we have multiple services with separate addresses or are they on > the same address as IPv4. Both approaches have pro's and cons. > > b) How far into the L2 architecture are link local addresses allowed. > > c) SAVA > > and on and on. > > It is simply premature to guess at what authentication is appropriate > and while PANA seems to think they have a hammer for everything. I do > not think DHCP Authentication may be the write answer to every question. > > So leave off the IPv6, we just cannot answer the question with the > architectures under discussion at the DSLForum.
I think the question about IPv6 is an important one, primarily because we know that there's a difference going from IPv4 to IPv6 on how universal DHCP needs to be. I am not saying that we cannot have something based on DHCP, however. If our crystal ball said that the mechanisms that you are proposing are only going to be implemented in a provider-supplied CPE box, I would see no problem running DHCPv6 (and prefix delegation) between that and the BRAS. If the scope is larger than CPEs, however, we have significant deployment and compatibility issues as Bernard has pointed out. Jari _______________________________________________ Int-area mailing list [email protected] https://www1.ietf.org/mailman/listinfo/int-area
