Cisco Cisco Broadband Access Center for Cable 4.1
1-7
Cisco Broadband Access Center for Cable Administrator’s Guide
OL-2445-02
Chapter 1 Broadband Access Center for Cable Overview
KDC
Note
The interface address, Realm, and FQDN are entered through the KDC Realm Name screen during
installation. Refer to the BAC for Cable Installation Guide for specific information.
installation. Refer to the BAC for Cable Installation Guide for specific information.
•
maximum log filesSize—The KDC generates a set of log files. This property specifies the maximum
size, in kilobytes, that the log file can reach. Therefore, the KDC will create a new log file only when
the current file reaches this maximum size. For example:
size, in kilobytes, that the log file can reach. Therefore, the KDC will create a new log file only when
the current file reaches this maximum size. For example:
maximum log file size = 1000
•
n saved log files—This property defines the number of old log files that the KDC saves. While the
default value is 7, you can specify as many as required. For example:
default value is 7, you can specify as many as required. For example:
n saved log files = 10
•
minimum ps backoff—This property specifies the minimum time, in tenths of a second, that the
KDC will wait for BAC to respond to the FQDN-REQEST. For example:
KDC will wait for BAC to respond to the FQDN-REQEST. For example:
minimum ps backoff = 150
Using the example values shown above, a sample INI file might contain data similar to that shown in
Example 1-1
Sample KDC INI Configuration File
interface address = 10.10.10.1
FQDN = kdc.cisco.com
maximum log file size = 1000
n saved log files = 10
minimum ps backoff = 150
You can set the times for both minimum and maximum ticket duration to effectively smooth out
excessive numbers of ticket requests that could occur during deployment. This is beneficial given that
most deployments occur during traditional working hours and excessive loading may, from time to time,
adversely affect performance.
excessive numbers of ticket requests that could occur during deployment. This is beneficial given that
most deployments occur during traditional working hours and excessive loading may, from time to time,
adversely affect performance.
Note
Shortening the ticket duration forces the MTA to authenticate to the KDC much more frequently.
Unfortunately, while this results in much greater control over the authorization of telephony endpoints,
it also causes much heavier message loads on the KDC and increased network traffic. For most
circumstances the default setting is appropriate and should not be changed.
Unfortunately, while this results in much greater control over the authorization of telephony endpoints,
it also causes much heavier message loads on the KDC and increased network traffic. For most
circumstances the default setting is appropriate and should not be changed.
•
maximum ticket duration—This property defines the maximum duration for tickets generated by the
KDC. The default unit is hours; however, by appending an m or d, the units can be changed to
minutes or days respectively.
KDC. The default unit is hours; however, by appending an m or d, the units can be changed to
minutes or days respectively.
The default value is 168, or seven days, and Cisco recommends that you not change this value since
this is the duration required to conform to the KDC security specification. For example:
this is the duration required to conform to the KDC security specification. For example:
maximum ticket duration = 48
•
minimum ticket duration—This property defines the minimum duration for tickets generated by the
KDC. The default unit is hours; however, by appending an m or d, the units can be changed to
minutes or days respectively.
KDC. The default unit is hours; however, by appending an m or d, the units can be changed to
minutes or days respectively.
The default value is 144, or six days, and Cisco recommends that you not change this value. For
example:
example:
minimum ticket duration = 90m