[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    Re: Throttle Authentication Requests
From:       Arran Cudbard-Bell <a.cudbardb () freeradius ! org>
Date:       2013-11-30 11:17:43
Message-ID: 2CEF3DA3-671B-476D-BB67-45C3446ECA86 () freeradius ! org
[Download RAW message or body]


On 30 Nov 2013, at 00:36, Fahad Saleem <addyrocker@gmail.com> wrote:

> Greetings All,
> 
> What would be the best way to rate limit the number of authentication requests. Our \
> current setup has one server doing 150 Auths per sec but under certain \
> circumstances during GGSN migrations the auths per seconds go up to 1000 for a 20 \
> to 30 minute period before things start to calm down. So I was wondering if this \
> was possible in anyway from the freeradius end, kind of as a safe guard. I've \
> looked at the rlm_cache module and the idea of getting packets dropped is a bit \
> scary. Any thoughts about this will be appreciated!

1000 PPS is trivial load, if your server can't handle that you've done something \
truly horrific on the back end.

If you don't want to drop packets and let the NAS try later, how exactly were you \
envisaging this would work? There's no way to signal the NAS to say that it should \
come back again in X seconds.

Arran Cudbard-Bell <a.cudbardb@freeradius.org>
FreeRADIUS Development Team

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


[prev in list] [next in list] [prev in thread] [next in thread]