[c-nsp] Choosing a radius package

Ray Van Dolson rayvd at digitalpath.net
Tue Feb 21 03:09:20 EST 2006

On Mon, Feb 20, 2006 at 06:17:14PM -0500, Robert E.Seastrom wrote:
> "David J. Hughes" <bambi at Hughes.com.au> writes:
> > On 21/02/2006, at 4:40 AM, Adam Maloney wrote:
> >
> >> Unless I hear strong arguments otherwise, I've boiled it down to either
> >> FreeRADIUS or Funk's Steel-Belted radius.  It appears either will do 
> >> the
> >> above.
> >
> > You should have Radiator in your list (www.open.com.au).  We've used it 
> > for many, many implementations and it just works.  It's very hard to 
> > find something that we couldn't do with Radiator (including some rather 
> > strange requirements we've had in the past).  Rock solid too.  If 
> > nothing else it's certainly worth a look while you are reviewing 
> > products.
> Second the recommendation for Radiator.  The only caveat is that it's
> relatively resource intensive and when we came back online after a
> maintenance power outage, several thousand people trying to re-login
> to their DSL service pummeled the you-know-what out of a pair of Sun
> UE2s.  On the other hand, it's insanely flexible, and worst-case load
> may not be such a big deal in your application.

Yet another plug for Radiator.  Anything it won't do you can write your own
hook for very easily in Perl.  It's inexpensive and there is a very active
community mailing list available.

The documentation is great too.

I've used FreeRADIUS on a couple projects, but always find myself missing

The main limitation of Radiator is that it is a single-threaded app, so it
definitely can get overloaded (although I haven't had it happen too often).
In our case, we simply run multiple daemons on the same box for accounting
and authentication.


More information about the cisco-nsp mailing list