A server is reachable when the operational state is Up and a valid response is received within a timeout period that is configurable by the retry parameter on the RADIUS policy level.
A server is treated as not-reachable when the operational state is Down and the following occurs:
a timeout
If a number of consecutive timeouts are encountered for a specific server. This number is configurable by the retry parameter at the RADIUS policy level.
a send failed
If a packet cannot be sent to the RADIUS server because the forwarding path toward the RADIUS server is broken (for example, the route is not available or the interface is shut down), no retry mechanism is invoked and the next server in line is immediately used.
A server that is down can only be used again by the RADIUS algorithm after 30 seconds, unless during these 30 seconds, a valid RADIUS reply is received for that server. Then, the server is immediately marked Up again.
The operational state of a server can also be ‟unknown” if the RADIUS application is not aware of the state of the RADIUS server (for example, if the server was previously down but no requests have been sent to the server, it is not known yet whether the server is actually reachable).