Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Centralized Configuration Management

 

Steel-Belted Radius Carrier supports the replication of RADIUS configuration data from a primary server to a maximum of 10 replica servers within a replication realm. Replica servers help balance the load of authentication requests coming in from RADIUS clients, and ensure that authentication services are not interrupted if the primary or other replica servers stop working.

For example, Figure 15 illustrates an environment where RADIUS traffic is load-balanced by configuring each network access server (NAS) to authenticate users through a different RADIUS server (solid line). If a RADIUS server becomes unavailable, the NAS can fail over to its backup RADIUS server (dotted line).

Figure 15: Using Replication for Redundancy and Load Balancing
Using Replication for Redundancy and
Load Balancing

All the servers within a realm reflect the current configuration specified by the network administrator: the network administrator modifies the configuration on the primary server, and the primary server propagates the new configuration to its replica servers. For example, after a network administrator configures a new RADIUS client or profile on the primary server, the network administrator directs the primary server to publish a configuration package file (replica.ccmpkg) that contains the updated configuration information. After publication, the primary server notifies each replica server that a new configuration package is ready. Each replica then downloads and installs the configuration package to update its settings.

Figure 16: Configuration Package Publication
Configuration Package Publication

The primary server maintains a list of the replica servers that have registered with it. The primary server uses this list to track which servers to notify after it publishes an updated configuration package to resynchronize the configuration of replica servers.

If the primary server needs to be taken out of service, the network administrator promotes one of the replica servers to be the new primary server. Thereafter, the other replica servers copy the configuration package from the promoted primary server.