how many clients use TCP Radius

Florin Andrei florin at
Wed May 4 03:21:18 CEST 2016

On 2016-05-03 18:07, Alan DeKok wrote:
> On May 3, 2016, at 9:01 PM, Florin Andrei <florin at> 
> wrote:
>> I can't find even a single example of a client that can connect to a 
>> Radius server via TCP.
>   radclient?
>> Not custom-written clients that someone wrote specifically to do that, 
>> but devices or apps that are in fairly common use and just employ 
>> Radius for authentication.
>   RADIUS over TCP is not intended to be used by anyone.  TLS is better.

I'm sorry, I wasn't clear enough. I'm not looking for a test client. I 
was just curious if it's worth the trouble to even think of doing 
anything else besides UDP, if almost everybody in the real world uses 
UDP. If it was a single FreeRadius frontend that I had to build, it 
would be simple enough - I would enable TLS when needed. But I have to 
build load balancers and a bunch of other infrastructure, and then I'll 
probably have to think beforehand about TCP vs UDP.

If essentially everyone in the real world uses UDP, I'll throw a simple 
LVS load balancer (kernel-based) in front of everything. But if there's 
a substantial chance I'll stumble upon real world clients that can do 
anything besides UDP, then that's a different infrastructure that will 
have to be built (different load balancers, etc). I don't have any 
control over what clients will be used.

I just don't have any idea what the real world Radius clients can and 
cannot do, that's what I'm saying.

Florin Andrei

More information about the Freeradius-Users mailing list