1.5 wording

1.5 reads "communicate with the server using the Loopback0 interface to source the udp packets and delcare the server dead for a minute of no response."

should read "....and delcare the server dead for a minute if no response is heard"

Comments

  • This makes sense. 

    Which version of the WB is this?

  • 1.5 reads "communicate with the server using the Loopback0 interface to source the udp packets and delcare the server dead for a minute of no response."

    It should be read like "delcare the server dead if no response is heard within a minute"

  • 1.5 reads "communicate with the server using the Loopback0 interface to source the udp packets and delcare the server dead for a minute of no response."

    It should be read like "delcare the server dead if no response is heard within a minute"

     

    The sg gives the command "radius-server deadtime 1" which declares the server dead for 1 minute. Since the radius  server dosen't actually exist, the connection to the server flaps.


    deadtime minutes

    no deadtime

    Syntax Description

    minutes

    Length of time for which a RADIUS server is skipped over by transaction requests, up to a maximum of 1440 minutes (24 hours).

  • For our task purpose its just the timeout if server is unavailable. Reference from Cisco Doc. 


    Usage Guidelines

    Use this command to enable the Cisco IOS software to mark as "dead" any RADIUS servers that fail to respond to authentication requests, thus avoiding the wait for the request to time out before trying the next configured server. A RADIUS server marked as "dead" is skipped by additional requests for the specified duration (in minutes) or unless there are no servers not marked as "dead."

     

  • For our task purpose its just the timeout if server is unavailable. Reference from Cisco Doc. 

     

    Usage Guidelines


    Use this command to enable the Cisco IOS software to mark as "dead" any RADIUS servers that fail to respond to authentication requests, thus avoiding the wait for the request to time out before trying the next configured server. A RADIUS server marked as "dead" is skipped by additional requests for the specified duration (in minutes) or unless there are no servers not marked as "dead."

     

     

     

    Based on documentation you posted, the command isn't specifying the timeout but is instead specifying the time that the radius server will be suppressed(declared down). It's more of a dampening feature.

    There is another radius command radius-server dead-criteria time <time> tries <tries>. This command specifies the time and/or tries that must fail for the server to be declared down.

    I was just looking for clarification since the SG dosen't make an attempt at explaing the command.

     

    Thanks!

     

     

     

  • Based on documentation you posted, the command isn't specifying the timeout but is instead specifying the time that the radius server will be suppressed(declared down). It's more of a dampening feature.

    any RADIUS servers that fail to respond to authentication requests, thus avoiding the wait for the request to time out before trying the next configured server.

     

  • What i'm seeing after configuring the dead time is the link flapping. Radius server is declared dead for 1 minute due to the "deadtime" being configured. Once this happens, the chap authentication fails which drops the link. The radius server stays up for ~20 seconds until it is declared and forced down for another minute due to deadtime being set at 1. The link flaps indefinately. 

    This behavior only seems to happen after i reload the router.



    *Mar  8 11:04:33.531: %SYS-5-CONFIG_I: Configured from console by console

    *Mar  8 11:04:45.867: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to up

    *Mar  8 11:04:54.035: %RADIUS-4-RADIUS_DEAD: RADIUS server 192.10.1.100:1645,1646 is not responding.

    *Mar  8 11:04:54.035: %RADIUS-3-ALLDEADSERVER: Group radius: No active radius servers found. Id 62.

    *Mar  8 11:04:55.035: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to down

    *Mar  8 11:04:58.071: %RADIUS-3-NOSERVERS: No Radius hosts configured or no valid server present in the server group radius

    *Mar  8 11:05:54.035: %RADIUS-6-SERVERALIVE: Group radius: Radius server 192.10.1.100:1645,1646 is responding again (previously dead).

    *Mar  8 11:05:54.035: %RADIUS-4-RADIUS_ALIVE: RADIUS server 192.10.1.100:1645,1646 is being marked alive.

    *Mar  8 11:05:59.035: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to up

    *Mar  8 11:06:13.275: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to down

    *Mar  8 11:06:37.791: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to up

    *Mar  8 11:06:46.311: %RADIUS-4-RADIUS_DEAD: RADIUS server 192.10.1.100:1645,1646 is not responding.

    *Mar  8 11:06:46.311: %RADIUS-3-ALLDEADSERVER: Group radius: No active radius servers found. Id 79.

    *Mar  8 11:06:47.311: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to down

    *Mar  8 11:06:50.323: %RADIUS-3-NOSERVERS: No Radius hosts configured or no valid server present in the server group radius

    *Mar  8 11:07:46.311: %RADIUS-6-SERVERALIVE: Group radius: Radius server 192.10.1.100:1645,1646 is responding again (previously dead).

    *Mar  8 11:07:46.311: %RADIUS-4-RADIUS_ALIVE: RADIUS server 192.10.1.100:1645,1646 is being marked alive.

    *Mar  8 11:07:47.759: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to up

    *Mar  8 11:08:06.243: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to down

    *Mar  8 11:08:28.343: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/1, changed state to up

    *Mar  8 11:08:36.239: %RADIUS-4-RADIUS_DEAD: RADIUS server 192.10.1.100:1645,1646 is not responding.

  • What i'm seeing after configuring the dead time is the link flapping. Radius server is declared dead for 1 minute due to the "deadtime" being configured. Once this happens, the chap authentication fails which drops the link. The radius server stays up for ~20 seconds until it is declared and forced down for another minute due to deadtime being set at 1. The link flaps indefinately.

    If I remembered it correctly I did not face this issue for this task when performed this lab.

Sign In or Register to comment.