North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Robust/feature-rich RADIUS server

  • From: Timothy Brown
  • Date: Tue Dec 11 15:30:00 2001

You may also want to consider OpenRADIUS, available at:

I believe it is in its infancy, but it provides similar functionality.

Timothy C. Brown
timothy dot brown at pobox dot com
tim at tux dot org

On Tue, Dec 11, 2001 at 02:49:25PM -0500, Andy Dills wrote:
> On Tue, 11 Dec 2001, Hugh Irvine wrote:
> > Many people on this list use Radiator (commercial source code product).
> >
> >
> Hugh is officially associated with radiator (not sure in what capacity, if
> nothing else he does a fantastic job of giving free support on the
> radiator maling list), so I'll give a quick opinion from somebody who just
> uses it and is NOT affiliated.
> It's simply fantastic. There are built-in hooks for nearly every possible
> way you can think of authenticating a user (and if nothing else you can
> call external scripts). It's written in easy-to-read perl (yes, virginia,
> there is such a thing) and is therefore very easy to extend should you
> discover some obscure functionality you want that isn't implemented. The
> config is so powerful that it's extremely simple for straightfoward
> configurations, yet extremely adaptable for complex configurations. It
> seems to try to follow the perl motto: TMTOWTDI. (There's more than one
> way to do it.)
> For instance, we use Platypus as our billing package, which runs on
> Windows, with a SQL 7 backend, where we store our accounting data. Our
> authentication is done via mysql (hosted on the same FreeBSD server as
> radiator)...we have three different ISPs we own/run, each with different
> customer databases, NASes in several different states/networks, and a
> multiple providers of out-sourced modem ports which send us multiple
> distinct realms. We had to use a third-party package (from openlink) to
> get ODBC connectivity from our FreeBSD box to the Windows box, but that
> was a breeze. It can do anything you can do with Radius, as far as I've
> been able to determine.
> If you're concerned about scalability, one of my colocation customers is a
> large aggregator of out-sourced modem companies. He authenticates from
> several different networks, accepting requests from proxy radius servers,
> authenticating many locally, and proxying the other requests to customer
> radius servers. He authenticates aboutt 80,000 users. (Yeah, it's
> ridiculous.) He uses radiator and it's smooth as butter, even though his
> config files are thousands of lines long. If it's going to be big like
> this, use lots of memory.
> Andy
> xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> Andy Dills                              301-682-9972
> Xecunet, LLC                  
> xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> Dialup * Webhosting * E-Commerce * High-Speed Access