Name: Cisco IOS XR
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

Configuring AAA Services on Cisco IOS XR Software

How to Configure AAA Services

SC-194

Cisco IOS XR System Security Configuration Guide

Configuring RADIUS Dead-Server Detection

This task configures the RADIUS Dead-Server Detection feature.

The RADIUS Dead-Server Detection feature lets you configure and determine the criteria that is used to

mark a RADIUS server as dead. If no criteria is explicitly configured, the criteria is computed

dynamically on the basis of the number of outstanding transactions. The RADIUS dead-server detection

configuration results in the prompt detection of RADIUS servers that have stopped responding. The

prompt detection of nonresponding RADIUS servers and the avoidance of swamped and

dead-to-live-to-dead-again servers result in less deadtime and quicker packet processing.

You can configure the minimum amount of time, in seconds, that must elapse from the time that the

router last received a valid packet from the RADIUS server to the time the server is marked as dead. If

a packet has not been received since the router booted, and there is a timeout, the time criterion is treated

as though it was met.

In addition, you can configure the number of consecutive timeouts that must occur on the router before

the RADIUS server is marked as dead. If the server performs both authentication and accounting, both

types of packets are included in the number. Improperly constructed packets are counted as though they

are timeouts. Only retransmissions are counted, not the initial transmission. For example, each timeout

causes one retransmission to be sent.

Note Both the time criterion and the tries criterion must be met for the server to be marked as dead.

The radius-server deadtime command specifies the time, in minutes, for which a server is marked as

dead, remains dead, and, after this period, is marked alive even when no responses were received from

it. When the dead criteria are configured, the servers are not monitored unless the radius-server

deadtime command is configured

SUMMARY STEPS

1. configure

2. radius-server deadtime minutes

3. radius-server dead-criteria time seconds

4. radius-server dead-criteria tries tries

5. end

commit

6. show radius dead-criteria host ip-addr [auth-port auth-port] [acct-port acct-port]

Questions and Answers:

Need help?

Do you have a question about the Cisco IOS XR and is the answer not in the manual?

Cisco IOS XR Specifications

General

Operating System	Cisco IOS XR
Architecture	Microkernel
High Availability	Yes
Type	Network operating system
Developed by	Cisco Systems
License	Proprietary
Programming Language	C, C++
Kernel	QNX
Supported Platforms	Cisco ASR9000, NCS series
Security Features	Role-Based Access Control (RBAC), Secure Boot, Encryption
Management Interface	CLI, SNMP, NETCONF, RESTCONF
Release Date	2004
Target Devices	High-end core routers, service provider edge routers, data center interconnect (DCI) routers
Supported Hardware	Cisco routers and switches
Networking Protocols	BGP, OSPF, IS-IS, MPLS
Virtualization Support	Virtualization-ready, supports network function virtualization (NFV) and containerization technologies.