Robust/feature-rich RADIUS server

Any suggestions on RADIUS servers that are robust (i.e, scale to
hundreds/thousand of NAS, high number of auths/s), feature-rich (proxy,
L2TP, broadband and aggregated dial typical parameters), that can be
taylored to business rules and overall environment ?

NavisRadius and Interlink(formerly Merit AAA) are natural competitors, I
was looking for other forces on the xSP market.

Rubens Kuhl Jr.


There is always good old vopradius

Hello Rubens -

i used this at one of my previous jobs and it works quite well
and allows easy integration with numerous backend systems of various

  it's in perl so you have to have perl on your
*nix/windows box and despite my inital concerns the performance hit
as compared to a compiled binary it works quite well.

  - Jared

Hugh is officially associated with radiator (not sure in what capacity, if
nothing else he does a fantastic job of giving free support on the
radiator maling list), so I'll give a quick opinion from somebody who just
uses it and is NOT affiliated.

It's simply fantastic. There are built-in hooks for nearly every possible
way you can think of authenticating a user (and if nothing else you can
call external scripts). It's written in easy-to-read perl (yes, virginia,
there is such a thing) and is therefore very easy to extend should you
discover some obscure functionality you want that isn't implemented. The
config is so powerful that it's extremely simple for straightfoward
configurations, yet extremely adaptable for complex configurations. It
seems to try to follow the perl motto: TMTOWTDI. (There's more than one
way to do it.)

For instance, we use Platypus as our billing package, which runs on
Windows, with a SQL 7 backend, where we store our accounting data. Our
authentication is done via mysql (hosted on the same FreeBSD server as
radiator)...we have three different ISPs we own/run, each with different
customer databases, NASes in several different states/networks, and a
multiple providers of out-sourced modem ports which send us multiple
distinct realms. We had to use a third-party package (from openlink) to
get ODBC connectivity from our FreeBSD box to the Windows box, but that
was a breeze. It can do anything you can do with Radius, as far as I've
been able to determine.

If you're concerned about scalability, one of my colocation customers is a
large aggregator of out-sourced modem companies. He authenticates from
several different networks, accepting requests from proxy radius servers,
authenticating many locally, and proxying the other requests to customer
radius servers. He authenticates aboutt 80,000 users. (Yeah, it's
ridiculous.) He uses radiator and it's smooth as butter, even though his
config files are thousands of lines long. If it's going to be big like
this, use lots of memory.


Andy Dills 301-682-9972
Xecunet, LLC
Dialup * Webhosting * E-Commerce * High-Speed Access

You may also want to consider OpenRADIUS, available at:

I believe it is in its infancy, but it provides similar functionality.