nanog mailing list archives

Re: RADIUS info for traveling users ...

From: Mohan Sundar <xmohansundar () yahoo com>
Date: Wed, 28 Mar 2001 12:02:14 -0800 (PST)



Thanks for your responses and correcting my
understanding.

What i understand is policies are stored in
a centralized policy server, and these are
pushed to the Access Servers thru some mechanism,
like SNMP or file transfer, etc. What is achieved
by RADIUS is just getting pointer (like filter name)
to the policy corresponding to
a subscriber when a subscriber dials in, and
dynamically binding that to the access interface
in the access server. 
How are these policies then dynamically generated,
based on the IP address that is dynamically
assigned? Do policy servers also have policies
based on subscriber-name (or ID)? What is the
interaction between policy server and RADIUS?

Thanks again.
- elwin

--- Brett Frankenberger <rbf () rbfnet com> wrote:

A Service Provider, having several POPs, I presume
will be using at least one RADIUS server that is
associated to each POP, and are usually colocated
at the POP, along with the RAS, aggregation and

other

IP service devices.


For most providers, you presume incorrectly.  RADIUS
is generally
hosted centrally.

And the IP address assigned for a subscriber

dialing

up from one location is assigned by the

corresponding

RADIUS server, after authentication.


The IP Address is generally assigned by the access
server.

To take it further, when policies are associated

with

this subscriber that are based on IP address, how
is that handled when the subscriber travels?


Static IP addresses that give a customer the same IP
address ragardless
of what POP he dials are rarely offered by dial-up
providers.  Those
that do necessarily have some sort of routing hack
to get their routing
tables updated when the ustomer dials into a remote
POP.  Policy is
generally implemented by filters on the Access
Server that are
dynamically created (by the RADIUS server) when the
customer dials in,
so it isn't necessary that the customer always have
the same IP
address.

     -- Brett



__________________________________________________
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail. 
http://personal.mail.yahoo.com/?.refer=text

Current thread:

RADIUS info for traveling users ... Mohan Sundar (Mar 28)
- Re: RADIUS info for traveling users ... Marc Teichtahl (Mar 28)
- <Possible follow-ups>
- Re: RADIUS info for traveling users ... Mohan Sundar (Mar 28)
  - Re: RADIUS info for traveling users ... Josh Richards (Mar 28)