What will be the Controller's authentication behavior if all the Radius Servers in a Server group are down?
In a scenario where a Server Group with 3 Radius Servers are configured for authentication with Load Balance enabled in the Server Group. What will happen if all the three Radius Servers are marked down due to some reason i.e. they are marked out of service. There are 2 behaviors here:
1. If Default server i.e. Internal Database is mapped as the 4th server in the Server Group, then automatically the controller will start using this server for Authentication.
2. If there is no Internal Database mapped in the Server Group, then as soon as the 3rd Server goes out of service, Controller will bring back up all the servers in service. Below are the sample logs we would notice in one such scenario:
Feb 17 20:29:35 :124003: <3866> <INFO> |authmgr| Authentication result=AAA server timeout(2), method=802.1x, server=rad3, user=bc:38:35:67:ab:dd
Feb 17 20:29:35 :124004: <3866> <DBUG> |authmgr| server_cbh (252)(DEC) : os_reqs 0, s rad3 type 2 inservice 1 markedD 0
Feb 17 20:29:35 :124607: <3866> <DBUG> |authmgr| server_cbh(): response=2 from Auth server 'rad3 for client:4 proto:4 eap-type:0'.
Feb 17 20:29:35 :124014: <3866> <NOTI> |authmgr| Taking Server rad3 out of service for 10 mins
Feb 17 20:29:35 :124004: <3866> <DBUG> |authmgr| Select server for method=802.1x, user=bvakil, essid=Radius-Test sp dot1x, server-group=ServerGroup, last_srv rad3
Feb 17 20:29:35 :124541: <3866> <DBUG> |authmgr| Bring all servers in server group ServerGroup back in service.
Feb 17 20:29:35 :124015: <3866> <NOTI> |authmgr| Bringing Server rad1 back in service.
Feb 17 20:29:35 :124015: <3866> <NOTI> |authmgr| Bringing Server rad2 back in service.
Feb 17 20:29:35 :124015: <3866> <NOTI> |authmgr| Bringing Server rad3 back in service.