aaa route-download
Function
The aaa route-download command enables the device to periodically synchronize static routes with those delivered by the RADIUS server.
The undo aaa route-download command disables the device from periodically synchronizing static routes with those delivered by the RADIUS server.
By default, this function is disabled.
This command is supported only on the NetEngine 8000 F1A.
Format
aaa route-download server-group group-name base-user-name user-name password { simple | cipher } password [ download-interval interval-value | retry-interval retry-interval | retry-max-count retry-count | tag tag-value | cost cost-value | synchronization synchronization ] *
undo aaa route-download
Parameters
| Parameter | Description | Value |
|---|---|---|
| base-user-name user-name |
Specifies the user name for requesting static route synchronization. |
The value is a string of 1 to 64 characters. |
| password password |
Specifies the password for requesting static route synchronization. |
It is a string of 1 to 16 characters in the simple text mode. It is a string of 1 to 16 unencrypted characters or 1 to 128 encrypted characters in the cipher mode. It is case sensitive, excluding special characters of command lines such as space and question mark. |
| simple |
Indicates the password in the simple password. |
- |
| cipher |
Indicates the password in the encrypted text. |
- |
| download-interval interval-value |
Specifies the interval at which static routes are delivered by the RADIUS server. |
The value is an integer ranging from 1 to 1440, in minutes. The default value is 720. |
| retry-interval retry-interval |
Specifies the interval at which static route synchronization requests are retransmitted. |
The value is an integer ranging from 1 to 60, in minutes. The default value is 10. |
| retry-max-count retry-count |
Specifies the maximum number of retransmissions of static route synchronization requests. |
The value is an integer ranging from 1 to 10. The default value is 1. |
| tag tag-value |
Specifies the tag value of a static route. |
The value is an integer ranging from 1 to 65535. The default value is 0. |
| cost cost-value |
Specifies the cost value of a static route. |
The value is an integer ranging from 1 to 65535. The default value is 0. |
| synchronization synchronization |
Specifies the time at which static routes are synchronized each day. |
The value is in 24 hour format, for example, 03:45:00. If this parameter is not specified, static routes will not be synchronized periodically. |
| server-group group-name |
Specifies the RADIUS server group name. |
The value is a string of 1 to 32 characters. |
Usage Guidelines
Usage Scenario
If you want the device to use static routes delivered by the RADIUS server, you can run the aaa route-download command to enable the device to periodically synchronize static routes with those delivered by the RADIUS server.
Prerequisites
A RADIUS server group has been created.
Configuration Impact
Running this command triggers the route update timer, so that the device sends an authentication request packet to the AAA server each time the timer times out and updates routes based on route information carried in the authentication reply packet.
To speed up route update, run the command to trigger route update. A short static route synchronization interval affects RADIUS authentication performance. Therefore, setting the interval to be greater than 12 hours is recommended.Precautions
In VS mode, this command is supported only by the admin VS.
The aaa route-download command is not an overriding one. To modify the configuration, run the undo aaa route-download command and then run aaa route-download command by specifying the corresponding parameters in it. If the synchronization interval is less than 60 minutes, synchronization is performed frequently, which may increase the system pressure and CPU usage. If the retransmission interval is less than 10 minutes, retransmission is performed frequently, and a route delivery failure may persist.Example
<HUAWEI> system-view [~HUAWEI] radius-server group test [*HUAWEI-radius-test] commit [~HUAWEI-radius-test] quit [~HUAWEI] aaa route-download server-group test base-user-name huawei password cipher Root@123 download-interval 1200 retry-interval 25 retry-max-count 5 synchronization 03:45:00