E.g. two devices with same MAC on different ports, one is trying to authenticate, and the other is sending packets. the authorisation could be applied to the wrong port.
The worst case is that a malicious user gets the authenticating clients authorisation.
Another possible scenario is that the event messages come in out of order, e.g. p2, p1. and the host is now on p2. but we naively use the last learnt port as the current one (that authorisation gets applied to).
The L2_LEARN event does have the previous learnt port
E.g. two devices with same MAC on different ports, one is trying to authenticate, and the other is sending packets. the authorisation could be applied to the wrong port.
The worst case is that a malicious user gets the authenticating clients authorisation.
Another possible scenario is that the event messages come in out of order, e.g. p2, p1. and the host is now on p2. but we naively use the last learnt port as the current one (that authorisation gets applied to).
The L2_LEARN event does have the previous learnt port