Hi, > Retry Count is the maximum number of times that the router retransmits > a RADIUS packet to the RADIUS server. In this case, this has been > increased from 3 times to 10 times. > > Timeout is the interval (in seconds) before the router retransmits a > RADIUS packet to the RADIUS server. In this case, this has been > increased from 3 seconds to 10 seconds.
..as I said > Basically, the number of subscribers increased. If we do a maintenance > window where we swing back and forth the traffic to the router, all > the subscribers will hit the router which eventually push all the > RADIUS Requests to the RADIUS server in one shot and on which the > MySQL backend is choked during that time. are you doing authentication and accounting via MySQL? did you perform a benchmark of the RADIUS server + MySQL (eg with dumb temp accounts) to check what the loading could be? in my experience, authentication can be done quickly - its usually the accounting that gives the big hit - I would advise FR 2.1.x with buffered accounting to get such packets out of the way of the live authentication service. alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html