Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configuring UDP Ports for RADIUS Plug-Ins (SRC CLI)

    In RADIUS packets that RADIUS plug-ins send to a RADIUS server, the plug-in uses an identifier field to match requests to replies. This field provides for a maximum of 256 identifiers. Once all identifiers are used, the plug-in cannot send any more requests until it receives replies that match the requests already sent. In high-load systems, this limit can slow performance.

    To overcome this limitation, you can configure a pool of UDP ports for RADIUS plug-ins. Having a pool of ports allows RADIUS plug-ins to create one queue per port to wait for RADIUS replies. Each queue can wait for 256 RADIUS packets. The RADIUS plug-ins send RADIUS packets through the pool of ports in a round-robin mode.

    You can configure a global source UDP port or pool of ports that RADIUS plug-ins use to communicate with RADIUS servers. You can also configure UDP ports for each plug-in instance. If you do not configure a UDP port for a plug-in instance, the plug-in uses the global UDP port.

    Use the following configuration statement to configure global configuration ports:

    shared sae configuration global-radius-udp-port { udp-port; }

    To configure global UDP ports:

    1. From configuration mode, access the global RADIUS UDP port configuration. In this sample procedure, the UDP port is configured in the west-region SAE group.
      user@host# edit shared sae group west-region configuration global-radius-udp-port
    2. Configure the source UDP port or a pool of ports that RADIUS plug-ins use to communicate with RADIUS servers.
      [edit shared sae group west-region configuration global-radius-udp-port] user@host# set udp-port

    Modified: 2016-12-29