[Contents] [Prev] [Next] [Index] [Report an Error] [No Frames]


Configuring UDP Ports for RADIUS Plug-Ins

In RADIUS packets that RADIUS plug-ins send to a RADIUS server, the plug-in uses an identifier field to match requests to replies. This field provides for a maximum of 256 identifiers. Once all identifiers are used, the plug-in cannot send any more requests until it receives replies that match the requests already sent. In high-load systems, this limit can slow performance.

To overcome this limitation, you can configure a pool of UDP ports for RADIUS plug-ins. Having a pool of ports allows RADIUS plug-ins to create one queue per port to wait for RADIUS replies. Each queue can wait for 256 RADIUS packets. The RADIUS plug-ins send RADIUS packets through the pool of ports in a round-robin mode.

You can configure a global source UDP port or pool of ports that RADIUS plug-ins use to communicate with RADIUS servers. You can also configure UDP ports for each plug-in instance. If you do not configure a UDP port for a plug-in instance, the plug-in uses the global UDP port.

Configuring Global UDP Ports

Use the following configuration statement to configure global configuration ports:

shared sae configuration global-radius-udp-port {
udp-port; 
}

To configure global UDP ports:

  1. From configuration mode, access the global RADIUS UDP port configuration. In this sample procedure, the UDP port is configured in the west-region SAE group.
  2. user@host# edit shared sae group west-region configuration 
    global-radius-udp-port 
    
    
    
  3. Configure the source UDP port or a pool of ports that RADIUS plug-ins use to communicate with RADIUS servers.
  4. [edit shared sae group west-region configuration global-radius-udp-port]
    
    user@host# set udp-port 
    

[Contents] [Prev] [Next] [Index] [Report an Error] [No Frames]