Cisco Systems XR manual Radius-server dead-criteria tries, SR-37

Page 37

Authentication, Authorization, and Accounting Commands on Cisco IOS XR Software

radius-server dead-criteria tries

radius-server dead-criteria tries

To specify the number of consecutive timeouts that must occur on the router before the RADIUS server is marked as dead, use the radius-serverdead-criteria tries command in global configuration mode. To disable the criteria that were set, use the no form of this command.

radius-server dead-criteria tries tries

no radius-server dead-criteria tries tries

Syntax Description

 

tries

Number of timeouts from 1 to 100. If the tries argument is not configured, the number

 

 

 

of consecutive timeouts ranges from 10 to 100, depending on the transaction rate of the

 

 

 

server and the number of configured retransmissions.

 

 

 

Note The tries criterion must be met for the server to be marked as dead.

 

 

 

 

 

 

 

Defaults

 

If the tries argument is not configured, the number of consecutive timeouts ranges from 10 to 100,

 

 

depending on the transaction rate of the server and the number of configured retransmissions.

Command Modes

Command History

Global configuration

Release

Modification

Release 3.3.0

This command was introduced on the Cisco CRS-1 and

 

Cisco XR 12000 Series Router.

 

 

Usage Guidelines To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

If the server performs both authentication and accounting, both types of packet are included in the number. Improperly constructed packets are counted as though they were timeouts. All transmissions, including the initial transmit and all retransmits, are counted.

Note If you configure the radius-server dead-criteria tries command before the radius-server deadtime command, the radius-server dead-criteria tries command may not be enforced.

If the tries argument is not indicated, the number of tries is set to the default.

Task ID

Task ID

Operations

 

aaa

read, write

 

 

 

Cisco IOS XR System Security Command Reference

SR-37

Page 36 Page 38
Image 37
Page 36 Page 38
Contents SR-1 SR-2 Aaa accountingAaa Read, write Creates a method list to be used for authorizationSR-3 SR-4 Aaa accounting system defaultCreates a method list for authorization Creates a method list for authenticationSR-5 SR-6 Aaa authenticationCreates a method list for accounting Radius, group named-group,local, or line optionsSR-7 SR-8 Command DescriptionNetwork Aaa authorizationLocal SR-9SR-10 SR-11 Which specifies that TACACS+ authorization is usedSR-12 Aaa default-taskgroupSR-13 Aaa group server radiusSR-14 Comprises three member serversSR-15 Aaa group server tacacs+SR-16 Accounting Aaa accounting commandSR-17 SR-18 List named listname2 on a line template named configureAuthorization command AuthorizationSR-19 SR-20 Listname4 on a line template named configureDeadtime minutes no deadtime Deadtime server-group configurationSR-21 SR-22 Related Commands DescriptionDescription string No description Description AAASR-23 SR-24 TaskgroupSR-25 GroupSR-26 Task ID ExamplesSR-27 Inherit taskgroupSR-28 Inherit usergroup usergroup-name Inherit usergroupSR-29 SR-30 Sales user groupAuthentication login command Login authenticationSR-31 SR-32 Password 0 7 password No password 0 7 password Password AAASR-33 SR-34 SR-35 Radius-server dead-criteria timeSR-36 SR-37 Radius-server dead-criteria triesSR-38 Dead-criteria timeRadius-server deadtime minutes No radius-server deadtime Radius-server deadtimeSR-39 SR-40 Radius-server host Timeout secondsRetransmit retries SR-41SR-42 SR-43 SR-44 Radius-server keySR-45 Specifies a Radius server hostSR-46 Radius-server retransmitRadius-server timeout seconds No radius-server timeout Radius-server timeoutSR-47 SR-48 Radius source-interfaceSR-49 Outgoing Radius packetsSecret 0 5 secret no secret 0 5 secret SecretSR-50 SR-51 SR-52 Server RadiusSR-53 SR-54 Server TACACS+SR-55 Groups different TACACS+ server hosts into distinct listsSR-56 Show aaaAaa usergroup operator SR-57SR-58 SR-59 Displays task IDs enabled for the currently logged-in userShow radius If no radius servers are configured, no output is displayedShow radius SR-60SR-61 Field DescriptionShow radius accounting Show radius accountingSR-62 SR-63 Show radius authenticationShow radius authentication Show radius authenticationSR-64 SR-65 Show radius accountingShow radius client Show radius clientSR-66 SR-67 SR-68 Show radius dead-criteriaSR-69 Show radius server-groups No default behavior or valuesShow radius server-groups SR-70SR-71 Field DescriptionShow tacacs Show tacacsSR-72 SR-73 Show tacacs server-groups Show tacacs server-groupsSR-74 SR-75 Show task supported Show task supportedSR-76 Ouni pkg-mgmt pos-dpt ppp SR-77SR-78 Show userUser all SR-79SR-80 SR-81 SR-82 Tacacs-server hostSR-83 Tacacs-server key key-nameno tacacs-server key Tacacs-server keySR-84 SR-85 Specifies a TACACS+ hostTacacs-server timeout seconds No tacacs-server timeout Tacacs-server timeoutSR-86 SR-87 Tacacs source-interfaceSR-88 Aaa group server radiusWrite TaskExecute DebugSR-90 SR-91 TaskgroupAdds a task ID to a task group Creates a task group description in task configuration modeSR-92 SR-93 Timeout login responseSR-94 Enables AAA authentication for loginsSR-95 UsergroupSR-96 Creates a description of a task group during configurationSR-97 UsernameCreates a login password for a user Defines a method list for authenticationAdds a user to a group SR-98SR-99 Users groupSR-100 Given operator privileges
Top Page Image Contents