H3C Technologies H3C WX3000E Series Wireless Switches User Manual
Page 447
431
•
Accounting for FTP users is not supported.
•
If you remove the accounting server used for online users, the device cannot send real-time
accounting requests and stop-accounting messages for the users to the server, and the
stop-accounting messages are not buffered locally.
•
The status of RADIUS servers (blocked or active) determines which servers the device will
communicate with or turn to when the current servers are not available. In practice, you can specify
one primary RADIUS server and multiple secondary RADIUS servers, with the secondary servers
that function as the backup of the primary servers. Generally, the device chooses servers based on
these rules:
When the primary server is in active state, the device communicates with the primary server. If
the primary server fails, the device changes the state of the primary server to blocked, starts a
quiet timer for the server, and turns to a secondary server in active state (a secondary server
configured earlier has a higher priority). If the secondary server is unreachable, the device
changes the state of the secondary server to blocked, starts a quiet timer for the server, and
continues to check the next secondary server in active state. This search process continues until
the device finds an available secondary server or has checked all secondary servers in active
state. If the quiet timer of a server expires or an authentication or accounting response is
received from the server, the status of the server changes back to active automatically, but the
device does not check the server again during the authentication or accounting process. If no
server is found reachable during one search process, the device considers the authentication or
accounting attempt a failure.
Once the accounting process of a user starts, the device keeps sending the user's real-time
accounting requests and stop-accounting requests to the same accounting server. If you remove
the accounting server, real-time accounting requests and stop-accounting requests for the user
cannot be delivered to the server any more.
If you remove an authentication or accounting server in use, the communication of the device
with the server will soon time out, and the device will look for a server in active state from
scratch: it checks the primary server (if any) first and then the secondary servers in the order
they are configured.
When the primary server and secondary servers are all in blocked state, the device
communicates with the primary server. If the primary server is available, its statues changes to
active. Otherwise, its status remains to be blocked.
If one server is in active state but all the others are in blocked state, the device only tries to
communicate with the server in active state, even if the server is unavailable.
After receiving an authentication/accounting response from a server, the device changes the
status of the server identified by the source IP address of the response to active if the current
status of the server is blocked.
•
It is a good practice to u
se the recommended real-time accounting intervals listed in
.
Table 142 Recommended real-time accounting intervals
Number of users
Real-time accounting interval (in minutes)
1 to 99
3
100 to 499
6
500 to 999
12
≥1000
≥15