Why There Are a Large Number of 802.1x Authentication Logs?

11

If periodic 802.1x re-authentication is enabled, a large number of 802.1x authentication logs are generated.
To solve the problem, run the undo dot1x reauthenticate command on the specified interface to disable periodic 802.1x re-authentication.

Other related questions:
A large number of packet losses of 53TQX and 52TQX interconnecting test frames
Question: Live network reported a large number of packet losses of test frames or failure to communicate between 53TQX and 52TQX client side when no services are transported. Answer: The test frame mechanism of OSN 6800/8800 are as follows: When the transmit end begins the test frame test, a GFP frame is changed to a management frame periodically at an interval of 1 second. These frames are also counted as sent frames. The test frame interruption at the receive end is always turned on, and detects whether the received frame is a management frame. If a management frame is received, it is counted as a received frame. By manually comparing whether the number of sent and received frames, it can be determined whether the link is normal. On 53TQX/53TDX/55TQX in versions earlier than V100R007C00, when configuring 10GE LAN services at the client side, if the RLOS or LOCAL_FAULT alarms are reported, a PN11 code stream will be inserted in the ingress direction, that is, the data encapsulated in the ODU2 frame is PN11 instead of GFP frames. The PN11 insertion can be transiently disabled only when a test frame is sent at the interval of 1 second. The PN11 insertion is immediately enabled when the test frame is completely sent. Due to chip defects, for 52TQX in versions earlier than V100R007C00, the test frame interruption must be disabled periodically at an interval of 1 second (the test frames from the peer end cannot be detected or counted) when the GFP frame is out of synchronization. In other situations, the test frame interruption is enabled. In this mechanism, if the transmit end is 53TQX/53TDX/55TQX and the receive end is 53TQX/53TDX/55TQX, and test frame interruption is always enabled, then each test frame sent can be counted. Therefore, the process will be normal. However, when the receive end is 52TQX, there is a high probability that test frame interruption will be disabled because GFP frames are out of synchronization (caused by PN11 code streams). As a result, a large number of test frames from the peer end cannot be counted. This means that a large number of test frames are lost. This is the reason why 53TQX/53TDX/55TQX and 52TQX in versions earlier than V100R007C00 do not support test frames when there are no services. Suggestion and conclusion: To test whether a link is normal, you can only judge from ODU-layer alarm performances.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top