The bottleneck is ntlm_auth. Adjust the "winbind max domain connections" directive in your smb.conf to your needs.
A.L.M.Buxey@lboro.ac.uk hat am 2. September 2014 um 22:50 geschrieben:
Hi,
I am not sure about the certificate size. But it will be using 2048bit key. The concurrent authentication request will be less than 10 per second. Backend authentication will use Active Directory.
so the limit/bottleneck will be your communication to AD (and any local disk stuff you might do such as accounting/logging (suggest asynchronous accounting logging) - a basic server (dual core, 2 or 4 Gb of RAM and some 7.2 or 10k disks or SAN) should cope with that requirement - you can validate this by performing the benchmarks on a VM - its a VM after all, so just spin it up, allocation vCPU etc and run tests ramping up through vCPU allocation and given resources
on Linux you'll also want to do some basic OS tweaking to remove other eg network/TCPIP stack related issues - usual TCP/ethernet tweaks
alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Patrick Machauer Rechenzentrum Duale Hochschule Baden-Württemberg Mannheim Baden-Wuerttemberg Cooperative State University Mannheim Rechenzentrum Coblitzallee 1-9 68163 Mannheim Tel.: +49 (0)621 4105 - 1278 Fax: +49 (0)621 4105 - 1278 E-Mail: machauer@dhbw-mannheim.de <mailto:machauer@dhbw-mannheim.de> Web: http://www.rz.dhbw-mannheim.de [Logo DHBW Mannheim]