Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation  Back up to About Overview 
[+] Expand All
[-] Collapse All

Configuring UDP Ports for RADIUS Plug-Ins (SRC CLI)

In RADIUS packets that RADIUS plug-ins send to a RADIUS server, the plug-in uses an identifier field to match requests to replies. This field provides for a maximum of 256 identifiers. Once all identifiers are used, the plug-in cannot send any more requests until it receives replies that match the requests already sent. In high-load systems, this limit can slow performance.

To overcome this limitation, you can configure a pool of UDP ports for RADIUS plug-ins. Having a pool of ports allows RADIUS plug-ins to create one queue per port to wait for RADIUS replies. Each queue can wait for 256 RADIUS packets. The RADIUS plug-ins send RADIUS packets through the pool of ports in a round-robin mode.

You can configure a global source UDP port or pool of ports that RADIUS plug-ins use to communicate with RADIUS servers. You can also configure UDP ports for each plug-in instance. If you do not configure a UDP port for a plug-in instance, the plug-in uses the global UDP port.

Use the following configuration statement to configure global configuration ports:

shared sae configuration global-radius-udp-port { udp-port; }

To configure global UDP ports:

  1. From configuration mode, access the global RADIUS UDP port configuration. In this sample procedure, the UDP port is configured in the west-region SAE group.
    user@host# edit shared sae group west-region configuration global-radius-udp-port
  2. Configure the source UDP port or a pool of ports that RADIUS plug-ins use to communicate with RADIUS servers.
    [edit shared sae group west-region configuration global-radius-udp-port] user@host# set udp-port

Related Documentation

Modified: 2017-08-03