Wireless Access

Friends,

According to Aruba controller documentation, when not doing load balancing, the list of RADIUS servers in a server group is an ordered list. By default, the first server in the list is always used unless it is unavailable, in which case the next server in the list is used.

I have two questions about how this fail over mechanism works.

First, how specifically does a controller determine that a RADIUS server in the list has failed?  Is it based on the unresponsiveness of RADIUS messages and some hard coded timeout value?  What are the precise rules for making this determination?

Second, will the controller periodically monitor a failed server to see if it has recovered, and bring it back into service, something often referred to as fail back?  If so, how precisely does this work?

Thank you,

John

First, how specifically does a controller determine that a RADIUS server in the list has failed?  Is it based on the unresponsiveness of RADIUS messages and some hard coded timeout value?  What are the precise rules for making this determination?

 

number of retries * timeout in the aaa authentication-server radius zzz

 

Second, will the controller periodically monitor a failed server to see if it has recovered, and bring it back into service, something often referred to as fail back?  If so, how precisely does this work?

 

---

 After the dead time (show aaa timers) it will swing back to the highest priority, attempt to use it, and if it fails again per the above (rexmt * timeout) it will be marked as dead again.

AFAIK there is no background probe check (there isn't in 6.x an earler) it just relies on the dead timer and then the same logic which caused it to be marked as dead in the first place.

hth.

Thank you kindly.  That is just what I was looking for.