Alan DeKok wrote:
.. $ openssl speed Or $ openssl speed rsa http://www.madboa.com/geek/openssl/#benchmark-speed For 2048 bit rsa keys, the web page gives 77 signs/s for a 2GHz Intel Core 2. My 1GHz laptop gives around 20/s. That number becomes the limiting factor for any TLS-based EAP method. It doesn't matter if the rest of the server can handle 5k PAP requests/s. If it can only do 77 rsa signings/s, that is the maximum number of EAP-TLS/TTLS/PEAP sessions that it can do.
Fine, that openssl switch has been new to me.Do you also have experience in how many percent of that theoretic value can be reached in practise with a database backend on the same machine where beside freeradius and the database nothing else is running?
Norbert Wegener
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html