03-17-2010 06:13 AM
I have a quick and i believe simple question for everyone. We are using a server group to group two radius servers. The question i have is on the order and fail over of this group. I know that the order is based on how they are listed in the group, the top server is used first. The thing i am not sure on is how the failover works as well as the recovery. I know it tries the first server in the list and if fails goes to the second. Once the first server fails and authentication requests go to the second server what triggers the requests to go back to the first server in the list? I ask this because yesterday one of our radius servers stop serving the requests coming and it failed over to the second server as expected, but as the day went on i saw that a decent size group still authenticating to the second server in the list. Thank you for your help in clarifying this for me.
03-17-2010 07:05 AM
When a RADIUS (or any server for that matter) fails to respond to an authentication attempt, it is taken out of service for 10 min be default. During that time, clients will use the other server and the first one will not be checked. After 10 min, the controller will begin using the first server again for new authentications, but I believe all clients that were authenticated by the second server will continue to use #2.