| RE: EAP Proxy question in context of 802.16e | <– Date –> <– Thread –> |
From: Johnston, Dj (dj.johnston intel.com)
|
|
| Date: Mon, 21 Mar 2005 18:00:22 -0500 (EST) | |
|
The naming of the EAP related message names in PKMv2 is
somewhat in flux right now. There are comments out against those parts
suggesting a generic EAP_Transfer message for fix the apparent layer
violation.
For instance, the resolution of comments 3243 and 3244
last week at the 802.16 meeting seem to make the necessary change. As ever, we
need to wait for the draft to see how the changes actually pan
out.
DJ
From: eap-admin [at] frascone.com [mailto:eap-admin [at] frascone.com] On Behalf Of Nakhjiri Madjid-MNAKHJI1 Sent: Monday, March 21, 2005 2:44 PM To: Bakshi, Sanjay; eap [at] frascone.com Cc: Nakhjiri Madjid-MNAKHJI1 Subject: RE: [eap] EAP Proxy question in context of 802.16e Hi Sanjay,
As far as I know, EAP is a 3-party model with the authenticator/ NAS sitting on the edge of layer 2 link and dealing with the other side through a AAA protocol. Is there a reason you don't want the BS to not act as a AAA client?
What you are describing is a 4 party model, which sort of sounds like PANA model. But PANA seems to be suggested for scenarios where there is nothing to carry the EAP signaling over layer 2 protocols.
I looked at the 16e spec. From the spec it seems that both PKMv1 and PKMv2 support EAP and supposedly PKM-req and response messages can carry EAP messages. I do have issues with the codes defined for EAP messages. It seems that messaging creates some layer pollution, since they seem to define different codes for different EAP messages within the PKM layer that is supposed to be below EAP layer.
Regards,
Madjid
-----Original
Message-----
Hello, I have a question in context of application of EAP to 802.16e network.
Following figure shows the typical application of EAP to an 802.16e based network
EAP-method EAP-method EAP EAP EAP EAP PKMv2 PKMv2 RADIUS RADIUS ---------- ------------- ---------- MSS/EAP_peer BS/EAP_Authenticator AS
802.16e defines PKMv2 as the encapsulation protocol for carrying EAP messages between MSS (802.16e Mobile Subscriber Station) and BS(802.16e Base Station). BS acts as the RADIUS client and forwards the EAP messages to the AS and vice-versa.
In order to better handle mobility, following is an alternative way of applying EAP model that is being considered: -
EAP-method EAP-method EAP EAP EAP EAP EAP EAP PKMv2 PKMv2 ??? ??? RADIUS RADIUS ------------ ------------ ------------------------- ----------- MSS/EAP_peer BS/EAP_Proxy Gateway/EAP_Authenticator AS
Basically, in the context of EAP in this model BS acts as a relay and implements two functions. 1. On uplink BS removes EAP pdus from the PKMv2 encapsulation, encapsulates them in a "to be defined" encapsulation and forwards them to the Gateway which is a RADIUS client.
2. On downlink BS removes EAP pdus from a "to be defined" encapsulation, encapsulates them in PKMv2 and forwards them to the MSS
BS does not implement any Authenticator functions. Assuming that appropriate encapsulation protocol is defined between BS and Gateway, does this model break any assumptions of EAP's 3-party model? Is it legal from EAP perspective?
Thanks, -- Sanjay
|
-
EAP Proxy question in context of 802.16e Bakshi, Sanjay, March 21 2005
- RE: EAP Proxy question in context of 802.16e Nakhjiri Madjid-MNAKHJI1, March 21 2005
- RE: EAP Proxy question in context of 802.16e Johnston, Dj, March 21 2005
- RE: EAP Proxy question in context of 802.16e Avi Lior, March 21 2005
- RE: EAP Proxy question in context of 802.16e Bakshi, Sanjay, March 22 2005
- RE: EAP Proxy question in context of 802.16e Avi Lior, March 22 2005
Results generated by Tiger Technologies using MHonArc.