RADIUS Authentication Retransmission Algorithm
There are three RADIUS authentication algorithms:
- Standard – RADIUS authentication always uses the primary (lowest server ID) RADIUS server if it is reachable. If a network outage occurs or server capacity is exceeded, secondary RADIUS servers are used. The standard RADIUS authentication algorithm is appropriate when multiple RADIUS servers are used for redundancy as opposed to a scaled provisioning environment.
- Round Robin – RADIUS authentications are evenly spread across servers, allowing the load balancing of a large number of authentications across all available RADIUS servers. If a given server goes down, only sessions associated with that server are affected.
- Sticky Round Robin – RADIUS attempts to use the same RADIUS server for any given authentication session, but uses round robin assigning a RADIUS server to each unique authentication session. The sticky round robin algorithm is appropriate for devices that support a limited number of sessions such as the Extreme Network Access Controller (NAC).
The RADIUS authentication algorithm setting defaults to standard. Use the set radius algorithm command to set RADIUS authentication algorithm globally on the device.