[tac_plus] tac_plus problem
Rui Vitor Figueiras Meireles
rui-f-meireles at telecom.pt
Tue Aug 10 15:20:59 UTC 2010
Hi there. I've been using your release of tac_plus (F4.0.4.19) because it has ACLs (the others I found didn't have).
I'm using authentication, authorization and accounting. The authorization part generates lots of log entries, because we have a server that constantly connects automatically to several routers at a time and enters several commands on them. And each command must be authorized by the tacacs+ server...
I've been having lots of errors, there are times when the communication between the router and the tacacs+ server fails.
Here are the router logs:
RP/0/RSP0/CPU0:Aug 10 04:42:09.489 : tacacsd[386]: %SECURITY-TACACSD-6-SERVER_DOWN : TACACS+ server 10.175.255.114/49 is DOWN - Resource temporarily unavailable
Here are the tac_plus logs:
Tue Aug 10 04:42:09 2010 [664]: session.peerip is 10.181.0.1
Tue Aug 10 04:42:09 2010 [12126]: connect from 10.181.0.1 [10.181.0.1]
Tue Aug 10 04:42:09 2010 [12126]: 10.181.0.1 : fd 2 eof (connection closed)
Tue Aug 10 04:42:09 2010 [12126]: Read -1 bytes from 10.181.0.1 , expecting 12
This happens once every other hour, in every router. So I have dozens of errors like these each day.
Could it be that tac_plus can only handle a certain number of connections? What could this be?
I'd be most thankful if you could help me here.
Best Regards,
Rui Meireles
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.shrubbery.net/pipermail/tac_plus/attachments/20100810/50eba1d4/attachment.html>
More information about the tac_plus
mailing list