[cisco-bba] Rate Limiting / Load Balancing Radius Requests
Paul Raj Khangure
cisco-bba at digitaljunkie.net
Sun Mar 13 02:42:20 EST 2005
We have a number of 7200G and G1s which are being used as LNSes and
BRASes.
We also have an electricity company which can't keep a steady supply of
electricity going for more than a week or two.
When there's a brownout, several thousand (sometimes a few thousand,
sometimes over ten thousand) clients drop off suddenly, and then their
modems / routers try to reconnect suddenly.
This causes the BRAS / LNS to send a flood of radius requests to the
radius servers. Various bad things happen, including there being more
than 256 requests at a time causing the radius-id to overflow, along
with load issues on the radius servers, and clients who get auth
timeouts.
Anyone know if there's an effective way of rate-limiting the number of
radius authentication requests sent on the LNS / BRAS - eg to a max of
50 or 100 per second - or getting the LNS / BRAS to load balance radius
requests to multiple servers, rather than waiting for the first one to
die / timeout?
prk.
More information about the cisco-bba
mailing list