Application Delivery (ADX)

Reply
Contributor
Posts: 35
Registered: ‎05-04-2009

Is it possible to monitor the health of radius server with the ServerIron?

RADIUS is a vital part of our authentication infrastructure. I would like to use radius server load balancing to ensure the service is as fast and as reliable as possible. Is it possible to do an application health check / layer 7 health check for radius servers?

Super Contributor
Posts: 316
Registered: ‎05-01-2009

Re: Is it possible to monitor the health of radius server with the ServerIron?

It is no problem to monitor radius servers using radius health checks. The ServerIron is able to send authentication requests to the radius servers to validate their availability. Out of the documentation:


RADIUS

The ServerIron sends an authentication request with a user name, password, and key to the RADIUS server. The account information does not need to be valid for the server to pass the health check. In fact, to prevent someone from learning account information by observing the ServerIron’s RADIUS health check, Foundry Networks recommends you use invalid information.

If the server replies with the result code “ACCEPT” or “REJECT, the ServerIron considers the port to be ok and marks it ACTIVE.

If the server does not reply or the server Sends an ICMP “Destination Unreachable” message, the ServerIron retries the health check up to the number of times configured (the default is two retries). If the server still does not reply with “ACCEPT” or ”REJECT”, the ServerIron marks the RADIUS port FAILED and removes the server from rotation for RADIUS services.

Configuring RADIUS Health Check Values

You can define the RADIUS parameters that the ServerIron sends to a RADIUS application port in the Layer 7 health check. The RADIUS health check requests a specific user name, password, and authentication key from the RADIUS server. To specify these values, use one of the following methods.

To configure the parameters for a RADIUS health check, enter commands such as the following at the Real Server level of the CLI:

ServerIron(config-rs-rocket)#port radius username evil

ServerIron(config-rs-rocket)#port radius password woody

ServerIron(config-rs-rocket)#port radius key laser

Syntax: port radius username <string>

Syntax: port radius password <string>

Syntax: port radius key <string>

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook