portal server server-detect
Syntax
portal server server-name server-detect method { http | portal-heartbeat } * action { log | permit-all | trap } * [ interval interval ] [ retry retries ]
undo portal server server-name server-detect
View
System view
Default level
2: System level
Parameters
server-name: Specifies the name of a portal server, a case-sensitive string of 1 to 32 characters. The specified portal server must have existed.
server-detect method { http | portal-heartbeat }: Specifies the portal server detection method. Two detection methods are available:
http—Probes HTTP connections. In this method, the access device periodically sends TCP connection requests to the HTTP service port of the portal servers enabled on its interfaces. If the TCP connection with a portal server can be established, the access device considers that the HTTP service of the portal server is open and the portal server is reachable—the detection succeeds. If the TCP connection cannot be established, the access device considers that the detection fails—the portal server is unreachable. If a portal server does not support the portal server heartbeat function, you can configure the device to use the HTTP probe method to detect the reachability of the portal server.
portal-heartbeat—Probes portal heartbeat packets. Portal servers periodically send portal heartbeat packets to the access devices. If the access device receives a portal heartbeat packet from a portal server within the specified interval, the access device considers that the probe succeeds and the portal server is reachable; otherwise, it considers that the probe fails and the portal server is unreachable. This method is effective to only portal servers that support the portal heartbeat function. Currently, only the IMC portal server supports this function. To implement detection with this method, you also need to configure the portal server heartbeat function on the IMC portal server and make sure that the server heartbeat interval configured on the portal server is shorter than or equal to the probe interval configured on the device.
action { log | permit-all | trap }: Specifies the actions to be taken when the status of a portal server changes. The following actions are available:
log—Specifies the action as sending a log message. When the status (reachable/unreachable) of a portal server changes, the access device sends a log message. The log message contains the portal server name and the current state and original state of the portal server.
permit-all—Specifies the action as disabling portal authentication—enabling portal authentication bypass. When the device detects that a portal server is unreachable, it disables portal authentication on the interface referencing the portal server, allowing all portal users on this interface to access network resources. When the access device receives the portal server heartbeat packets or authentication packets (such as login requests and logout requests), it re-enables the portal authentication function.
trap—Specifies the action as sending a trap message. When the status (reachable/unreachable) of a portal server changes, the access device sends a trap message to the network management server (NMS). Trap message contains the portal server name and the current state of the portal server.
interval interval: Interval at which probe attempts are made. The interval argument ranges from 20 to 600 and defaults to 20, in seconds.
retry retries: Maximum number of probe attempts. The retries argument ranges from 1 to 5 and defaults to 3. If the number of consecutive, failed probes reaches this value, the access device considers that the portal server is unreachable.
Description
Use portal server server-detect to configure portal server detection, including the detection method, action, probe interval, and maximum number of probe attempts. With this function configured, the device checks the status of the specified server periodically and takes the specified actions when the server status changes.
Use undo portal server server-detect to cancel the detection of the specified portal server.
By default, the portal server detection function is not configured.
You can specify one or more detection methods and the actions to be taken.
If both detection methods are specified, a portal server is regarded as unreachable as long as one detection method fails, and an unreachable portal server is regarded as recovered only when both detection methods succeed.
If multiple actions are specified, the system executes all the specified actions when the status of a portal server changes.
Deleting a portal server on the device deletes the detection function for the portal server.
If you configure the detection function for a portal server for multiple times, the last configuration takes effect. If you do not specify an optional parameter, the default setting of the parameter is used.
The portal server detection function takes effect only when the portal server is referenced on an interface.
Authentication-related packets from a portal server, such as logon requests and logoff requests, have the same effect as the portal heartbeat packets for the portal server detection function.
Related command: display portal server.
Examples
# Configure the device to detect portal server pts, and
Specify both the HTTP probe and portal heartbeat probe methods
Set the probe interval to 600 seconds
Specify the device to send a log message and disable portal authentication to permit unauthenticated portal users, if two consecutive probes fail.
<Sysname> system-view [Sysname] portal server pts server-detect method http portal-heartbeat action log permit-all interval 600 retry 2