Configuring periodic MAC reauthentication
Restrictions and guidelines
The device selects a periodic reauthentication timer for MAC reauthentication in the following order:
Server-assigned reauthentication timer.
Port-specific reauthentication timer.
Global reauthentication timer.
Default reauthentication timer.
Procedure
Enter system view.
system-view
Set the periodic MAC reauthentication timer.
Set a global periodic reauthentication timer.
mac-authentication timer reauth-period reauth-period-value
The default setting is 3600 seconds.
Execute the following commands in sequence to set a port-specific periodic reauthentication timer:
interface interface-type interface-number
mac-authentication timer reauth-period reauth-period-value
quit
By default, no periodic MAC reauthentication timer is set on a port. The port uses the global periodic MAC reauthentication timer.
Enter interface view.
interface interface-type interface-number
Enable periodic MAC reauthentication.
mac-authentication re-authenticate
By default, periodic MAC reauthentication is disabled on a port.
(Optional.) Enable the keep-online feature for authenticated MAC authentication users on the port.
mac-authentication re-authenticate server-unreachable keep-online
By default, the keep-online feature is disabled. The device logs off online MAC authentication users if no server is reachable for MAC reauthentication.
In a fast-recovery network, you can use the keep-online feature to prevent MAC authentication users from coming online and going offline frequently.