FreeRADIUS + 802.1X wireless rollout questions

Walter Gould <gouldwp@auburn.edu> · Fri, 18 Apr 2008 15:26:51 -0500

List,

Our institution (a 4 yr. state college) is planning on implementing a 

802.1X wireless network in the coming months.  We have a test network in 

place now and all seems to be working well.  We have two FreeRADIUS 

servers.  We followed the "FreeRADIUS Active Directory Integration HOWTO 

<http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO>" 

from the wiki to get freeradius talking with our centrally managed AD 

servers for authentication.  We are using freeradius version 2.0.3.  The 

primary server specs are: Intel 2GHz Xeon QC, 2GB installed RAM.   The 

secondary is currently running on a vm.  I hope to purchase a piece of 

hardware similar to the one above to run this on in the near future.

Here's where my concerns lie -  I am concerned about how many 

simultaneous authentication requests that a single Freeradius server can 

handle.  I have read the "Testimonials" and the "Why we're #1" pages on 

the freeradius site - which says there are numerous sites using 

freeradius to support more than 10,000 or 20,000 users.  Our school 

currently has around 21,000 students on our campus.  Of that 21,000 - 

there is usually around 1000 users logged into our wireless network at 

any given time, however, that number continually increases.

Questions:

1. Do any of you have feedback/thoughts/experience on how our freeradius 

server may handle the auth. request load given our situation?

2. Do you think that we may need to tweak any of the settings in the 

radiusd.conf file  (max_requests, max_request_time, etc)? 

3.  Any other advice/suggestions you have or think of would be welcome 

and appreciated.

Thanks,
Walter

--
Walter Gould
Info. Tech. Specialist
Office of Information Technology
Auburn University, AL