George%20Tsirtsis%20G.Tsirtsis@flarion.com - PowerPoint PPT Presentation

About This Presentation
Title:

George%20Tsirtsis%20G.Tsirtsis@flarion.com

Description:

Title: PowerPoint Presentation Author: William Casey Last modified by: George Tsirtsis Created Date: 10/13/2000 3:23:57 PM Document presentation format – PowerPoint PPT presentation

Number of Views:133
Avg rating:3.0/5.0
Slides: 9
Provided by: William1462
Category:

less

Transcript and Presenter's Notes

Title: George%20Tsirtsis%20G.Tsirtsis@flarion.com


1
BURP Requirements behind draft-ietf-dhc-aaa-ra-00
.txt
  • George Tsirtsis G.Tsirtsis_at_flarion.com

2
What is the point of this?
  • PPP for on-demand user/terminal connectivity
  • Dial-up users
  • Cable, DSL and wireless introduce always-on
    connectivity
  • But users also move around and between terminals
  • DHCP PPP Internet Access model is needed
  • To allow any user to access the Internet from any
    terminal

3
PPP Internet Access Model
3.Internet Access
2.AAA
AAA
Access Router
  • 2.AAA
  • User authentication but also..
  • users profile
  • accounting requirements
  • multicast capability,
  • -diffServ markings etc

1.PPP
4
Proposed DHCP Internet Access Model
3.DHCP Relay
4.Internet Access
2.AAA
AAA
3.AAA User authentication but also users
profile as in PPP
Access Router Relay Agent
1.DHCP
5
Why full AAA instead of just registration?
  • Full AAA provides a superset of registration
  • And thus can do registration only if required
  • But can also do Access Control, accounting etc
  • Registration is not useful without policing and
    potentially accounting
  • AAA provides all the above
  • If the goal is to find alternative to PPP then
    that is the only choice
  • Otherwise we are going to lose functionality in
    the process

6
Why use the Access Router
  • All As in AAA collocate with AR
  • So, AAA is done ones!
  • So it is simpler distribution stops at AR level
  • Firewalling, accounting and profiling happens at
    the same point
  • AAA client is in the first IP Router (the edge)
  • AAA include IP profile which has to be installed
    at the AR
  • AAA is triggered at IP layer (or sub-IP but L2
    independent)
  • So it can apply to all link layers
  • So existing link layers do not have to change
  • So future link layers do not have to think about
    it
  • So we can use multiple link layer hops between
    end node and AR

7
Why DHCP? And why not
  • End nodes need IP address to operate
  • DHCP provides IP addresses
  • Maps them to Link Layer addresses
  • But even if they do notthey need other config.
    (DNS, etc)
  • DHCP already implements RAs
  • RAs look like other side of AAA clients
  • They are positioned in the right place (AR)
  • Most nodes support DHCP
  • Why not DHCP?
  • Well established protocol widely deployed I.e.
    difficult to change
  • It is better to do one thing and do it right
  • Some IPv6 nodes may not support DHCPv6 (more
    complex than dhcpv4, plug and play available)

8
A new protocol?maybe.
  • A new protocol would allow modular support of
    services (autoconfig, dhcp, authentication, etc)
  • But, lets keep the good things about dhcp-aaa
  • BURP between end node and AR
  • BURP triggers (or is integrated with) AAA client
    at AR
  • Keep in mind what functionality PPP
    provides.anything less may not be good enough.
Write a Comment
User Comments (0)
About PowerShow.com