We have 1500 customers connected to our PPPoE servers, to autenticate we have 2 freeradius servers connected to a mssql server.
How many authentications per second are you expecting? With decent hardware you should be able to authenticate all 1500 within a couple of seconds. I've tested our development Sun V440 to over 600 authentications per second using openLDAP as a backend with 1,000,000+ entries and a random spread of usernames across those 1,000,000 entries. My client was the limiting factor though, I couldn't max out the CPU of the RADIUS server.
Does anyone got a tip on how to improve performance on the radius servers?
The biggest bottleneck is likely to be your database. Check your indexes, etc. Homename lookups may be an issue too if the server is waiting to for DNS lookups. Not sure if this is an issue at request processing time or just at startup. Try turning it off (radiusd.conf) and see if it makes a difference. Only log what is necessary. Are you logging request and reply packets? If so, do you *need* to? If authentication is *REALLY* slow (ie more than a couple of seconds per request), run the server in debug mode and you may be able to see which operations are taking the time.
And how to test preformance?
radclient can be used to send multiple requests to a radius server. I wrote myself some rough perl scripts to perform authentication and accounting "load" testing and report on average number of requests handled per second, etc. Hope that helps a little regards, Mike