[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Heartbeats Straw Poll
On Tue, 8 Aug 2000, Theodore Ts'o wrote:
> Date: Tue, 8 Aug 2000 00:48:36 -0400 (EDT)
> From: Skip Booth <ebooth@cisco.com>
>
> The server cares because it has to do things like stop accounting (a
> very important remote access function) and return IP addresses back
> to the DHCP server or to it's local pool. It is critical that the IP
> addresses are returned ASAP after the client has disconnected so they
> can be reused for the next client.
>
> Neither of these (accounting and returning IP addresses to a DHCP pool)
> are IPSEC issues. This is stuff you have to deal with even if you're
> not using IPSEC. Hence, solving it with an IPSEC-specific solution
> seems like we're barking up the wrong tree.
I think if the IPSRA WG states that IP address assignment will only be done with
DHCP, using the method described in draft-ietf-ipsec-dhcp-06.txt, I would agree
with you. However, if you try to use local IP address pools and something like
IKECFG to hand out IP address to the clients, then I would argue that you need
keepalives.
Even though it appears that accounting has been deemed to not be a requirement,
it will be an issue in customer networks. So I guess my question is, if IPsec
doesn't send the start and stop accounting records, then who does and how do
they know when to send the stop accounting record?
-Skip
>
> - Ted
>
>
Follow-Ups:
References: