Victoria Poncini wrote: > Question: are you using radius proxies to front end controller auth requests > to a Load balancer that sits in front of the Radius > backend servers? Is the problem the bottleneck at the wlan controllers or the > Radius servers regarding concurrent loading?
We do not have a separate RADIUS proxy between the WLC's and the RADIUS service clusters. The Active-Active LB cluster diagram (slide 18) shows all the active components in the system now operating here. On slide 18 we call out the behaviour of Cisco WLC's w.r.t. selecting which RADIUS server to use. That is to say, the WLC sends all requests to only the first RADIUS server in the authentication server list configured on the WLC. If the WLC determines that first RADIUS server is unresponsive, it will then send all requests to the next RADIUS server in its list. It is THIS behaviour of the WLC which caused us to employ a RADIUS load-balancer to reliably and seamlessly distribute RADIUS workload across multiple RADIUS servers. Wi-Fi infrastructure by suppliers other than Cisco may distribute RADIUS workload differently. They may be better served by a different deployment architecture for RADIUS services. Does this help? Eriks ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
