> > What kind of performance are people getting in general ? This is a pretty small installation I guess, but to give you an idea...
We have two servers; dual 3.2GHz HP DL380G4s with mirrored disks and 3Gb RAM. Both run identically configured radius instances. One of the radius servers also runs the main postgres server, the other radius server runs a postgres hot standby (slony replica). Postgres is v8.3, standard FR SQL schema. Network is ~450 Cisco heavyweight APs, ~1000 3Com 4400 switches (of which 1/3rd are doing MAC-based vlans - the rest soon) and two heavily used PPTP VPN servers. Quick disclaimer: these numbers were gathered quickly and may not be accurate, don't sell your house based on them yadda yadda. We did ~25k authentications in the last 24 hours, about a 90/10 mix of EAP-PEAP/MS-CHAP (wireless) and plain MS-CHAP (PPTP). All breakout to AD via winbind. Average EAP exchange for us is 10 packets (5 request, 5 response) and it's obviously crypto-heavy. We handled ~115k accounting packets (mix of start, interim @ 300-second intervals and stop; averaged ratio 1:3.8:1) all of which were inserted direct into the SQL db on the primary radius server - no radsqlrelay or similar. At the same time, the SQL data was replicated to the installation on the slave SQL server (i.e. 2nd radius server). We also handled about ~75k PAP requests (MAC-based vlans) on the primary radius server. Each of these used an Exec-Program (so, fork+exec) to syslog the info (different setup, no SQL there yet). Finally we dump the SQL rows for finished sessions >3 days old from the radacct table into .csv files nightly. These files average ~15-30k entries - our average daily NAS session count, in other words. The servers break even at about 3% utilisation per processor, most of which I'm confident is crypto. Basically, FreeRadius is *fast*. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
