FreeRadius slower than SBR
Sean.Boran at swisscom.com
Sean.Boran at swisscom.com
Tue Oct 31 06:40:42 CET 2006
Hi,
I'm proposing a FreeRadius solution for 802.1x authentication of Wired
client based on Client certificates, a CRL lookup, and vlan assoociation
from Active Directory.
The IT department, who usuall buy Steel Belted Radius from Juniper, are
saying FreeRadius is just too slow, and could not handle the traffic.
The SBR:
http://www.juniper.net/products/aaa/sbr/
Now, I don't see the basis for these assertions and I would imagine the
bottlenext being the CRL lookups and AD requests.
I estimate the number of authentication sper sec to reach about 60 to
100 for this project.
However I'd like to humbly ask the list what they think of such
assertions, is there something in SBR that would make them much more
scalable or faster?
Where would the bottlenecks be?
How many client cert auths/sec could FR handle, on say an entry level
single CPU server HW?
Thanks in advance,
Sean
More information about the Freeradius-Users
mailing list