Hello all,
We have implemented RADSECPROXY for one of our customers as proof of concept. At feature level everything is looking fine.
But currently we are seeing several issues on scaling. Do you have any tools that can be recommended for scale/performance testing of RADSEC.
Thanks
Gopa
Hi Gopa,
On 06.09.18, 17:44, "Gopa Kumar" gopakumar.77@gmail.com wrote:
We have implemented RADSECPROXY for one of our customers as proof of concept. At feature level everything is looking fine. But currently we are seeing several issues on scaling. Do you have any tools that can be recommended for scale/performance testing of RADSEC.
I always found performance testing of radius hard. Best thing I've done so far is use eapol_test and start lots of processes in parallel. But still this does not reflect any real distribution of realms and such. And it also doesn't cover any packet loss or slow home server situations. There is currently one known limitation: there can be at most 255 outstanding requests on a configured server; additional requests to that server will be dropped. (this is being worked on)
If you see other issues, please describe them in more detail. Please make sure to use the latest version of radsecproxy (1.7.2).
Best regards, Fabian
-- SWITCH Fabian Mauchle, Network Engineer Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland Phone +41 44 268 15 30, direct +41 44 268 15 39 fabian.mauchle@switch.ch, http://www.switch.ch
Fabian please correct me. If you run into the 8-bit request-id problem, so that additional requests will be dropped then you must see a warning in your logfile: "sendrq: no room in queue for server …” If you don’t see them then you don’t have an 8-bit request-id problem.
Best regards Ralf
On 7. Sep 2018, at 10:24, Fabian Mauchle fabian.mauchle@switch.ch wrote:
Hi Gopa,
On 06.09.18, 17:44, "Gopa Kumar" gopakumar.77@gmail.com wrote:
We have implemented RADSECPROXY for one of our customers as proof of concept. At feature level everything is looking fine. But currently we are seeing several issues on scaling. Do you have any tools that can be recommended for scale/performance testing of RADSEC.
I always found performance testing of radius hard. Best thing I've done so far is use eapol_test and start lots of processes in parallel. But still this does not reflect any real distribution of realms and such. And it also doesn't cover any packet loss or slow home server situations. There is currently one known limitation: there can be at most 255 outstanding requests on a configured server; additional requests to that server will be dropped. (this is being worked on)
If you see other issues, please describe them in more detail. Please make sure to use the latest version of radsecproxy (1.7.2).
Best regards, Fabian
-- SWITCH Fabian Mauchle, Network Engineer Werdstrasse 2, P.O. Box, 8021 Zurich, Switzerland Phone +41 44 268 15 30, direct +41 44 268 15 39 fabian.mauchle@switch.ch, http://www.switch.ch
radsecproxy mailing list radsecproxy@lists.nordu.net https://lists.nordu.net/listinfo/radsecproxy
Mit freundlichen Grüßen/Best regards Ralf Paffrath — Verein zur Förderung eines Deutschen Forschungsnetzes e.V. Alexanderplatz 1, D - 10178 Berlin
eduroam Beratung: Tel.: 030 88 42 99 91 21 eduroam technischer Support: Tel.: 030 88 42 99 91 20
email:eduroam@dfn.de
Fax: 030 88 42 99 370 http://www.dfn.de
Vorstand: Prof. Dr. Hans-Joachim Bungartz (Vorsitzender), Dr. Rainer Bockholt, Christian Zens Geschäftsführung: Dr. Christian Grimm, Jochem Pattloch
-
Fabian Mauchle -
Gopa Kumar -
Ralf Paffrath