HP 10500 Series Configuration Manual page 36

If the quiet timer of a server expires or an authentication or accounting response is received from
the server, the status of the server changes back to active automatically, but the device does not
check the server again during the authentication or accounting process.
If no server is found reachable during one search process, the device considers the authentication
or accounting attempt a failure.
Once the accounting process of a user starts, the device keeps sending the user's real-time
•
accounting requests and stop-accounting requests to the same accounting server. If you remove the
accounting server, real-time accounting requests and stop-accounting requests for the user cannot
be delivered to the server anymore.
If you remove an authentication or accounting server in use, communication of the device with the
•
server soon times out, and the device looks for a server in active state from scratch. It first checks the
primary server and then the secondary servers in the order they are configured.
• When the primary server and secondary servers are all in blocked state, the device communicates
with the primary server. If the primary server is available, its status changes to active. Otherwise, its
status remains as blocked.
If one server is in active state and all others are in blocked state, the device only tries to
•
communicate with the server in active state, even if the server is unavailable.
After receiving an authentication/accounting response from a server, the device changes the status
•
of the server identified by the source IP address of the response to active if the current status of the
server is blocked.
The device does not change the status of an unreachable authentication or accounting server if the quiet
timer of the servers is set to 0. Instead, the device keeps the server status as active and sends
authentication or accounting packets to another server in active state, so that subsequent authentication
or accounting packets can still be sent to the server. For more information about the quiet timer, see
"Setting RADIUS timers."
By default, the device sets the status of all RADIUS servers to active. In some cases, however, you may
have to change the status of a server. For example, if a server fails, you can change the status of the
server to blocked to avoid communication attempts to the server.
The server status set by the state command cannot be saved to the configuration file. After the device
restarts, the status of each server is restored to active. To display the states of the servers, use the display
radius scheme command.
To set the status of RADIUS servers in a RADIUS scheme:
Step
1. Enter system view.
2. Enter RADIUS scheme view.
Command
system-view
radius scheme radius-scheme-name
26
Remarks
N/A
N/A