Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
672
Views
4
Helpful
3
Replies

CSS- UDP query

sundarr
Level 1
Level 1

‎08-11-2006 08:40 AM

Hi ,

Two RADIUS Servers are present in our setup. Configuration for the same is as below:

!************************** SERVICE **************************

service A

ip address 172.30.7.91

protocol udp

active

!************************** SERVICE **************************

service B

ip address 172.30.7.92

protocol udp

active

*******Content Rule**********

owner IT

content UDP

vip address 172.30.12.55

add service A

protocol udp

port 1813

add service B

active

!*************************** GROUP ***************************

group Z

vip address 172.30.12.55

add destination service A

add destination service B

active

Application on Server A - RADIUS 1813 was shutdown and CSS was sending the request to the second Server B successfully.

My query is as the Content Rules are configured for Port 1813, does CSS understand that Server A is not responding and passes the request to Server B.

When we bring back the Server A Application of RADIUS active, CSS was able to identify and it started forwarding the flows to the Server A.

Appreciate your response.

regards

R.Sundara Rajan

Labels:
0 Helpful
3 Replies 3

Gilles Dufour
Cisco Employee
Cisco Employee

‎08-14-2006 01:16 AM

the css uses keepalives to detect availability of servers.

The default keepalive is a ping.

So, if the server is totally down, the CSS will detect it and stop using it.

If only the radius daemon died, and the server keeps responding to ping, the CSS won't detect that the server is not working.

You can change the keepalive to use other protocol. You can even build your own script to create radius query and verify the response.

Here is a link to the script language

http://www.cisco.com/en/US/products/hw/contnetw/ps789/products_configuration_guide_chapter09186a0080176f7d.html

Gilles.

sundarr
Level 1
Level 1
In response to Gilles Dufour

‎08-14-2006 02:14 AM

Hi Gilles,

Thanks for the response.

In our setup, as of now we are using only the default keepalive mecahnism for RADIUS.

We tested by shutting down the RADIUS daemon on the Server A and CSS didnt send any packet to the Server A during the period and when again the RADIUS Daemon on the Server A was started. CSS immediately started forwarding the packets to Server A.

What is the timeperiod CSS wait in this scenario. ?

I will check out for the Scripting for RADIUS Traffic by going through the link.

In our network presently CSS11800 with Version 6.10 is present.

Appreciate your response.

regards

R.Sundara Rajan

0 Helpful

Gilles Dufour
Cisco Employee
Cisco Employee
In response to sundarr

‎08-14-2006 12:07 PM

you can do a "show service " to see the keepaive type and the different timers.

Keepalive: (ICMP 5 3 5 )

the first 5 indicates 5 seconds interval between 2 probes.

The '3' indicates the number of successive failures before considering the service down and the last '5' indicates what should be the frequency when the service is not alive.

So, you can see it takes by default 3 x 5 = 15 sec to consider a service down.

This can be changed with the 'keepalive' commands under the service configuration.

Gilles.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card