No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

NE40E V800R010C10SPC500 Configuration Guide - User Access 01

This is NE40E V800R010C10SPC500 Configuration Guide - User Access
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
(Optional) Configuring the Algorithm for Selecting a RADIUS Server

(Optional) Configuring the Algorithm for Selecting a RADIUS Server

When there are more than one authentication or accounting server in a RADIUS server group, you can specify either the load balancing or master/backup mode for these RADIUS servers.

Context

The algorithm for selecting a RADIUS server functions as follows:
  • If the radius-server algorithm master-backup command is run or the default master/backup mode is used, the RADIUS authentication server or accounting server configured first is the master server, and the others are backup servers. A backup server is selected only after the master server goes Down.

    • When packets are sent for the first time:

      If the master server is Up, it is selected. If no server is in the Up state, the first configured server is selected.

    • When packets are retransmitted due to a timeout:
      • If a server has already been selected and the number of retransmission times has not reached the limit, packets are still retransmitted to this server.

      • If the number of retransmission times has reached the limit and the master server times out, packets are retransmitted to the server that has most recently received packets. If no such server is available or packets have already been sent to this server, the polling mechanism is used to select another backup server in the Up state. If no backup server is in the Up state, the next configured backup server is selected.
      • If the number of retransmission times has reached the limit and the backup server times out, the polling mechanism is used to select another backup server in the Up state. If no backup server is in the Up state, the next configured backup server is selected.
  • If the radius-server algorithm loading-share command has been configured to set the load balancing mode, traffic is load-balanced based on the weights of servers.

    • If the sum of weights of RADIUS servers is 0, each RADIUS server is considered to have the same weight. Then a server in the Up state is selected at random.

      For example, if a RADIUS server group has six servers, in which four are Up, one is selected from the four servers in the Up state at random. These four servers have the same chance of being selected. If no server is Up, one is selected from the six servers at random. These six servers have the same chance of being selected.

    • If the sum of weights of RADIUS servers is greater than 0, all RADIUS servers that are in the Up state and have not been used are selected at random based on the proportion by weight. If no RADIUS server is in the Up state, servers are selected at random based on the proportion by weight.

      For example, if a RADIUS server group has four servers, at a weight of 10, 20, 30, and 40, respectively. If the four servers are all Up or Down, they will be selected at a probability of 10%, 20%, 30%, and 40%. If the first server is Down, but the other three servers are Up, a server is selected from the three servers in the Up state at a probability of 20/(20+30+40), 30/(20+30+40), and 40/(20+30+40).

    NOTE:

    Each time a RADIUS server is selected, the selection result is independent of previous selection results. For example, two servers have the selection probability of 50% each. If 100 consecutive users select the first server, the 101th user still has 50% probability to select the first server. It is similar to flipping a coin. The probability for getting a head or tail is 50% each. If you only flip a coin few times, the probability for each is not necessarily 50%. However, if you flip the coin multiple times, the probability for getting a head or tail is 50% eventually.

  • By default, the RADIUS accounting server is selected based on the authentication server selection result. After a user selects a RADIUS server for authentication, it will also use this RADIUS server for accounting. If the radius-server algorithm master-backup [ strict ] command is run, the accounting server is selected based on the configured algorithm. The master accounting server is preferentially selected, irrelevant to the authentication server.

Perform the following steps on the router:

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run radius-server group group-name

    The RADIUS server group view is displayed.

  3. Run radius-server algorithm { loading-share | master-backup [ strict ] }

    The algorithm for selecting the RADIUS server is configured.

    If strict is configured, the accounting server is selected based on the configured algorithm. The master accounting server is preferentially selected, irrelevant to the authentication server.

Translation
Download
Updated: 2019-01-03

Document ID: EDOC1100055031

Views: 17353

Downloads: 70

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next