(PM) Re: Re: Caller-ID with tcp-clear sessions

Christopher Masto (chris@netmonger.net)
Mon, 22 Mar 1999 03:19:02 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Rene Avi: "Re: (PM) Choicenet experiences"
Previous message: Thomas C Kinnen: "Re: (PM) PM4 Crashed."
In reply to: Patrick Kormann: "AW: (PM) PortMaster BenchMarks"

On Thu, Mar 18, 1999 at 12:23:20PM -0600, eric@cirr.com wrote:
[...]
> Assuming the Calling-Station-Id passes authentication,
> the application can then open a ``server'' port (aka
> bind to a port, and await a connection), and send
> that back as part of the radius authorization reply
> (think Login-Service, Login-IP-Host and Login-TCP-Port).

That seems essentially equivalent to:

> The best solution we've come up with so far is for the application
> server to monitor a large number of server sockets (either ports or IP
> addresses on virtual interfaces) and have the RADIUS server round-robin
> through them somehow. This is...sub-optimal. Any advice would
> be appreciated.

Except it's even more complicated.

I think the fact that RADIUS accounting sends only three of the four
variables which are needed to identify a TCP connection is an oversight
that should be corrected by the IETF at some point.

-- Christopher Masto Director of Operations NetMonger Communications chris@netmonger.net info@netmonger.net http://www.netmonger.net

Free yourself, free your machine, free the daemon -- http://www.freebsd.org/ - To unsubscribe, email 'majordomo@livingston.com' with 'unsubscribe portmaster-users' in the body of the message. Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>

Next message: Rene Avi: "Re: (PM) Choicenet experiences"
Previous message: Thomas C Kinnen: "Re: (PM) PM4 Crashed."
In reply to: Patrick Kormann: "AW: (PM) PortMaster BenchMarks"