I have setup 3 PFSense servers (P4-2.4GHZ, 512MB). All 3 run DHCP and give themselves out as a gateway. We have a small userbase of around 400 broadband connections. These 3 servers run the user base flawless now and only perform NAT with no rules. We would like to use captive portal to authenticate every user. We use FreeRadius and Rodopi Billing software. We cant "Idle" any connection nor "hard" time them out since they are paying 24x7 for service and many have voip. So that only leaves me to "re-uthenticate every 1 minute" in order to terminate a connection if the user falls out of RADIUS. We are runnig 1.0.1
We set the "re-authenitcate every 1 minute" setting on a test box. It seems to work great with our own offices and a few guinne pigs. #1: How many simultainious connections do you think this will support per server? #2 Will adding a few Gig's of RAM help to increase any limitation on this? #3 Is there any way to change it from 1 minute to 1 hour or 1 day? We only need it to "check back" with the client in case they are terminated in our billing system and fall out of RADIUS users file. That only happens at midnight when the billing system runs. Is there any file we can manually edit to temporarily hack this? Or does this make the load on the server worse by connection tracking? Sorry that was 3 in 1 :) #4 I read many posts and saw the suggestion to hit monowall archives. I found only one detail of someone asking to make it support 50,000 connections which sounds silly. There was a mention in another post of 50 maxium re-authentication requests at one time until it was setup to thread the process. That was Oct. 2006, any update on that? We have 6 PFSense gateway servers, 3 for clients, 3 for servers. We now have a 120+ day uptime and not one single outage.Keep up the good work! Tim Roberts
