Re: Maximum/Ideal/Suggested number of users (current and possible )
Kostas Kalevras [EMAIL PROTECTED] wrote: Alan, how about creating a success stories web page in the freeradius site? That could save a few mails asking about the scalability of the server http://www.freeradius.org/testimonials.html It's pretty simple, as I didn't have time to make it fit into the 'look and feel' of the rest of the site. If you're willing to update it, then we can add a link to it from the main page. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Maximum/Ideal/Suggested number of users(current and possible)
Let me be the first to point out that Cistron and FreeRadius are completely different systems. This is the FreeRadius list - not the cistron list. Maximum number of SUBSCRIBERS is dependent upon: how many requests per peak minute/hour/whatever processing power/system architecture/etc how you store your user data In other words, your mileage may vary and there are no magic answers to this question for FreeRadis or any other software. But the system is damn efficient, especially running a datbase behind it if you have a large subscribers. I would bet somebody on here is running in excess of 100K subscribers. Tim -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tim Rich, Jr. Sent: Thursday, February 06, 2003 12:33 PM To: '[EMAIL PROTECTED]' Subject: Maximum/Ideal/Suggested number of users(current and possible) Greetings - I am doing research regarding whether or not to replace our Windows 2000 ADS/Radius server with .? In this search I have come across Cistron/FreeRadius; however, I have not seen any benchmarks/suggested maximum number of users. I welcome any suggestions. Thanks! Tim Rich - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Maximum/Ideal/Suggested number of users (current and possible)
Thanks, Tim - Then some details are available: We currently serve ~1500 users, max concurrent connection = 96 users. The proposed radius server is a Compaq Proliant DL380, Dual 2.4 Xenon CPU, 4 GB memory, attached to a SAN. This server is running Redhat 7.3 (testing to move to Redhat AS 2.1). The device making Radius requests is a Cisco 5300 Access server connected to 4-24 Channel T-1's. These devices are connected on a 10/100 Ethernet segment. This is the bulk of our business - and would need 99.999 availability. Our peak usage is 5 hours a day, but still only see about 60 current connections. Typical connection length is between 8 and 20 minutes. The growth of our company is anticipated to be added users of ~ 10,000 this year, as we just signed a large contract. Our ratio of users/available (concurrent) connections is about 1/15. (this means ~ 660 concurrent connections, and would have to add a Cisco AS 5400 to the mix to make this work) Would FreeRadius provide the robustness, reliability and scalability that we are looking for? Tim -Original Message- From: Tim D. McCracken [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 06, 2003 1:54 PM To: [EMAIL PROTECTED] Subject: RE: Maximum/Ideal/Suggested number of users(current and possible) Let me be the first to point out that Cistron and FreeRadius are completely different systems. This is the FreeRadius list - not the cistron list. Maximum number of SUBSCRIBERS is dependent upon: how many requests per peak minute/hour/whatever processing power/system architecture/etc how you store your user data In other words, your mileage may vary and there are no magic answers to this question for FreeRadis or any other software. But the system is damn efficient, especially running a datbase behind it if you have a large subscribers. I would bet somebody on here is running in excess of 100K subscribers. Tim -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tim Rich, Jr. Sent: Thursday, February 06, 2003 12:33 PM To: '[EMAIL PROTECTED]' Subject: Maximum/Ideal/Suggested number of users(current and possible) Greetings - I am doing research regarding whether or not to replace our Windows 2000 ADS/Radius server with .? In this search I have come across Cistron/FreeRadius; however, I have not seen any benchmarks/suggested maximum number of users. I welcome any suggestions. Thanks! Tim Rich - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Maximum/Ideal/Suggested number of users (current and possible )
At 02:20 PM 2/6/2003 -0500, Tim Rich, Jr. wrote: Thanks, Tim - Then some details are available: We currently serve ~1500 users, max concurrent connection = 96 users. The proposed radius server is a Compaq Proliant DL380, Dual 2.4 Xenon CPU, 4 GB memory, attached to a SAN. This server is running Redhat 7.3 (testing to move to Redhat AS 2.1). Wow, that's quite a bit of overkill. If you need 5 9's of reliability then I would look at dumping that server for a couple smaller/cheaper servers so that you have multiple servers instead of single one. Configure those multiple servers on your nas ( you mention it's a cisco so it can support quite a few ). Then, if one server happens to go down, your NAS will failover automatically to one of the others. The growth of our company is anticipated to be added users of ~ 10,000 this year, as we just signed a large contract. Our ratio of users/available (concurrent) connections is about 1/15. (this means ~ 660 concurrent connections, and would have to add a Cisco AS 5400 to the mix to make this work) Would FreeRadius provide the robustness, reliability and scalability that we are looking for? I have on good authority of FreeRADIUS running far less capacity servers supporting an order or two larger userbase than what you are describing. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Maximum/Ideal/Suggested number of users (current and possible)
Performance: I presently run 148 ports on a 400 MHz Solaris system that all runs a very busy e-mail server. At that I average about 75% idle cpu cycles. I doubt that FR's contribution to the load would be measurable. I do use MySQL back-end. Reliability: No standalone computer achieves 5 9's of reliability on it's own. I run FR on two servers, and you should too if reliability is important. IMHO a database backend makes redundant servers a little easier, but you will get differences of opinion on this. One great thing about a database backend on FR is that there is no need to restart the server every time you add a user. With 10K subs I would definitely recommend a DB backend. As to which one, everbody is different. I use MySQL, but would use Oracle if cost was not a factor. Other's use Postgres, and I think some even use MSSQL Tim -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tim Rich, Jr. Sent: Thursday, February 06, 2003 1:20 PM To: '[EMAIL PROTECTED]' Subject: RE: Maximum/Ideal/Suggested number of users (current and possible) Thanks, Tim - Then some details are available: We currently serve ~1500 users, max concurrent connection = 96 users. The proposed radius server is a Compaq Proliant DL380, Dual 2.4 Xenon CPU, 4 GB memory, attached to a SAN. This server is running Redhat 7.3 (testing to move to Redhat AS 2.1). The device making Radius requests is a Cisco 5300 Access server connected to 4-24 Channel T-1's. These devices are connected on a 10/100 Ethernet segment. This is the bulk of our business - and would need 99.999 availability. Our peak usage is 5 hours a day, but still only see about 60 current connections. Typical connection length is between 8 and 20 minutes. The growth of our company is anticipated to be added users of ~ 10,000 this year, as we just signed a large contract. Our ratio of users/available (concurrent) connections is about 1/15. (this means ~ 660 concurrent connections, and would have to add a Cisco AS 5400 to the mix to make this work) Would FreeRadius provide the robustness, reliability and scalability that we are looking for? Tim -Original Message- From: Tim D. McCracken [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 06, 2003 1:54 PM To: [EMAIL PROTECTED] Subject: RE: Maximum/Ideal/Suggested number of users(current and possible) Let me be the first to point out that Cistron and FreeRadius are completely different systems. This is the FreeRadius list - not the cistron list. Maximum number of SUBSCRIBERS is dependent upon: how many requests per peak minute/hour/whatever processing power/system architecture/etc how you store your user data In other words, your mileage may vary and there are no magic answers to this question for FreeRadis or any other software. But the system is damn efficient, especially running a datbase behind it if you have a large subscribers. I would bet somebody on here is running in excess of 100K subscribers. Tim -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tim Rich, Jr. Sent: Thursday, February 06, 2003 12:33 PM To: '[EMAIL PROTECTED]' Subject: Maximum/Ideal/Suggested number of users(current and possible) Greetings - I am doing research regarding whether or not to replace our Windows 2000 ADS/Radius server with .? In this search I have come across Cistron/FreeRadius; however, I have not seen any benchmarks/suggested maximum number of users. I welcome any suggestions. Thanks! Tim Rich - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Maximum/Ideal/Suggested number of users (current and possible )
I would agree with everything Chris said. I think I said about the same thing in a different way. Tim -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Chris Parker Sent: Thursday, February 06, 2003 1:31 PM To: [EMAIL PROTECTED] Subject: RE: Maximum/Ideal/Suggested number of users (current and possible ) At 02:20 PM 2/6/2003 -0500, Tim Rich, Jr. wrote: Thanks, Tim - Then some details are available: We currently serve ~1500 users, max concurrent connection = 96 users. The proposed radius server is a Compaq Proliant DL380, Dual 2.4 Xenon CPU, 4 GB memory, attached to a SAN. This server is running Redhat 7.3 (testing to move to Redhat AS 2.1). Wow, that's quite a bit of overkill. If you need 5 9's of reliability then I would look at dumping that server for a couple smaller/cheaper servers so that you have multiple servers instead of single one. Configure those multiple servers on your nas ( you mention it's a cisco so it can support quite a few ). Then, if one server happens to go down, your NAS will failover automatically to one of the others. The growth of our company is anticipated to be added users of ~ 10,000 this year, as we just signed a large contract. Our ratio of users/available (concurrent) connections is about 1/15. (this means ~ 660 concurrent connections, and would have to add a Cisco AS 5400 to the mix to make this work) Would FreeRadius provide the robustness, reliability and scalability that we are looking for? I have on good authority of FreeRADIUS running far less capacity servers supporting an order or two larger userbase than what you are describing. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Maximum/Ideal/Suggested number of users (current and possible )
Thanks, Tim and Chris! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Maximum/Ideal/Suggested number of users (current and possible)
On Thu, 6 Feb 2003, Tim Rich, Jr. wrote: Thanks, Tim - Then some details are available: We currently serve ~1500 users, max concurrent connection = 96 users. The proposed radius server is a Compaq Proliant DL380, Dual 2.4 Xenon CPU, 4 GB memory, attached to a SAN. This server is running Redhat 7.3 (testing to move to Redhat AS 2.1). The device making Radius requests is a Cisco 5300 Access server connected to 4-24 Channel T-1's. These devices are connected on a 10/100 Ethernet segment. This is the bulk of our business - and would need 99.999 availability. Our peak usage is 5 hours a day, but still only see about 60 current connections. Typical connection length is between 8 and 20 minutes. The growth of our company is anticipated to be added users of ~ 10,000 this year, as we just signed a large contract. Our ratio of users/available (concurrent) connections is about 1/15. (this means ~ 660 concurrent connections, and would have to add a Cisco AS 5400 to the mix to make this work) Would FreeRadius provide the robustness, reliability and scalability that we are looking for? Tim Here is our setup: Greek School Network. 4170 schools connecting through ISDN lines A few thousand dialup accounts 51 access servers. Two of them are Cisco 5800 and the rest are Cisco 3640/3660. We have two radius servers, one serving the South of Greece (including Attika which hosts the main 5800 access server with 600 lines) and the other serving the North of Greece (which includes the other 5800 with 150 lines). Both radius servers act as a backup for the other. The user database is in LDAP (iPlanet DS5.1) while the accounting is maintained in MySQL+InnoDB databases. Each server replicates the accounting information through radrelay to the other one. That way we maintain full accounting on each server and can enforce national double login detection and also have nice redundancy. The LDAP and MySQL databases are hosted on the same machines as are the radius servers (meaning we have 2 LDAP/MySQL/RADIUS servers). The machines are Sun E450 with 1GB RAM and Solaris 8 each We do a lot of attribute rewriting through the attr_rewrite module and we have also enabled the detail accounting module for radrelay to work. The schools connect on demand (when there is a request for something from the internet) so we get a *lot* of connections. For weekdays we get around 10 connections per day. Here is a typical top output. As you can see freeradius has no problem handling the load. PID USERNAME THR PRI NICE SIZE RES STATE TIMECPU COMMAND 25361 root 23 580 8160K 5448K sleep 35:45 0.34% radiusd 2923 mysql121 590 193M 108M sleep 73.2H 0.28% mysqld 21750 nobody 4 580 26M 16M sleep 0:43 0.21% httpd 19294 nobody 3 350 3904K 2992K sleep 1:56 0.21% libhttpd.ep 685 nobody28 580 254M 156M sleep 953:04 0.18% ns-slapd Alan, how about creating a success stories web page in the freeradius site? That could save a few mails asking about the scalability of the server -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
