Subject: Using radsniff to generate stats

Alan DeKok aland at deployingradius.com
Fri Jan 3 15:44:20 CET 2014


Arran Cudbard-Bell wrote:
> If you wanted to do it with another plugin, AFAIK there are no per-socket counters, only global ones,

  For RADIUS packets?  The server tracks global *and* per-socket
counters of packets in, out, etc.  See the radmin "stats" command.

> radsniff can also link retransmitted Accounting-Requests based on a subset of attributes. This is important when your NAS updates an attribute such as Acct-Delay-Time on every retransmit. There's no reason for FreeRADIUS to link requests in this way, it's something better off being done by another process.

  These kinds of stats are better off in a separate process.

>> Granted, RADIUS traffic volume is particularly low, however, in linux, the packets have to be copied to userland to libpcap to use them, contrary to for example, FreeBSD. (Note: There is the PF_RING patch. I havent tested it out)
> 
> That's not quite true, since libpcap 1.0.0 it has memory mapped the capture buffer into user land.

  And the PCAP filters are run in the kernel.  So it's *only* the RADIUS
packets which get copied to userland.

  And honestly, if your system can't handle 4K pps in pcap... you're
running a crappy OS, or you're running hardware from 1992.

> There's not a viable alternative in this case. As the page also stated, this is also intended to be used with black box appliances, such as ACS, IAS, NPS and various hardware appliances (most of which are actually running FreeRADIUS, but often very old versions with truly 'special' configurations).

  We help make ACS better. :)

  Alan DeKok.


More information about the Freeradius-Users mailing list