MySQL performance

Tue Sep 20 17:48:56 CEST 2011

> The *default configuration* doesn't have the problem you described.
> So... what did you change? "adding users" is *not* the answer I'm
> looking for.

This radius has been successfully running for 4y now.
Problems raised since when we increased the number of users.

> You edited radiusd.conf to improve MySQL performance? That's magic.

I never said that. I never mentioned the config file but the config option, so I must have edited in the RIGHT place, that is for your check in /etc/freeradius/sql.conf, which is included into radiusd.conf by $INCLUDE  ${confdir}/sql.conf. Happy now?

> I asked specific questions. You evaded answering.

I didn't mean to be evasive! To me slow means mysql-slow. I must be (am) wrong about this, but I didn't know what's the acknowledged value of "slow" in radius. Again I can be not enough informed, again a more polite and less evasive answer (fix the db.... can mean a thousands of actions!) would have helped.

> If the server is taking 1s to respond, *something* is blocking it.
> That something is almost always an external script, or the DB. Saying
> "the DB log doesn't show slow queries" is a lazy answer. It means you
> didn't bother checking for yourself whether or not the DB was slow.

Again I didn't mean to be lazy, I just had the wrong parameter of "slow". 

> And the REST of the debug output will say
> 
> DOUBLE CHECK THE SHARED SECRET.
> 
> If you're not going to read the debug output, there's no reason to run
> the server in debugging mode.

I did that, and it is correct, in fact half of the login request are successfuly replied!
I can't figure out why only /some/ are failing! 

> Odds are client X has the correct shared secret, and client Y does
> not. So... the passwords are broken for some clients, and not for
> others.

The clients use the same authentication web page, which is a php script that encodes the password against the secret. And it's the very same page for everyone on that nas. 

So, by the way, seems like there are two problems: the wrong passwords, and the failing radius requests.
I've checked in the debug output and seems that most of the failed request are Interim-Update, so it may even be that the database is not actually my *main* problem right now.

I will check request speed, thanks.
ciao
-- 
Lorenzo Milesi - lorenzo.milesi at yetopen.it

YetOpen S.r.l. - http://www.yetopen.it/
Via Carlo Torri Tarelli 19 - 23900 Lecco - ITALY -
Tel 0341 220 205 - Fax 178 6070 222

GPG/PGP Key-Id: 0xE704E230 - http://keyserver.linux.it

-------- D.Lgs. 196/2003 --------

Si avverte che tutte le informazioni contenute in questo messaggio sono
riservate ed a uso esclusivo del destinatario. Nel caso in cui questo
messaggio Le fosse pervenuto per errore, La invitiamo ad eliminarlo
senza copiarlo, a non inoltrarlo a terzi e ad avvertirci non appena
possibile.
Grazie.