1. Users under MA5200F report that they access network very slowly.
2. New users fail to pass authentication.
3. Users online have dropped offline
4. After login to MA5200F, the occupation rate of CPU is found very high, and it is very hard to use CLI.
5. There are great deal of alarms that indicate failed accounting and full bill pool.
There are great deal of alarms that indicate failed accounting and full bill pool.
% [06/17/2004 16:51:40-] AAA-5-02041000: MA5200E0406171651186a6cf4bd00083
% [06/17/2004 16:51:40-] AAA-5-02041000: test@isp
1. Change the accounting policy for users to non-accounting.
2. With the permission of customer, it is recommended to change the accounting policy to allow users who fail in accounting to access network. It is defaulted to force users who fail in accounting to be offline.
3. Back up the bills in cache regularly through configuration, as follows:
Step 1: Set the backup mode of bill:
[MA5200F-local-aaa-server]cache-bill backup-mode tftp
Step 2: Set the time interval of backup (720 minutes by default):
[MA5200F-local-aaa-server]cache-bill backup-interval 120
Step 3: Set the parameters of server for backup of bills:
[MA5200F-local-aaa-server]bill-server 10.1.1.1 filename bill
Such a problem mainly arises from the configuration of local accounting for MA5200F.
The policy to save the local bills at MA5200F is as follows:
1. First save the bills of users to cache, and if the cache is full, save the bills into flash according to FIFO.
2. If flash cannot receive more bills, it will not delete the old bills; at this point, only TFTP could help back up the bills in flash to an outside computer.
Because the customer configures MA5200F with local accounting, all bills are saved to flash. However, the customer does not configure TFTP server (or the TFTP server is not available), so once the flash is full of bills, it cannot back up them, and the new bills cannot write into flash. Consequently, new users drop offline because of failure in accounting which arising from that no bills are generated. The real-time accounting packets generated by online users cannot write into flash, making the users drop offline because of failure in real-time accounting. At the same time, the CPU resources of MA5200F will be occupied greatly (because of a great deal of alarms for accounting failure and full bill pool and that the generated bills needs to write into flash).
1. If there is no special requirements for accounting (for example, monthly-fee users do not need to account), it is recommended to set local as non-accounting.
2. If it is required to enable local accounting and authentication, it is recommended to back up bills in cache to flash and then to background server. If you back up the bills to background server directly, the bills saved in cache are limited once the background server fails, opt to failing the accounting on users.
3. It is required that the server should communicate well with MA5200 no matter it is backup from cache to background directly or from flash to background server, and TFTP program must be enabled at the same time.
4. Generally, change the policy for start-accounting failure to permit users online.