Unleashed Authentication Behavior

  • 1
  • Question
  • Updated 5 months ago
  • Acknowledged

Hey Guys,

I’m trying to get a straight answer from Ruckus but they’re giving me the runaround. I wanted to run my understanding of unleashed authentication by you and make sure I understand it correctly.

  • The unleashed master AP creates and stores a local database/table of authenticated clients in the local flash.
  • When an AP receives traffic from a client, authenticated or not, on the SSID which has auth enabled, the AP queries the master; Requesting the devices auth status.
  • The master AP receives this request and proceeds to compare the users MAC/IP against the authentication database located in the flash.
    • If a match is found, traffic is forwarded without further interruption.
    • If a match is not found, an entry is created in the database showing the device as unauthenticated. The landing page is served to the device. Once authenticated, the entry is changed in the database.
  • Steps 2-3 are repeated for every Frame received.

Is my above understanding accurate? If so:

  • Is there a way to show the size/details of the authentication database?
  • What is the max size of the database?
  • How long is the device entry stored in the flash?
  • Can we modify that timer?

At several of our sites I believe that we are running into a resource issue as the authentication database grows in size, the master AP is unable to manage all of the users/takes too long to compare all traffic from clients against the database.

All 10 sites are Ruckus unleashed on latest firmware. Four R510's are deployed in a cluster. When authentication is disabled, the sites work fine with no issues. When authentication is enabled, the site stops working after 2-3 days. Average device load is 70-200 devices depending on the time.

Any insight would be greatly appreciated!
Photo of Reed Krueger

Reed Krueger

  • 1 Post
  • 0 Reply Likes

Posted 5 months ago

  • 1
Photo of Michael Brado

Michael Brado, Official Rep

  • 3289 Posts
  • 521 Reply Likes
Reed, I suggest opening a ticket with TAC and gather logs after the problem is seen.