HP 5920 Series Configuration Manual page 38

Step
4. (Optional.) Set the data flow
and packet measurement
units for traffic statistics.
Setting the maximum number of RADIUS request transmission attempts
RADIUS uses UDP packets to transfer data. Because UDP communication is not reliable, RADIUS uses a
retransmission mechanism to improve reliability. If a NAS sends a RADIUS request to a RADIUS server
but does not receive a response before the response timeout timer (defined by the timer response-timeout
command) expires, the NAS retransmits the request. If the number of transmission attempts exceeds the
specified limit but the NAS still does not receive a response, it tries to communicate with other RADIUS
servers in active state. If no other servers are in active state at the time, the NAS considers the
authentication or accounting attempt a failure. For more information about the RADIUS server response
timeout timer, see
To set the maximum number of RADIUS request transmission attempts:
Step
1. Enter system view.
Enter RADIUS scheme view.
2.
3. Set the maximum number of RADIUS
request transmission attempts.
Setting the status of RADIUS servers
To control the RADIUS servers with which the device communicates when the current servers are no
longer available, set the status of RADIUS servers to blocked or active. You can specify one primary
RADIUS server and multiple secondary RADIUS servers, with the secondary servers functioning as the
backup of the primary servers. Typically, the device chooses servers based on these rules:
When the primary server is in active state, the device communicates with the primary server.
•
• If the primary server fails, the device does the following:
Changes the server's status to blocked.
Starts a quiet timer for the server.
Tries to communicate with a secondary server in active state that has the highest priority.
If the secondary server is unreachable, the device does the following:
•
Changes the server's status to blocked.
Starts a quiet timer for the server.
Tries to communicate with the next secondary server in active state that has the highest priority.
The search process continues until the device finds an available secondary server or has checked
•
all secondary servers in active state. If no server is available, the device considers the
authentication or accounting attempt a failure.
When the quiet timer of a server expires or you manually set the server to the active state, the status
•
of the server changes back to active. The device does not check the server again during the
authentication or accounting process.
Command
data-flow-format { data { byte |
giga-byte | kilo-byte |
mega-byte } | packet
{ giga-packet | kilo-packet |
mega-packet | one-packet } }*
"Setting RADIUS timers."
Command
system-view
radius scheme
radius-scheme-name
retry retry-times
27
Remarks
By default, traffic is counted in
bytes and packets.
Remarks
N/A
N/A
The default setting is 3.