Re: (ASCEND) Radius Servers (fwd)

To: megazone@megazone.org (MegaZone)
Subject: Re: (ASCEND) Radius Servers (fwd)
From: Tony Porczyk <tporczyk@best.com>
Date: Tue, 25 Aug 1998 17:04:21 -0700 (PDT)
Cc: ascend-users@bungi.com
In-Reply-To: <199808252326.QAA07251@shell4.ba.best.com> from MegaZone at "Aug 25, 98 04:26:12 pm"
Sender: owner-ascend-users@max.bungi.com

> That's up to the NAS.  PortMaster's don't, Cisco's don't, etc.
> They retry the primary a couple of times before trying the secondary.
> AND, they retry the primary every time - they don't stay fixed on
> the secondary once they use it.  I always thought that was a poor
> design choice on the MAX.

I respectfully disagree.  It is much more inefficient to have a NAS
retry the primary RADIUS server each time authentication is requested,
particularly if they retry it over and over again before jumping to the
second one.  Ascend's solution with reset timer seems much better to me.
Also, since it is trivial to once in a while reset automatically
(crontab) all your MAXes to their primary RADIUS servers through SNMP,
you have two solutions.

t.
---------------------------------------------------------------------
Tony Porczyk * tony@infobound.com * www.infobound.com * San Jose, Ca.
GIT/ED d++(!d) s++:++ a? C++++ USB++++$ P+ E- W(--) N++ !k w--- M- V?
PS+++ PE++ Y+ PGP-- t+@ 5++ X-- R* b- D---- e* V-- h* r+++(*)+++(*)>?
---------------------------------------------------------------------
++ Ascend Users Mailing List ++
To unsubscribe:	send unsubscribe to ascend-users-request@bungi.com
To get FAQ'd:	<http://www.nealis.net/ascend/faq>

Follow-Ups:

Re: (ASCEND) Radius Servers (fwd)

From: Jason Nealis <nealis@babylon.erols.com>

References:

Re: (ASCEND) Radius Servers (fwd)

From: MegaZone <megazone@megazone.org>

Prev by Date: Re: (ASCEND) CRCs increasing rapidly
Next by Date: Re: (ASCEND) MIF spec
Prev by thread: Re: (ASCEND) Radius Servers (fwd)
Next by thread: Re: (ASCEND) Radius Servers (fwd)
Index(es):
- Main
- Thread