[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Configuration of mobile users

To: Will Price <wprice@cyphers.net>
Subject: Re: Configuration of mobile users
From: "Michael C. Richardson" <mcr@sandelman.ottawa.on.ca>
Date: Thu, 25 Mar 1999 11:14:26 -0500
CC: ipsec@lists.tislabs.com
In-Reply-To: Your message of "Wed, 24 Mar 1999 03:24:45 PST." <36F8CB76.183C51D4@cyphers.net>
Sender: owner-ipsec@lists.tislabs.com

[ NOTICE!  This list will be hosted at lists.tislabs.com as of March 26.
There is no need to resubscribe, if you are on the list, you will remain
on it.  Just begin sending posts, and any administrative requests to
lists.tislabs.com as of now.  List mail to tis.com will cease to be
delivered as of March 26, 1999.  ]


>>>>> "Will" == Will Price <wprice@cyphers.net> writes:
    Will> I think the definition of existing is questionable here.  For many
    Will> implementations, DHCP "existing" is not the case.  The reality would
    Will> likely be a complete reimplementation of DHCP for BITS
    Will> implementations.  That's just not going to happen when there aren't

  BITS have to implement something. 
  Frankly, I'm not clear why you wouldn't just take the DHCP data and 
punt it up to the real stack and be done with.

  DHCP also has the advantage that it is already defined, and has clear 
mechanisms for doing extensions.

  Mostly we are just talking about using the DHCP Acquire/Inform stuff,
not the "discovery" stuff.

    Will> I really don't believe what needs to be done is so complex that we
    Will> need to drag in other protocols like DHCP.  mode-cfg presents a
    nice,

  Then, I think you don't completely understand the problem, and you
don't understand DHCP. The problem is complicated enough to require DHCP,
and DHCP is not so complicated as to be much different from mode-cfg.

    Will> into mode-cfg *without* moving "DHCP" itself.  Bringing DHCP into the
    Will> discussion is ignoring the fact that DHCP might as well not exist for
    Will> many implementations.

  Don't invent new protocols when you don't have to.

  All native implementations of IPsec probably already have DHCP code
available, and there is freely available reference code from ISC.

   :!mcr!:            |  Network and security consulting/contract programming
   Michael Richardson | IPsec, VPN, Firewalls, PKI, network design, Unix admin
 Personal: http://www.sandelman.ottawa.on.ca/People/Michael_Richardson/Bio.html
 Corporate: http://www.sandelman.ottawa.on.ca/SSW/
	ON HUMILITY: To err is human, to moo bovine.

References:

Re: Configuration of mobile users

From: Will Price <wprice@cyphers.net>

Prev by Date: Re: linux-ipsec: cornered: MTU and fragmentation bugs
Next by Date: concerns regarding work load
Prev by thread: Re: Configuration of mobile users
Next by thread: concerns regarding work load
Index(es):
- Main
- Thread