<div id="yiv9827625141">
<div id="yui_3_7_2_1_1378352280459_10290">
<div style="BACKGROUND-COLOR:#fff;FONT-FAMILY:Courier New,courier,monaco,monospace,sans-serif;COLOR:#000;FONT-SIZE:12pt" id="yui_3_7_2_1_1378352280459_10289">
<div id="yui_3_7_2_1_1378352280459_10350">Dear Sir/Madam,</div>
<div id="yui_3_7_2_1_1378352280459_10288"> </div>
<div id="yui_3_7_2_1_1378352280459_10346">Grateful for your help in advance.</div>
<div id="yui_3_7_2_1_1378352280459_10292"> </div>
<div id="yui_3_7_2_1_1378352280459_10293">I have installed TACACS+ daemon (version F4.0.4.26 with basic configuration) on a HP server (HP ProLiant DL320 G5P operating on Red Hat Enterprise Linux 5.9, Kernel: 2.6.18-348.3.1.el5PAE i686).</div>
<div id="yui_3_7_2_1_1378352280459_10319"> </div>
<div id="yui_3_7_2_1_1378352280459_10294">My Alcatel-Lucent routers and LAN switches frequently report TACACS+ service is UP and then DOWN (30+ times per hour). Below are some of the syslog messages.</div>
<blockquote style="MARGIN-RIGHT:0px" dir="ltr" id="yui_3_7_2_1_1378352280459_10297">
<blockquote style="MARGIN-RIGHT:0px" dir="ltr" id="yui_3_7_2_1_1378352280459_10296">
<div id="yui_3_7_2_1_1378352280459_10362">>>></div>
<div id="yui_3_7_2_1_1378352280459_10295">Sep 3 10:00:16 xx.yy.kk.1 xx.yy.kk.1 NEWTESTNET: 688680 Base SECURITY-MINOR-tacplusInetSrvrOperStatusChange-2025 [tacplus server 2]: TACACS+ server xx.yy.zz.59 operational status changed to down. <br>
Sep 3 10:00:31 xx.yy.kk.1 xx.yy.kk.1 NEWTESTNET: 688703 Base SECURITY-MINOR-tacplusInetSrvrOperStatusChange-2025 [tacplus server 2]: TACACS+ server xx.yy.zz.59 operational status changed to down. <br>Sep 3 10:01:39 xx.yy.kk.1 xx.yy.kk.1 NEWTESTNET: 688713 Base SECURITY-MINOR-tacplusInetSrvrOperStatusChange-2025 [tacplus server 2]: TACACS+ server xx.yy.zz.59 operational status changed to down. <br>
Sep 3 10:02:33 xx.yy.kk.1 xx.yy.kk.1 NEWTESTNET: 688727 Base SECURITY-MINOR-tacplusInetSrvrOperStatusChange-2025 [tacplus server 2]: TACACS+ server xx.yy.zz.59 operational status changed to down. </div>
<div id="yui_3_7_2_1_1378352280459_10361">>>></div></blockquote></blockquote>
<div id="yui_3_7_2_1_1378352280459_10360">May I have queries below. </div>
<div id="yui_3_7_2_1_1378352280459_10359"><strong id="yui_3_7_2_1_1378352280459_10358"></strong> </div>
<blockquote style="MARGIN-RIGHT:0px" dir="ltr">
<blockquote style="MARGIN-RIGHT:0px" dir="ltr">
<div><strong>1. Why my Alcatel-Lucent routers and LAN switches frequently report the <var id="yiv9827625141yui-ie-cursor"></var>TACACS+ service is UP and then DOWN (30+ times per hour)?</strong></div>
<div id="yui_3_7_2_1_1378352280459_10354"><strong id="yui_3_7_2_1_1378352280459_10353">2. Do Alcatel-Lucent routers and LAN switches have any compatibility issue with TACACS+ daemon? If yes, any workaround or fix?</strong></div>
<div><strong>3. How to show/verify that TACACS+ daemon is running normally without interruption to my network devices? Can tac_plus "debug" help?</strong></div>
<div><strong>4. Is below pattern of tac_plus connections (i.e. 3 times in 4 seconds) plausible although noboby or no job tried to login with tac_plus?</strong></div></blockquote></blockquote>
<div>"debug" of tac_plus was turned on. Below is the tac_plus command:<br> /var/tacp/tac_plus -C /var/tacp/tac_plus.conf -d 65536 4</div>
<div> </div>
<div>As a result, tac_plus log and syslog messages related to one of my Alcatel-Lucent router (IP address: x.y.z.81) are attached below.</div>
<blockquote style="MARGIN-RIGHT:0px" dir="ltr" id="yui_3_7_2_1_1378352280459_10365">
<blockquote style="MARGIN-RIGHT:0px" dir="ltr" id="yui_3_7_2_1_1378352280459_10364">
<div id="yui_3_7_2_1_1378352280459_10363">tac_plus log:<br>...<br>Wed Sep 4 14:54:44 2013 [12753]: connect from x.y.z.81 [x.y.z.81]<br>Wed Sep 4 14:54:44 2013 [12753]: x.y.z.81: exception on fd 1<br>Wed Sep 4 14:54:44 2013 [12753]: Read -1 bytes from x.y.z.81 , expecting 12<br>
Wed Sep 4 14:55:14 2013 [12832]: connect from x.y.z.81 [x.y.z.81]<br>Wed Sep 4 14:55:14 2013 [12832]: x.y.z.81: exception on fd 1<br>Wed Sep 4 14:55:14 2013 [12832]: Read -1 bytes from x.y.z.81 , expecting 12<br>Wed Sep 4 14:55:44 2013 [12848]: connect from x.y.z.81 [x.y.z.81]<br>
Wed Sep 4 14:55:44 2013 [12848]: x.y.z.81: exception on fd 1<br>Wed Sep 4 14:55:44 2013 [12848]: Read -1 bytes from x.y.z.81 , expecting 12<br>...<br>Wed Sep 4 15:02:10 2013 [13458]: connect from x.y.z.81 [x.y.z.81]<br>
Wed Sep 4 15:02:11 2013 [13460]: connect from x.y.z.81 [x.y.z.81]<br>Wed Sep 4 15:02:14 2013 [13469]: connect from x.y.z.81 [x.y.z.81]<br>Wed Sep 4 15:02:16 2013 [13469]: x.y.z.81: exception on fd 1<br>Wed Sep 4 15:02:16 2013 [13469]: Read -1 bytes from x.y.z.81 , expecting 12</div>
<div style="BACKGROUND-COLOR:transparent;FONT-STYLE:normal;FONT-FAMILY:Courier New,courier,monaco,monospace,sans-serif;COLOR:rgb(0,0,0);FONT-SIZE:16px"> </div>
<div>syslog:<br>Sep 4 15:02:14 x.y.z.81 x.y.z.81 NEWTESTNET: 271981 Base SECURITY-MINOR-tacplusInetSrvrOperStatusChange-2025 [tacplus server 2]: TACACS+ server x.y.p.59 operational status changed to down. </div></blockquote>
</blockquote>
<div id="yui_3_7_2_1_1378352280459_10367"> </div>
<div id="yui_3_7_2_1_1378352280459_10366">Thanks<br>Bennie<br></div></div></div></div>