[c-nsp] Choosing a radius package
Ray Van Dolson
rayvd at digitalpath.net
Tue Feb 21 03:09:20 EST 2006
On Mon, Feb 20, 2006 at 06:17:14PM -0500, Robert E.Seastrom wrote:
>
> "David J. Hughes" <bambi at Hughes.com.au> writes:
>
> > On 21/02/2006, at 4:40 AM, Adam Maloney wrote:
> >
> >> Unless I hear strong arguments otherwise, I've boiled it down to either
> >> FreeRADIUS or Funk's Steel-Belted radius. It appears either will do
> >> the
> >> above.
> >
> > You should have Radiator in your list (www.open.com.au). We've used it
> > for many, many implementations and it just works. It's very hard to
> > find something that we couldn't do with Radiator (including some rather
> > strange requirements we've had in the past). Rock solid too. If
> > nothing else it's certainly worth a look while you are reviewing
> > products.
>
> Second the recommendation for Radiator. The only caveat is that it's
> relatively resource intensive and when we came back online after a
> maintenance power outage, several thousand people trying to re-login
> to their DSL service pummeled the you-know-what out of a pair of Sun
> UE2s. On the other hand, it's insanely flexible, and worst-case load
> may not be such a big deal in your application.
Yet another plug for Radiator. Anything it won't do you can write your own
hook for very easily in Perl. It's inexpensive and there is a very active
community mailing list available.
The documentation is great too.
I've used FreeRADIUS on a couple projects, but always find myself missing
Radiator.
The main limitation of Radiator is that it is a single-threaded app, so it
definitely can get overloaded (although I haven't had it happen too often).
In our case, we simply run multiple daemons on the same box for accounting
and authentication.
Ray
More information about the cisco-nsp
mailing list