1 / 7

AAA Research Problems

Explore link aggregation, VLAN provisioning, and security challenges in MANs. Learn about IEEE 802.1 support, Ethernet ISPs, and AAA keying techniques for secure network operations. Contact experts for insights.

lindabarnes
Download Presentation

AAA Research Problems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. AAA Research Problems Bernard Aboba IETF 53 Minneapolis, MN March 19, 2002

  2. Outline • Metropolitan Area Networks • Security issues

  3. Link Aggregation • IEEE 802.1 supports link aggregation • Allows peer to use more than one IEEE 802 link and aggregate them • Example: Want to send 2 Gbps of traffic on a switch with 1 Gbps ports • IEEE 802 Link aggregation model • Authentication (IEEE 802.1X occurs before aggregation) • Question: How is link aggregation authorized? • Not as simple as old Ascend Port-Limit attribute • Contact: Paul_Congdon@hp.com, IEEE 802.11aa PAR

  4. Provisioning the EtherNAS • The old way • Order a 56 Kbps link and wait… • Install and debug the 56 Kbps link. • Outgrow it • Order a T1 and wait…. • Install and debug the T1 link. • Outgrow it • Order a DS3 and wait… • The new way: Ethernet ISPs • Growing in popularity: Telseon, Yipes, etc. • Promises dramatic increases in speed, decrease in cost, wait • Install big pipe to customer premises • 1 Gbps or 10 Gbps Ethernet • Allow customers to provision their own bandwidth via a web page • Change takes effect in seconds instead of weeks • Contact: Andrew Smith

  5. Provisioning the EtherNAS Heterogeneous Servers EtherNAS 1+ Gbps switch with DWDM support l, VLAN, MPLS Tags MAN 1 GbE link (optional) Tape Library Array Controller with Disks Array Controller with Disks Customer site

  6. EtherNAS Provisioning • Draft-congdon-8021x-radius-17.txt describes VLAN provisioning • All packets on the port tagged with VLANID • We’re only scratching the surface • Bandwidth limits • More sophisticated VLANs (application VLANs) • Lambda grooming • MPLS tagging

  7. Security Issues • Understanding the security implications of AAA keying • Security analysis of current AAA keying techniques • Example: Diameter NASREQ, MIP keying • Understanding the role of 3-way secure key agreement protocols such as Bellare-Rogaway • Recommended contact: Bill Arbaugh

More Related