> You're correct, though there are a few factors causing me to cautious. > The first is I'm working on new, untested hardware, and given the > complexity of the requirements, I'd rather defer to the knowledge of the list re: > performance, before fully implementing it. The second is that the NAS'es which will > communicate with this RADIUS cluster are known to drop auth requests > and issue a denial if the response is not "quick" enough. Unfortunately this is a > 3rd party managed set of NAS'es, and therefore limited in what I can do. > > All that said, I have no concerns about FR, its mainly the DB and the > 3rd party NAS'es.
OK. That makes sense. What I should have said in my previous message is that FreeRADIUS should be able perform 1,000s of authentications/second with the "normal" configuration. The best way to approach this performance optimization is to start with the standard installation of FreeRADIUS and configure FR to use MySQL and increase the number of SQL connections to 20 to 50 connections. Then benchmark the performance using radclient or radperf (http://networkradius.com/radperf.html). If you have enough performance, you are done. If not, then start optimizing the database performance, test and repeat. Google MySQL performance for ton of information on database optimization. If you are concerned about the authentication performance, then you should move the accounting function to a separate server. You should not have to resort to complicated FR configurations to improve performance. Tim - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
