|
ru.cisco
- RU.CISCO ---------------------------------------------------------------------
From : Eugene Grosbein 2:5006/1 18 Sep 2002 10:12:21
To : All
Subject : длинная авторизация
--------------------------------------------------------------------------------
После апгрейда IOS на 2511 с 11.2 до 12.2(10b) авторизация диалапщиков
стала длиться до 7 секунд, что вызывает жесткие глюки у Win95 & co.
Похоже, вместо пяти запросов к tacacs+ кошка теперь делает семь,
причем если раньше все это пролетало за две-три секунды максимум,
то теперь между запросами ощутимые задержки. Может, чего подкрутить надо?
Hа всяких случай вот лог одного подключения.
Sep 18 02:28:10 gw-c-1 103290: 1w1d: AAA/MEMORY: free_user_quiet (0x6B6A78)
user='NULL' ruser='NULL' port='tty3' rem_addr='async' authen_type=1 service=1
priv=1
Sep 18 02:28:10 gw-c-1 103291: 1w1d: AAA: parse name=tty3 idb type=10 tty=3
Sep 18 02:28:10 gw-c-1 103292: 1w1d: AAA: name=tty3 flags=0x11 type=4 shelf=0
slot=0 adapter=0 port=3 channel=0
Sep 18 02:28:10 gw-c-1 103293: 1w1d: AAA/MEMORY: create_user (0x6B6A78)
user='NULL' ruser='NULL' ds0=-1 port='tty3' rem_addr='async' authen_type=ASCII
service=LOGIN priv=1 initial_task_id='0'
Sep 18 02:28:10 gw-c-1 103294: 1w1d: AAA/AUTHEN/START (3800861032): port='tty3'
list='' action=LOGIN service=LOGIN
Sep 18 02:28:10 gw-c-1 103295: 1w1d: AAA/AUTHEN/START (3800861032): using
"default" list
Sep 18 02:28:10 gw-c-1 103296: 1w1d: AAA/AUTHEN/START (3800861032):
Method=tacacs+ (tacacs+)
Sep 18 02:28:10 gw-c-1 103297: 1w1d: TAC+: send AUTHEN/START packet ver=192
id=3800861032
Sep 18 02:28:11 gw-c-1 103298: 1w1d: TAC+: ver=192 id=3800861032 received AUTHEN
status = GETUSER
Sep 18 02:28:11 gw-c-1 103299: 1w1d: AAA/AUTHEN (3800861032): status = GETUSER
Sep 18 02:28:11 gw-c-1 103300: 1w1d: AAA/AUTHEN/CONT (3800861032):
continue_login (user='(undef)')
Sep 18 02:28:11 gw-c-1 103301: 1w1d: AAA/AUTHEN (3800861032): status = GETUSER
Sep 18 02:28:11 gw-c-1 103302: 1w1d: AAA/AUTHEN (3800861032): Method=tacacs+
(tacacs+)
Sep 18 02:28:11 gw-c-1 103303: 1w1d: TAC+: send AUTHEN/CONT packet id=3800861032
Sep 18 02:28:12 gw-c-1 103304: 1w1d: TAC+: ver=192 id=3800861032 received AUTHEN
status = GETPASS
Sep 18 02:28:12 gw-c-1 103305: 1w1d: AAA/AUTHEN (3800861032): status = GETPASS
Sep 18 02:28:12 gw-c-1 103306: 1w1d: AAA/AUTHEN/CONT (3800861032):
continue_login (user='D30069')
Sep 18 02:28:12 gw-c-1 103307: 1w1d: AAA/AUTHEN (3800861032): status = GETPASS
Sep 18 02:28:12 gw-c-1 103308: 1w1d: AAA/AUTHEN (3800861032): Method=tacacs+
(tacacs+)
Sep 18 02:28:12 gw-c-1 103309: 1w1d: TAC+: send AUTHEN/CONT packet id=3800861032
Sep 18 02:28:12 gw-c-1 103310: 1w1d: TAC+: ver=192 id=3800861032 received AUTHEN
status = PASS
Sep 18 02:28:12 gw-c-1 103311: 1w1d: AAA/AUTHEN (3800861032): status = PASS
Sep 18 02:28:12 gw-c-1 103312: 1w1d: As3 AAA/AUTHOR/EXEC (1176295869):
Port='tty3' list='' service=EXEC
Sep 18 02:28:12 gw-c-1 103313: 1w1d: AAA/AUTHOR/EXEC: As3 (1176295869)
user='D30069'
Sep 18 02:28:12 gw-c-1 103314: 1w1d: As3 AAA/AUTHOR/EXEC (1176295869): send AV
service=shell
Sep 18 02:28:12 gw-c-1 103315: 1w1d: As3 AAA/AUTHOR/EXEC (1176295869): send AV
cmd*
Sep 18 02:28:12 gw-c-1 103316: 1w1d: As3 AAA/AUTHOR/EXEC (1176295869): found
list "default"
Sep 18 02:28:12 gw-c-1 103317: 1w1d: As3 AAA/AUTHOR/EXEC (1176295869):
Method=tacacs+ (tacacs+)
Sep 18 02:28:12 gw-c-1 103318: 1w1d: AAA/AUTHOR/TAC+: (1176295869): user=D30069
Sep 18 02:28:12 gw-c-1 103319: 1w1d: AAA/AUTHOR/TAC+: (1176295869): send AV
service=shell
Sep 18 02:28:12 gw-c-1 103320: 1w1d: AAA/AUTHOR/TAC+: (1176295869): send AV cmd*
Sep 18 02:28:12 gw-c-1 103321: 1w1d: TAC+: (1176295869): received author
response status = PASS_ADD
Sep 18 02:28:13 gw-c-1 103322: 1w1d: As3 AAA/AUTHOR (1176295869): Post
authorization status = PASS_ADD
Sep 18 02:28:13 gw-c-1 103323: 1w1d: AAA/AUTHOR/EXEC: Processing AV
service=shell
Sep 18 02:28:13 gw-c-1 103324: 1w1d: AAA/AUTHOR/EXEC: Processing AV cmd*
Sep 18 02:28:13 gw-c-1 103325: 1w1d: AAA/AUTHOR/EXEC: Processing AV autocmd=ppp
0.0.0.0
Sep 18 02:28:13 gw-c-1 103326: 1w1d: AAA/AUTHOR/EXEC: Authorization successful
Sep 18 02:28:13 gw-c-1 103327: 1w1d: As3 AAA/AUTHOR/PPP (3921645537):
Port='tty3' list='' service=NET
Sep 18 02:28:13 gw-c-1 103328: 1w1d: AAA/AUTHOR/PPP: As3 (3921645537)
user='D30069'
Sep 18 02:28:13 gw-c-1 103329: 1w1d: As3 AAA/AUTHOR/PPP (3921645537): send AV
service=ppp
Sep 18 02:28:13 gw-c-1 103330: 1w1d: As3 AAA/AUTHOR/PPP (3921645537): send AV
protocol=ip
Sep 18 02:28:13 gw-c-1 103331: 1w1d: As3 AAA/AUTHOR/PPP (3921645537): send AV
addr-pool*default
Sep 18 02:28:13 gw-c-1 103332: 1w1d: As3 AAA/AUTHOR/PPP (3921645537): found list
"default"
Sep 18 02:28:13 gw-c-1 103333: 1w1d: As3 AAA/AUTHOR/PPP (3921645537):
Method=tacacs+ (tacacs+)
Sep 18 02:28:13 gw-c-1 103334: 1w1d: AAA/AUTHOR/TAC+: (3921645537): user=D30069
Sep 18 02:28:13 gw-c-1 103335: 1w1d: AAA/AUTHOR/TAC+: (3921645537): send AV
service=ppp
Sep 18 02:28:13 gw-c-1 103336: 1w1d: AAA/AUTHOR/TAC+: (3921645537): send AV
protocol=ip
Sep 18 02:28:13 gw-c-1 103337: 1w1d: AAA/AUTHOR/TAC+: (3921645537): send AV
addr-pool*default
Sep 18 02:28:13 gw-c-1 103338: 1w1d: TAC+: (3921645537): received author
response status = PASS_REPL
Sep 18 02:28:13 gw-c-1 103339: 1w1d: As3 AAA/AUTHOR (3921645537): Post
authorization status = PASS_REPL
Sep 18 02:28:13 gw-c-1 103340: 1w1d: AAA/AUTHOR/Async3: PPP: Processing AV
service=ppp
Sep 18 02:28:13 gw-c-1 103341: 1w1d: AAA/AUTHOR/Async3: PPP: Processing AV
protocol=ip
Sep 18 02:28:13 gw-c-1 103342: 1w1d: AAA/AUTHOR/Async3: PPP: Processing AV
addr=213.184.75.204
Sep 18 02:28:14 gw-c-1 103343: 1w1d: AAA/AUTHOR/SLIP: Async3: succeeded
Sep 18 02:28:14 gw-c-1 103344: 1w1d: AAA/MEMORY: dup_user (0x6AB598)
user='D30069' ruser='NULL' ds0=-1 port='tty3' rem_addr='async' authen_type=ASCII
service=PPP priv=1 source='AAA dup lcp_reset'
Sep 18 02:28:14 gw-c-1 103345: 1w1d: As3 AAA/AUTHEN: Method=IF-NEEDED: no
authentication needed. user='D30069' port='tty3' rem_addr='async'
Sep 18 02:28:14 gw-c-1 103346: 1w1d: As3 AAA/AUTHOR/FSM: (0): LCP succeeds
trivially
Sep 18 02:28:14 gw-c-1 103348: 1w1d: As3 AAA/AUTHOR/LCP: Authorize LCP
Sep 18 02:28:14 gw-c-1 103349: 1w1d: As3 AAA/AUTHOR/LCP (2513796171):
Port='tty3' list='' service=NET
Sep 18 02:28:14 gw-c-1 103350: 1w1d: AAA/AUTHOR/LCP: As3 (2513796171)
user='D30069'
Sep 18 02:28:14 gw-c-1 103351: 1w1d: As3 AAA/AUTHOR/LCP (2513796171): send AV
service=ppp
Sep 18 02:28:14 gw-c-1 103352: 1w1d: As3 AAA/AUTHOR/LCP (2513796171): send AV
protocol=lcp
Sep 18 02:28:14 gw-c-1 103353: 1w1d: As3 AAA/AUTHOR/LCP (2513796171): found list
"default"
Sep 18 02:28:14 gw-c-1 103354: 1w1d: As3 AAA/AUTHOR/LCP (2513796171):
Method=tacacs+ (tacacs+)
Sep 18 02:28:14 gw-c-1 103355: 1w1d: AAA/AUTHOR/TAC+: (2513796171): user=D30069
Sep 18 02:28:14 gw-c-1 103356: 1w1d: AAA/AUTHOR/TAC+: (2513796171): send AV
service=ppp
Sep 18 02:28:14 gw-c-1 103357: 1w1d: AAA/AUTHOR/TAC+: (2513796171): send AV
protocol=lcp
Sep 18 02:28:14 gw-c-1 103358: 1w1d: TAC+: (2513796171): received author
response status = PASS_ADD
Sep 18 02:28:14 gw-c-1 103359: 1w1d: As3 AAA/AUTHOR (2513796171): Post
authorization status = PASS_ADD
Sep 18 02:28:15 gw-c-1 103360: 1w1d: As3 AAA/AUTHOR/FSM: (0): Can we start IPCP?
Sep 18 02:28:15 gw-c-1 103361: 1w1d: As3 AAA/AUTHOR/FSM (3928135993):
Port='tty3' list='' service=NET
Sep 18 02:28:15 gw-c-1 103362: 1w1d: AAA/AUTHOR/FSM: As3 (3928135993)
user='D30069'
Sep 18 02:28:15 gw-c-1 103363: 1w1d: As3 AAA/AUTHOR/FSM (3928135993): send AV
service=ppp
Sep 18 02:28:15 gw-c-1 103364: 1w1d: As3 AAA/AUTHOR/FSM (3928135993): send AV
protocol=ip
Sep 18 02:28:15 gw-c-1 103365: 1w1d: As3 AAA/AUTHOR/FSM (3928135993): found list
"default"
Sep 18 02:28:15 gw-c-1 103366: 1w1d: As3 AAA/AUTHOR/FSM (3928135993):
Method=tacacs+ (tacacs+)
Sep 18 02:28:15 gw-c-1 103367: 1w1d: AAA/AUTHOR/TAC+: (3928135993): user=D30069
Sep 18 02:28:15 gw-c-1 103368: 1w1d: AAA/AUTHOR/TAC+: (3928135993): send AV
service=ppp
Sep 18 02:28:15 gw-c-1 103369: 1w1d: AAA/AUTHOR/TAC+: (3928135993): send AV
protocol=ip
Sep 18 02:28:15 gw-c-1 103370: 1w1d: AAA/MEMORY: free_user (0x6B6A78)
user='D30069' ruser='NULL' port='tty3' rem_addr='async' authen_type=ASCII
service=LOGIN priv=1
Sep 18 02:28:15 gw-c-1 103371: 1w1d: TAC+: (3928135993): received author
response status = PASS_REPL
Sep 18 02:28:15 gw-c-1 103372: 1w1d: As3 AAA/AUTHOR (3928135993): Post
authorization status = PASS_REPL
Sep 18 02:28:15 gw-c-1 103373: 1w1d: As3 AAA/AUTHOR/FSM: We can start IPCP
Sep 18 02:28:15 gw-c-1 103374: 1w1d: As3 AAA/AUTHOR/IPCP: Start. Her address
0.0.0.0, we want 213.184.75.204
Sep 18 02:28:15 gw-c-1 103375: 1w1d: As3 AAA/AUTHOR/IPCP (1007833070):
Port='tty3' list='' service=NET
Sep 18 02:28:15 gw-c-1 103376: 1w1d: AAA/AUTHOR/IPCP: As3 (1007833070)
user='D30069'
Sep 18 02:28:15 gw-c-1 103377: 1w1d: As3 AAA/AUTHOR/IPCP (1007833070): send AV
service=ppp
Sep 18 02:28:15 gw-c-1 103378: 1w1d: As3 AAA/AUTHOR/IPCP (1007833070): send AV
protocol=ip
Sep 18 02:28:15 gw-c-1 103379: 1w1d: As3 AAA/AUTHOR/IPCP (1007833070): found
list "default"
Sep 18 02:28:15 gw-c-1 103380: 1w1d: As3 AAA/AUTHOR/IPCP (1007833070):
Method=tacacs+ (tacacs+)
Sep 18 02:28:15 gw-c-1 103381: 1w1d: AAA/AUTHOR/TAC+: (1007833070): user=D30069
Sep 18 02:28:15 gw-c-1 103382: 1w1d: AAA/AUTHOR/TAC+: (1007833070): send AV
service=ppp
Sep 18 02:28:15 gw-c-1 103383: 1w1d: AAA/AUTHOR/TAC+: (1007833070): send AV
protocol=ip
Sep 18 02:28:15 gw-c-1 103384: 1w1d: TAC+: (1007833070): received author
response status = PASS_REPL
Sep 18 02:28:15 gw-c-1 103385: 1w1d: As3 AAA/AUTHOR (1007833070): Post
authorization status = PASS_REPL
Sep 18 02:28:15 gw-c-1 103386: 1w1d: As3 AAA/AUTHOR/IPCP: Processing AV
service=ppp
Sep 18 02:28:15 gw-c-1 103387: 1w1d: As3 AAA/AUTHOR/IPCP: Processing AV
protocol=ip
Sep 18 02:28:15 gw-c-1 103388: 1w1d: As3 AAA/AUTHOR/IPCP: Processing AV
addr=213.184.75.204
Sep 18 02:28:15 gw-c-1 103389: 1w1d: As3 AAA/AUTHOR/IPCP: Authorization
succeeded
Sep 18 02:28:15 gw-c-1 103390: 1w1d: As3 AAA/AUTHOR/IPCP: Done. Her address
0.0.0.0, we want 213.184.75.204
Sep 18 02:28:16 gw-c-1 103392: 1w1d: As3 AAA/AUTHOR/IPCP: Start. Her address
0.0.0.0, we want 213.184.75.204
Sep 18 02:28:16 gw-c-1 103393: 1w1d: As3 AAA/AUTHOR/IPCP (1570374698):
Port='tty3' list='' service=NET
Sep 18 02:28:16 gw-c-1 103394: 1w1d: AAA/AUTHOR/IPCP: As3 (1570374698)
user='D30069'
Sep 18 02:28:16 gw-c-1 103395: 1w1d: As3 AAA/AUTHOR/IPCP (1570374698): send AV
service=ppp
Sep 18 02:28:16 gw-c-1 103396: 1w1d: As3 AAA/AUTHOR/IPCP (1570374698): send AV
protocol=ip
Sep 18 02:28:16 gw-c-1 103397: 1w1d: As3 AAA/AUTHOR/IPCP (1570374698): found
list "default"
Sep 18 02:28:16 gw-c-1 103398: 1w1d: As3 AAA/AUTHOR/IPCP (1570374698):
Method=tacacs+ (tacacs+)
Sep 18 02:28:16 gw-c-1 103399: 1w1d: AAA/AUTHOR/TAC+: (1570374698): user=D30069
Sep 18 02:28:16 gw-c-1 103400: 1w1d: AAA/AUTHOR/TAC+: (1570374698): send AV
service=ppp
Sep 18 02:28:16 gw-c-1 103401: 1w1d: AAA/AUTHOR/TAC+: (1570374698): send AV
protocol=ip
Sep 18 02:28:16 gw-c-1 103402: 1w1d: TAC+: (1570374698): received author
response status = PASS_REPL
Sep 18 02:28:16 gw-c-1 103403: 1w1d: As3 AAA/AUTHOR (1570374698): Post
authorization status = PASS_REPL
Sep 18 02:28:16 gw-c-1 103404: 1w1d: As3 AAA/AUTHOR/IPCP: Processing AV
service=ppp
Sep 18 02:28:16 gw-c-1 103405: 1w1d: As3 AAA/AUTHOR/IPCP: Processing AV
protocol=ip
Sep 18 02:28:16 gw-c-1 103406: 1w1d: As3 AAA/AUTHOR/IPCP: Processing AV
addr=213.184.75.204
Sep 18 02:28:16 gw-c-1 103407: 1w1d: As3 AAA/AUTHOR/IPCP: Authorization
succeeded
Sep 18 02:28:16 gw-c-1 103408: 1w1d: As3 AAA/AUTHOR/IPCP: Done. Her address
0.0.0.0, we want 213.184.75.204
Sep 18 02:28:16 gw-c-1 103409: 1w1d: As3 AAA/AUTHOR/IPCP: Start. Her address
213.184.75.204, we want 213.184.75.204
Sep 18 02:28:16 gw-c-1 103410: 1w1d: As3 AAA/AUTHOR/IPCP: Processing AV
service=ppp
Sep 18 02:28:16 gw-c-1 103411: 1w1d: As3 AAA/AUTHOR/IPCP: Processing AV
protocol=ip
Sep 18 02:28:17 gw-c-1 103412: 1w1d: As3 AAA/AUTHOR/IPCP: Processing AV
addr=213.184.75.204
Sep 18 02:28:17 gw-c-1 103413: 1w1d: As3 AAA/AUTHOR/IPCP: Authorization
succeeded
Sep 18 02:28:17 gw-c-1 103414: 1w1d: As3 AAA/AUTHOR/IPCP: Done. Her address
213.184.75.204, we want 213.184.75.204
Eugene
--
"Люди забыли эту истину," - сказал Лис, - "но ты не забывай"
--- slrn/0.9.7.4 (FreeBSD)
* Origin: Svyaz Service JSC (2:5006/1@fidonet)
Вернуться к списку тем, сортированных по: возрастание даты уменьшение даты тема автор
| Тема: |
Автор: |
Дата: |
|
длинная авторизация |
Eugene Grosbein |
18 Sep 2002 10:12:21 |
|
|
