The address advertised by radius server disagrees with the address of MA5200G, resulting in failure in allocation of address for user

Publication Date:  2012-07-27 Views:  96 Downloads:  0
Issue Description
There are six address pools in domain that the user locates at, and it is very hard for other users to get IP addresses when the address pool is highly used, so they cannot have IP address to access network. Furthermore, they have to wait for the addresses in address pool released by other else that get offline and then to access network. Sometimes, once the first address pool has allocated all its addresses, the second cannot allocate IP addresses for users, alarming with fail to alloc ip address.

Alarm Information
 The following alarm appears frequently:
fail to alloc ip address 

Handling Process
There are two solutions to the problem:
1. Disable the addresses advertised by RADIUS in the local address pool at MA5200G, or configure no section information of relevant address segment for them;
2. Set the MA5200G to allocate IP addresses for users, but not radius to do so;  
Root Cause

It seems to be a failure in IP address allocation, and the possible reason is that there is not enough address in domain. However, after careful analysis, it is found that there are six address pools in total in the domain the user locates at, and four C network segments for each address, with a total number of IP addresses of 24×256=6144; however, there are about four thousand users online, which indicates that the total number of IP address is enough for use, and there are still addresses available in address pool.
Check the relevant configurations of MA5200G, and no problem is found;
After further analysis, it is found a user is using the address allocated by radius server, viz. 222.47.222.222
 [cttxm5200G]display access-user ip-address 222.47.222.222
  User access index             : 7807
  State                         : Used
  User name                     : user@isp
  User access Interface         : Ethernet5/0/5.1
  User access inner VLAN        : 101
  User MAC                      : 0006-5b6c-aaf9
  User IP address               : 222.47.222.222
The address pool is found to contain the address.
[cttxm5200G-ip-pool-xmtt03]display this
#
ip pool xmtt03 local
 gateway 222.47.216.1 255.255.248.0
 section 0 222.47.216.2 222.47.219.255
 section 1 222.47.220.1 222.47.223.254
 dns-server  222.47.62.22
 dns-server  211.98.4.1 secondary
The above symptoms occur when observing other addresses.
By the information mentioned above, it can conclude that:
When a user gets the address, which is allocated by MA5200G in address pool, it is the same to that advertised by radius, and thus address confliction occurs, causing users to be incapable of access to network; at the same time, MA5200G will alarm for failure in address allocation.


END