[RADIATOR] [***SPAM***] Re: Performance logging

[Hartmaier Alexander]

Hi guys,
yes this is the total auth time. Is one second a usual value for a
PEAP-TLS auth?

There is no backend lookup involved, only cert validation against
multiple CAs their local downloaded crl files.

Best regards, Alex

On 2016-03-30 12:05, Hugh Irvine wrote:
> Hello Alex -
>
> It depends on what you are looking at.
>
> EAP involves multiple RADIUS messages to and from the end user device and Radiator.
>
> If you are looking at the overall response time from the initial RADIUS Access-Request, through all of the EAP back and forth, to the ultimate Access-Accept, there really is nothing you can do.
>
> If on the other hand you are looking only at the inner EAP request and the associated authentication process, as Tuure says, any delays are likely to be backend lookups.
>
> regards
>
> Hugh
>
>
>
>> On 30 Mar 2016, at 20:57, Tuure Vartiainen <vartiait at open.com.au> wrote:
>>
>> Hi,
>>
>>> On 29 Mar 2016, at 11:53, Hartmaier Alexander <alexander.hartmaier at t-systems.at> wrote:
>>>
>>> I've copied the calculation code to my LogFormatHook code:
>>>
>>> $message->{response_time} = Radius::Util::timeInterval( \
>>>             $p->{RecvTime}, \
>>>             $p->{RecvTimeMicros}, Radius::Util::getTimeHires()); \
>>>
>>> I'd still prefer if that float was available with a placeholder variable.
>>>
>>> It shows what I was expecting, EAP authentication is slow.
>>> Any pointers where I can start optimizing the EAP auth performance?
>>>
>> hard to say without seeing your configuration and Trace 4 (DEBUG) log
>> of a single request including microseconds (LogMicroseconds).
>>
>> I assume that those timings are for the last Access-Request of
>> EAP authentication which produces either Access-Accept or Access-Reject.
>>
>> Usually most of the time goes to a user lookup from a backend.
>>
>>
>> BR
>> --
>> Tuure Vartiainen <vartiait at open.com.au>
>>
>> Radiator: the most portable, flexible and configurable RADIUS server
>> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
>> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
>> DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
>> NetWare etc.
>>
>> _______________________________________________
>> radiator mailing list
>> radiator at open.com.au
>> http://www.open.com.au/mailman/listinfo/radiator
>
> --
>
> Hugh Irvine
> hugh at open.com.au
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
> DIAMETER, SIM, etc.
> Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc.
>



*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
T-Systems Austria GesmbH Rennweg 97-99, 1030 Wien
Handelsgericht Wien, FN 79340b
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
Notice: This e-mail contains information that is confidential and may be privileged.
If you are not the intended recipient, please notify the sender and then
delete this e-mail immediately.
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*