On Sun, Feb 01, 1998 at 01:24:24AM -0500, Dick St.Peters wrote:
> > > > Right. That is one of the core features of ALL of our products. Unit
> > > > identity is defined by ether0. That is how it has always been, and a lot
> > > > of ComOS is based on that. The unit is *defined* by ether0.
> > I think MZ has got a point here. All RADIUS packets should have a
> > pre-determined client address(See clients file in radius). So a very
> > good general rule is use the ether0 address.
>
> This is a lousy rule - it's the very heart of the problem that caused
> me so much grief. For my colocated PM, the ethernet is my customer's
> Ethernet, and the ether0 address is in my customer's address space.
>
> The WAN port address is different specifically so it can be in my
> administrative IP space - in my OSPF area 0. As the NAS for my POP,
> this PM _must_ have an interface in my area 0. AS the CPE for
> connecting my customer's Ethernet, it _must_ have an Ethernet address
> in my customer's address space.
>
> Even though the PM has an address in my area 0, I'm forced to telnet
> to a customer address to talk to it. I had to punch a single-address
> hole in my filters so this PM could talk to my RADIUS servers, and I
> do not like exceptions. When considering filtering or monitoring or
> any other kind of interaction, I'll have to look up the box's behavior
> to see which address it's going to use this time.
>
> --
> Dick St.Peters, stpeters@NetHeaven.com
> Gatekeeper, NetHeaven, Saratoga Springs, NY, 1-800-910-6671 (voice)
> Saratoga/Albany/Amsterdam/BlueMountain/Cobleskill/Greenwich/
> GlensFalls/LakePlacid/NorthCreek/Plattsburgh/...
> First Internet service based in the 518 area code
> -
> To unsubscribe, email 'majordomo@livingston.com' with
> 'unsubscribe portmaster-users' in the body of the message.
-- - Steve - Systems Manager - Community Internet Access, Inc. - Gallup and Grants, New Mexico - To unsubscribe, email 'majordomo@livingston.com' with 'unsubscribe portmaster-users' in the body of the message.