[cisco-bba] Problems to monitor resource usage using Radius in ios 12.3(10)

Dennis Peng dpeng at cisco.com
Thu Oct 21 12:51:58 EDT 2004 

The SSS ID's can be re-used if the session associated with it has gone
away. But there should never be two sessions up at the same time with
the same Uniq-Session-Id. I'm not exactly sure why we always try to
keep ~1000 id's in the free list. It prevents an id from being re-used
too quickly, but I'm not sure why that would be a problem. I assume
that in your test you are bring sessions up and down as opposed to
bringing up a bunch of sessions at one time. Is this correct?

Dennis

RGCABELL [RGCABELL at terra.es] wrote:
> Testing cisco ios 12.3(10) as a L2TP Network Server, I have noticed a 
> different behaviour on PPPoL2TP sessions treatment regarding to ios 12.2
> (24). 
> 
> Now a new L2TP session state is created when ICCN control packet is 
> received: "wait-for-service-selection" instead of "established". The 
> L2TP session is considered "established" when authentication process 
> succeeds, and a virtual-access interface is assigned to the L2TP 
> session. 
> 
> During the authentication process, the virtual-access interface is 
> unknown, so the value for NAS-Port Radius attribute cannot contain the 
> virtual-access any more. New ios version sends a "uniq-Sess-Id" 
> assigned to L2TP session as NAs-Port value. 
> 
> I have tried to test the criteria to generate this new value, and I 
> have seen that the value is a decimal number generated in sequential 
> form. But, when the value is around "1004", it is wrapped and it starts 
> at "1" again. 
> 
> I have tested it at two different platforms: 3725 and 7200, and the 
> result is the same for them. 
> 
> Why Uniq-Sess-Id is wrapped around 1004? could it be solved with some 
> configuration command? If not so, the monitorization of resource usage 
> using Radius will not work properly if Radius server uses an IP address 
> and a Port to identify a resource, and the number of simultaneous 
> sessions is greater than 1004. 
> 
> 
> 
> 
> _______________________________________________
> cisco-bba mailing list
> cisco-bba at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-bba

More information about the cisco-bba mailing list