=== Goal ===

To solve problems inherent to layer 3 client roaming

This is needed because as a wireless user moves between specific nodes, several things change.

 * Association
 * Leased DHCP Address
 * Layer 2 State

=== Requirements ===

These would be the absolute basic requirements of each node that was a part of the network.
Definitions follow further down.

 * Node IP Registry
 * Node Standards for DHCP

=== Assumptions ===

TCP/IP Protocol Stack ''Layer n'' refferences are based on the following 4-Layer Model:

|| Application || 4 ||
|| Data Link || 3 ||
|| Network  || 2 ||
|| Network Access || 1 ||

=== Procedure ===

The following attempts to outline a basic solution that addresses these issues as simply as possible, yet still maintain efficiency and expandability as the wireless cloud grows.

'''Client A''' comes within range of ''Node A'' for the very first time. Assuming no previous contact the following should happen automatically, without client intervention.

 * '''Client A''' establishes Layer 2 connectivity with ''Node A'' (this should be automatic so long as the AccessPoint doesn't use WEP and the clients ESSID is set to either "Any" or "www.personaltelco.net")
 * After connectivity at Layer 2 is established for '''Client A''' Layer 3 connectivity should be established automatically
 * DHCP issues a lease at this time, completing the initial steps

Once initialized the complete route must be established through further means. This can be accomplished with any Portal system (such as NoCatAuth).

The following steps are required when '''Client A''' leaves the coverage area of ''Node A'' and enters the established coverage area of ''Node B''.

 * Connectivity to ''Node A'' at Layer 2 will be broken automatically, however the ''Node A'' Layer 3 DHCP lease will remain
 * Layer 2 connectivity will be re-established with ''Node B''
 * DHCP information from ''Node A'' will persist until '''Client A's''' lease expires
 * Once the old lease expires, a new lease will be obtained from ''Node B''

=== Details Concerning the IP Registry ===

The IP Registry will be a central storage point for information concerning the IP assignments for the wireless network. These will be internal non-routable IP addresses as specified in RFC1918.

Class A addresses will be in the 10.0.0.0/8 range. Each node will be given some portion of the available addresses. This information will be centrally maintained and kept consistent with the current network state. The chosen method of storage can be any easily updated information distributing medium.

An Example of the IP assignments could be as follows:

 * 10.0.1.0/24 - reserved
 * 10.0.2.0/27 - Node NNX
 * 10.0.2.32/27 - Node NNY
 * 10.0.2.64/27 - Node NNZ
 * etc...

If needed, route aggregation could be obtained by assigning specific blocks to specific regions.

=== Node Standards for DHCP ===

Each node will be identically configured with the obvious exception of the specific DHCP address pool which is configured according to information set in the IP Registry Database. Arbitrary standards may be specified that fit each networks specific conditions. It is generally assumed that each stations ESSID will remain the same through out the network (Note: there is still some debate as to whether it is better to have a single ESSID for all AccessPoints or whether to have a slightly different ESSID for each).

Example DHCP configuration:

 * Gateway: 10.0.0.1
 * Primary DNS: 10.0.0.2
 * Secondary DNS: 10.0.0.3
 * Netmask: 255.0.0.0
 * Domain: www.personaltelco.net
 * Lease Time: 600 seconds
 * Address Pool: Assigned from node IP registry

Note on DNS: It has been suggested that Public, routable IP addresses be used for DNS to facilitate accesibiltity to all members of the network. Only adequate testing could determine the best solution. Either may work sufficiently provided the DNS assigned at ''Node A'' works when the client roams to ''Node B''.

=== Portal Authentication System Requirements ===

 * Ability to authenticate at ''Node A'' and recieve a cookie upon succesful authentication.
 * Upon Moving to ''Node B'' connectivity is updated at Layers 2 and 3 as explained previously.
 * Traffic from ''Client A'' will be routed to the Portal running at ''Node B''
 * The centralized authentication server will recognize the cookie previously set by ''Node A''
 * Authentication information will be updated at ''Node B''
 * All traffic will be routed to the public internet as requested

At this point a browser is required to re-authenticate at the new node.

--

This draft was originally proposed by AdamShand on Fri, 5 Oct 2001 16:58:12, and discussed by other list members over the course of the next few days. It should deffinitely be considered a Work In Progress and any PersonalTelco member is welcome and encouraged to add comments and make appropriate changes. Remember to sign your name to any changes so you can get credit ;).

-- EliabHelon

----
[CategoryDocumentation]