From owner-freebsd-isp Fri Sep 6 15: 1:47 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5EEC937B400 for ; Fri, 6 Sep 2002 15:01:43 -0700 (PDT) Received: from notus.primus.ca (mail.tor.primus.ca [216.254.136.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id F082A43E42 for ; Fri, 6 Sep 2002 15:01:42 -0700 (PDT) (envelope-from leth@primus.ca) Received: from dialin-167-223.tor.primus.ca ([216.254.167.223]) by notus.primus.ca with esmtp (Exim 3.33 #16) id 17nRAb-00053p-0A; Fri, 06 Sep 2002 18:01:42 -0400 Date: Fri, 6 Sep 2002 18:01:53 -0400 (EDT) From: Jason Hunt X-X-Sender: leth@lethargic.dyndns.org To: freebsd-isp@FreeBSD.ORG Cc: Scott Lambert , Randy Smith , "Dave [Hawk-Systems]" Subject: Re: OT? MySQL based RADIUS servers In-Reply-To: <20020906202221.GA2208@laptop.lambertfam.org> Message-ID: <20020906174341.U8414-100000@lethargic.dyndns.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri, 6 Sep 2002, Scott Lambert wrote: > I ran ICRadius at another ISP before it was "stable". I didn't know it > had been upgraded to a "stable" condition yet. It ran ok for us as long > as I had a watcher daemon on it to restart it on the very many occasions > when its accounting daemon went away. > The only time I've experienced that happening was if MySQL died. Then again, it could be co-incidental .. Other than that, IC-RADIUS has been great for an SQL-based RADIUS server. One of the nice things is that it stores the accounting information in a table, allowing you to apply "Monthly-Time-Limit" and "Total-Time-Limit" restrictions on a user. The downside to this is if you don't clean out the table every few months it could get pretty bloated and lagged on responses. I got around this by having a script run on the first of the month that moves logs from the previous month to a second table. I then have a interface users can log into to check their time usage, which reads both tables. However, I think that if you are expecting to have thousands of users, with hundreds of access-requests per minute, you might be better off, performance-wise, to use something that is file- or directory-based. At a former ISP, we had the accounting scripts generate a new users file whenever there were modifications to an account. I'm starting to experiment now with an LDAP-based solution. I expect that getting a result from LDAP would be quicker than MySQL when you're searching through 20,000+ users. Of course, if you just need something small, MySQL solutions are very effective. Just some thoughts ... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message