Date expansion fails for inner encryption tunnel log files.
Alan DeKok
aland at deployingradius.com
Thu May 10 09:39:36 CEST 2007
Arran Cudbard-Bell wrote:
> Firstly is is possible to specify return codes for users files depending
> on matched sections ? Or will the files module always return ok ?
You can't specify return codes from the "users" file.
> Secondly, whats considered decent throughput in terms of (serial)
> requests per second...
> With none of the SQL or LDAP checking i'm getting around 300ish requests
> per second ;
That's a little low, to be honest. My tests on a dual core 1.8GHz
intel show 25k PAP requests per second from localhost to localhost.
That's rather different from what you're seeing.
Unless you mean 300 full EAP-TLS/TTLS/PEAP authentications per second.
That's pretty fast, considering that almost all of the CPU time is
spent doing RSA key operations. And with 5-10 RADIUS packets per EAP
authentication, that's 3k requests/s, not 300.
> We have a user base of around 10,000 users with a absolute maximum of
> 4,000 logged in at any one time, and two Dual Core 2.13ghz 64bit Apple
> Xserves with basic load balancing.
>
> It's obvious that the SQL server is lagging behind, and the LDAP cluster
> is on some ageing Xserves so probably isn't performing at it's peak...
>
> If you have any recommended figures that I could aim for, would be very
> useful.
For plain PAP: 10k+ requests/s would be expected. For EAP,
substantially less than that.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users
mailing list