On Thu, 6 Feb 2003, Tim Rich, Jr. wrote: > Thanks, Tim - > Then some details are available: > > We currently serve ~1500 users, max concurrent connection = 96 users. > The proposed radius server is a Compaq Proliant DL380, Dual 2.4 Xenon CPU, 4 > GB memory, attached to a SAN. This server is running Redhat 7.3 (testing to > move to Redhat AS 2.1). > The device making Radius requests is a Cisco 5300 Access server connected to > 4-24 Channel T-1's. > These devices are connected on a 10/100 Ethernet segment. > > This is the bulk of our business - and would need 99.999 availability. > Our peak usage is 5 hours a day, but still only see about 60 current > connections. > Typical connection length is between 8 and 20 minutes. > > The growth of our company is anticipated to be added users of ~ 10,000 this > year, as we just signed a large contract. Our ratio of users/available > (concurrent) connections is about 1/15. (this means ~ 660 concurrent > connections, and would have to add a Cisco AS 5400 to the mix to make this > work) > > Would FreeRadius provide the robustness, reliability and scalability that we > are looking for? > > Tim
Here is our setup: Greek School Network. 4170 schools connecting through ISDN lines A few thousand dialup accounts 51 access servers. Two of them are Cisco 5800 and the rest are Cisco 3640/3660. We have two radius servers, one serving the South of Greece (including Attika which hosts the main 5800 access server with 600 lines) and the other serving the North of Greece (which includes the other 5800 with 150 lines). Both radius servers act as a backup for the other. The user database is in LDAP (iPlanet DS5.1) while the accounting is maintained in MySQL+InnoDB databases. Each server replicates the accounting information through radrelay to the other one. That way we maintain full accounting on each server and can enforce national double login detection and also have nice redundancy. The LDAP and MySQL databases are hosted on the same machines as are the radius servers (meaning we have 2 LDAP/MySQL/RADIUS servers). The machines are Sun E450 with 1GB RAM and Solaris 8 each We do a lot of attribute rewriting through the attr_rewrite module and we have also enabled the detail accounting module for radrelay to work. The schools connect on demand (when there is a request for something from the internet) so we get a *lot* of connections. For weekdays we get around 100000 connections per day. Here is a typical top output. As you can see freeradius has no problem handling the load. PID USERNAME THR PRI NICE SIZE RES STATE TIME CPU COMMAND 25361 root 23 58 0 8160K 5448K sleep 35:45 0.34% radiusd 2923 mysql 121 59 0 193M 108M sleep 73.2H 0.28% mysqld 21750 nobody 4 58 0 26M 16M sleep 0:43 0.21% httpd 19294 nobody 3 35 0 3904K 2992K sleep 1:56 0.21% libhttpd.ep 685 nobody 28 58 0 254M 156M sleep 953:04 0.18% ns-slapd Alan, how about creating a success stories web page in the freeradius site? That could save a few mails asking about the scalability of the server -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
