Other vars for RADIUS Configuration

The following additional variables are preinstalled and used to control the RADIUS client protocol; they are pre-ENABLED and generally need not be altered.

The number of seconds that the requestor logic waits before contacting an unresponsive server:

edit> vars print PRG=auth
PRG="auth" NAME="RADIUSHolddown" ENABLED VALUE="300" 
DESCRIPTION="seconds to ignore a non-responsive RADIUS server"

The number of passes through the server list that requestor logic makes before giving up:

PRG="auth" NAME="RADIUSRetryPasses" ENABLED VALUE="3" 
DESCRIPTION="how many times to try each RADIUS server"

The name of the RADIUS server port, as given in the Service registry:

PRG="auth" NAME="RADIUSService" ENABLED VALUE="radius" 
DESCRIPTION="RADIUS service / port # at which to query server(s)"

The number of seconds for each response that requestor logic waits before sending another attempt:

PRG="auth" NAME="RADIUSTimeout" ENABLED VALUE="5" 
DESCRIPTION="seconds to await each RADIUS server response"

The requestor logic attempts to contact only servers that have not been held down during the first pass; subsequent passes contact each server regardless of previous nonresponsiveness. During the first pass, each server is contacted twice in a row before moving onto the next one. During subsequent passes, each server is only contacted once. A rough upper-bound on the overall time for total failure for all servers is:

#servers x (#passes + 1) x timeout

This is an upper-bound because of the way the first pass avoids recently unresponsive servers; a lower-bound would be:

#servers x (#passes - 1) x timeout

So, for example, with two servers configured and using the default time-outs, the overall failure time-out would be less than 2 x (3 + 1) x 5 = 40 seconds, and greater than 2 x (3 - 1) x 5 = 20 seconds