[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Heartbeats Straw Poll

On Tue, 8 Aug 2000, Theodore Ts'o wrote:

>    Date: Tue, 8 Aug 2000 00:48:36 -0400 (EDT)
>    From: Skip Booth <ebooth@cisco.com>
>    The server cares because it has to do things like stop accounting (a
>    very important remote access function) and return IP addresses back
>    to the DHCP server or to it's local pool.  It is critical that the IP
>    addresses are returned ASAP after the client has disconnected so they
>    can be reused for the next client.
> Neither of these (accounting and returning IP addresses to a DHCP pool)
> are IPSEC issues.  This is stuff you have to deal with even if you're
> not using IPSEC.  Hence, solving it with an IPSEC-specific solution
> seems like we're barking up the wrong tree.

I think if the IPSRA WG states that IP address assignment will only be done with
DHCP, using the method described in draft-ietf-ipsec-dhcp-06.txt, I would agree
with you.  However, if you try to use local IP address pools and something like
IKECFG to hand out IP address to the clients, then I would argue that you need

Even though it appears that accounting has been deemed to not be a requirement,
it will be an issue in customer networks.  So I guess my question is, if IPsec
doesn't send the start and stop accounting records, then who does and how do
they know when to send the stop accounting record?


> 							- Ted

Follow-Ups: References: