Balazs Lengyel writes: >We already have a radius model part in ietf-system; but are there any >plans to develop a TACACS+ model for YANG? > >How widely is TACACS+ used for remote authorization/accounting ? As an >outsider I would guess that remote authorization could really slow down >processing e.g. a big CLI script.
We use have clients using it. Our fix for performance is to pre-load regex-based constraints (from both radix and tacacs+ servers) to allow pre-authorization of commands. This also works during intermittent networkings issues, which is vital for networking gear (assuming one can do the initial login/pre-load operations). Thanks, Phil _______________________________________________ netmod mailing list [email protected] https://www.ietf.org/mailman/listinfo/netmod
