Performance tweaking and testing.
Michael Mitchell
mitchell.michael at bigpond.com
Sat Jun 11 14:01:58 CEST 2005
>
> We have 1500 customers connected to our PPPoE servers, to autenticate we
> have 2 freeradius servers connected to a mssql server.
How many authentications per second are you expecting?
With decent hardware you should be able to authenticate all 1500 within
a couple of seconds. I've tested our development Sun V440 to over 600
authentications per second using openLDAP as a backend with 1,000,000+
entries and a random spread of usernames across those 1,000,000 entries.
My client was the limiting factor though, I couldn't max out the CPU of
the RADIUS server.
>
> Does anyone got a tip on how to improve performance on the radius servers?
The biggest bottleneck is likely to be your database. Check your
indexes, etc.
Homename lookups may be an issue too if the server is waiting to for DNS
lookups. Not sure if this is an issue at request processing time or just
at startup. Try turning it off (radiusd.conf) and see if it makes a
difference.
Only log what is necessary. Are you logging request and reply packets?
If so, do you *need* to?
If authentication is *REALLY* slow (ie more than a couple of seconds per
request), run the server in debug mode and you may be able to see which
operations are taking the time.
>
> And how to test preformance?
radclient can be used to send multiple requests to a radius server.
I wrote myself some rough perl scripts to perform authentication and
accounting "load" testing and report on average number of requests
handled per second, etc.
Hope that helps a little
regards,
Mike
More information about the Freeradius-Users
mailing list