Re: (PM) PM2ER/PM3 source address (fwd)

Dick St.Peters (stpeters@NetHeaven.com)
Sun, 1 Feb 1998 01:24:24 -0500

> > > Right. That is one of the core features of ALL of our products. Unit
> > > identity is defined by ether0. That is how it has always been, and a lot
> > > of ComOS is based on that. The unit is *defined* by ether0.
> I think MZ has got a point here. All RADIUS packets should have a
> pre-determined client address(See clients file in radius). So a very
> good general rule is use the ether0 address.

This is a lousy rule - it's the very heart of the problem that caused
me so much grief. For my colocated PM, the ethernet is my customer's
Ethernet, and the ether0 address is in my customer's address space.

The WAN port address is different specifically so it can be in my
administrative IP space - in my OSPF area 0. As the NAS for my POP,
this PM _must_ have an interface in my area 0. AS the CPE for
connecting my customer's Ethernet, it _must_ have an Ethernet address
in my customer's address space.

Even though the PM has an address in my area 0, I'm forced to telnet
to a customer address to talk to it. I had to punch a single-address
hole in my filters so this PM could talk to my RADIUS servers, and I
do not like exceptions. When considering filtering or monitoring or
any other kind of interaction, I'll have to look up the box's behavior
to see which address it's going to use this time.

--
Dick St.Peters, stpeters@NetHeaven.com 
Gatekeeper, NetHeaven, Saratoga Springs, NY, 1-800-910-6671 (voice)
Saratoga/Albany/Amsterdam/BlueMountain/Cobleskill/Greenwich/
GlensFalls/LakePlacid/NorthCreek/Plattsburgh/...
	  First Internet service based in the 518 area code
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.