It seems to be a failure in IP address allocation, and the possible reason is that there is not enough address in domain. However, after careful analysis, it is found that there are six address pools in total in the domain the user locates at, and four C network segments for each address, with a total number of IP addresses of 24×256=6144; however, there are about four thousand users online, which indicates that the total number of IP address is enough for use, and there are still addresses available in address pool.
Check the relevant configurations of MA5200G, and no problem is found;
After further analysis, it is found a user is using the address allocated by radius server, viz. 184.108.40.206
[cttxm5200G]display access-user ip-address 220.127.116.11
User access index : 7807
State : Used
User name : user@isp
User access Interface : Ethernet5/0/5.1
User access inner VLAN : 101
User MAC : 0006-5b6c-aaf9
User IP address : 18.104.22.168
The address pool is found to contain the address.
ip pool xmtt03 local
gateway 22.214.171.124 255.255.248.0
section 0 126.96.36.199 188.8.131.52
section 1 184.108.40.206 220.127.116.11
dns-server 18.104.22.168 secondary
The above symptoms occur when observing other addresses.
By the information mentioned above, it can conclude that:
When a user gets the address, which is allocated by MA5200G in address pool, it is the same to that advertised by radius, and thus address confliction occurs, causing users to be incapable of access to network; at the same time, MA5200G will alarm for failure in address allocation.