Using radius snooping – Nortel Networks WEB OS 212777 User Manual

Page 160

Advertising
background image

Web OS 10.0 Application Guide

160

n

Chapter 6: Server Load Balancing

212777-A, February 2002

Using RADIUS Snooping

Radius snooping allows the Alteon Web switch to examine RADIUS accounting packets for
client information. This information is needed to add to or delete static session entries to the
session table of the switch so that it can perform the required persistency for load balancing. A
static session entry does not age out. Such an entry, added using RADIUS Snooping, will only
be deleted using RADIUS Snooping. The switch load balances both the RADIUS and WAP
gateway traffic using the same virtual server IP address.

How WAP SLB Works Using RADIUS Snooping

Before the RAS allows the WAP traffic for a user to pass in and out of the gateway, it sends a

RADIUS Accounting Start

message to one of the RADIUS Servers. The switch then

snoops on the packet to extract the information it needs. It needs to know the type of the
RADIUS

Accounting

message, the client IP address, the caller ID, and the user’s name. If it

finds this information, the switch adds a session entry to its session table. If any of this infor-
mation is missing, the switch will not take any action to handle the session entry.

When the client ends the WAP connection, RAS sends

RADIUS Accounting Stop

packet. If the switch finds the needed information in a

RADIUS Accounting Stop

packet,

it removes the corresponding session entry from its table. The following steps occur for
RADIUS snooping:

1.

The user is authenticated on dialing.

2.

The RAS establishes a session with the client and sends a RADIUS Accounting Start mes-
sage with the client IP address to the RADIUS server.

3.

The switch snoops on the RADIUS accounting packet and adds a session entry if it finds
enough information in the packet.

4.

The switch load balances the WAP traffic to a specific WAP gateway.

5.

When the client terminates the session, the RAS sends an Accounting Stop message to the
RADIUS server, and the session entry is deleted from the switch.

Advertising
Popular Brands
Popular manuals