hi all,
I'm using Radiator 2.18.1 with AuthbySQL over MySQL.
I've defined several fields in SUBSCRIBERS table to check them.
I'm interested in checking NAS-Port-Type in a multi-value way, so for
example,
user1@domain
will be accepted if its NAS-Port-Type matches 'Sync' or 'Async' val
Nice! All this is aproaching to what we want to do!
Another question: how could I set a dynamic 'SessionLimit' in AuthBy
PORTLIMITCHECK clause? Could it be done with a 'DynamicReply' obtained in
a previous Authby LDAP* clause and maped directly to SessionLimit?
cheers,
jule
Forget my last question. I got it!!
It's working fine by now.
cheers,
Julio Prada López
BT Ignite
Isabel Colbrand, 8 2º 28050 Madrid SPAIN
telf: +34 91 270 6152
fax: +34 91 270 6161
mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
-Mensaje original-
De: [EMAIL PROTECT
the LDAP, and extra work in Radiator and LDAP servers and,
of course, slow authentication.
Any workaround?
best regards,
jules
Julio Prada López
BT Ignite
Isabel Colbrand, 8 2º 28050 Madrid SPAIN
telf: +34 91 270 6152
fax: +34 91 270 6161
mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]
dear users,
I've this scenario:
- a host with radiator
- a host with mysql
- a host with LDAP (directory server)
The Authby LDAP works fine and the Authby DYNADDRESS works fine too.
I'm worried about the availability of RADPOOL table in the mySQL host.
MySQL has mechanisms to replicate table
tunning of Radiator, mysql, LDAP or tcp in a similar
architecture?
We're using Solaris, any recommendations in tcp tunning in a Radiator
environment?
thanks and merry Christmas!
:jules
Julio Prada López
ingeniero Arquitectura
BT Telecomunicaciones
tel. 91-270-61-52 fax. 91-270-61-61
hi all,
tunning and benchmarking Radiator.
we've this scenario:
3 Radius clients (with radpwtst)in a VLAN
2 Radiators in another VLAN
1 Cisco Arrowpoint loadbalancing between clients & servers
1 LDAP host for auth
1 MySQL host for DYNADDRESS and acct
A high number of requests are simula
Hi all,
We're benchmarking a Radiator architecture so,
has anyone any recommendations about tunning tcp/udp system parameters in a
Solaris environment?
has anyone any recommendations about SocketQueuelenght and its relation with
Solaris kernel parameters?
regards,
jules
**
In our scenario:
3x Radiator servers (u5, u60, PII)
1x Arrowpoint LB (CSS11000)
1x Mysql (U250)
1x LDAP (U250)
3x Clients with radpwtst (U220R, Alpha)
Clients send 1000 requests with radpwtst with -nostop. The clients are
always at 100% CPU.
They finish the requests in 150 seg, and we obtain a l
Hi Hugh,
first of all, let's me explain that our environment is a "test-environment"
and all the elements and hosts contained are dedicated exclusively to do
tests.
So we've not noise from another source, and all that happens would be what
we want to happen.
In our 'Production' environment the
yes Ingvar, you're right. First we put 10 seconds (I think timeout is
measured in seconds) to simulate the 10 seconds that we have in NASes
timeout. Then we put timeouts of 30 seconds, 1 minute ... without results.
In the script which launches requests (bench), the timeout parameter is set
to 10
Hello Hugh,
we will test only 3 copies of radpwtst as you say. But in this way the
radpwtst will use the same NAS port. Is there anyway to say to radpwtst that
use X different ports with -iteration X ? (It could be a good feature...)
Today we will do the test with 'iterations' parameter and I wi
hi all,
in our scenario, Radiator do Auth by LDAP. So we are provisioning to the
LDAP the type of connections allowed per user. For example:
user@domain
typeofconnection: Async
typeofconnection: Sync
typeofconnection: ISDN-Async
typeofconnection: ISDN-Sync
In this way, the LDAP a
hello,
your 're in the right way.
we introduced the search filter statement and now we're filtering
typeofconnections.
the statement used is :
SearchFilter (&(radiususer=$name)(typeofconnection=%{NAS-Port-type}))
and it works fine!!
We wish that this change does not affect the performance
Hi all,
we need to decide which radius server will upgrade our AAA plattform. Our
final choice is between Radiator and BSAC.
A feature-table has been elaborated and checked during the last months. The
last check-item is about performance in resolving radius-clients requests.
So the same test wa
At 04:01 PM 3/19/2001 +0100, [EMAIL PROTECTED] wrote:
>The results are:
>
>- BSAC finished in 7 sec.
>- Radiator finished in 23 sec.
>
>We launch Radiator with "Trace -1" and monitoring it, we noticed that
almost
>all the time the peak of requests per second is 30.
We have gotten over 500 reques
hi all,
first, thanks to all for the recommendations.
The first step was to discard that LDAP was decreasing performance.
We change Authby LDAP2 for a Auth by File and no improvement was obtained.
So, the key is MySQL tunning.
We drop old tables and created new ones with Radiator218-goodies-sc
Hi Ingvar,
As you say, the bottleneck will not be in Authby LDAP. The auth request
seems to be faster than the acct request. So the acct will slow down general
performance also requests per second.
We try to do some MySQL tunning with next variables:
# safe_mysqld -O key_buffer=32M -O table_ca
yes, the same lan, the same machine, the same switch.
regards,
jules
-Mensaje original-
De: Andy De Petter [mailto:[EMAIL PROTECTED]]
Enviado el: martes 20 de marzo de 2001 17:04
Para: Radiator Mailing
Asunto: RE: (RADIATOR) Performance with RADIATOR
Owh, and are your database server,
hi all,
we upgraded from 2.17.1 to 2.18 and no changes in .cfg file.
We use Authby LDAP2 too and we receive the message:
Global symbol "@domain" requires explicit package name at (eval 238) line
1.
This message did not appear before. To 'hide' it, we use SearchFilter and it
works.
Any comme
hello Andy,
Since changes in radiator 2.17 (I think Mike improved the SQL modules)
sessions databases works secure but a litle slow than before. I mean that
(for example) IP "racing" in Authby Dynaddress works fine (better than 2.16
!) but some requests are dropped (probably due to the timeout).
In auth a 40%. And in acct. around 20% more or less.
jules.
-Mensaje original-
De: Andy De Petter [mailto:[EMAIL PROTECTED]]
Enviado el: martes 17 de abril de 2001 16:20
Para: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Asunto: RE: (RADIATOR) performance issue
>
> Your problem sounds familia
Hi all,
we noticed that the performance bottleneck was due to the database in most
of the cases(Postgre, mysql, oracle...) and tunning the db could help to
improve it.
Another thing is the radpwtst behavior. As we saw the radpwtst launches, for
example, 1000 requests, one after other. Whether it
Hello Hugh,
Let me to be a little skeptical concerns to that idea. Multiple instances of
radpwtst seems to penalize a lot the performance of the host which does the
requests, and I'm not sure about how they share the host resources...
Anyway, as we discuss in previous mails, your recommendation
Hello,
as the manual documentation says I put default addQuery:
insert into RADONLINE (USERNAME, NASIDENTIFIER, NASPORT, \
ACCTSESSIONID, TIME_STAMP, FRAMEDADDRESS, PORTTYPE, \
SERVICETYPE) values ('%n', '%N', %{NAS-Port}, '%{Acct-Session-Id}', \
%{Timestamp}, '%{Framed-IP-Address}', '%{Port-Ty
Hello,
Until now I was using LDAP2 with no problems. But now, I want to see whether
using LDAPSDK the ldap accesses are fastest.
Products installed were:
perldap 1.4.1 from Mozilla <- linux
Netscape SDK C 4.1 <- linux
Netscape SDK C 4.0 <- linux
Netscape SDK C 3.0 <- linux
I try to compile pe
I try the same correction with AuthLDAP2.pm in Radiator 2.18 and it seems to
work fine!
So in the AuthLDAPSDK.pm comment:
#$filter = eval qq/"$filter"/; # Interpolate perl vars
- Performance Tip -
With LDAP2 -> 55 request/per second
With LDAPSDK -> 115 request/per second
regards,
jule
Hello Mike,
We have serious problems with acct. requests that are lost.
Actually we use scripts made by us to check really-used ports and delete
incorrect entries in RADONLINE table.
The frequency of the executions of these scripts is high. And they use
radpwtst to correct bad entries in RADONL
Hello all,
we use SessionDatabase SQL with a MySQL instance in a server, and a Radiator
2.18.2 server.
We are thinkig about including an extra Radiator server.
In fact, both Radiator servers will share the same database which are in the
MySQL server (pool table, accounting table ...)
- Could
Hi,
you can include a group in your Realm like this:
AuthBy GROUP_Identifier
.
.
and your group could be compose of two AuthBy authenticators:
AuthByPolicy ContinueUntilAccept
Identifier GROUP_Identifier
AuthBy RADMIN_Identifier
AuthBy TEST_Identifi
30 matches
Mail list logo
