General RADIUS statistics

Syntax:


show radius [host <ip-addr>]

Shows general RADIUS configuration, including the server IP addresses. Optional form shows data for a specific RADIUS host. To use show radius, the server's IP address must be configured in the switch, which. requires prior use of the radius-server host command. See Accounting services for more information.

General RADIUS information from show radius command

switch# show radius

 Status and Counters - General RADIUS Information

  Deadtime(min) : 5
  Timeout(secs) : 10
  Retransmit Attempts : 2
  Global Encryption Key : myg10balkey
  Dynamic Authorization UDP Port : 3799
  Source IP Selection : Outgoing Interface

                  Auth Acct DM/ Time
  Server IP Addr  Port Port CoA Window Encryption Key  OOBM
  --------------- ---- ---- --- ------ --------------  ----
  192.33.12.65    1812 1813 No  300    my65key         No

OOBM information is displayed only for switches that support OOBM.

RADIUS server information from the show radius host command

switch(config)# show radius host 192.33.12.65

 Status and Counters - RADIUS Server Information

  Server IP Addr : 192.33.12.65
  Authentication UDP Port : 1812    Accounting UDP Port  : 1813
  Round Trip Time         : 2       Round Trip Time      : 7
  Pending Requests        : 0       Pending Requests     : 0
  Retransmissions         : 0       Retransmissions      : 0
  Timeouts                : 0       Timeouts             : 0
  Malformed Responses     : 0       Malformed Responses  : 0
  Bad Authenticators      : 0       Bad Authenticators   : 0
  Unknown Types           : 0       Unknown Types        : 0
  Packets Dropped         : 0       Packets Dropped      : 0
  Access Requests         : 2       Accounting Requests  : 2
  Access Challenges       : 0       Accounting Responses : 2
  Access Accepts          : 0
  Access Rejects          : 0
Table 14: Values for show radius host output

Term

Definition

Round Trip Time

The time interval between the most recent Accounting-Response and the Accounting-Request that matched it from this RADIUS accounting server.

Pending Requests

The number of RADIUS Accounting-Request packets sent to this server that have not yet timed out or received a response. This variable is incremented when an accounting-Request is sent and decremented due to receipt of an Accounting-Response, a timeout or a retransmission.

Retransmissions

The number of RADIUS Accounting-Request packets retransmitted to this RADIUS accounting server. Retransmissions include retries where the Identifier and Acct-Delay have been updated, as well as those in which they remain the same.

Timeouts

The number of accounting timeouts to this server. After a timeout the client may retry to the same server, send to a different server, or give up. A retry to the same server is counted as a retransmit as well as a timeout. A send to a different server is counted as an Accounting-Request as well as a timeout.

Malformed Responses

The number of malformed RADIUS Accounting-Response packets received from this server. Malformed packets include packets with an invalid length. Bad authenticators and unknown types are not included as malformed accounting responses.

Bad Authenticators

The number of RADIUS Accounting-Response packets which contained invalid authenticators received from this server.

Unknown Types

The number of RADIUS packets of unknown type which were received from this server on the accounting port.

Packets Dropped

The number of RADIUS packets which were received from this server on the accounting port and dropped for some other reason.

Access Requests

The number of RADIUS Access-Requests the switch has sent since it was last rebooted. (Does not include retransmissions.)

Accounting Requests

The number of RADIUS Accounting-Request packets sent. This does not include retransmissions.

Access Challenges

The number of RADIUS Access-Challenge packets (valid or invalid) received from this server.

Access Accepts

The number of RADIUS Access-Accept packets (valid or invalid) received from this server.

Access Rejects

The number of RADIUS Access-Reject packets (valid or invalid) received from this server.

Responses

The number of RADIUS packets received on the accounting port from this server.