Capwap Mailing List: RE: (no subject)

[Nakhjiri Madjid-MNAKHJI1 (Madjid.Nakhjiri]

Hi Pat,

-----Original Message-----
From: Pat R. Calhoun [mailto:pcalhoun [at] airespace.com]
Sent: Tuesday, July 15, 2003 4:14 AM
To: Nakhjiri Madjid-MNAKHJI1
Cc: lwapp [at] frascone.com
Subject: RE: [Lwapp] (no subject)


> As far as "light weight AP", I think some explanation is needed to
> understand the difference between a "regular" and a light weight one.

A fair question indeed. Although there is no clear definition of what a
light weight access point is, in my mind (and implementation :), it means
that all access control, policy enforcements, IDS functions, device
management/configuration is handled in the AR.

Madjid>> thank you, this clears a lot of things and can be added to the
draft :)
Does this mean, all the network's internal node in need of communication
with AP
(say a policy server or an authentication server) need to go through AR to
get to 
AP? I am not entirely against that, but just like to understand the
architecture.
Also, the BoF desciption says that NAS functionality will be planted into
AP,
is that Lwapp philosophy as well?
I have an issue with having the policy enforcements being handled by AR
though,
        -for QoS policies, this means, packet filtering and policing is done
at AR and 
        not AP, hence you run the risk of having unauthorized (or
nonconforming users)
        clog the backhaul.
        -For security policies, you let rouge traffic penetrate the network,
shouldn't 
        filtering be implemented in the AP?


One of the many benefits of the architecture is that it allows the AR to
have a greater understanding of the RF topology, and can detect attacks that
may be mounted against a network as a whole, and take appropriate action.

Madjid>> agreed, this will allow heterogeneous access tech. support (maybe
even help
the discovery process).

Regards,

Madjid