3.38.1. Failure algorithm Previous topic Parent topic Child topic Next topic

AuthBy RADIUS implements a configurable algorithm to detect failed RADIUS hosts, and to temporarily disregard failed hosts. The algorithm uses the MaxFailedRequests, MaxFailedGraceTime and FailureBackoffTime parameters to customise the operation of the algorithm. It also uses KeepaliveTimeout and UseStatusServerForFailureDetect in order to use only Status-Server requests for failure detection, instead of any request.
AuthBy RADIUS initially assumes that each Host is not failed. After a request is sent to a RADIUS server, if no reply is received after the ReplyTimeout, it is reset up to Retries times. If there is still no reply, that request is deemed to have failed for that Host. AuthBy RADIUS keeps track of how many consecutive requests failed for each Host since the last time a reply was heard from that Host. If more than MaxFailedRequests consecutive requests are deemed to have failed within MaxFailedGraceTime seconds of that last reply heard from that Host, that Host is deemed to have failed.
When the Host is deemed to be failed, AuthBy RADIUS will not attempt to send any requests to it until FailureBackoffTime seconds have elapsed. It will also skip sending requests to that host, and will instead attempt to send to the next Host in its list of Hosts (if any).
The default values for these parameters are:
Retries 3
RetryTimeout 5
MaxFailedRequests 1
MaxFailedGraceTime 0
FailureBackoffTime 0
These values mean that by default AuthBy RADIUS will declare the Host failed after a 3 retries packet transmission failure, but that it will always try to transmit the next request to the Host. This means that AuthBy RADIUS will always try to send every request to the first Host, and if nothing is heard from that Host within (Retries * Retry-Timeout) seconds, it will attempt to send to the next Host.
Judicious use of these parameters allows you to implement a RADIUS Host fallback policy, where if one RADIUS Host fails to respond to requests, then it will automatically temporarily fall back to the next RADIUS Host and so on.