I am running three implementations of FreeRADIUS for three different purposes. Primarily, I use FreeRADIUS to authenticate, authorize, and account for about 750 PPP dial users via SQL(including the session database), with authentication and authorization failover to a users file. These same two RADIUS servers also proxy requests for about 15,000 users to a set of Radiator RADIUS servers, which are, incidentially, scheduled to be replaced by FreeRADIUS servers in the next month.
All told, the 16,000 users arrive from any of about 99 RADIUS clients, 80 of which are the proxy RADIUS servers of three wholesale dial vendors (AT&T, QWest, and UUNet). Those 80 clients proxy requests for about 500 NAS. The remaining 19 RADIUS clients are NAS controlled by my organization. FreeRADIUS also serves to add several AV pairs to certain proxy requests based on Client-IP-Address, a function Radiator RADIUS cannot easily handle. My second implementation, using two other servers, does AAA for about 500 L2TP users via SQL, also failing over to a flatfile in the event of loss of database connectivity. There are about 15 "virtual" RADIUS clients configured on the one "real" NAS, a Redback SMS 1800. The third and final implementation, on its own, single server, provides AAA for about 200 PPTP users via SQL. Once again, it fails over to a flatfile if necessary. The single RADIUS client is a Cisco 3000-series VPN concentrator where authentication is handled by MS-CHAPv2. Three services, five servers, all running a FreeRADIUS CVS snapshot from last week, and running just fine. Franklin -- Franklin Trumpy, NFA, MNGS, GSc | Say not, "I have found the truth," Sr. UNIX Systems Administrator | but rather, "I have found a truth." Lighthouse Communications | [EMAIL PROTECTED] | Say not, "I have found the path of the soul." (515)244-1115 | Say rather, "I have met the soul walking (888)953-3278 | upon my path." http://www.lh.net | | -Kahlil Gibran, _The Prophet_, 1923 | On Tue, 29 Oct 2002, Zack W Kneisley wrote: > Date: Tue, 29 Oct 2002 08:12:38 -0500 > From: Zack W Kneisley <[EMAIL PROTECTED]> > Reply-To: [EMAIL PROTECTED] > To: Freeradius-Users <[EMAIL PROTECTED]> > Subject: Experience > > I've been watching this list for some time now, and it seems that > Freeradius is much more robust than I previously thought. Could some > users of this list give me some configuration examples (users served, > how many NAS's using, Hardware & OS's being used, using sql, how long > you have been using it ect. ) I have been looking into several different > radius packages and it seems Freeradius can do almost everything the > others can. If you could provide me with successful read-world > deployments, the pros & cons, I encourage you to post them. > > Zack Kneisley > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
