Hi Heikki, Thanks for responding, much appreciated!
> > - Running a separate farm (of let’s say 8) that deals only with outgoing > > Radsec, and having to fiddle our config to tell our 64-size farm to > > connect internally to the farm of 8 to deal with the traffic. > > I'd consider this one of two options: the other is to check if there's > soemthing in the current configuration that allows dropping the farm > size to a smaller number. I guess you have already looked at the > possible changes. Is it logging, DB lookups or something else that makes > the througput per packet slow? In our case it's sheer volume. We're one of the larger deployments of this type in the world, so we're looking at around 148 million authentications (that could be resolved/routed) last month. We've reduced our farm sizes already, but that's mostly RADIUS, not Radsec. > The latter, separate workers for outgoing RadSec, is likely the way to > go unless there's something that can be done to speedup the current > configuration which would allow reducing the farm size. Ok, so effectively for those organisations using Radsec (i.e. us initiating Radsec connections to them), use a 'bogus' host (localhost on a specific port to refer to the Radsec-only Radiator instance) that does a localhost-to-localhost translation to Radsec? > An option could also be Radiator 10 which is built differently and does > parallel processing completely differently. It's made with Rust and has > different architecture. It's faster and still catching up with features. > We could arrange a demo to discuss if it could be a possibility. This could be an option... how different are the configuration files between Radiator 10 (Rust) and Radiator 4 (Perl) given that we have a host of Perl-defined hooks to do some special/specific processing? With kind regards Stefan Paetow Federated Roaming Technical Specialist eduroam(UK), Jisc email/teams: [email protected] gpg: 0x3FCE5142 For eduroam support, please contact the eduroam team via [email protected] and mark it for eduroam’s attention. I am not available on Mondays and Fridays between 12:00 and 15:00 London time (UTC in winter, UTC+0100 in summer). Note: I don’t expect a reply outside of your working hours, since I work internationally with colleagues in different nationalities with different religions, customs, and holidays. Reply when it is convenient for you. Jisc is a registered charity (in England and Wales under charity number 1149740; in Scotland under charity number SC053607) and a company limited by guarantee registered in England under company number 05747339, VAT number GB 197 0632 86. Jisc's registered office is: 4 Portwall Lane, Bristol, BS1 6NB. T 0203 697 5800. Jisc Services Limited is a wholly owned Jisc subsidiary and a company limited by guarantee which is registered in England under company number 02881024, VAT number GB 197 0632 86. The registered office is: 4 Portwall Lane, Bristol, BS1 6NB. T 0203 697 5800. For more details on how Jisc handles your data see our privacy notice here: https://www.jisc.ac.uk/website/privacy-notice _______________________________________________ radiator mailing list [email protected] https://lists.open.com.au/mailman/listinfo/radiator
