Have you read much about SQL Servers? I haven't used SQL for any radius
authentication related ideas, but to me it sounds like your problem could
be a combination of your network speed and the power of your SQL Server.
Recommended machines for SQL Serving functions(even if they don't "serve" a
database) are around the Dual Pentium Pro 200, 256 to 512mb RAM stage (Quad
Pentium Pro 200 with 2gig for 2000 users if serving a DB). Once you are
above the 512mb, you need to go to a quad processor. Those are just
recommended ranges that have worked well in the networks that I work with.
Now, with 300 users at a time on your network, I would suggest monitoring
their traffic to see what the average packet size is per second running
through your hub. If you are on 10baseT, is there anything else running on
this network? Such as web servers, radius servers, SQL, news servers,
workstations, printers, etc...Off of our network, we figured up a mix of
28.8 and 14.4 from our users and found they were averaging 1.5k/s
(kilobytes) which is ~12kbps. With 300 dialins, that is 3.6mbps and the
average 10baseT hub runs 6-7mbps. Add in our news, web, IRC, and internal
network and we overrun the network capabilities. Packet collisions, error
control and broadcasts factor up a big part of network speed. This
probably sounds a little crazy, but it works! Do not, however, get the
idea that upgrading to an expensive 100baseT Hub will increase your
performance like you want it to, because it will not last long.
Personally, you should use a switched network to front end everything and
on the backside carry a few 100mbps 8-12 port hubs. You increase your
aggregate bandwidth tremendously and reduce collisions and broadcasts
across your entire network. For your PM's you could even go with slapping
7 of them on a 10baseT 8 Port hub and still have greater BW than before.
Well, I believe I have said enough(hahaha), but it may not have given you
any answers. How many LANs are you running?
Hope it gave you some input,
Director, Technical Service
> From: Sam Dibrell, Jr. <email@example.com>
> To: RadiusNT@emerald.iea.com
> Subject: Re: SQL and RadiusNT
> Date: Friday, April 18, 1997 2:57 AM
> >What kind of load do you actually have? #of ports # of average
> >autentication withing a minute span? Better yet how have you set up your
> We are running NT 4.0 SP2 on three machines used for authentication. The
> first machine is a dual processor Pentium 100MHz with 72mb RAM. The SQL
> server sits on this server. The other two are dedicated RadiusNT
> They are single proc Pentium 100MHz with 64mb RAM. The physical network
> is 10baseT. We have two subnets - one class C for the portmasters &
> (15 PM25s) and the other for the servers.
> I would point to the network and say "This might be the problem" except
> that when we were running access95 coupled to RadiusNT, we saw ODBC
> responses in the 900ms range (with the same network config) When we
> "upgraded" to access97, we began to see responses in the 900ms - 2000ms
> range. It got to a point where RadiusNT would not run for more than 15
> minutes before the responses were up in the 15000ms range (backlogged)
> At peak load, we probably authenticate 50 users a minute. (Database
> contains 6000+ users) I see this problem, however, on the second user to
> authenticate (when using debug) [the first user has always been lagged
> while RadiusNT inits] When run as a service, I can hear the latency
> about 5 minutes. (hear: relays on 300+ modems clicking at 1-2 second
> Currently, we are running on text files and all is well. Response times
> are in the 10-400ms range. Only problem is that we are putting on 30-50
> customers per day, and text files just don't fit that end of the bargain.
> (not to mention cutting people off who are late with payments, etc.)
> If I missed some info, lemme know and I'll get back asap.
> Thanks in advance,
> Sam Dibrell, Jr.
> System Administrator
> South Texas Internet Connections, Inc.
> RadiusNT Mailing List firstname.lastname@example.org