Re: Management functions. MobileIP. Radius.


From: Dominique Blas (ml_at_blas.net)
Date: 2002-04-15 14:44:35 UTC



> On Mon, 2002-04-15 at 15:32, Nil Alexandrov wrote:

I would say hostAP is a great work.
Not only useful to implement but also useful to understand 802.11b. Thank to Jouny.

Well, I've installed it in a few minutes on a box that bridges between Wireless and Ethernet.

This box is a handbook that's booting on CDR and that's pretty useful for deployment :

	updates through a new CDR,
	no skills necessary for the AP.



Now, WDS and networking.

I have some difficulties (since I do not have the 803.11b specifications in full but only pieces of it) to understand WDS, consequences and limits of its usage (Avaya AP-3 uses it for 6 AP no more). I'd like to be sure to understand if yes or no WDS can be useful in a network that is ~50 AP made of.

> Great, we are working on a simple IAPRP (Inter Access Point
> Roaming/Routing Protocol). Not a general pourpose routing protocol, only
> to be used to anounce L3/L2 relations, needed to update L3 (IP) routes
> in the backbone when you receive a L2 reassociation request.

Why don't you use WDS to update associations betweens a few APs and use them as bridges to reach backbone (3-level architecture) ? Is it a matter of limits of WDS concept or anything else ?

If I understand well you are developing a new L3 protocol. Is it because you is not appropriate in your network or because WDS is not applicable at all whatever the network is ?

> Our idea is to have CIPE/IPSEC/* tunnels between adjacent AP's,
> announcing (a la RIP) the associated stations (MAC+IP), and new
> associations when DHCP (server or relay) assigns IP address.

Great but rather complex to maintain (multiple VPN to maintain [what occured if a VPN is down ?], so multiple shared-keys or RSA keys, etc. No ?

I'm also (of course) interested in mobility and to estimate the limit of 802.11 in term of roaming.

Bu what's about DHCP. DHCP doesn't support authentication. Anyone in adhoc mode can therefore be part of your network. Why don't use authentication via Radius and ppp or 802.1x ? Too complex or too less mature ?

That's why Nil project interests me.

>I can develop a hostad as a client of the Radius server. Does anybody
>interesting in it ? Radius could tell 'framed ip address' in a reply.
>This p2p address (255.255.255.252) would be added on the hostap' interface
<for normal IP routing. All routers supports dynamic routing (OSPF for
>example).

>IEEE 802.11 <---> Radius
>Authentication <---> Authentication
>Association <---> Authorization + Accouting start
>Deassociation <---> Accouting stop

What kind of protocol between 802.11 world and Radius World do you intend using Nil?
Have you heard of 802.1x (Avaya AP- implements it) ? See www.open1x.org.
A supplicant (a 802.1x client on the 802.11 side) is already bundled with Windows XP and open1x.org has one for Unix flavours.

Thank you,

db



This archive was generated by hypermail 2.1.4.