DHCPv4 option for PANA Authentication Agents draft-suraj-dhcpv4-paa-option-00.txt DHC/PANA WG IETF-63 France, Paris.

Slides:

Advertisements

Similar presentations

Protocol carrying Authentication for Network Access (PANA) Subir Das/Basavaraj Patil Telcordia Technologies Inc./Nokia 12/14/2001.

Advertisements

Dynamic Allocation of Shared IPv4 Addresses draft-csf-dhc-dynamic-shared-v4allocation-00 Q. Sun, Y. Cui, I. Farrer, Y. Lee, Q. Sun, M. Boucadair IETF 89,

Auto Configuration and Mobility Options in IPv6 By: Hitu Malhotra and Sue Scheckermann.

Multicast Reconfiguration Protocol for Stateless DHCPv6 DHC 61 st IETF S. Daniel Park

Draft-ietf-dhc-stateless-dhcpv6- renumbering-01 Tim Chown dhc WG, IETF 60, San Diego, August 2, 2004.

PANA Requirements and Terminology - IETF54 -. PANA WG, IETF 54, Requirements and Terminology draft-ietf-pana-requirements-02.txt Changes Comments/questions.

Host Autoconfiguration ALTTC, Ghaziabad. IPv4 Address and IPv6 equivalents ALTTC, Ghaziabad.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Lecture14: DHCP Switched Networks Assistant Professor Pongpisit Wuttidittachotti,

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing and Switching Essentials.

DNS zone suffix option for DHCPv6 (draft-yan-dhc-dhcpv6-opt-dnszone-02.txt) IETF 62 (Minneapolis) Yan Renxiang Alcatel Shanghai Bell.

1 Service-Oriented Address Assignment Using DHCP draft-ietf-dhc-soa-option-00.txt draft-syam-dhc-soav4-option-00.txt Syam Madanapalli Samsung ISO IETF.

PaC with unspecified IP address. Requirements Assigning an IP address to the client is outside the scope of PANA. PANA protocol design MAY require the.

1 Anycast Address Assignment Using DHCPv6 draft-madanapalli-dhcpv6-anycast-00 Syam Madanapalli Samsung ISO IETF 61 – Washington, DC.

DHCP: Dual-Stack Issues draft-ietf-dhc-dual-stack-01 Tim Chown dhc WG, IETF 60, San Diego, August 2, 2004.

IPv6 RADIUS attributes for IPv6 access networks draft-lourdelet-radext-ipv6-access-01 Glen Zorn, Benoit Lourdelet Wojciech Dec, Behcet Sarikaya Radext/dhc.

IPv6 Address autoconfiguration stateless & stateful.

IPv6 Autoconfiguration Stateless and Stateful. Copy... Rights This slide set is the ownership of the 6DISS project via its partners The Powerpoint version.

DNS zone suffix option for DHCPv6 (draft-yan-dhc-dhcpv6-opt-dnszone-01.txt) IETF 61 (Washington, DC) Yinglan Jiang Renxiang Yan

RFC 3361: DHCP Option for SIP Servers Speaker: Chung yu Wu Teacher: Quincy Wu.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing and Switching Essentials.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing & Switching.

PACKET ANALYSIS WITH WIRESHARK DHCP, DNS, HTTP Chanhyun park.

Issues to Consider w.r.t Protocol Solution - IETF54 -

Module 3: Designing IP Addressing. Module Overview Designing an IPv4 Addressing Scheme Designing DHCP Implementation Designing DHCP Configuration Options.

The Future of DHCP Dr. Ralph Droms Bucknell University.

Dynamic Host Configuration Protocol Engr. Mehran Mamonai.

August 1, 2005IETF63 PANA WG Pre-authentication Support for PANA (draft-ohba-pana-preauth-00.txt) Yoshihiro Ohba

KAIS T Security architecture in a multi-hop mesh network Conference in France, Presented by JooBeom Yun.

Using DHCPv6 for DNS Configuration in Hosts draft-ietf-droms-dnsconfig-dhcpv6-00.txt Ralph Droms.

1 Behcet Sarikaya Frank Xia Ted Lemon July 2011 DHCPv6 Prefix Delegation as IPv6 Migration Tool in Mobile Networks IETF 81

DHCPv6 Redundancy Considerations Redundancy Proposals in RFC 6853.

1 DHCP Authentication Discussion INTAREA meeting, 70th IETF Vancouver, Canada Jari Arkko and Ralph Droms.

Discovery issues in atoca Brian Rosen. We need to handle several cases Some alerts are broadcast via some access network specific mechanism (multicast,

IETF-71, Philadelphia PANA in DSL networks draft-morand-pana-panaoverdsl-01.txt Lionel Morand France Telecom Alper Yegin Samsung Yoshihiro Ohba Toshiba.

DHC WG IETF 55, 11/18/ /18/2002IETF 552 Agenda Administrivia, agenda bashingRalph Droms Use of IPsec for Securing DHCPv4 Messages Exchanged Between.

Exposing Source IP Address Type Requirements with DHCPv6 D. Moses, A. Yegin draft-moses-dmm-dhcp-ondemand-mobility-00.

DHCP Option for Proxy Server Vijayabhaskar A K DHC WG IETF 59 Seoul.

RFC 4477 DHCP: Dual-Stack Issues Speaker: Ching-Chen Chang Date:

PANA Framework Prakash Jayaraman, Rafa Marin Lopez, Yoshihiro Ohba, Mohan Parthasarathy, Alper Yegin IETF 59.

AAAv6 Charles E. Perkins Patrik Flykt Thomas Eklund.

Multi-hop PANA IETF Currently: –“For simplicity, it is assumed that the PAA is attached to the same link as the device (i.e., no intermediary IP.

IETF 57 PANA WG PANA Discussion and Open Issues (draft-ietf-pana-pana-01.txt) Dan Forsberg, Yoshihiro Ohba, Basavaraj Patil, Hannes Tschofenig, Alper Yegin.

Dynamic Stateless GRE Tunnel Li Xue Dayong Guo 1.

August 2, 2005 IETF 63 – Paris, France Media Independent Handover Services and Interoperability Ajay Rajkumar Chair, IEEE WG.

(ITI310) By Eng. BASSEM ALSAID SESSIONS 9: Dynamic Host Configuration Protocol (DHCP)

DHCPv4/v6 Proxy IETF 67 DHC WG -- San Diego, USA 5-10 Nov draft-sarikaya-dhc-proxyagent-00.txt.

DHCP options for PAA Status report of draft-ietf-dhc-paa-option-01.txt Lionel Morand IETF-65, Dallas.

Dynamic Allocation of Shared IPv4 Addresses draft-ietf-dhc-dynamic-shared-v4allocation-01 Q. Sun, Y. Cui, I. Farrer, Y. Lee, Q. Sun, M. Boucadair IETF.

DHCPv6 States DHCPv6 Client State DHCPv6 Server State.

PANA in DSL networks draft-morand-pana-panaoverdsl-00.txt Lionel Morand Roberta Maglione John Kaippallimalil Alper Yegin IETF-67, San Diego.

IETF 78 RADIUS extensions for DS-Lite draft-maglione-softwire-dslite-radius-ext-00 R. Maglione – Telecom Italia A. Durand – Juniper Networks.

CHAPTER 10: DHCP Routing & Switching. Objectives 10.0 Introduction 10.1 Dynamic Host Configuration Protocol v Dynamic Host Configuration Protocol.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID Dynamic Host Configuration Protocol v6.

Dhc WG 3/2/2004, IETF 59, Seoul. 3/2/2004dhc WG - IETF 59, Seoul2 Agenda Administrivia, Agenda bashing Ralph Droms 05 minutes DHCP Option for Proxy Server.

DHCP Options for Configuring Multicast Addresses in VXLAN draft-sarikaya-dhc-vxlan-multicast-02 Behcet Sarikaya Frank Xia November 2013 nvo3 WG IETF-88.

Instructor Materials Chapter 8: DHCP

<draft-ohba-pana-framework-00.txt>

PANA in DSL networks draft-morand-pana-panaoverdsl-01.txt

PANA Discussion and Open Issues (draft-ietf-pana-pana-01.txt)

PANA Issues and Resolutions

Chapter 6 Exploring IPv6.

Lionel Morand DHCP options for PAA Lionel Morand

PANA Discussion in DSL Forum Warsaw Meeting

Chapter 10: DHCP Routing & Switching Chapter 10: DHCP

Routing and Switching Essentials v6.0

IP Addressing Research

PAA-2-EP protocol PANA wg - IETF 58 Minneapolis

IETF 87 DHC WG Berlin, Germany Thursday, 1 August, 2013

Presentation transcript:

DHCPv4 option for PANA Authentication Agents draft-suraj-dhcpv4-paa-option-00.txt DHC/PANA WG IETF-63 France, Paris

The Protocol for carrying Authentication for Network Access (PANA)  The PANA protocol is run between a PANA Client (PaC) and a PANA Authentication Agent (PAA) in order to perform authentication and authorization for the network access service.  Accessing the network, the PaC needs to discover the PAA to be authenticated

PAA discovery – Possible ways Existing Manual Configuration Multicast based Proposed DHCP based

PANA Authentication Agent DHCPv4 Option  A new DHCPv4 option that allows PANA client (PaC) to discover PANA Authentication Agents (PAA).  It carries either a 32-bit (binary) IPv4 address list or, preferably, a domain name list.

Option Format | option-code | option-length | enc | | PAA Domain Name List | |... | DHCPv4 option for PAA Domain Name List | option-code | option-length | enc | | PAA IP Address | DHCPv4 option for PAA IPv4 Address List

Operations  The client requests PAA DHCPv4 Option in a Parameter Request List  If a DHCPv4 server is configured with both PAA domain name list and PAA IP address list, the DHCPv4 server should responds to the request with the domain name list to be used by the PANA client.

Security Consideration  If an adversary manages to modify the response from a DHCP server or insert its own response, a PANA Client could be led to contact a rogue PANA Agent, possibly one that then intercepts call requests or denies service.  This is a well-known threat with DHCP but that this doesn't introduce a new security hole in the PANA framework.

Action Plan…..  PANA WG consensus on this I-D  DHC WG ??

THANK YOU!