Name
Idle-Timeout
Synopsis
|
Attribute Number |
28 |
|
Length |
6 |
|
Value |
ENUM |
|
Allowed in |
Access-Accept, Access-Challenge |
|
Prohibited in |
Access-Request, Access-Reject |
|
Presence in Packet |
Not required |
|
Maximum Iterations |
1 |
An administrator may configure the
Idle-Timeout
attribute so that the client gear or RADIUS server disconnects a
session after a predetermined period of inactivity. The value in this
attribute, four-octets long, is the maximum number of seconds a
connection may remain active yet idle.
The Idle-Timeout attribute was a good idea for its
time. Unfortunately, an administrator must be wary of many small
software applications that exist today that are designed to defeat
this mechanism. The software ranges in complexity from simple
to—wait for it—complex. The lower end of the software
simply pings a random server at steady intervals (usually every
minute), while the upper end uses sophisticated algorithms to
generate traffic more regular yet unpredictable than a ping.
Get RADIUS now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
