In a previous discussion regarding Loadbalancing radius requests, we instituted the <AuthBy EAPBALANCE> method to proxy requests to departmental radius servers. We have been running this method for close to 6 months and have been pretty satisfied with the result. Of late, however, the client traffic has increased, and the time for an authentication to complete is a tad longer than the users are willing to accept. My reading of the documentation provided by OSC, suggests the use of CachePasswords; CacheOnNoReply; and CachePasswordExpiry would assist in the performance.
I understand that the trade-off of implementing these features is memory. So to that end, first, is anyone using these parameters?. What is the number of clients supported and related memory usage? I anticipate approx. 3-4K simultaneous users for the particular AuthBy clause. What would be the recommended Password expiry timer be? Any info would be appreciated. Below is the current config snippet of the AuthBy we are using. User connections are retried after a 45 min. period. #IVEY # Proxies auth requests to the IVEY IAS radius servers using a loadbalance algorithm. <AuthBy EAPBALANCE> Identifier IVEY Retries 3 RetryTimeout 5 FailureBackoffTime 20 AuthPort 1645 AcctPort 1646 Secret xxxxx LocalAddress xxxxxxxxxx # <Host xxxxxxx> </Host> # <Host yyyyyyyy> </Host> # <Host zzzzzzzz> </Host> </AuthBy> The last server is the slower of the 3 hosts available which I believe is the bottleneck. Thanks Michael Hulko Network Analyst Western University Canada Network Operations Centre Information Technology Services 1393 Western Road, SSB 3300CC London, Ontario N6G 1G9 tel: 519-661-2111 x81390 e-mail: mihu...@uwo.ca <mailto:mihu...@uwo.ca> _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator