From owner-freebsd-isp Tue Oct 10 12:54:33 2000 Delivered-To: freebsd-isp@freebsd.org Received: from troi.csw.net (troi.csw.net [209.136.192.23]) by hub.freebsd.org (Postfix) with ESMTP id 69CC037B502 for ; Tue, 10 Oct 2000 12:54:30 -0700 (PDT) Received: from ssaos2 (ssaos2.csw.net [209.136.201.13]) by troi.csw.net (8.9.3/8.9.3) with SMTP id OAA67254 for ; Tue, 10 Oct 2000 14:54:23 -0500 (CDT) (envelope-from lambert@cswnet.com) Message-Id: <200010101954.OAA67254@troi.csw.net> From: lambert@cswnet.com Date: Tue, 10 Oct 2000 14:48:12 -0400 To: freebsd-isp@FreeBSD.ORG In-Reply-To: Subject: Re: Radius and Accounting X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v2.10a c10 Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >On 7 Oct 2000 15:50:14 -0400, in sentex.lists.freebsd.isp you wrote: >>I did this yes ;-) for two POPs but we're going to have 2 more POPs and I >>am concerned about it. At current we use PortMaster 2E (old stuff!) and >>Radius on FreeBSD. I also use proxy radius. When you have a single radius >>server and you've got to authenticate from more that 3 POPs, I thought >>there would be some concern on authent traffic on the link btn the POPs. Just as a point of reference, I have two radius servers for 14,000 dial-up accounts. Radiusd and named both run on the each of the two boxes. Monitoring the ethernet interface for these units with MRTG for about a year has shown that the combined radius and DNS traffic seldom crosses 56K on either box as an average for the 5 minute sample period. Always have two radius servers. Then you can knock one down for service and not show and outage. -- Scott Lambert lambert@cswnet.com Systems and Security Administrator CSW Net, Inc. ================================================================ Written: Tuesday, October 10, 2000 - 02:48 PM To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message