Currently there are several methods for an IP host to initialize IP networking with an IP network over a shared link, but they either lack security functions or suffer a routing efficiency problem. These methods and their problems are briefly summarized below.                (1) Using DHCP to request an IP address and network configuration parameters from a DHCP server on the IP network. This method by itself does not offer any security solutions.        (2) Using a static IP address and broadcasting it to the IP network using gratuitous ARP messages. This method by itself does not offer any security functions.        (3) Using PPPoE to authenticate the IP host to a PPPoE server on the IP network and to receive an IP address and network configuration parameters after the authentication succeeds. Optionally, the PPPoE server can be co-located on the gateway router, and the data frames between the IP host and the gateway router can be encrypted using a per-user per-session key. This method offers good security protection when encryption is used, but it suffers a routing efficiency problem if the majority of communications are between IP hosts on the shared link. In this case, all host-to-host communications have to go through the gateway router for decryption and re-encryption, and thus the gateway router can be easily overloaded.        (4) Using a static IP address or DHCP over link-layer access control and encryption mechanisms, such as 802.1x and 802.11i in the case of an IEEE 802.11 wireless LAN. This method offers good security protection (assuming the WEP security flaws are fixed by 802.11i), but suffers the same routing efficiency problem if the majority of communications occur between IP hosts associated with the same access point.        