Presentation is loading. Please wait.

Presentation is loading. Please wait.

11 December, 200049th IETF, AAA WG1 AAA Proxies draft-ietf-aaa-proxies-01.txt David Mitton.

Published byElijah Stewart Modified over 9 years ago

Similar presentations

Presentation on theme: "11 December, 200049th IETF, AAA WG1 AAA Proxies draft-ietf-aaa-proxies-01.txt David Mitton."— Presentation transcript:

1 11 December, 200049th IETF, AAA WG1 AAA Proxies draft-ietf-aaa-proxies-01.txt David Mitton

2 11 December, 200049th IETF, AAA WG2 Proxy Issues draft-ietf-aaa-issues-04.txt - Section 6 Proxy Behavior Details State Retention Mechanisms Action List Define terms Investigate Proxy state AVPs Investigate End-to-End issues

3 11 December, 200049th IETF, AAA WG3 Why are there proxies? Proxies are useful for several reasons:  They can distribute administration of systems to a configurable grouping, including the maintenance of security associations,  They can be used for concentration of requests from an number of co-located or distributed NAS equipment sets to a set of like user groups  They can do value-added processing to the requests or responses  They can used for load balancing,  A complex network will have multiple authentication sources, they can sort requests and forward towards the correct target

4 11 December, 200049th IETF, AAA WG4 Types of Proxies Routing Proxies Policy Proxies Broker Proxies Translation Gateways

5 11 December, 200049th IETF, AAA WG5 Routing Proxies Forward requests to appropriate targets –NAI parse and server lookup –Aggregate management for multiple NAS POP –Can be security holder for multiple NASes –Can be stateless

6 11 December, 200049th IETF, AAA WG6 Policy Proxies Value added management using AAA stream Often used to manage dynamic resource allocation across NASes –eg. Call control center, port balancing

7 11 December, 200049th IETF, AAA WG7 Broker Proxies A go-between for administrative domains –matches a request from an access ISP with the provider network –subscribed services; each party signs up, service aggreement in place –security information for contact points

8 11 December, 200049th IETF, AAA WG8 State Taxonomy Issues often bring up “state” –Message State - getting the message to your peer –Transaction State - tracking the request and response –Session State - tracking the active session –Global State - tracking sessions across multiple sources

9 11 December, 200049th IETF, AAA WG9 Problems that Proxies bring up Transactional Reliability - Acks and feedback at some level Failover and Recovery management Graceful Shutdown Congestion Potential

10 11 December, 200049th IETF, AAA WG10 More Proxy Problems Integrity of Accounting Data Visibility of data Message Filtering between Admin Domains

11 11 December, 200049th IETF, AAA WG11 Summary Please comment on draft-ietf-aaa-proxies-01.txt Currently on http://www.diameter.org/

Download ppt "11 December, 200049th IETF, AAA WG1 AAA Proxies draft-ietf-aaa-proxies-01.txt David Mitton."

Similar presentations

Authentication Authorization Accounting and Auditing

Authentication Authorization Accounting and Auditing
Trust Router Overview IETF 86, Orlando, FL Trust Router Bar BOF Margaret Wasserman

Trust Router Overview IETF 86, Orlando, FL Trust Router Bar BOF Margaret Wasserman
Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –

Introducing WatchGuard Dimension. Oceans of Log Data The 3 Dimensions of Big Data Volume –“Log Everything - Storage is Cheap” –Becomes too much data –
Layer 2 Tunneling Protocol (L2TP)

Layer 2 Tunneling Protocol (L2TP)
Multicasting Applications Across Inter-Domain Peering Points Percy S. Tarapore, AT&T Robert Sayko, AT&T Greg Shepherd, Cisco Toerless Eckert, Cisco Ram.

Multicasting Applications Across Inter-Domain Peering Points Percy S. Tarapore, AT&T Robert Sayko, AT&T Greg Shepherd, Cisco Toerless Eckert, Cisco Ram.
OBGP: A mechanism for optical peering and lightpath trading George M. Porter Sahara Retreat UC Berkeley January 2002.

OBGP: A mechanism for optical peering and lightpath trading George M. Porter Sahara Retreat UC Berkeley January 2002.
Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.

Lesson 18-Internet Architecture. Overview Internet services. Develop a communications architecture. Design a demilitarized zone. Understand network address.
Multihop Federations draft-mrw-abfab-multihop-fed-01.txt Margaret Wasserman

Multihop Federations draft-mrw-abfab-multihop-fed-01.txt Margaret Wasserman
SERVER LOAD BALANCING Presented By : Priya Palanivelu.

SERVER LOAD BALANCING Presented By : Priya Palanivelu.
Accounting, Auditing and Session IDs Nevil Brownlee The University of Auckland / CAIDA Adelaide, March 2000.

Accounting, Auditing and Session IDs Nevil Brownlee The University of Auckland / CAIDA Adelaide, March 2000.
1 A Course-End Conclusions and Future Studies Dr. Rocky K. C. Chang 28 November 2005.

1 A Course-End Conclusions and Future Studies Dr. Rocky K. C. Chang 28 November 2005.
1 Web Content Delivery Reading: Section 9.2.2 and 9.4.3 COS 461: Computer Networks Spring 2007 (MW 1:30-2:50 in Friend 004) Ioannis Avramopoulos Instructor:

1 Web Content Delivery Reading: Section and COS 461: Computer Networks Spring 2007 (MW 1:30-2:50 in Friend 004) Ioannis Avramopoulos Instructor:
1 CHEETAH software OCS/AAA module Routing decision module Signaling module VLSR module Include TL1 proxy for Cisco 15454 MSPP Router disconnect module.

1 CHEETAH software OCS/AAA module Routing decision module Signaling module VLSR module Include TL1 proxy for Cisco MSPP Router disconnect module.
Chapter 18 RADIUS. RADIUS  Remote Authentication Dial-In User Service  Protocol used for communication between NAS and AAA server  Supports authentication,

Chapter 18 RADIUS. RADIUS  Remote Authentication Dial-In User Service  Protocol used for communication between NAS and AAA server  Supports authentication,
Session-ID Requirements for IETF84 draft-ietf-insipid-session-id-reqts-00 1 August 2012 Paul Jones, Gonzalo Salgueiro, James Polk, Laura Liess, Hadriel.

Session-ID Requirements for IETF84 draft-ietf-insipid-session-id-reqts-00 1 August 2012 Paul Jones, Gonzalo Salgueiro, James Polk, Laura Liess, Hadriel.
Draft-ietf-abfab-aaa-saml Josh Howlett, JANET IETF 82.

Draft-ietf-abfab-aaa-saml Josh Howlett, JANET IETF 82.
Krerk Piromsopa. Advance Net-Centric Computing Technology Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University.

Krerk Piromsopa. Advance Net-Centric Computing Technology Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University.
1 Open Pluggable Edge Services OPES Abbie Barbir, Ph.D.

1 Open Pluggable Edge Services OPES Abbie Barbir, Ph.D.
Aug 3, 2004AAA WG, IETF 60 San Diego1 Diameter NASReq Application Status David Mitton, Document Editor.

Aug 3, 2004AAA WG, IETF 60 San Diego1 Diameter NASReq Application Status David Mitton, Document Editor.
11 KDDI Trial Hub & Spoke Shu Yamamoto Carl Williams Hidetoshi Yokota KDDI R&D Labs.

11 KDDI Trial Hub & Spoke Shu Yamamoto Carl Williams Hidetoshi Yokota KDDI R&D Labs.

Similar presentations

Ads by Google